Implement a full-featured admin backend at `/manage/` with login authentication using
signed cookies and constant-time credential verification. The panel includes a dashboard
showing total/active users, storage usage, monthly revenue, and pending invoices, plus
user management, payment overview, and pricing configuration pages. New environment
variables `ADMIN_USERNAME`, `ADMIN_PASSWORD`, `ADMIN_SESSION_SECRET`, and
`ADMIN_SESSION_EXPIRE_HOURS` control access. The admin router is registered in main.py
and all new templates, auth module, and router files are added.
Add comprehensive mobile-first responsive styles across billing, code-editor, file-upload, and main style sheets. Introduce a dedicated mobile.css file (702 lines) with hamburger navigation, sidebar overlay, pull-to-refresh indicator, and touch-friendly sizing. Integrate GestureHandler and PullToRefreshIndicator classes into file-list, file-preview, and file-upload-view components for swipe-to-close and pull-to-refresh interactions. Remove legacy inline media queries from style.css and link mobile.css in index.html.
Implement a mobile-friendly navigation system that replaces the static nav menu with a hamburger toggle button on screens ≤768px. The menu slides in from the left as a fixed overlay panel with smooth CSS transitions, and automatically closes when any nav link is clicked. Includes animated hamburger icon transformation (rotating top/bottom bars, hiding middle bar) and adjusted hero section padding for better mobile layout.
- Update `generate_legal_documents` default `template_dir` from `"templates/legal"` to `"mywebdav/templates/legal"`
- Update `Jinja2Templates` directory from `"templates"` to `"mywebdav/templates"`
- Add new `base.html` template with navigation, footer, and SEO meta tags
- Add new `features.html` template with responsive grid layout and feature cards
- Add new legal document templates: `compliance_statement.html`, `contact_complaint_mechanism.html`, `cookie_policy.html`, `data_portability_deletion_policy.html`
Add a comprehensive LegalDocument base class in mywebdav/legal.py with abstract methods for title and content generation, along with full markdown and HTML implementations for compliance statement, contact/complaint mechanism, and cookie policy pages, replacing placeholder content with detailed regulatory and procedural information.
Replace all eight footer legal links from .md to .html extensions in mywebdav-app.js and create corresponding HTML documents for privacy policy, data processing agreement, terms of service, cookie policy, security policy, compliance statement, data portability & deletion policy, and contact & complaint mechanism, each with placeholder content and back navigation.
Replace every occurrence of "RBox" with "MyWebdav" in source files, configuration,
legal documents, UI components, and test fixtures. This includes renaming the
`RBoxApp` class to `MyWebdavApp` in the JavaScript component, updating the
TOTP issuer from "RBox" to "MyWebdav" in the auth router, changing the
application description in the argument parser, and updating all user-facing
strings in HTML templates, legal policies, and the manifest file. The
`.env.example` default for `TOTP_ISSUER` is also updated accordingly.
Add .login-container CSS class with flex centering and gradient background, move gradient from .auth-container to new class, and update rbox-app.js showLogin() to render login-view inside a div.login-container alongside a footer with legal links and a cookie-consent element.
Add placeholder legal documents for compliance statement, contact/complaint mechanism, data portability/deletion policy, data processing agreement, security policy, and full implementations for cookie policy, privacy policy, and terms of service. Include CodeMirror 6 editor bundle with basic extensions (line numbers, syntax highlighting, autocompletion, bracket matching, undo history, search, linting) and minified CSS for legacy editor styling.
Add a check in FileList.connectedCallback to skip loading all files when
data-search-mode attribute is present, preventing empty result sets from
overwriting search results on partial matches. Introduce a monotonically
increasing search ID counter in RBoxApp to discard responses from outdated
search requests, ensuring only the latest query result is rendered and
stale error messages are suppressed.
Add composite index on usage_records for user_id, record_type, and timestamp columns; add individual indexes on record_type, timestamp, period_start, and status fields in billing models. Implement lazy Stripe API key initialization via _ensure_api_key method called before each Stripe operation. Fix monthly usage query to use date range filtering instead of year/month decomposition. Refactor auth login endpoint to replace OAuth2PasswordRequestForm dependency with custom LoginRequest model. Add error handling wrapper around current usage endpoint and introduce loading/error CSS classes for billing UI. Convert code editor view from absolute positioning to fixed overlay with centered modal container. Include Stripe.js script tag in index.html and add new APIContract class for response validation against schemas.
- Implement two-factor authentication with TOTP verification, recovery codes, and QR code setup in auth flow
- Add is_starred and last_accessed_at fields to File and Folder models for bookmarking and recency tracking
- Introduce batch operation endpoints for files and folders (delete, star, unstar, move, copy)
- Configure structured logging with timestamps and module names, replacing print statements
- Register admin and starred routers, add global HTTPException handler with JSON error responses
- Update authenticate_user and create_access_token to handle 2FA verification and token claims