fix(deps): update dependency authlib to v1.3.1 (#3696)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

.devcontainer/devcontainer.json

@@ -30,7 +30,6 @@
         "dbaeumer.vscode-eslint",
         "matangover.mypy",
         "ms-python.black-formatter",
-        "ms-python.isort",
         "ms-python.pylint",
         "ms-python.python",
         "ms-python.vscode-pylance",
@@ -42,6 +41,7 @@
   "forwardPorts": [
     3000,
     9000,
+    9091, // used by docker production
     24678 // used by nuxt when hot-reloading using polling
   ],
   // Use 'onCreateCommand' to run commands at the end of container creation.
@@ -49,7 +49,9 @@
   "onCreateCommand": "sudo chown -R vscode:vscode /workspaces/mealie/frontend/node_modules && task setup",
   // Comment out to connect as root instead. More info: https://aka.ms/vscode-remote/containers/non-root.
   "remoteUser": "vscode",
-  // "features": {
-  //   "git": "latest"
-  // }
+  "features": {
+    "ghcr.io/devcontainers/features/docker-in-docker:2": {
+      "dockerDashComposeVersion": "v2"
+    }
+  }
 }

.github/DISCUSSION_TEMPLATE/feature-request.yaml

@@ -11,7 +11,7 @@ body:
       options:
         - label: I used the GitHub search to find a similar requests and didn't find it.
           required: true
-        - label: Checked the [tasks tagged](https://github.com/hay-kot/mealie/issues?q=is%3Aissue+is%3Aopen+label%3Atask+) issues and verified my feature is not covered
+        - label: Checked the [tasks tagged](https://github.com/mealie-recipes/mealie/issues?q=is%3Aissue+is%3Aopen+label%3Atask+) issues and verified my feature is not covered
           required: true
   - type: textarea
     id: problem

.github/DISCUSSION_TEMPLATE/oauth-provider-example.yaml

@@ -0,0 +1,9 @@
+---
+title: OAuth setup with <PROVIDER>
+body:
+- type: textarea
+  attributes:
+    label: Configuration Example
+    description: Add your example configuration. You can provide code blocks, screenshots, and links.
+  validations: 
+    required: true

.github/ISSUE_TEMPLATE/task.yaml

@@ -1,7 +1,7 @@
 ---
-name: v1.0.0b Task
+name: Task
 description: "CONTRIBUTORS ONLY: Submit a Task that needs to be completed"
-title: "[v1.0.0b] [Task] - TASK DESCRIPTION"
+title: "[Task] - TASK DESCRIPTION"
 labels:
   - task
   - v1
@@ -11,17 +11,17 @@ body:
       value: |
         Thanks for your interest in Mealie! 🚀
 
-        This is a place for Mealie contributors to find tasks that need to get done around the repository. Tasks are different than issues as they are generally related to providing a new feature or improve an existing feature. They are _generally_ not related to an issue.
+        This is a place for Mealie contributors to find tasks that need to get done around the repository. Tasks are different than issues as they are generally related to providing a new feature or improving an existing feature. They are _generally_ not related to an issue.
 
         **DO NOT** create a task unless
-        - You are a contributors who has prior approval via discord/discussions
+        - You are a contributor who has prior approval via discord/discussions
         - You have otherwise been given approval to post the tasks
 
         Otherwise, your post will be closed/deleted.
 
         **Interested in Taking This?**
 
-        If you're interested in completing this tasks and it hasn't already been taken, comment below and to let others know you're working on it. As you work through the task, I ask that you submit a draft pull request as soon as possible, and tag this issue so we can all collaborate as best as possible.
+        If you're interested in completing this task and it hasn't already been taken, comment below and to let others know you're working on it. As you work through the task, I ask that you submit a draft pull request as soon as possible, and tag this issue so we can all collaborate as best as possible.
   - type: textarea
     id: problem
     attributes:
@@ -33,6 +33,6 @@ body:
     id: solution
     attributes:
       label: Proposed/Possible Solution(s)?
-      placeholder: Provide as much context around the idea as possible with potential files and roadblocks that may come up
+      placeholder: Provide as much context around the idea as possible with potential files and roadblocks that may come up.
     validations:
       required: true

.github/pull_request_template.md

@@ -1,6 +1,12 @@
 <!--
   This template provides some ideas of things to include in your PR description.
-  To start, try providing a short summary of your changes in the Title above.
+  
+  To start, try providing a short summary of your changes in the Title above. We follow Conventional Commits syntax, please ensure your title is prefixed with one of:
+  - `feat: `
+  - `fix: `
+  - `docs: `
+  - `chore: `
+  
   If a section of the PR template does not apply to this PR, then delete that section.
 
   PLEASE READ:
@@ -36,6 +42,8 @@ _(REQUIRED)_
   Briefly explain any decisions you made with respect to the changes.
   Include anything here that you didn't include in *Release Notes*
   above, such as changes to CI or changes to internal methods.
+
+  If there is a UI component to the change, please include before/after images.
 -->
 
 ## Which issue(s) this PR fixes:
@@ -44,7 +52,7 @@ _(REQUIRED)_
 
 <!--
 If this PR fixes one of more issues, list them here.
-One line each, like so:
+One per line, like so:
 Fixes #123
 Fixes #39
 -->

.github/workflows/e2e.yml

@@ -0,0 +1,46 @@
+name: E2E Tests
+on:
+  pull_request:
+    branches:
+      - mealie-next
+jobs:
+  test:
+    timeout-minutes: 60
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: ./tests/e2e
+    steps:
+    - uses: actions/checkout@v3
+    - uses: actions/setup-node@v3
+      with:
+        node-version: 18
+        cache: 'yarn'
+        cache-dependency-path: ./tests/e2e/yarn.lock
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+    - name: Build Image
+      uses: docker/build-push-action@v5
+      with:
+        file: ./docker/Dockerfile
+        context: .
+        push: false
+        load: true
+        tags: mealie:e2e
+        cache-from: type=gha
+        cache-to: type=gha,mode=max
+    - name: Deploy E2E Test Environment
+      run: docker compose up -d
+      working-directory: ./tests/e2e/docker
+    - name: Install dependencies
+      run: npm install -g yarn && yarn
+    - name: Install Playwright Browsers
+      run: yarn playwright install --with-deps
+    - name: Check test environment
+      run: docker ps
+    - name: Run Playwright tests
+      run: yarn playwright test
+    - name: Destroy Test Environment
+      if: always()
+      run: docker compose down --volumes
+      working-directory: ./tests/e2e/docker

.github/workflows/nightly.yml

@@ -4,6 +4,12 @@ on:
   push:
     branches:
       - mealie-next
+    paths-ignore:
+      - '*.md'
+      - '.devcontainer/**'
+      # I'm not excluding .github as changes in there might be to workflows etc
+      - '.vscode/**'
+      - 'docs/**'
 
 concurrency:
   group: nightly-${{ github.ref }}
@@ -22,7 +28,13 @@ jobs:
     permissions:
       contents: read
       packages: write
+      # The id-token write permission is needed to connect to Depot.dev
+      # as part of the partial-builder.yml action. It needs to be declared
+      # in the parent action, as noted here:
+      # https://github.com/orgs/community/discussions/76409#discussioncomment-8131390
+      id-token: write
     name: Build Tagged Release
+    if: github.repository == 'mealie-recipes/mealie'
     uses: ./.github/workflows/partial-builder.yml
     needs:
       - frontend-tests
@@ -35,6 +47,7 @@ jobs:
 
   notify-discord:
     name: Notify Discord
+    if: github.repository == 'mealie-recipes/mealie'
     needs:
       - build-release
     runs-on: ubuntu-latest

.github/workflows/partial-backend.yml

@@ -66,7 +66,7 @@ jobs:
         id: cache-validate
         if: steps.cached-poetry-dependencies.outputs.cache-hit == 'true'
         run: |
-          echo "import black;print('venv good?')" > test.py && poetry run python test.py && echo "cache-hit-success=true" >> $GITHUB_OUTPUT
+          echo "import fastapi;print('venv good?')" > test.py && poetry run python test.py && echo "cache-hit-success=true" >> $GITHUB_OUTPUT
           rm test.py
         continue-on-error: true
 
@@ -75,12 +75,12 @@ jobs:
           sudo apt-get update
           sudo apt-get install libsasl2-dev libldap2-dev libssl-dev
           poetry install
-          poetry add "psycopg2-binary==2.8.6"
+          poetry add "psycopg2-binary==2.9.9"
         if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true' || steps.cache-validate.outputs.cache-hit-success != 'true'
 
-      - name: Formatting (Black)
+      - name: Formatting (Ruff)
         run: |
-          poetry run black . --check
+          poetry run ruff format . --check
 
       - name: Lint (Ruff)
         run: |

.github/workflows/partial-builder.yml

@@ -35,19 +35,16 @@ jobs:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
 
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
       - name: Override __init__.py
         run: |
           echo "__version__ = \"${{ inputs.tag }}\"" > ./mealie/__init__.py
 
-      - name: Build and push Docker image
-        uses: docker/build-push-action@v5
+      - uses: depot/setup-action@v1
+
+      - name: Build and push Docker image, via Depot.dev
+        uses: depot/build-push-action@v1
         with:
+          project: srzjb6mhzm
           file: ./docker/Dockerfile
           context: .
           platforms: linux/amd64,linux/arm64
@@ -58,6 +55,3 @@ jobs:
             ${{ inputs.tags }}
           build-args: |
             COMMIT=${{ github.sha }}
-          # https://docs.docker.com/build/ci/github-actions/cache/#github-cache
-          cache-from: type=gha
-          cache-to: type=gha,mode=max

.github/workflows/pull-request-lint.yml

@@ -0,0 +1,41 @@
+name: Pull Request Linter
+
+on:
+  workflow_call:
+  pull_request:
+    types: [edited] # This captures the PR title changing
+    branches:
+      - mealie-next
+
+jobs:
+  validate-title:
+    name: Validate PR title
+    runs-on: ubuntu-latest
+    steps:
+      # https://github.com/amannn/action-semantic-pull-request
+      - uses: amannn/action-semantic-pull-request@v5
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          # Configure which types are allowed (newline-delimited).
+          # Default: https://github.com/commitizen/conventional-commit-types
+          types: |
+            fix
+            feat
+            docs
+            chore
+          # Configure which scopes are allowed (newline-delimited).
+          # These are regex patterns auto-wrapped in `^ $`.
+          scopes: |
+            deps
+            auto
+            l10n
+          # Configure that a scope must always be provided.
+          requireScope: false
+          # If the PR contains one of these newline-delimited labels, the
+          # validation is skipped. If you want to rerun the validation when
+          # labels change, you might want to use the `labeled` and `unlabeled`
+          # event triggers in your workflow.
+          ignoreLabels: |
+            bot
+            ignore-semantic-pull-request

.github/workflows/pull-requests.yml

@@ -6,6 +6,10 @@ on:
       - mealie-next
 
 jobs:
+  pull-request-lint:
+    name: "Lint PR"
+    uses: ./.github/workflows/pull-request-lint.yml
+
   backend-tests:
     name: "Backend Server Tests"
     uses: ./.github/workflows/partial-backend.yml

.github/workflows/release.yml

@@ -17,6 +17,11 @@ jobs:
     permissions:
       contents: read
       packages: write
+      # The id-token write permission is needed to connect to Depot.dev
+      # as part of the partial-builder.yml action. It needs to be declared
+      # in the parent action, as noted here:
+      # https://github.com/orgs/community/discussions/76409#discussioncomment-8131390
+      id-token: write
     name: Build Tagged Release
     uses: ./.github/workflows/partial-builder.yml
     needs:
@@ -42,4 +47,34 @@ jobs:
           DISCORD_WEBHOOK: ${{ secrets.DISCORD_RELEASE_WEBHOOK }}
         uses: Ilshidur/action-discord@0.3.2
         with:
-          args: "🚀  Version {{ EVENT_PAYLOAD.release.tag_name }} of Mealie has been released. See the release notes https://github.com/hay-kot/mealie/releases/tag/{{ EVENT_PAYLOAD.release.tag_name }}"
+          args: "🚀  Version {{ EVENT_PAYLOAD.release.tag_name }} of Mealie has been released. See the release notes https://github.com/mealie-recipes/mealie/releases/tag/{{ EVENT_PAYLOAD.release.tag_name }}"
+
+  update-image-tags:
+    name: Update image tag in sample docker-compose files
+    needs:
+      - build-release
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+    steps:
+      - name: Checkout 🛎
+        uses: actions/checkout@v4
+
+      - name: Modify version strings
+        run: |
+          sed -i 's/:v[0-9]*.[0-9]*.[0-9]*/:${{ github.event.release.tag_name }}/' docs/docs/documentation/getting-started/installation/sqlite.md
+          sed -i 's/:v[0-9]*.[0-9]*.[0-9]*/:${{ github.event.release.tag_name }}/' docs/docs/documentation/getting-started/installation/postgres.md
+
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@v6
+        # This doesn't currently work for us because it creates the PR but the workflows don't run.
+        # TODO: Provide a personal access token as a parameter here, that solves that problem.
+        # https://github.com/peter-evans/create-pull-request
+        with:
+          commit-message: "Update image tag, for release ${{ github.event.release.tag_name }}"
+          branch: "docs/newrelease-update-version-${{ github.event.release.tag_name }}"
+          delete-branch: true
+          base: mealie-next
+          title: "docs(auto): Update image tag, for release ${{ github.event.release.tag_name }}"
+          body: "Auto-generated by `.github/workflows/release.yml`, on publish of release ${{ github.event.release.tag_name }}"

