vikunja/pkg/user
kolaente 46b07a019c refactor(user): extract shared account orchestration into models/user/shared for v1+v2
Pull the business logic out of the v1 current-user account/settings handlers
into reusable functions so both v1 and the upcoming v2 handlers call one
implementation. No behavior change — the v1 handlers keep their HTTP-layer
quirks (input binding, validation, error mapping); only orchestration moves.

Homes are forced by the import graph:
- shared.GetAuthProviderName  (new pkg/routes/api/shared, above openid+user so it
                              can combine both without a cycle; routes-only helper)
- user.ChangeUserEmail        (CheckUserCredentials + UpdateEmail, both in user)
- models.ChangeUserPassword   (needs models.DeleteAllUserSessions; user can't import models)
- models.UpdateUserGeneralSettings / UpdateUserAvatarProvider
                              (need avatar.FlushAllCaches; user can't import avatar)

The general settings get a single shared wire struct, models.UserGeneralSettings
(tagged for both swaggo/govalidator and Huma): it is the update request body and
the nested settings on GET /user for v1 (replacing v1's UserSettings) and v2.
ExtraSettingsLinks is readOnly — populated from the user on read, ignored on
write. A dedicated struct is required because user.User's settings fields are
json:"-" so they don't leak when it is embedded in other responses.
2026-06-11 07:02:31 +00:00
..
caldav_token.go fix(caldav): eliminate nested db session in CalDAV auth 2026-03-03 10:41:19 +01:00
db.go feat: register Vikunja tables with db package at init 2026-03-04 15:37:54 +01:00
delete.go fix: address review comments on session lifecycle 2026-02-25 11:03:02 +01:00
error.go feat: always enable bot users 2026-05-04 10:38:53 +00:00
error_test.go feat: always enable bot users 2026-05-04 10:38:53 +00:00
events.go fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
is_admin_test.go feat(user): extract last-admin guard and close invariant gaps 2026-04-20 18:55:06 +00:00
main_test.go feat: move to slog for logging 2025-07-21 18:15:39 +02:00
notifications.go fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
test.go test: add TOTP fixture and load it in user test bootstrap 2026-03-23 10:34:49 +00:00
token.go docs(api/v2): tag CalDAV token fields for the v2 schema 2026-06-10 17:55:52 +00:00
totp.go docs(api/v2): tag TOTP fields for the v2 schema 2026-06-10 17:58:16 +00:00
totp_test.go test(user): cover TOTP lockout persistence and password-reset unlock 2026-04-09 16:08:26 +00:00
update_email.go refactor(user): extract shared account orchestration into models/user/shared for v1+v2 2026-06-11 07:02:31 +00:00
update_email_test.go fix(user): persist status on email updates (#1084) 2025-08-04 14:07:00 +00:00
user.go feat(api/v2): add bot user CRUD on /api/v2 2026-06-05 08:51:39 +00:00
user_claims_test.go feat(user): extract last-admin guard and close invariant gaps 2026-04-20 18:55:06 +00:00
user_create.go feat(user): add CreateBotUser 2026-05-01 14:44:10 +00:00
user_email_confirm.go fix(user): handle status errors in pkg/user callers, remove redundant checks 2026-03-23 12:06:16 +00:00
user_email_confirm_test.go fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
user_password_reset.go fix(user): handle status errors in pkg/user callers, remove redundant checks 2026-03-23 12:06:16 +00:00
user_test.go feat(user): add CreateBotUser 2026-05-01 14:44:10 +00:00
users_project.go feat(user): always include own bots in user search 2026-05-01 14:44:10 +00:00
validator.go feat(api): enforce password validation on reset and update flows 2026-02-25 13:44:56 +01:00