.pre-commit-config.yaml

@@ -10,7 +10,8 @@ repos:
       - id: end-of-file-fixer
       - id: trailing-whitespace
         exclude: ^tests/data/
-  - repo: https://github.com/psf/black
-    rev: 23.1.0
+  - repo: https://github.com/astral-sh/ruff-pre-commit
+    # Ruff version.
+    rev: v0.4.3
     hooks:
-      - id: black
+      - id: ruff-format

.vscode/settings.json

@@ -60,8 +60,5 @@
   },
   "[vue]": {
     "editor.formatOnSave": false
-  },
-  "[python]": {
-    "editor.defaultFormatter": "ms-python.black-formatter",
-  },
+  }
 }

.vscode/tasks.json

@@ -24,16 +24,6 @@
       },
       "problemMatcher": []
     },
-    {
-      "label": "Init Database",
-      "command": "poetry run python mealie/db/init_db.py",
-      "type": "shell",
-      "presentation": {
-        "reveal": "always",
-        "group": "groupA"
-      },
-      "problemMatcher": []
-    },
     {
       "label": "Dev: Start Frontend",
       "command": "task ui",

README.md

@@ -18,9 +18,9 @@
   <h3 align="center">Mealie</h3>
 
   <p align="center">
-    A Place for All Your Recipes
+    A Place For All Your Recipes
     <br />
-    <a href="https://nightly.mealie.io"><strong>Explore the docs »</strong></a>
+    <a href="https://docs.mealie.io/"><strong>Explore the docs »</strong></a>
   <a href="https://github.com/mealie-recipes/mealie">
   </a>
     <br />
@@ -38,12 +38,20 @@
 
 # About The Project
 
-Mealie is a self hosted recipe manager and meal planner with a RestAPI backend and a reactive frontend application built in Vue for a pleasant user experience for the whole family. Easily add recipes into your database by providing the URL and Mealie will automatically import the relevant data, or add a family recipe with the UI editor. Mealie also provides an API for interactions from 3rd party applications.
+Mealie is a self hosted recipe manager, meal planner and shopping list with a RestAPI backend and a reactive frontend built in Vue for a pleasant user experience for the whole family. Easily add recipes into your database by providing the URL and Mealie will automatically import the relevant data, or add a family recipe with the UI editor. Mealie also provides an API for interactions from 3rd party applications.
 
 - [Remember to join the Discord](https://discord.gg/QuStdQGSGK)!
-- [Documentation](https://nightly.mealie.io)
+- [Documentation](https://docs.mealie.io/)
 
 
+## Key Features
+- Recipe imports: Create recipes, by **importing from a URL** or entering data manually
+- Meal Planner: Use the **Meal Planner** to plan your what you'll cook for the next week
+- Shopping List: Put the necessary ingredients on your **Shopping List**, organised into sections of your local supermarket
+- Cookbooks: Group recipes into **Cookbooks** based on your own criteria
+- Docker: Easy **Docker** deployment
+- Localisation: **Translations** for 35+ languages
+
 <!-- CONTRIBUTING -->
 ## Contributing
 
@@ -58,7 +66,7 @@ If you are not a coder, you can still contribute financially. Financial contribu
 
 ### Translations
 
-Translations can be a great way for **non-coders** to contribute to project. We use [Crowdin](https://crowdin.com/project/mealie) to allow several contributors to work on translating Mealie. You can simply help by voting for your preferred translations, or even by completely translating Mealie into a new language.
+Translations can be a great way for **non-coders** to contribute to the project. We use [Crowdin](https://crowdin.com/project/mealie) to allow several contributors to work on translating Mealie. You can simply help by voting for your preferred translations, or even by completely translating Mealie into a new language.
 
 For more information, check out the translation page on the [contributor's guide](https://nightly.mealie.io/contributors/translating/).
 
@@ -71,12 +79,9 @@ Distributed under the AGPL License. See `LICENSE` for more information.
 
 Huge thanks to all the sponsors of this project on [Github Sponsors](https://github.com/sponsors/hay-kot) and Buy Me a Coffee. Without you, this project would surely not be possible.
 
-Thanks to Linode for providing Hosting for the Demo, Beta, and Documentation sites! Another big thanks to JetBrains for providing their IDEs for development.
+Thanks to Depot for providing build instances for our Docker image builds.
 
-<div align='center'>
-  <img height="100" src="docs/docs/assets/img/sponsors-linode.svg" />
-  <img height="100" src="docs/docs/assets/img/sponsors-jetbrains.png" />
-</div>
+[![Built with Depot](https://depot.dev/badges/built-with-depot.svg)](https://depot.dev?utm_source=Mealie)
 
 
 
@@ -91,7 +96,7 @@ Thanks to Linode for providing Hosting for the Demo, Beta, and Documentation sit
 [stars-url]: https://github.com/mealie-recipes/mealie/stargazers
 [issues-shield]: https://img.shields.io/github/issues/mealie-recipes/mealie.svg?style=flat-square
 [issues-url]: https://github.com/mealie-recipes/mealie/issues
-[latest-release-shield]: https://img.shields.io/github/v/release/mealie-recipes/mealie.svg?style=flat-square
+[latest-release-shield]: https://img.shields.io/github/v/release/mealie-recipes/mealie?style=flat-square&label=latest%20release
 [latest-release-url]: https://img.shields.io/github/v/release/mealie-recipes/mealie
 [license-shield]: https://img.shields.io/github/license/mealie-recipes/mealie.svg?style=flat-square
 [license-url]: https://github.com/mealie-recipes/mealie/blob/mealie-next/LICENSE

Taskfile.yml

@@ -14,7 +14,9 @@ env:
   SMTP_HOST: localhost
   SMTP_PORT: 1025
   SMTP_FROM_NAME: MealieDev
+  SMTP_FROM_EMAIL: mealie@example.com
   SMTP_AUTH_STRATEGY: NONE
+  BASE_URL: http://localhost:3000
   LANG: en-US
 
 # loads .env file if it exists
@@ -72,6 +74,7 @@ tasks:
     desc: run code generators
     cmds:
       - poetry run python dev/code-generation/main.py
+      - task: py:format
 
   dev:services:
     desc: starts postgres and mailpit containers
@@ -103,12 +106,12 @@ tasks:
   py:format:
     desc: runs python code formatter
     cmds:
-      - poetry run black mealie
+      - poetry run ruff format .
 
   py:lint:
     desc: runs python linter
     cmds:
-      - poetry run ruff mealie
+      - poetry run ruff check mealie
 
   py:check:
     desc: runs all linters, type checkers, and formatters
@@ -130,7 +133,6 @@ tasks:
   py:
     desc: runs the backend server
     cmds:
-      - poetry run python mealie/db/init_db.py
       - poetry run python mealie/app.py
 
   py:postgres:
@@ -143,9 +145,14 @@ tasks:
       POSTGRES_PORT: 5432
       POSTGRES_DB: mealie
     cmds:
-      - poetry run python mealie/db/init_db.py
       - poetry run python mealie/app.py
 
+  py:migrate:
+    desc: generates a new migration file e.g. task py:migrate:generate "add new column"
+    cmds:
+      - poetry run alembic revision --autogenerate -m "{{ .CLI_ARGS }}"
+      - task: py:format
+
   ui:build:
     desc: builds the frontend in frontend/dist
     dir: frontend

alembic.ini

@@ -58,15 +58,3 @@ sqlalchemy.url =
 # post_write_hooks defines scripts or Python functions that are run
 # on newly generated revision scripts.  See the documentation for further
 # detail and examples
-
-hooks = isort, black
-
-# format using "isort" - use the console_scripts runner, against the "isort" entrypoint
-isort.type = console_scripts
-isort.entrypoint = isort
-isort.options = REVISION_SCRIPT_FILENAME
-
-# format using "black" - use the console_scripts runner, against the "black" entrypoint
-black.type = console_scripts
-black.entrypoint = black
-black.options = REVISION_SCRIPT_FILENAME

alembic/env.py

@@ -22,7 +22,11 @@ target_metadata = SqlAlchemyBase.metadata
 
 # Set DB url from config
 settings = get_app_settings()
-config.set_main_option("sqlalchemy.url", settings.DB_URL)
+
+if not settings.DB_URL:
+    raise Exception("DB URL not set in config")
+
+config.set_main_option("sqlalchemy.url", settings.DB_URL.replace("%", "%%"))
 
 
 def run_migrations_offline():

alembic/versions/2022-02-21-19.56.24_6b0f5f32d602_initial_tables.py

@@ -1,10 +1,11 @@
 """Initial tables
 
 Revision ID: 6b0f5f32d602
-Revises: 
+Revises:
 Create Date: 2022-02-21 19:56:24.351115
 
 """
+
 import sqlalchemy as sa
 from sqlalchemy import engine_from_config
 

alembic/versions/2022-03-23-17.43.34_263dd6707191_convert_quantity_from_integer_to_float.py

@@ -5,6 +5,7 @@ Revises: 6b0f5f32d602
 Create Date: 2022-03-23 17:43:34.727829
 
 """
+
 import sqlalchemy as sa
 
 from alembic import op

alembic/versions/2022-03-27-19.30.28_f1a2dbee5fe9_add_original_text_column_to_recipes_.py

@@ -5,6 +5,7 @@ Revises: 263dd6707191
 Create Date: 2022-03-27 19:30:28.545846
 
 """
+
 import sqlalchemy as sa
 
 from alembic import op

alembic/versions/2022-03-31-19.19.55_59eb59135381_add_tags_to_cookbooks.py

@@ -5,6 +5,7 @@ Revises: f1a2dbee5fe9
 Create Date: 2022-03-31 19:19:55.428965
 
 """
+
 import sqlalchemy as sa
 
 import mealie.db.migration_types

alembic/versions/2022-04-03-10.48.51_09dfc897ad62_add_require_all_for_cookbook_filters.py

@@ -5,6 +5,7 @@ Revises: 59eb59135381
 Create Date: 2022-04-03 10:48:51.379968
 
 """
+
 import sqlalchemy as sa
 
 import mealie.db.migration_types  # noqa: F401

alembic/versions/2022-06-01-11.12.06_ab0bae02578f_add_use_abbreviation_column_to_.py

@@ -5,6 +5,7 @@ Revises: 09dfc897ad62
 Create Date: 2022-06-01 11:12:06.748383
 
 """
+
 import sqlalchemy as sa
 
 from alembic import op

alembic/versions/2022-06-15-21.05.34_f30cf048c228_add_new_webhook_fields.py

@@ -6,6 +6,7 @@ Revises: ab0bae02578f
 Create Date: 2022-06-15 21:05:34.851857
 
 """
+
 import sqlalchemy as sa
 
 from alembic import op

alembic/versions/2022-08-12-19.05.59_188374910655_add_login_attemps_and_locked_at_field_.py

@@ -5,6 +5,7 @@ Revises: f30cf048c228
 Create Date: 2022-08-12 19:05:59.776361
 
 """
+
 import sqlalchemy as sa
 
 from alembic import op

alembic/versions/2022-08-13-17.07.07_089bfa50d0ed_add_is_ocr_recipe_column_to_recipes.py

@@ -5,6 +5,7 @@ Revises: 188374910655
 Create Date: 2022-08-05 17:07:07.389271
 
 """
+
 import sqlalchemy as sa
 
 from alembic import op

alembic/versions/2022-08-29-13.57.40_44e8d670719d_add_extras_to_shopping_lists_list_items_.py

@@ -5,6 +5,7 @@ Revises: 089bfa50d0ed
 Create Date: 2022-08-29 13:57:40.452245
 
 """
+
 import sqlalchemy as sa
 
 import mealie.db.migration_types

alembic/versions/2022-09-27-14.53.14_2ea7a807915c_add_recipe_timeline_events_table.py

@@ -5,6 +5,7 @@ Revises: 44e8d670719d
 Create Date: 2022-09-27 14:53:14.111054
 
 """
+
 import sqlalchemy as sa
 
 import mealie.db.migration_types

alembic/versions/2022-11-03-13.10.24_1923519381ad_renamed_timeline_event_message_and_.py

@@ -5,6 +5,7 @@ Revises: 2ea7a807915c
 Create Date: 2022-11-03 13:10:24.811134
 
 """
+
 import sqlalchemy as sa
 
 from alembic import op

alembic/versions/2022-11-22-03.42.45_167eb69066ad_add_recipe_scale_to_shopping_list_item_.py

@@ -5,6 +5,7 @@ Revises: 1923519381ad
 Create Date: 2022-11-22 03:42:45.494567
 
 """
+
 import sqlalchemy as sa
 
 from alembic import op

alembic/versions/2023-01-21-16.54.44_165d943c64ee_add_related_user_to_mealplan.py

@@ -5,6 +5,7 @@ Revises: 167eb69066ad
 Create Date: 2023-01-21 16:54:44.368768
 
 """
+
 import sqlalchemy as sa
 
 import mealie.db.migration_types

alembic/versions/2023-02-10-21.18.32_16160bf731a0_add_more_indices_necessary_for_search.py

@@ -5,6 +5,7 @@ Revises: ff5f73b01a7a
 Create Date: 2023-02-10 21:18:32.405130
 
 """
+
 import sqlalchemy as sa
 
 import mealie.db.migration_types

alembic/versions/2023-02-14-20.45.41_5ab195a474eb_add_normalized_search_properties.py

@@ -5,6 +5,7 @@ Revises: 16160bf731a0
 Create Date: 2023-02-14 20:45:41.102571
 
 """
+
 import sqlalchemy as sa
 from sqlalchemy import orm, select
 from sqlalchemy.orm import DeclarativeBase, Mapped, mapped_column

alembic/versions/2023-02-21-22.03.19_b04a08da2108_added_shopping_list_label_settings.py

@@ -5,10 +5,11 @@ Revises: 5ab195a474eb
 Create Date: 2023-21-02 22:03:19.837244
 
 """
+
 from uuid import uuid4
 
 import sqlalchemy as sa
-from sqlalchemy.orm.session import Session
+from sqlalchemy import orm
 
 import mealie.db.migration_types
 from alembic import op
@@ -22,8 +23,10 @@ branch_labels = None
 depends_on = None
 
 
-def populate_shopping_lists_multi_purpose_labels(shopping_lists_multi_purpose_labels_table: sa.Table, session: Session):
-    shopping_lists = session.query(ShoppingList).all()
+def populate_shopping_lists_multi_purpose_labels(
+    shopping_lists_multi_purpose_labels_table: sa.Table, session: orm.Session
+):
+    shopping_lists = session.query(ShoppingList).options(orm.load_only(ShoppingList.id, ShoppingList.group_id)).all()
 
     shopping_lists_labels_data: list[dict] = []
     for shopping_list in shopping_lists:
@@ -59,7 +62,7 @@ def upgrade():
     )
     # ### end Alembic commands ###
 
-    session = Session(bind=op.get_bind())
+    session = orm.Session(bind=op.get_bind())
     populate_shopping_lists_multi_purpose_labels(shopping_lists_multi_purpose_labels_table, session)
 
 

alembic/versions/2023-02-22-21.45.52_38514b39a824_add_auth_method_to_user_table.py

@@ -5,6 +5,7 @@ Revises: b04a08da2108
 Create Date: 2023-02-22 21:45:52.900964
 
 """
+
 import sqlalchemy as sa
 
 import mealie.db.migration_types

alembic/versions/2023-04-13-06.47.04_b3dbb554ba53_postgres_fuzzy_search.py

@@ -5,6 +5,7 @@ Revises: 38514b39a824
 Create Date: 2023-04-13 06:47:04.617131
 
 """
+
 import sqlalchemy as sa
 
 import mealie.db.migration_types

alembic/versions/2023-08-06-21.00.34_04ac51cbe9a4_added_group_slug.py

@@ -5,6 +5,7 @@ Revises: b3dbb554ba53
 Create Date: 2023-08-06 21:00:34.582905
 
 """
+
 import sqlalchemy as sa
 from slugify import slugify
 from sqlalchemy.orm import Session

alembic/versions/2023-08-14-19.30.49_1825b5225403_added_recipe_note_to_shopping_list_.py

@@ -5,6 +5,7 @@ Revises: 04ac51cbe9a4
 Create Date: 2023-08-14 19:30:49.103185
 
 """
+
 import sqlalchemy as sa
 
 from alembic import op

alembic/versions/2023-08-15-16.25.07_bcfdad6b7355_remove_tool_name_and_slug_unique_.py

@@ -5,6 +5,7 @@ Revises: 1825b5225403
 Create Date: 2023-08-15 16:25:07.058929
 
 """
+
 from alembic import op
 
 # revision identifiers, used by Alembic.

alembic/versions/2023-09-01-14.55.42_0341b154f79a_added_normalized_unit_and_food_names.py

@@ -5,6 +5,7 @@ Revises: bcfdad6b7355
 Create Date: 2023-09-01 14:55:42.166766
 
 """
+
 import sqlalchemy as sa
 from sqlalchemy import orm, select
 

alembic/versions/2023-10-04-14.29.26_dded3119c1fe_added_unique_constraints.py

@@ -5,6 +5,7 @@ Revises: 0341b154f79a
 Create Date: 2023-10-04 14:29:26.688065
 
 """
+
 from collections import defaultdict
 from dataclasses import dataclass
 from typing import Any
@@ -58,7 +59,12 @@ def _resolve_duplicate_food(
     keep_food_id: UUID4,
     dupe_food_id: UUID4,
 ):
-    for shopping_list_item in session.query(ShoppingListItem).filter_by(food_id=dupe_food_id).all():
+    for shopping_list_item in (
+        session.query(ShoppingListItem)
+        .options(load_only(ShoppingListItem.id, ShoppingListItem.food_id))
+        .filter_by(food_id=dupe_food_id)
+        .all()
+    ):
         shopping_list_item.food_id = keep_food_id
 
     for recipe_ingredient in (
@@ -81,10 +87,20 @@ def _resolve_duplicate_unit(
     keep_unit_id: UUID4,
     dupe_unit_id: UUID4,
 ):
-    for shopping_list_item in session.query(ShoppingListItem).filter_by(unit_id=dupe_unit_id).all():
+    for shopping_list_item in (
+        session.query(ShoppingListItem)
+        .options(load_only(ShoppingListItem.id, ShoppingListItem.unit_id))
+        .filter_by(unit_id=dupe_unit_id)
+        .all()
+    ):
         shopping_list_item.unit_id = keep_unit_id
 
-    for recipe_ingredient in session.query(RecipeIngredientModel).filter_by(unit_id=dupe_unit_id).all():
+    for recipe_ingredient in (
+        session.query(RecipeIngredientModel)
+        .options(load_only(RecipeIngredientModel.id, RecipeIngredientModel.unit_id))
+        .filter_by(unit_id=dupe_unit_id)
+        .all()
+    ):
         recipe_ingredient.unit_id = keep_unit_id
 
     session.commit()
@@ -99,10 +115,20 @@ def _resolve_duplicate_label(
     keep_label_id: UUID4,
     dupe_label_id: UUID4,
 ):
-    for shopping_list_item in session.query(ShoppingListItem).filter_by(label_id=dupe_label_id).all():
+    for shopping_list_item in (
+        session.query(ShoppingListItem)
+        .options(load_only(ShoppingListItem.id, ShoppingListItem.label_id))
+        .filter_by(label_id=dupe_label_id)
+        .all()
+    ):
         shopping_list_item.label_id = keep_label_id
 
-    for ingredient_food in session.query(IngredientFoodModel).filter_by(label_id=dupe_label_id).all():
+    for ingredient_food in (
+        session.query(IngredientFoodModel)
+        .options(load_only(IngredientFoodModel.id, IngredientFoodModel.label_id))
+        .filter_by(label_id=dupe_label_id)
+        .all()
+    ):
         ingredient_food.label_id = keep_label_id
 
     session.commit()

alembic/versions/2023-10-19-19.22.55_ba1e4a6cfe99_added_plural_names_and_alias_tables_for_.py

@@ -5,6 +5,7 @@ Revises: dded3119c1fe
 Create Date: 2023-10-19 19:22:55.369319
 
 """
+
 import sqlalchemy as sa
 
 import mealie.db.migration_types

alembic/versions/2024-02-23-16.15.07_2298bb460ffd_added_user_to_shopping_list.py

@@ -0,0 +1,101 @@
+"""added user to shopping list
+
+Revision ID: 2298bb460ffd
+Revises: ba1e4a6cfe99
+Create Date: 2024-02-23 16:15:07.115641
+
+"""
+
+from uuid import UUID
+
+import sqlalchemy as sa
+from sqlalchemy import orm
+
+import mealie.db.migration_types
+from alembic import op
+from mealie.core.root_logger import get_logger
+
+logger = get_logger()
+
+# revision identifiers, used by Alembic.
+revision = "2298bb460ffd"
+down_revision = "ba1e4a6cfe99"
+branch_labels = None
+depends_on = None
+
+
+def is_postgres():
+    return op.get_context().dialect.name == "postgresql"
+
+
+def find_user_id_for_group(group_id: UUID):
+    bind = op.get_bind()
+    session = orm.Session(bind=bind)
+
+    if is_postgres():
+        stmt = "SELECT id FROM users WHERE group_id=:group_id AND admin = TRUE LIMIT 1"
+    else:
+        stmt = "SELECT id FROM users WHERE group_id=:group_id AND admin = 1 LIMIT 1"
+
+    with session:
+        try:
+            # try to find an admin user
+            return session.execute(sa.text(stmt).bindparams(group_id=group_id)).scalar_one()
+        except orm.exc.NoResultFound:
+            pass
+
+        try:
+            # fallback to any user
+            return session.execute(
+                sa.text("SELECT id FROM users WHERE group_id=:group_id LIMIT 1").bindparams(group_id=group_id)
+            ).scalar_one()
+        except orm.exc.NoResultFound:
+            pass
+
+        # no user could be found
+        return None
+
+
+def populate_shopping_list_users():
+    bind = op.get_bind()
+    session = orm.Session(bind=bind)
+
+    with session:
+        list_ids_and_group_ids = session.execute(sa.text("SELECT id, group_id FROM shopping_lists")).all()
+        for list_id, group_id in list_ids_and_group_ids:
+            user_id = find_user_id_for_group(group_id)
+            if user_id:
+                session.execute(
+                    sa.text(f"UPDATE shopping_lists SET user_id=:user_id WHERE id=:id").bindparams(
+                        user_id=user_id, id=list_id
+                    )
+                )
+            else:
+                logger.warning(
+                    f"No user found for shopping list {list_id} with group {group_id}; deleting shopping list"
+                )
+                session.execute(sa.text(f"DELETE FROM shopping_lists WHERE id=:id").bindparams(id=list_id))
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table("shopping_lists") as batch_op:
+        # allow nulls during migration
+        batch_op.add_column(sa.Column("user_id", mealie.db.migration_types.GUID(), nullable=True))
+        batch_op.create_index(op.f("ix_shopping_lists_user_id"), ["user_id"], unique=False)
+        batch_op.create_foreign_key("fk_user_shopping_lists", "users", ["user_id"], ["id"])
+    # ### end Alembic commands ###
+
+    populate_shopping_list_users()
+
+    # forbid nulls after migration
+    with op.batch_alter_table("shopping_lists") as batch_op:
+        batch_op.alter_column("user_id", nullable=False)
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_constraint(None, "shopping_lists", type_="foreignkey")
+    op.drop_index(op.f("ix_shopping_lists_user_id"), table_name="shopping_lists")
+    op.drop_column("shopping_lists", "user_id")
+    # ### end Alembic commands ###

alembic/versions/2024-03-10-05.08.32_09aba125b57a_add_oidc_auth_method.py

@@ -0,0 +1,31 @@
+"""add OIDC auth method
+
+Revision ID: 09aba125b57a
+Revises: 2298bb460ffd
+Create Date: 2024-03-10 05:08:32.397027
+
+"""
+
+import sqlalchemy as sa
+
+import mealie.db.migration_types
+from alembic import op
+
+# revision identifiers, used by Alembic.
+revision = "09aba125b57a"
+down_revision = "2298bb460ffd"
+branch_labels = None
+depends_on = None
+
+
+def is_postgres():
+    return op.get_context().dialect.name == "postgresql"
+
+
+def upgrade():
+    if is_postgres():
+        op.execute("ALTER TYPE authmethod ADD VALUE 'OIDC'")
+
+
+def downgrade():
+    pass

alembic/versions/2024-03-18-02.28.15_d7c6efd2de42_migrate_favorites_and_ratings_to_user_.py

@@ -0,0 +1,229 @@
+"""migrate favorites and ratings to user_ratings
+
+Revision ID: d7c6efd2de42
+Revises: 09aba125b57a
+Create Date: 2024-03-18 02:28:15.896959
+
+"""
+
+from datetime import datetime
+from textwrap import dedent
+from typing import Any
+from uuid import uuid4
+
+import sqlalchemy as sa
+from sqlalchemy import orm
+
+import mealie.db.migration_types
+from alembic import op
+
+# revision identifiers, used by Alembic.
+revision = "d7c6efd2de42"
+down_revision = "09aba125b57a"
+branch_labels = None
+depends_on = None
+
+
+def is_postgres():
+    return op.get_context().dialect.name == "postgresql"
+
+
+def new_user_rating(user_id: Any, recipe_id: Any, rating: float | None = None, is_favorite: bool = False):
+    if is_postgres():
+        id = str(uuid4())
+    else:
+        id = "%.32x" % uuid4().int
+
+    now = datetime.now().isoformat()
+    return {
+        "id": id,
+        "user_id": user_id,
+        "recipe_id": recipe_id,
+        "rating": rating,
+        "is_favorite": is_favorite,
+        "created_at": now,
+        "update_at": now,
+    }
+
+
+def migrate_user_favorites_to_user_ratings():
+    bind = op.get_bind()
+    session = orm.Session(bind=bind)
+
+    with session:
+        user_ids_and_recipe_ids = session.execute(sa.text("SELECT user_id, recipe_id FROM users_to_favorites")).all()
+        rows = [
+            new_user_rating(user_id, recipe_id, is_favorite=True)
+            for user_id, recipe_id in user_ids_and_recipe_ids
+            if user_id and recipe_id
+        ]
+
+        if is_postgres():
+            query = dedent(
+                """
+                INSERT INTO users_to_recipes (id, user_id, recipe_id, rating, is_favorite, created_at, update_at)
+                VALUES (:id, :user_id, :recipe_id, :rating, :is_favorite, :created_at, :update_at)
+                ON CONFLICT DO NOTHING
+                """
+            )
+        else:
+            query = dedent(
+                """
+                INSERT OR IGNORE INTO users_to_recipes
+                (id, user_id, recipe_id, rating, is_favorite, created_at, update_at)
+                VALUES (:id, :user_id, :recipe_id, :rating, :is_favorite, :created_at, :update_at)
+                """
+            )
+
+        for row in rows:
+            session.execute(sa.text(query), row)
+
+
+def migrate_group_to_user_ratings(group_id: Any):
+    bind = op.get_bind()
+    session = orm.Session(bind=bind)
+
+    with session:
+        user_ids = (
+            session.execute(sa.text("SELECT id FROM users WHERE group_id=:group_id").bindparams(group_id=group_id))
+            .scalars()
+            .all()
+        )
+
+        recipe_ids_ratings = session.execute(
+            sa.text(
+                "SELECT id, rating FROM recipes WHERE group_id=:group_id AND rating > 0 AND rating IS NOT NULL"
+            ).bindparams(group_id=group_id)
+        ).all()
+
+        # Convert recipe ratings to user ratings. Since we don't know who
+        # rated the recipe initially, we copy the rating to all users.
+        rows: list[dict] = []
+        for recipe_id, rating in recipe_ids_ratings:
+            for user_id in user_ids:
+                rows.append(new_user_rating(user_id, recipe_id, rating, is_favorite=False))
+
+        if is_postgres():
+            insert_query = dedent(
+                """
+                INSERT INTO users_to_recipes (id, user_id, recipe_id, rating, is_favorite, created_at, update_at)
+                VALUES (:id, :user_id, :recipe_id, :rating, :is_favorite, :created_at, :update_at)
+                ON CONFLICT (user_id, recipe_id) DO NOTHING;
+                """
+            )
+        else:
+            insert_query = dedent(
+                """
+                INSERT OR IGNORE INTO users_to_recipes
+                (id, user_id, recipe_id, rating, is_favorite, created_at, update_at)
+                VALUES (:id, :user_id, :recipe_id, :rating, :is_favorite, :created_at, :update_at);
+                """
+            )
+
+        update_query = dedent(
+            """
+            UPDATE users_to_recipes
+            SET rating = :rating, update_at = :update_at
+            WHERE user_id = :user_id AND recipe_id = :recipe_id;
+            """
+        )
+
+        # Create new user ratings with is_favorite set to False
+        for row in rows:
+            session.execute(sa.text(insert_query), row)
+
+        # Update existing user ratings with the correct rating
+        for row in rows:
+            session.execute(sa.text(update_query), row)
+
+
+def migrate_to_user_ratings():
+    migrate_user_favorites_to_user_ratings()
+
+    bind = op.get_bind()
+    session = orm.Session(bind=bind)
+
+    with session:
+        group_ids = session.execute(sa.text("SELECT id FROM groups")).scalars().all()
+
+    for group_id in group_ids:
+        migrate_group_to_user_ratings(group_id)
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.create_table(
+        "users_to_recipes",
+        sa.Column("user_id", mealie.db.migration_types.GUID(), nullable=False),
+        sa.Column("recipe_id", mealie.db.migration_types.GUID(), nullable=False),
+        sa.Column("rating", sa.Float(), nullable=True),
+        sa.Column("is_favorite", sa.Boolean(), nullable=False),
+        sa.Column("id", mealie.db.migration_types.GUID(), nullable=False),
+        sa.Column("created_at", sa.DateTime(), nullable=True),
+        sa.Column("update_at", sa.DateTime(), nullable=True),
+        sa.ForeignKeyConstraint(
+            ["recipe_id"],
+            ["recipes.id"],
+        ),
+        sa.ForeignKeyConstraint(
+            ["user_id"],
+            ["users.id"],
+        ),
+        sa.PrimaryKeyConstraint("user_id", "recipe_id", "id"),
+        sa.UniqueConstraint("user_id", "recipe_id", name="user_id_recipe_id_rating_key"),
+    )
+    op.create_index(op.f("ix_users_to_recipes_created_at"), "users_to_recipes", ["created_at"], unique=False)
+    op.create_index(op.f("ix_users_to_recipes_is_favorite"), "users_to_recipes", ["is_favorite"], unique=False)
+    op.create_index(op.f("ix_users_to_recipes_rating"), "users_to_recipes", ["rating"], unique=False)
+    op.create_index(op.f("ix_users_to_recipes_recipe_id"), "users_to_recipes", ["recipe_id"], unique=False)
+    op.create_index(op.f("ix_users_to_recipes_user_id"), "users_to_recipes", ["user_id"], unique=False)
+
+    migrate_to_user_ratings()
+
+    if is_postgres():
+        op.drop_index("ix_users_to_favorites_recipe_id", table_name="users_to_favorites")
+        op.drop_index("ix_users_to_favorites_user_id", table_name="users_to_favorites")
+        op.alter_column("recipes", "rating", existing_type=sa.INTEGER(), type_=sa.Float(), existing_nullable=True)
+    else:
+        op.execute("DROP INDEX IF EXISTS ix_users_to_favorites_recipe_id")
+        op.execute("DROP INDEX IF EXISTS ix_users_to_favorites_user_id")
+        with op.batch_alter_table("recipes") as batch_op:
+            batch_op.alter_column("rating", existing_type=sa.INTEGER(), type_=sa.Float(), existing_nullable=True)
+
+    op.drop_table("users_to_favorites")
+    op.create_index(op.f("ix_recipes_rating"), "recipes", ["rating"], unique=False)
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.alter_column(
+        "recipes_ingredients", "quantity", existing_type=sa.Float(), type_=sa.INTEGER(), existing_nullable=True
+    )
+    op.drop_index(op.f("ix_recipes_rating"), table_name="recipes")
+    op.alter_column("recipes", "rating", existing_type=sa.Float(), type_=sa.INTEGER(), existing_nullable=True)
+    op.create_unique_constraint("ingredient_units_name_group_id_key", "ingredient_units", ["name", "group_id"])
+    op.create_unique_constraint("ingredient_foods_name_group_id_key", "ingredient_foods", ["name", "group_id"])
+    op.create_table(
+        "users_to_favorites",
+        sa.Column("user_id", sa.CHAR(length=32), nullable=True),
+        sa.Column("recipe_id", sa.CHAR(length=32), nullable=True),
+        sa.ForeignKeyConstraint(
+            ["recipe_id"],
+            ["recipes.id"],
+        ),
+        sa.ForeignKeyConstraint(
+            ["user_id"],
+            ["users.id"],
+        ),
+        sa.UniqueConstraint("user_id", "recipe_id", name="user_id_recipe_id_key"),
+    )
+    op.create_index("ix_users_to_favorites_user_id", "users_to_favorites", ["user_id"], unique=False)
+    op.create_index("ix_users_to_favorites_recipe_id", "users_to_favorites", ["recipe_id"], unique=False)
+    op.drop_index(op.f("ix_users_to_recipes_user_id"), table_name="users_to_recipes")
+    op.drop_index(op.f("ix_users_to_recipes_recipe_id"), table_name="users_to_recipes")
+    op.drop_index(op.f("ix_users_to_recipes_rating"), table_name="users_to_recipes")
+    op.drop_index(op.f("ix_users_to_recipes_is_favorite"), table_name="users_to_recipes")
+    op.drop_index(op.f("ix_users_to_recipes_created_at"), table_name="users_to_recipes")
+    op.drop_table("users_to_recipes")
+    # ### end Alembic commands ###

alembic/versions/2024-04-07-01.05.20_7788478a0338_add_group_recipe_actions.py

@@ -0,0 +1,52 @@
+"""add group recipe actions
+
+Revision ID: 7788478a0338
+Revises: d7c6efd2de42
+Create Date: 2024-04-07 01:05:20.816270
+
+"""
+
+import sqlalchemy as sa
+
+import mealie.db.migration_types
+from alembic import op
+
+# revision identifiers, used by Alembic.
+revision = "7788478a0338"
+down_revision = "d7c6efd2de42"
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.create_table(
+        "recipe_actions",
+        sa.Column("id", mealie.db.migration_types.GUID(), nullable=False),
+        sa.Column("group_id", mealie.db.migration_types.GUID(), nullable=False),
+        sa.Column("action_type", sa.String(), nullable=False),
+        sa.Column("title", sa.String(), nullable=False),
+        sa.Column("url", sa.String(), nullable=False),
+        sa.Column("created_at", sa.DateTime(), nullable=True),
+        sa.Column("update_at", sa.DateTime(), nullable=True),
+        sa.ForeignKeyConstraint(
+            ["group_id"],
+            ["groups.id"],
+        ),
+        sa.PrimaryKeyConstraint("id"),
+    )
+    op.create_index(op.f("ix_recipe_actions_action_type"), "recipe_actions", ["action_type"], unique=False)
+    op.create_index(op.f("ix_recipe_actions_created_at"), "recipe_actions", ["created_at"], unique=False)
+    op.create_index(op.f("ix_recipe_actions_group_id"), "recipe_actions", ["group_id"], unique=False)
+    op.create_index(op.f("ix_recipe_actions_title"), "recipe_actions", ["title"], unique=False)
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_index(op.f("ix_recipe_actions_title"), table_name="recipe_actions")
+    op.drop_index(op.f("ix_recipe_actions_group_id"), table_name="recipe_actions")
+    op.drop_index(op.f("ix_recipe_actions_created_at"), table_name="recipe_actions")
+    op.drop_index(op.f("ix_recipe_actions_action_type"), table_name="recipe_actions")
+    op.drop_table("recipe_actions")
+    # ### end Alembic commands ###

crowdin.yml

@@ -1,4 +1,8 @@
 preserve_hierarchy: false
+pull_request_title: "chore(l10n): New Crowdin updates"
+pull_request_labels: [
+  "l10n"
+]
 files:
   - source: /frontend/lang/messages/en-US.json
     translation: /frontend/lang/messages/%locale%.json

dev/code-generation/gen_py_pytest_routes.py

@@ -3,8 +3,8 @@ from pathlib import Path
 
 from fastapi import FastAPI
 from jinja2 import Template
-from pydantic import BaseModel
-from utils import PROJECT_DIR, CodeTemplates, HTTPRequest, RouteObject
+from pydantic import BaseModel, ConfigDict
+from utils import PROJECT_DIR, CodeTemplates, HTTPRequest, RouteObject, RequestType
 
 CWD = Path(__file__).parent
 
@@ -12,23 +12,25 @@ OUTFILE = PROJECT_DIR / "tests" / "utils" / "api_routes" / "__init__.py"
 
 
 class PathObject(BaseModel):
+    model_config = ConfigDict(arbitrary_types_allowed=True)
     route_object: RouteObject
     http_verbs: list[HTTPRequest]
 
-    class Config:
-        arbitrary_types_allowed = True
-
 
 def get_path_objects(app: FastAPI):
     paths = []
 
     for key, value in app.openapi().items():
         if key == "paths":
-            for key, value in value.items():
+            for key, value2 in value.items():
+                verbs = []
+                for k, v in value2.items():
+                    verbs.append(HTTPRequest(request_type=k, **v))
+
                 paths.append(
                     PathObject(
                         route_object=RouteObject(key),
-                        http_verbs=[HTTPRequest(request_type=k, **v) for k, v in value.items()],
+                        http_verbs=verbs,
                     )
                 )
 

dev/code-generation/gen_ts_locales.py

@@ -5,7 +5,7 @@ from pathlib import Path
 import dotenv
 import requests
 from jinja2 import Template
-from pydantic import Extra
+from pydantic import ConfigDict
 from requests import Response
 from utils import CodeDest, CodeKeys, inject_inline, log
 
@@ -35,18 +35,24 @@ LOCALE_DATA: dict[str, LocaleData] = {
     "es-ES": LocaleData(name="Español (Spanish)"),
     "fi-FI": LocaleData(name="Suomi (Finnish)"),
     "fr-FR": LocaleData(name="Français (French)"),
+    "gl-ES": LocaleData(name="Galego (Galician)"),
     "he-IL": LocaleData(name="עברית (Hebrew)", dir="rtl"),
+    "hr-HR": LocaleData(name="Hrvatski (Croatian)"),
     "hu-HU": LocaleData(name="Magyar (Hungarian)"),
+    "is-IS": LocaleData(name="Íslenska (Icelandic)"),
     "it-IT": LocaleData(name="Italiano (Italian)"),
     "ja-JP": LocaleData(name="日本語 (Japanese)"),
     "ko-KR": LocaleData(name="한국어 (Korean)"),
-    "no-NO": LocaleData(name="Norsk (Norwegian)"),
+    "lt-LT": LocaleData(name="Lietuvių (Lithuanian)"),
+    "lv-LV": LocaleData(name="Latviešu (Latvian)"),
     "nl-NL": LocaleData(name="Nederlands (Dutch)"),
+    "no-NO": LocaleData(name="Norsk (Norwegian)"),
     "pl-PL": LocaleData(name="Polski (Polish)"),
     "pt-BR": LocaleData(name="Português do Brasil (Brazilian Portuguese)"),
     "pt-PT": LocaleData(name="Português (Portuguese)"),
     "ro-RO": LocaleData(name="Română (Romanian)"),
     "ru-RU": LocaleData(name="Pусский (Russian)"),
+    "sl-SI": LocaleData(name="Slovenščina (Slovenian)"),
     "sr-SP": LocaleData(name="српски (Serbian)"),
     "sv-SE": LocaleData(name="Svenska (Swedish)"),
     "tr-TR": LocaleData(name="Türkçe (Turkish)"),
@@ -56,7 +62,7 @@ LOCALE_DATA: dict[str, LocaleData] = {
     "zh-TW": LocaleData(name="繁體中文 (Chinese traditional)"),
 }
 
-LOCALE_TEMPLATE = """// This Code is auto generated by gen_global_components.py
+LOCALE_TEMPLATE = """// This Code is auto generated by gen_ts_locales.py
 export const LOCALES = [{% for locale in locales %}
   {
     name: "{{ locale.name }}",
@@ -70,6 +76,8 @@ export const LOCALES = [{% for locale in locales %}
 
 
 class TargetLanguage(MealieModel):
+    model_config = ConfigDict(populate_by_name=True, extra="allow")
+
     id: str
     name: str
     locale: str
@@ -78,10 +86,6 @@ class TargetLanguage(MealieModel):
     twoLettersCode: str
     progress: float = 0.0
 
-    class Config:
-        extra = Extra.allow
-        allow_population_by_field_name = True
-
 
 class CrowdinApi:
     project_name = "Mealie"
@@ -152,6 +156,7 @@ PROJECT_DIR = Path(__file__).parent.parent.parent
 datetime_dir = PROJECT_DIR / "frontend" / "lang" / "dateTimeFormats"
 locales_dir = PROJECT_DIR / "frontend" / "lang" / "messages"
 nuxt_config = PROJECT_DIR / "frontend" / "nuxt.config.js"
+reg_valid = PROJECT_DIR / "mealie" / "schema" / "_mealie" / "validators.py"
 
 """
 This snippet walks the message and dat locales directories and generates the import information
@@ -175,6 +180,19 @@ def inject_nuxt_values():
     inject_inline(nuxt_config, CodeKeys.nuxt_local_dates, all_date_locales)
 
 
+def inject_registration_validation_values():
+    all_langs = []
+    for match in locales_dir.glob("*.json"):
+        lang_string = f'"{match.stem}",'
+        all_langs.append(lang_string)
+
+    # sort
+    all_langs.sort()
+
+    log.debug(f"injecting locales into user registration validation -> {reg_valid}")
+    inject_inline(reg_valid, CodeKeys.nuxt_local_messages, all_langs)
+
+
 def generate_locales_ts_file():
     api = CrowdinApi("")
     models = api.get_languages()
@@ -193,6 +211,7 @@ def main():
 
     generate_locales_ts_file()
     inject_nuxt_values()
+    inject_registration_validation_values()
 
 
 if __name__ == "__main__":

dev/code-generation/gen_ts_types.py

@@ -6,7 +6,7 @@ from utils import log
 
 # ============================================================
 
-template = """// This Code is auto generated by gen_global_components.py
+template = """// This Code is auto generated by gen_ts_types.py
 {% for name in global %}import {{ name }} from "@/components/global/{{ name }}.vue";
 {% endfor %}{% for name in layout %}import {{ name }} from "@/components/layout/{{ name }}.vue";
 {% endfor %}

dev/code-generation/utils/route.py

@@ -1,9 +1,8 @@
 import re
 from enum import Enum
-from typing import Optional
 
 from humps import camelize
-from pydantic import BaseModel, Extra, Field
+from pydantic import BaseModel, ConfigDict, Field
 from slugify import slugify
 
 
@@ -34,33 +33,30 @@ class ParameterIn(str, Enum):
 
 
 class RouterParameter(BaseModel):
+    model_config = ConfigDict(extra="allow")
+
     required: bool = False
     name: str
     location: ParameterIn = Field(..., alias="in")
 
-    class Config:
-        extra = Extra.allow
-
 
 class RequestBody(BaseModel):
-    required: bool = False
+    model_config = ConfigDict(extra="allow")
 
-    class Config:
-        extra = Extra.allow
+    required: bool = False
 
 
 class HTTPRequest(BaseModel):
+    model_config = ConfigDict(extra="allow", populate_by_name=True)
+
     request_type: RequestType
     description: str = ""
     summary: str
-    requestBody: Optional[RequestBody]
+    request_body: RequestBody | None = None
 
     parameters: list[RouterParameter] = []
     tags: list[str] | None = []
 
-    class Config:
-        extra = Extra.allow
-
     def list_as_js_object_string(self, parameters, braces=True):
         if len(parameters) == 0:
             return ""
@@ -71,11 +67,11 @@ class HTTPRequest(BaseModel):
             return ", ".join(parameters)
 
     def payload(self):
-        return "payload" if self.requestBody else ""
+        return "payload" if self.request_body else ""
 
     def function_args(self):
         all_params = [p.name for p in self.parameters]
-        if self.requestBody:
+        if self.request_body:
             all_params.append("payload")
         return self.list_as_js_object_string(all_params)
 

dev/code-generation/utils/template.py

@@ -3,8 +3,6 @@ import re
 from dataclasses import dataclass
 from pathlib import Path
 
-import black
-import isort
 from jinja2 import Template
 from rich.logging import RichHandler
 
@@ -23,10 +21,7 @@ def render_python_template(template_file: Path | str, dest: Path, data: dict):
 
     text = tplt.render(data=data)
 
-    text = black.format_str(text, mode=black.FileMode())
-
     dest.write_text(text)
-    isort.file(dest)
 
 
 @dataclass
@@ -50,7 +45,7 @@ class CodeSlicer:
         self._next_line += 1
 
 
-def get_indentation_of_string(line: str, comment_char: str = "//") -> str:
+def get_indentation_of_string(line: str, comment_char: str = "//|#") -> str:
     return re.sub(rf"{comment_char}.*", "", line).removesuffix("\n")
 
 

docker/docker-compose.yml

@@ -14,6 +14,7 @@ services:
       - 9091:9000
     environment:
       ALLOW_SIGNUP: "false"
+      LOG_LEVEL: "DEBUG"
 
       DB_ENGINE: sqlite # Optional: 'sqlite', 'postgres'
       # =====================================

docker/entry.sh

@@ -33,9 +33,6 @@ init() {
 
     # Activate our virtual environment here
     . /opt/pysetup/.venv/bin/activate
-
-    # Initialize Database Prerun
-    poetry run python /app/mealie/db/init_db.py
 }
 
 change_user
@@ -43,10 +40,11 @@ init
 GUNICORN_PORT=${API_PORT:-9000}
 
 # Start API
-hostip=`/sbin/ip route|awk '/default/ { print $3 }'`
+HOST_IP=`/sbin/ip route|awk '/default/ { print $3 }'`
+
 if [ "$WEB_GUNICORN" = 'true' ]; then
     echo "Starting Gunicorn"
-    exec gunicorn mealie.app:app -b 0.0.0.0:$GUNICORN_PORT --forwarded-allow-ips=$hostip -k uvicorn.workers.UvicornWorker -c /app/gunicorn_conf.py --preload
+    exec gunicorn mealie.app:app -b 0.0.0.0:$GUNICORN_PORT --forwarded-allow-ips=$HOST_IP -k uvicorn.workers.UvicornWorker -c /app/gunicorn_conf.py --preload
 else
-    exec uvicorn mealie.app:app --host 0.0.0.0 --forwarded-allow-ips=$hostip --port $GUNICORN_PORT
+    exec python /app/mealie/main.py
 fi

docs/docs/assets/img/sponsors-linode.svg

@@ -1 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 230 90" width="2500" height="978"><path d="M93.8 27.8l5.8-1.4v28c0 3.1.9 4.9 2.7 5.5-.9 1.7-2.4 2.6-4.6 2.6-2.6 0-4-1.8-4-5.5V27.8zM108.4 62V41.8h-3.2V37h9.1v25h-5.9zm3-34.6c.9 0 1.7.3 2.4 1s1 1.5 1 2.4c0 .9-.3 1.7-1 2.4s-1.5 1-2.4 1c-.9 0-1.7-.3-2.4-1s-1-1.5-1-2.4c0-.9.3-1.7 1-2.4s1.5-1 2.4-1zM137.1 62V47.6c0-2.1-.4-3.7-1.2-4.6-.8-1-2.1-1.5-4-1.5-.9 0-1.8.2-2.7.7-1 .5-1.7 1.1-2.3 1.8v18h-5.8V37.1h4.2l1.1 2.3c1.6-1.9 3.9-2.8 7-2.8 3 0 5.3.9 7 2.7 1.7 1.8 2.6 4.3 2.6 7.4V62h-5.9zM147.5 49.5c0-3.8 1.1-6.9 3.3-9.3 2.2-2.4 5.1-3.6 8.7-3.6 3.8 0 6.7 1.1 8.8 3.4 2.1 2.3 3.1 5.4 3.1 9.4s-1.1 7.1-3.2 9.5c-2.1 2.3-5 3.5-8.8 3.5-3.8 0-6.7-1.2-8.8-3.5-2-2.4-3.1-5.5-3.1-9.4zm6.1 0c0 5.5 2 8.2 5.9 8.2 1.8 0 3.2-.7 4.3-2.1 1.1-1.4 1.6-3.5 1.6-6.1 0-5.4-2-8.1-5.9-8.1-1.8 0-3.3.7-4.3 2.1-1.1 1.4-1.6 3.4-1.6 6zM192.1 62v-1.5c-.5.5-1.3 1-2.4 1.4-1.1.4-2.3.6-3.6.6-3.5 0-6.2-1.1-8.2-3.3-2-2.2-3-5.3-3-9.2 0-3.9 1.1-7.1 3.4-9.6s5.1-3.7 8.6-3.7c1.9 0 3.6.4 5.2 1.2v-10l5.8-1.4V62h-5.8zm0-19c-1.2-1-2.5-1.5-3.9-1.5-2.3 0-4.1.7-5.4 2.1-1.3 1.4-1.9 3.5-1.9 6.1 0 5.2 2.5 7.8 7.5 7.8.6 0 1.2-.2 2.1-.5.8-.3 1.3-.7 1.6-1V43zM226 51.3h-17.8c.1 2 .8 3.5 2 4.6 1.3 1.1 2.9 1.7 5.1 1.7 2.6 0 4.7-.7 6-2.1l2.3 4.4c-2 1.7-5.1 2.5-9.2 2.5-3.8 0-6.8-1.1-9-3.3-2.2-2.2-3.3-5.3-3.3-9.3 0-3.9 1.2-7.1 3.6-9.5 2.4-2.4 5.3-3.6 8.7-3.6 3.6 0 6.5 1.1 8.7 3.2 2.2 2.2 3.3 4.9 3.3 8.2.1.7-.1 1.7-.4 3.2zm-17.6-4.4h12.2c-.4-3.6-2.4-5.5-6-5.5-3.3.1-5.4 1.9-6.2 5.5z"/><g><path fill="#004712" d="M65.9 47.4l-1 11.5-3.3-2.3.4-5.8v-.1-.1l-.1-.1-.1-.1-7.1-4.7.1-5.1 11.1 6.8zM48.5 59.9L43.4 56v.9c0 .2-.1.4-.2.5L39.4 60l4.2 3.4.1.1v.2l.2 4 4.7 3.9-.1-11.7zm-32.1 5l2.4 11.5 9.9 10.5L27 75.3 16.4 64.9zm9.3 1.7l-2.4-16.1-12-10 3.2 15.6 11.2 10.5zm-3.8-26l-3.3-22.8L4.8 9.2l4.5 21.5 12.6 9.9z"/><path fill="#00B259" d="M75.7 41.2l-1.5 10.9-8.2 6.6 1-11.2 8.7-6.3zM49.6 59.9l.1 11.8 10.5-8.4.7-11.5-11.3 8.1zm-6.8 4.8L28 75.3l1.8 12.2 13.4-10.7-.4-12.1zm-.4-8l-.7-16-17.3 9.9 2.4 16.6 15.6-10.5zm-1.1-25.3l-.9-21.6-20.8 8L23 41l18.3-9.6z"/><path d="M76.9 40c0-.1 0-.1 0 0v-.2s0-.1-.1-.1c0 0-.1 0-.1-.1l-12-6.7c-.2-.1-.4-.1-.5 0L54 39.1h-.1v.6l-.1 5.4-4.1-2.7c-.2-.1-.4-.1-.6 0L43 45.8l-.3-6v-.1-.1-.1-.1-.1h-.1l-6.2-4.1 5.8-3c.2-.1.3-.3.3-.5L41.4 9v-.1s0-.1-.1-.1c0 0 0-.1-.1-.1L25.5 1.1c-.1-.1-.2-.1-.3-.1L3.9 7.6s-.1 0-.1.1c0 0-.1 0-.1.1v.6l4.7 22.9c0 .1.1.2.2.3l6.4 5-4.7 2.2s-.1 0-.1.1c0 0 0 .1-.1.1v.2l3.6 17.2c0 .1.1.2.2.3l4.5 4.2-3 1.8-.1.1s0 .1-.1.1V63.2L18 76.5c0 .1.1.2.1.3l10.9 12h.1s.1 0 .1.1h.5l14.4-11.5c.1-.1.2-.3.2-.4l-.3-7.9 4.8 4s.1 0 .1.1h.5L61 64c.1-.1.2-.2.2-.4l.4-5.8 3.5 2.4h.4s.1 0 .1-.1l9.4-7.5c.1-.1.2-.2.2-.3L76.9 40c0 .1 0 .1 0 0zM66 58.7l1-11.2 8.8-6.3-1.5 10.9-8.3 6.6zm-4.4-2.1l.4-5.8v-.1-.1l-.1-.1-.1-.1-7.1-4.7.1-5.1 11.1 6.9-1 11.5-3.3-2.4zm-1.5 6.7l-10.5 8.4-.1-11.8 11.3-8.1-.7 11.5zM43.3 76.8L29.8 87.5 28 75.3l14.7-10.5.6 12zm-24.6-.4l-2.4-11.5L27 75.3l1.7 11.6-10-10.5zm-.2-58.6l3.3 22.8-12.5-9.9L4.8 9.2l13.7 8.6zm21.9-8l.9 21.6L23 41l-3.4-23.2 20.8-8zm2 46.9L26.8 67.1l-2.4-16.6 17.3-9.9.7 16.1zm-19.1-6.1l2.4 16.1-11.2-10.6-3.2-15.6 12 10.1zm20.5 13.1v-.1-.1l-.1-.1-4.2-3.4 3.8-2.6c.2-.1.2-.3.2-.5V56l5.1 3.9.1 11.8-4.7-3.9-.2-4.1z"/></g></svg>

docs/docs/contributors/developers-guide/code-contributions.md

@@ -2,11 +2,11 @@
 
 [Please Join the Discord](https://discord.gg/QuStdQGSGK). We are building a community of developers working on the project.
 
-## We Develop with Github
-We use github to host code, to track issues and feature requests, as well as accept pull requests.
+## We Develop with GitHub
+We use GitHub to host code, to track issues and feature requests, as well as accept pull requests.
 
-## We Use [Github Flow](https://guides.github.com/introduction/flow/index.html), So All Code Changes Happen Through Pull Requests
-Pull requests are the best way to propose changes to the codebase (we use [Github Flow](https://guides.github.com/introduction/flow/index.html)). We actively welcome your pull requests:
+## We Use [GitHub Flow](https://docs.github.com/en/get-started/using-github/github-flow), So All Code Changes Happen Through Pull Requests
+Pull requests are the best way to propose changes to the codebase (we use [GitHub Flow](https://docs.github.com/en/get-started/using-github/github-flow)). We actively welcome your pull requests:
 
 1. Fork the repo and create your branch from `mealie-next`.
 2. Checkout the Discord, the PRs page, or the Projects page to get an idea of what's already being worked on.
@@ -14,13 +14,13 @@ Pull requests are the best way to propose changes to the codebase (we use [Githu
 4. Once you've got an idea of what changes you want to make, create a draft PR as soon as you can to let us know what you're working on and how we can help!
 5. If you've changed APIs, update the documentation.
 6. Run tests, including `task py:check`.
-6. Issue that pull request! First make a draft PR, make sure that the automated github tests all pass, then mark as ready for review.
-7. Be sure to add release notes to the pull request.
+7. Issue that pull request! First make a draft PR, make sure that the automated GitHub tests all pass, then mark as ready for review. We follow Conventional Commits syntax; please title your PR as described in the PR template.
+8. Be sure to add release notes to the pull request.
 
 ## Any contributions you make will be under the AGPL Software License
 In short, when you submit code changes, your submissions are understood to be under the same [AGPL License](https://choosealicense.com/licenses/agpl-3.0/) that covers the project. Feel free to contact the maintainers if that's a concern.
 
-## Report bugs using Github's [issues](https://github.com/mealie-recipes/mealie/issues)
+## Report bugs using GitHub's [issues](https://github.com/mealie-recipes/mealie/issues)
 We use GitHub issues to track public bugs. Report a bug by [opening a new issue](https://github.com/mealie-recipes/mealie/issues/new); it's that easy!
 
 ## Write bug reports with detail, background, and sample code
@@ -28,8 +28,8 @@ We use GitHub issues to track public bugs. Report a bug by [opening a new issue]
 
 - A quick summary and/or background
 - Steps to reproduce
-  - Be specific!
-  - Give sample code if you can. [This stackoverflow question](http://stackoverflow.com/q/12488905/180626) includes sample code that *anyone* with a base R setup can run to reproduce what I was seeing
+    * Be specific!
+    * Give sample code if you can. [This stackoverflow question](http://stackoverflow.com/q/12488905/180626) includes sample code that *anyone* with a base R setup can run to reproduce what I was seeing
 - What you expected would happen
 - What actually happens
 - Notes (possibly including why you think this might be happening, or stuff you tried that didn't work)
@@ -41,4 +41,4 @@ People *love* thorough bug reports. I'm not even kidding.
 By contributing, you agree that your contributions will be licensed under its AGPL License.
 
 ## References
-This document was adapted from the open-source contribution guidelines for [Facebook's Draft](https://github.com/facebook/draft-js/blob/a9316a723f9e918afde44dea68b5f9f39b7d9b00/CONTRIBUTING.md)
+This document was adapted from the open-source contribution guidelines for [Facebook's Draft](https://github.com/facebookarchive/draft-js/blob/main/CONTRIBUTING.md)

docs/docs/contributors/developers-guide/maintainers.md

@@ -6,7 +6,7 @@ This is the start of the maintainers guide for Mealie developers. Those who have
 
 If you are working on issues, it can be helpful to understand the workflow for our repository. When an issue comes in it is tagged with the `bug` and `triage` flags. This is to indicate that they need to be reviewed by a maintainer to determine validity.
 
-After you've reviered an issue it will generally move into one of two states:
+After you've reviewed an issue it will generally move into one of two states:
 
 `bug:confirmed`
 :   Your were able to verify the issue and we determined we need to fix it

docs/docs/documentation/getting-started/authentication/oidc.md

@@ -0,0 +1,65 @@
+# OpenID Connect (OIDC) Authentication
+
+:octicons-tag-24: v1.4.0
+
+Mealie supports 3rd party authentication via [OpenID Connect (OIDC)](https://openid.net/connect/), an identity layer built on top of OAuth2. OIDC is supported by many Identity Providers (IdP), including:
+
+- [Authentik](https://goauthentik.io/integrations/sources/oauth/#openid-connect)
+- [Authelia](https://www.authelia.com/configuration/identity-providers/open-id-connect/)
+- [Keycloak](https://www.keycloak.org/docs/latest/securing_apps/#_oidc)
+- [Okta](https://www.okta.com/openid-connect/)
+
+## Account Linking
+
+Signing in with OAuth will automatically find your account in Mealie and link to it. If a user does not exist in Mealie, then one will be created (if enabled), but will be unable to log in with any other authentication method. An admin can configure another authentication method for such a user.
+
+## Provider Setup
+
+Before you can start using OIDC Authentication, you must first configure a new client application in your identity provider. Your identity provider must support the OAuth **Authorization Code flow with PKCE**. The steps will vary by provider, but generally, the steps are as follows.
+
+1. Create a new client application
+    - The Provider type should be OIDC or OAuth2
+    - The Grant type should be `Authorization Code`
+    - The Application type should be `Web` or `SPA`
+    - The Client type should be `public`
+
+2. Configure redirect URI
+
+    The redirect URI(s) that are needed:
+
+    1. `http(s)://DOMAIN:PORT/login`
+    2. `https(s)://DOMAIN:PORT/login?direct=1`
+        1. This URI is only required if your IdP supports [RP-Initiated Logout](https://openid.net/specs/openid-connect-rpinitiated-1_0.html) such as Keycloak. You may also be able to combine this into the previous URI by using a wildcard: `http(s)://DOMAIN:PORT/login*`
+
+    The redirect URI(s) should include any URL that Mealie is accessible from. Some examples include
+
+        http://localhost:9091/login
+        https://mealie.example.com/login
+
+3. Configure origins
+
+    If your identity provider enforces CORS on any endpoints, you will need to specify your Mealie URL as an Allowed Origin.
+
+4. Configure allowed scopes
+
+    The scopes required are `openid profile email`
+
+    If you plan to use the [groups](#groups) to configure access within Mealie, you will need to also add the scope defined by the `OIDC_GROUPS_CLAIM` environment variable. The default claim is `groups`
+
+## Mealie Setup
+
+Take the client id and your discovery URL and update your environment variables to include the required OIDC variables described in [Installation - Backend Configuration](../installation/backend-config.md#openid-connect-oidc).
+
+### Groups
+
+There are two (optional) [environment variables](../installation/backend-config.md#openid-connect-oidc) that can control which of the users in your IdP can log in to Mealie and what permissions they will have. Keep in mind that these groups **do not necessarily correspond to groups in Mealie**. The groups claim is configurable via the `OIDC_GROUPS_CLAIM` environment variable. The groups should be **defined in your IdP** and be returned in the configured claim value.
+
+`OIDC_USER_GROUP`: Users must be a part of this group (within your IdP) to be able to log in.
+
+`OIDC_ADMIN_GROUP`: Users that are in this group (within your IdP) will be made an **admin** in Mealie.
+
+## Examples
+
+Example configurations for several Identity Providers have been provided by the Community in the [GitHub Discussions](https://github.com/mealie-recipes/mealie/discussions/categories/oauth-provider-example).
+
+If you don't see your provider and have successfully set it up, please consider [creating your own example](https://github.com/mealie-recipes/mealie/discussions/new?category=oauth-provider-example) so that others can have a smoother setup.

docs/docs/documentation/getting-started/faq.md

@@ -26,7 +26,7 @@ Do the following for each recipe you want to intelligently handle ingredients.
 6. Click the Edit button/icon again
 7. Scroll to the ingredients and you should see new fields for Amount, Unit, Food, and Note. The Note in particular will contain the original text of the Recipe.
 8. Click `Parse` and you will be taken to the ingredient parsing page.
-9. Choose your parser. The `Natural Language Parser` works very well, but you can also use the `Brute Parser`.
+9. Choose your parser. The `Natural Language Parser` works very well, but you can also use the `Brute Parser`, or the `OpenAI Parser` if you've [enabled OpenAI support](./installation/backend-config.md#openai).
 10. Click `Parse All`, and your ingredients should be separated out into Units and Foods based on your seeding in Step 1 above.
 11. For ingredients where the Unit or Food was not found, you can click a button to accept an automatically suggested Food to add to the database. Or, manually enter the Unit/Food and hit `Enter` (or click `Create`) to add it to the database
 12. When done, click `Save All` and you will be taken back to the recipe. Now the Unit and Food fields of the recipe should be filled out.
@@ -94,6 +94,10 @@ docker exec -it mealie-next bash
 python /app/mealie/scripts/change_password.py
 ```
 
+## I can't log in with external auth. How can I change my authentication method?
+
+Follow the [steps above](#how-can-i-change-my-password) for changing your password. You will be prompted if you would like to switch your authentication method back to local auth so you can log in again.
+
 ## How do private groups and recipes work?
 
 Managing private groups and recipes can be confusing. The following diagram and notes should help explain how they work to determine if a recipe can be shared publicly.

docs/docs/documentation/getting-started/features.md

@@ -14,10 +14,14 @@ Mealie offers two main ways to create recipes. You can use the integrated recipe
 
 Mealie supports importing recipes from a few other sources besides websites. Currently the following sources are supported:
 
-- Mealie Pre v1
+- Tandoor
 - Nextcloud Cookbooks
 - Paprika
 - Chowdown
+- Plan to Eat
+- Recipe Keeper
+- Copy Me That
+- My Recipe Box
 
 You can access these options on your installation at the `/group/migrations` page on your installation. If you'd like to see another source added, feel free to request so on Github.
 
@@ -81,12 +85,63 @@ The meal planner has the concept of plan rules. These offer a flexible way to us
 
 The shopping lists feature is a great way to keep track of what you need to buy for your next meal. You can add items directly to the shopping list or link a recipe and all of it's ingredients to track meals during the week.
 
-!!! warning
-    At this time there isn't a tight integration between meal-plans and shopping lists; however, it's something we have planned for the future.
-
 
 [Shopping List Demo](https://demo.mealie.io/shopping-lists){ .md-button .md-button--primary }
 
+## Integrations
+
+Mealie is designed to integrate with many different external services. There are several ways you can integrate with Mealie to achieve custom IoT automations, data synchronization, and anything else you can think of. [You can work directly with Mealie through the API](./api-usage.md), or leverage other services to make seamless integrations.
+
+### Notifiers
+
+Notifiers are event-driven notifications sent when specific actions are performed within Mealie. Some actions include:
+- creating a recipe
+- adding items to a shopping list
+- creating a new mealplan
+
+Notifiers use the [Apprise library](https://github.com/caronc/apprise/wiki), which integrates with a large number of notification services. In addition, certain custom notifiers send basic event data to the consumer (e.g. the `id` of the resource). These include:
+
+- `form` and `forms`
+- `json` and `jsons`
+- `xml` and `xmls`
+
+[Notifiers Demo](https://demo.mealie.io/group/notifiers){ .md-button .md-button--primary }
+
+### Webhooks
+
+Unlike notifiers, which are event-driven notifications, Webhooks allow you to send scheduled notifications to your desired endpoint. Webhooks are sent on the day of a scheduled mealplan, at the specified time, and contain the mealplan data in the request.
+
+[Webhooks Demo](https://demo.mealie.io/group/webhooks){ .md-button .md-button--primary }
+
+### Recipe Actions
+
+Recipe Actions are custom actions you can add to all recipes in Mealie. This is a great way to add custom integrations that are fired manually. There are two types of recipe actions:
+
+1. link - these actions will take you directly to an external page
+2. post - these actions will send a `POST` request to the specified URL, with the recipe JSON in the request body. These can be used, for instance, to manually trigger a webhook in Home Assistant
+
+Recipe Action URLs can include merge fields to inject the current recipe's data. For instance, you can use the following URL to include a Google search with the recipe's slug:
+```
+https://www.google.com/search?q=${slug}
+```
+
+When the action is clicked on, the `${slug}` field is replaced with the recipe's slug value. So, for example, it might take you to this URL on one of your recipes:
+```
+https://www.google.com/search?q=pasta-fagioli
+```
+
+A common use case for "link" recipe actions is to integrate with the Bring! shopping list. Simply add a Recipe Action with the following URL:
+```
+https://api.getbring.com/rest/bringrecipes/deeplink?url=${url}&source=web
+```
+
+Below is a list of all valid merge fields:
+
+- ${id}
+- ${slug}
+- ${url}
+
+To add, modify, or delete Recipe Actions, visit the Data Management page (more on that below).
 
 ## Data Management
 

docs/docs/documentation/getting-started/installation/backend-config.md

@@ -4,17 +4,22 @@
 
 ### General
 
-| Variables     |        Default        | Description                                                                         |
-| ------------- | :-------------------: | ----------------------------------------------------------------------------------- |
-| PUID          |          911          | UserID permissions between host OS and container                                    |
-| PGID          |          911          | GroupID permissions between host OS and container                                   |
-| DEFAULT_GROUP |         Home          | The default group for users                                                         |
-| BASE_URL      | http://localhost:8080 | Used for Notifications                                                              |
-| TOKEN_TIME    |          48           | The time in hours that a login/auth token is valid                                  |
-| API_PORT      |         9000          | The port exposed by backend API. **Do not change this if you're running in Docker** |
-| API_DOCS      |         True          | Turns on/off access to the API documentation locally.                               |
-| TZ            |          UTC          | Must be set to get correct date/time on the server                                  |
-| ALLOW_SIGNUP  |         true          | Allow user sign-up without token                                                    |
+| Variables                     |        Default        | Description                                                                         |
+| ----------------------------- | :-------------------: | ----------------------------------------------------------------------------------- |
+| PUID                          |          911          | UserID permissions between host OS and container                                    |
+| PGID                          |          911          | GroupID permissions between host OS and container                                   |
+| DEFAULT_GROUP                 |         Home          | The default group for users                                                         |
+| BASE_URL                      | http://localhost:8080 | Used for Notifications                                                              |
+| TOKEN_TIME                    |          48           | The time in hours that a login/auth token is valid                                  |
+| API_PORT                      |         9000          | The port exposed by backend API. **Do not change this if you're running in Docker** |
+| API_DOCS                      |         True          | Turns on/off access to the API documentation locally.                               |
+| TZ                            |          UTC          | Must be set to get correct date/time on the server                                  |
+| ALLOW_SIGNUP<super>\*</super> |         false         | Allow user sign-up without token                                                    |
+| LOG_CONFIG_OVERRIDE           |                       | Override the config for logging with a custom path                                  |
+| LOG_LEVEL                     |         info          | Logging level (e.g. critical, error, warning, info, debug, trace)                   |
+| DAILY_SCHEDULE_TIME           |        23:45          | The time of day to run the daily tasks.                                             |
+
+<super>\*</super> Starting in v1.4.0 this was changed to default to `false` as apart of a security review of the application.
 
 ### Security
 
@@ -25,14 +30,15 @@
 
 ### Database
 
-| Variables         | Default  | Description                      |
-| ----------------- | :------: | -------------------------------- |
-| DB_ENGINE         |  sqlite  | Optional: 'sqlite', 'postgres'   |
-| POSTGRES_USER     |  mealie  | Postgres database user           |
-| POSTGRES_PASSWORD |  mealie  | Postgres database password       |
-| POSTGRES_SERVER   | postgres | Postgres database server address |
-| POSTGRES_PORT     |   5432   | Postgres database port           |
-| POSTGRES_DB       |  mealie  | Postgres database name           |
+| Variables             | Default  | Description                                                             |
+| --------------------- | :------: | ----------------------------------------------------------------------- |
+| DB_ENGINE             |  sqlite  | Optional: 'sqlite', 'postgres'                                          |
+| POSTGRES_USER         |  mealie  | Postgres database user                                                  |
+| POSTGRES_PASSWORD     |  mealie  | Postgres database password                                              |
+| POSTGRES_SERVER       | postgres | Postgres database server address                                        |
+| POSTGRES_PORT         |   5432   | Postgres database port                                                  |
+| POSTGRES_DB           |  mealie  | Postgres database name                                                  |
+| POSTGRES_URL_OVERRIDE |   None   | Optional Postgres URL override to use instead of POSTGRES\_\* variables |
 
 ### Email
 
@@ -54,8 +60,8 @@ Changing the webworker settings may cause unforeseen memory leak issues with Mea
 | ---------------- | :-----: | --------------------------------------------------------------------------------------------------------------------------------- |
 | WEB_GUNICORN     |  false  | Enables Gunicorn to manage Uvicorn web for multiple works                                                                         |
 | WORKERS_PER_CORE |    1    | Set the number of workers to the number of CPU cores multiplied by this value (Value \* CPUs). More info [here][workers_per_core] |
-| MAX_WORKERS      |    1    | Set the maximum number of workers to use. Default is not set meaning unlimited. More info [here][max_workers]                     |
-| WEB_CONCURRENCY  |    1    | Override the automatic definition of number of workers. More info [here][web_concurrency]                                         |
+| MAX_WORKERS      |  None   | Set the maximum number of workers to use. Default is not set meaning unlimited. More info [here][max_workers]                     |
+| WEB_CONCURRENCY  |    2    | Override the automatic definition of number of workers. More info [here][web_concurrency]                                         |
 
 ### LDAP
 
@@ -75,6 +81,42 @@ Changing the webworker settings may cause unforeseen memory leak issues with Mea
 | LDAP_NAME_ATTRIBUTE  |  name   | The LDAP attribute that maps to the user's name                                                                                     |
 | LDAP_MAIL_ATTRIBUTE  |  mail   | The LDAP attribute that maps to the user's email                                                                                    |
 
+### OpenID Connect (OIDC)
+
+:octicons-tag-24: v1.4.0
+
+For usage, see [Usage - OpenID Connect](../authentication/oidc.md)
+
+| Variables              | Default | Description                                                                                                                                                                                               |
+| ---------------------- | :-----: | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| OIDC_AUTH_ENABLED      |  False  | Enables authentication via OpenID Connect                                                                                                                                                                 |
+| OIDC_SIGNUP_ENABLED    |  True   | Enables new users to be created when signing in for the first time with OIDC                                                                                                                              |
+| OIDC_CONFIGURATION_URL |  None   | The URL to the OIDC configuration of your provider. This is usually something like https://auth.example.com/.well-known/openid-configuration                                                              |
+| OIDC_CLIENT_ID         |  None   | The client id of your configured client in your provider                                                                                                                                                  |
+| OIDC_USER_GROUP        |  None   | If specified, only users belonging to this group will be able to successfully authenticate, regardless of the `OIDC_ADMIN_GROUP`. For more information see [this page](../authentication/oidc.md#groups)  |
+| OIDC_ADMIN_GROUP       |  None   | If specified, users belonging to this group will be made an admin. For more information see [this page](../authentication/oidc.md#groups)                                                                 |
+| OIDC_AUTO_REDIRECT     |  False  | If `True`, then the login page will be bypassed an you will be sent directly to your Identity Provider. You can still get to the login page by adding `?direct=1` to the login URL                        |
+| OIDC_PROVIDER_NAME     |  OAuth  | The provider name is shown in SSO login button. "Login with <OIDC_PROVIDER_NAME\>"                                                                                                                        |
+| OIDC_REMEMBER_ME       |  False  | Because redirects bypass the login screen, you cant extend your session by clicking the "Remember Me" checkbox. By setting this value to true, a session will be extended as if "Remember Me" was checked |
+| OIDC_SIGNING_ALGORITHM |  RS256  | The algorithm used to sign the id token (examples: RS256, HS256)                                                                                                                                          |
+| OIDC_USER_CLAIM        |  email  | This is the claim which Mealie will use to look up an existing user by (e.g. "email", "preferred_username") |
+| OIDC_GROUPS_CLAIM      | groups  | Optional if not using `OIDC_USER_GROUP` or `OIDC_ADMIN_GROUP`. This is the claim Mealie will request from your IdP and will use to compare to `OIDC_USER_GROUP` or `OIDC_ADMIN_GROUP` to allow the user to log in to Mealie or is set as an admin. **Your IdP must be configured to grant this claim**|
+| OIDC_TLS_CACERTFILE    | None    | File path to Certificate Authority used to verify server certificate (e.g. `/path/to/ca.crt`) |
+
+### OpenAI
+
+:octicons-tag-24: v1.7.0
+
+Mealie supports various integrations using OpenAI. To enable OpenAI, [you must provide your OpenAI API key](https://platform.openai.com/api-keys). You can tweak how OpenAI is used using these backend settings. Please note that while OpenAI usage is optimized to reduce API costs, you're unlikely to be able to use OpenAI features with the free tier limits.
+
+| Variables                 |     Default   | Description                                                                                                                    |
+| ------------------------- |    :------:   | ------------------------------------------------------------------------------------------------------------------------------ |
+| OPENAI_BASE_URL           |      None     | The base URL for the OpenAI API. If you're not sure, leave this empty to use the standard OpenAI platform                      |
+| OPENAI_API_KEY            |      None     | Your OpenAI API Key. Enables OpenAI-related features                                                                           |
+| OPENAI_MODEL              |     gpt-4o    | Which OpenAI model to use. If you're not sure, leave this empty                                                                |
+| OPENAI_WORKERS            |       2       | Number of OpenAI workers per request. Higher values may increase processing speed, but will incur additional API costs         |
+| OPENAI_SEND_DATABASE_DATA |      True     | Whether to send Mealie data to OpenAI to improve request accuracy. This will incur additional API costs                        |
+
 ### Themeing
 
 Setting the following environmental variables will change the theme of the frontend. Note that the themes are the same for all users. This is a break-change when migration from v0.x.x -> 1.x.x.
@@ -95,3 +137,29 @@ Setting the following environmental variables will change the theme of the front
 | THEME_DARK_INFO       | #1976D2 | Dark Theme Config Variable  |
 | THEME_DARK_WARNING    | #FF6D00 | Dark Theme Config Variable  |
 | THEME_DARK_ERROR      | #EF5350 | Dark Theme Config Variable  |
+
+### Docker Secrets
+
+Setting a credential can be done using secrets when running in a Docker container.
+This can be used to avoid leaking passwords through compose files, environment variables, or command-line history.
+For example, to configure the Postgres database password in Docker compose, create a file on the host that contains only the password, and expose that file to the Mealie service as a secret with the correct name.
+Note that environment variables take priority over secrets, so any previously defined environment variables should be removed when migrating to secrets.
+
+```
+services:
+  mealie:
+    ...
+    environment:
+      ...
+      POSTGRES_USER: postgres
+    secrets:
+      - POSTGRES_PASSWORD
+
+secrets:
+  POSTGRES_PASSWORD:
+    file: postgrespassword.txt
+```
+
+[workers_per_core]: https://github.com/tiangolo/uvicorn-gunicorn-docker/blob/2daa3e3873c837d5781feb4ff6a40a89f791f81b/README.md#workers_per_core
+[max_workers]: https://github.com/tiangolo/uvicorn-gunicorn-docker/blob/2daa3e3873c837d5781feb4ff6a40a89f791f81b/README.md#max_workers
+[web_concurrency]: https://github.com/tiangolo/uvicorn-gunicorn-docker/blob/2daa3e3873c837d5781feb4ff6a40a89f791f81b/README.md#web_concurrency

docs/docs/documentation/getting-started/installation/logs.md

@@ -0,0 +1,16 @@
+# Logs
+
+:octicons-tag-24: v1.5.0
+
+## Highlighs
+
+- Logs are written to `/app/data/mealie.log` by default in the container.
+- Logs are also written to stdout and stderr.
+- You can adjust the log level using the `LOG_LEVEL` environment variable.
+
+## Configuration
+
+Starting in v1.5.0 logging is now highly configurable. Using the `LOG_CONFIG_OVERRIDE` you can provide the application with a custom configuration to log however you'd like. This configuration file is based off the [Python Logging Config](https://docs.python.org/3/library/logging.config.html#logging.config.fileConfig). It can be difficult to understand the configuration at first, so here are some resources to help get started.
+
+- This [YouTube Video](https://www.youtube.com/watch?v=9L77QExPmI0) for a great walkthrough on the logging file format.
+- Our [Logging Config](https://github.com/mealie-recipes/mealie/blob/mealie-next/mealie/core/logger/logconf.prod.json)

docs/docs/documentation/getting-started/installation/postgres.md

@@ -5,40 +5,39 @@ PostgreSQL might be considered if you need to support many concurrent users. In
 **For Environment Variable Configuration, see** [Backend Configuration](./backend-config.md)
 
 ```yaml
----
-version: "3.7"
 services:
   mealie:
-    image: ghcr.io/mealie-recipes/mealie:v1.0.0 # (3)
+    image: ghcr.io/mealie-recipes/mealie:v1.7.0 # (3)
     container_name: mealie
+    restart: always
     ports:
         - "9925:9000" # (1)
     deploy:
       resources:
         limits:
           memory: 1000M # (2)
-    depends_on:
-      - postgres
     volumes:
       - mealie-data:/app/data/
     environment:
-    # Set Backend ENV Variables Here
-      - ALLOW_SIGNUP=true
-      - PUID=1000
-      - PGID=1000
-      - TZ=America/Anchorage
-      - MAX_WORKERS=1
-      - WEB_CONCURRENCY=1
-      - BASE_URL=https://mealie.yourdomain.com
+      # Set Backend ENV Variables Here
+      ALLOW_SIGNUP: true
+      PUID: 1000
+      PGID: 1000
+      TZ: America/Anchorage
+      MAX_WORKERS: 1
+      WEB_CONCURRENCY: 1
+      BASE_URL: https://mealie.yourdomain.com
+      # Database Settings
+      DB_ENGINE: postgres
+      POSTGRES_USER: mealie
+      POSTGRES_PASSWORD: mealie
+      POSTGRES_SERVER: postgres
+      POSTGRES_PORT: 5432
+      POSTGRES_DB: mealie
+    depends_on:
+      postgres:
+        condition: service_healthy
 
-    # Database Settings
-      - DB_ENGINE=postgres
-      - POSTGRES_USER=mealie
-      - POSTGRES_PASSWORD=mealie
-      - POSTGRES_SERVER=postgres
-      - POSTGRES_PORT=5432
-      - POSTGRES_DB=mealie
-    restart: always
   postgres:
     container_name: postgres
     image: postgres:15
@@ -48,16 +47,19 @@ services:
     environment:
       POSTGRES_PASSWORD: mealie
       POSTGRES_USER: mealie
+    healthcheck:
+      test: ["CMD", "pg_isready"]
+      interval: 30s
+      timeout: 20s
+      retries: 3
 
 volumes:
   mealie-data:
-    driver: local
   mealie-pgdata:
-    driver: local
 ```
 
 <!-- Updating This? Be Sure to also update the SQLite Annotations -->
 
 1.  To access the mealie interface you only need to expose port 9000 on the mealie container. Here we expose port 9925 on the host, but feel free to change this to any port you like.
 2.  Setting an explicit memory limit is recommended. Python can pre-allocate larger amounts of memory than is necessary if you have a machine with a lot of RAM. This can cause the container to idle at a high memory usage. Setting a memory limit will improve idle performance.
-3.  Whilst a 'latest' tag is available, the Mealie team advises specifying a specific version tag and consciously updating to newer versions when you have time to read the release notes and ensure you follow any manual actions required (which should be rare).
+3.  You should double check this value isn't out of date when setting up for the first time; check the README and use the value from the "latest release" badge at the top - the format should be `vX.Y.Z`. Whilst a 'latest' tag is available, the Mealie team advises specifying a specific version tag and consciously updating to newer versions when you have time to read the release notes and ensure you follow any manual actions required (which should be rare).

docs/docs/documentation/getting-started/installation/security.md

@@ -0,0 +1,43 @@
+---
+tags:
+  - Security
+---
+
+# Security Considerations
+
+This page is a collection of security considerations for Mealie. It mostly deals with reported issues and how it's possible to mitigate them. Note that this page is for you to use as a guide for how secure you want to make your deployment. It's important to note that most of these will not apply to you, if you:
+
+1. Run behind a VPN
+2. Use a strong password
+3. Disable Sign-Ups
+4. Don't host for malicious users
+
+Use your best judgement when deciding what to do.
+
+## Denial of Service
+
+By default, the API is **not** rate limited. This leaves Mealie open to a potential **Denial of Service Attack**. While it's possible to perform a **Denial of Service Attack** on any endpoint, there are a few key endpoints that are more vulnerable than others.
+
+- `/api/recipes/create-url`
+- `/api/recipes/{id}/image`
+
+These endpoints are used to scrape data based off a user provided URL. It is possible for a malicious user to issue multiple requests to download an arbitrarily large external file (e.g a Debian ISO) and sufficiently saturate a CPU assigned to the container. While we do implement some protections against this by chunking the response, and using a timeout strategy, it's still possible to overload the CPU if an attacker issues multiple requests concurrently.
+
+### Mitigation
+
+If you'd like to mitigate this risk, we suggest that you rate limit the API in general, and apply strict rate limits to these endpoints. You can do this by utilizing a reverse proxy. See the following links to get started:
+
+- [Traefik](https://doc.traefik.io/traefik/middlewares/http/ratelimit/)
+- [Nginx](https://nginx.org/en/docs/http/ngx_http_limit_req_module.html)
+- [Caddy](https://caddyserver.com/docs/modules/http.handlers.rate_limit)
+
+## Server Side Request Forgery
+
+- `/api/recipes/create-url`
+- `/api/recipes/{id}/image`
+
+Given the nature of these APIs it's possible to perform a **Server Side Request Forgery** attack. This is where a malicious user can issue a request to an internal network resource, and potentially exfiltrate data. We _do_ perform some checks to mitigate access to resources within your network but at the end of the day, users of Mealie are allowed to trigger HTTP requests on **your server**.
+
+### Mitigation
+
+If you'd like to mitigate this risk, we suggest that you isolate the container that Mealie is running in to ensure that it's access to internal resources is limited only to what is required. _Note that Mealie does require access to the internet for recipe imports._ You might consider isolating Mealie from your home network entirely and only allowing access to the external internet.

docs/docs/documentation/getting-started/installation/sqlite.md

@@ -9,12 +9,11 @@ SQLite is a popular, open source, self-contained, zero-configuration database th
 **For Environment Variable Configuration, see** [Backend Configuration](./backend-config.md)
 
 ```yaml
----
-version: "3.7"
 services:
   mealie:
-    image: ghcr.io/mealie-recipes/mealie:v1.0.0 # (3)
+    image: ghcr.io/mealie-recipes/mealie:v1.7.0 # (3)
     container_name: mealie
+    restart: always
     ports:
         - "9925:9000" # (1)
     deploy:
@@ -24,23 +23,21 @@ services:
     volumes:
       - mealie-data:/app/data/
     environment:
-    # Set Backend ENV Variables Here
-      - ALLOW_SIGNUP=true
-      - PUID=1000
-      - PGID=1000
-      - TZ=America/Anchorage
-      - MAX_WORKERS=1
-      - WEB_CONCURRENCY=1
-      - BASE_URL=https://mealie.yourdomain.com
-    restart: always
+      # Set Backend ENV Variables Here
+      ALLOW_SIGNUP: true
+      PUID: 1000
+      PGID: 1000
+      TZ: America/Anchorage
+      MAX_WORKERS: 1
+      WEB_CONCURRENCY: 1
+      BASE_URL: https://mealie.yourdomain.com
 
 volumes:
   mealie-data:
-    driver: local
 ```
 
 <!-- Updating This? Be Sure to also update the Postgres Annotations -->
 
 1.  To access the mealie interface you only need to expose port 9000 on the container. Here we expose port 9925 on the host, but feel free to change this to any port you like.
 2.  Setting an explicit memory limit is recommended. Python can pre-allocate larger amounts of memory than is necessary if you have a machine with a lot of RAM. This can cause the container to idle at a high memory usage. Setting a memory limit will improve idle performance.
-3.  Whilst a 'latest' tag is available, the Mealie team advises specifying a specific version tag and consciously updating to newer versions when you have time to read the release notes and ensure you follow any manual actions required (which should be rare).
+3.  You should double check this value isn't out of date when setting up for the first time; check the README and use the value from the "latest release" badge at the top - the format should be `vX.Y.Z`. Whilst a 'latest' tag is available, the Mealie team advises specifying a specific version tag and consciously updating to newer versions when you have time to read the release notes and ensure you follow any manual actions required (which should be rare).

docs/docs/documentation/getting-started/usage/permissions-and-public-access.md

@@ -1,7 +1,7 @@
 # Permissions and Public Access
 
 Mealie provides various levels of user access and permissions. This includes:
-- Authentication and registration ([check out the LDAP guide](./ldap.md) for how to configure access using LDAP)
+- Authentication and registration ([LDAP](../authentication/ldap.md) and [OpenID Connect](../authentication/oidc.md) are both supported)
 - Customizable user permissions
 - Fine-tuned public access for non-users
 

docs/mkdocs.yml

@@ -41,7 +41,8 @@ markdown_extensions:
       custom_checkbox: true
   - admonition
   - attr_list
-  - pymdownx.tabbed
+  - pymdownx.tabbed:
+      alternate_style: true
   - pymdownx.superfences:
       custom_fences:
         - name: mermaid
@@ -51,8 +52,8 @@ extra_css:
   - assets/stylesheets/custom.css
 extra_javascript:
   - assets/js/extra.js
-repo_url: https://github.com/hay-kot/mealie/
-repo_name: hay-kot/mealie
+repo_url: https://github.com/mealie-recipes/mealie/
+repo_name: mealie-recipes/mealie
 edit_uri: edit/mealie-next/docs/docs/
 
 nav:
@@ -71,9 +72,15 @@ nav:
           - SQLite (Recommended): "documentation/getting-started/installation/sqlite.md"
           - PostgreSQL: "documentation/getting-started/installation/postgres.md"
           - Backend Configuration: "documentation/getting-started/installation/backend-config.md"
+          - Security: "documentation/getting-started/installation/security.md"
+          - Logs: "documentation/getting-started/installation/logs.md"
       - Usage:
           - Backup and Restoring: "documentation/getting-started/usage/backups-and-restoring.md"
-          - LDAP Authentication: "documentation/getting-started/usage/ldap.md"
+          - Permissions and Public Access: "documentation/getting-started/usage/permissions-and-public-access.md"
+
+      - Authentication:
+        - LDAP: "documentation/getting-started/authentication/ldap.md"
+        - OpenID Connect: "documentation/getting-started/authentication/oidc.md"
 
       - Community Guides:
           - iOS Shortcuts: "documentation/community-guide/ios.md"

frontend/components/Domain/Cookbook/CookbookEditor.vue

@@ -0,0 +1,55 @@
+<template>
+  <div>
+    <v-card-text v-if="cookbook">
+      <v-text-field v-model="cookbook.name" :label="$t('cookbook.cookbook-name')"></v-text-field>
+      <v-textarea v-model="cookbook.description" auto-grow :rows="2" :label="$t('recipe.description')"></v-textarea>
+      <RecipeOrganizerSelector v-model="cookbook.categories" selector-type="categories" />
+      <RecipeOrganizerSelector v-model="cookbook.tags" selector-type="tags" />
+      <RecipeOrganizerSelector v-model="cookbook.tools" selector-type="tools" />
+      <v-switch v-model="cookbook.public" hide-details single-line>
+        <template #label>
+          {{ $t('cookbook.public-cookbook') }}
+          <HelpIcon small right class="ml-2">
+            {{ $t('cookbook.public-cookbook-description') }}
+          </HelpIcon>
+        </template>
+      </v-switch>
+      <div class="mt-4">
+        <h3 class="text-subtitle-1 d-flex align-center mb-0 pb-0">
+          {{ $t('cookbook.filter-options') }}
+          <HelpIcon right small class="ml-2">
+            {{ $t('cookbook.filter-options-description') }}
+          </HelpIcon>
+        </h3>
+        <v-switch v-model="cookbook.requireAllCategories" class="mt-0" hide-details single-line>
+          <template #label> {{ $t('cookbook.require-all-categories') }} </template>
+        </v-switch>
+        <v-switch v-model="cookbook.requireAllTags" hide-details single-line>
+          <template #label> {{ $t('cookbook.require-all-tags') }} </template>
+        </v-switch>
+        <v-switch v-model="cookbook.requireAllTools" hide-details single-line>
+          <template #label> {{ $t('cookbook.require-all-tools') }} </template>
+        </v-switch>
+      </div>
+    </v-card-text>
+  </div>
+</template>
+
+<script lang="ts">
+import { defineComponent } from "@nuxtjs/composition-api";
+import { ReadCookBook } from "~/lib/api/types/cookbook";
+import RecipeOrganizerSelector from "~/components/Domain/Recipe/RecipeOrganizerSelector.vue";
+export default defineComponent({
+  components: { RecipeOrganizerSelector },
+  props: {
+    cookbook: {
+      type: Object as () => ReadCookBook,
+      required: true,
+    },
+    actions: {
+      type: Object as () => any,
+      required: true,
+    },
+  },
+});
+</script>

frontend/components/Domain/Cookbook/CookbookPage.vue

@@ -1,8 +1,33 @@
 <template>
+  <div>
+    <!-- Edit Dialog -->
+    <BaseDialog
+      v-if="editTarget"
+      v-model="dialogStates.edit"
+      :width="650"
+      :icon="$globals.icons.pages"
+      :title="$t('general.edit')"
+      :submit-icon="$globals.icons.save"
+      :submit-text="$tc('general.save')"
+      @submit="editCookbook"
+    >
+      <v-card-text>
+        <CookbookEditor :cookbook="editTarget" :actions="actions" />
+      </v-card-text>
+    </BaseDialog>
+
+    <!-- Page -->
     <v-container v-if="book" fluid>
-      <v-app-bar color="transparent" flat class="mt-n1 rounded">
+      <v-app-bar color="transparent" flat class="mt-n1">
         <v-icon large left> {{ $globals.icons.pages }} </v-icon>
         <v-toolbar-title class="headline"> {{ book.name }} </v-toolbar-title>
+        <v-spacer></v-spacer>
+        <BaseButton
+          v-if="isOwnGroup"
+          class="mx-1"
+          :edit="true"
+          @click="handleEditCookbook"
+        />
       </v-app-bar>
       <v-card flat>
         <v-card-text class="py-0">
@@ -22,17 +47,20 @@
         />
       </v-container>
     </v-container>
-  </template>
+  </div>
+</template>
 
   <script lang="ts">
-  import { computed, defineComponent, useRoute, ref, useContext, useMeta } from "@nuxtjs/composition-api";
+  import { computed, defineComponent, useRoute, ref, useContext, useMeta, reactive, useRouter } from "@nuxtjs/composition-api";
   import { useLazyRecipes } from "~/composables/recipes";
   import RecipeCardSection from "@/components/Domain/Recipe/RecipeCardSection.vue";
-  import { useCookbook } from "~/composables/use-group-cookbooks";
+  import { useCookbook, useCookbooks } from "~/composables/use-group-cookbooks";
   import { useLoggedInState } from "~/composables/use-logged-in-state";
+  import { RecipeCookBook } from "~/lib/api/types/cookbook";
+  import CookbookEditor from "~/components/Domain/Cookbook/CookbookEditor.vue";
 
   export default defineComponent({
-    components: { RecipeCardSection },
+    components: { RecipeCardSection, CookbookEditor },
     setup() {
       const { $auth } = useContext();
       const { isOwnGroup } = useLoggedInState();
@@ -43,10 +71,36 @@
       const { recipes, appendRecipes, assignSorted, removeRecipe, replaceRecipes } = useLazyRecipes(isOwnGroup.value ? null : groupSlug.value);
       const slug = route.value.params.slug;
       const { getOne } = useCookbook(isOwnGroup.value ? null : groupSlug.value);
+      const { actions } = useCookbooks();
+      const router = useRouter();
 
       const tab = ref(null);
       const book = getOne(slug);
 
+      const dialogStates = reactive({
+        edit: false,
+      });
+
+      const editTarget = ref<RecipeCookBook | null>(null);
+      function handleEditCookbook() {
+        dialogStates.edit = true;
+        editTarget.value = book.value;
+      }
+
+      async function editCookbook() {
+        if (!editTarget.value) {
+          return;
+        }
+        const response = await actions.updateOne(editTarget.value);
+
+        // if name changed, redirect to new slug
+        if (response?.slug && book.value?.slug !== response?.slug) {
+          router.push(`/g/${route.value.params.groupSlug}/cookbooks/${response?.slug}`);
+        }
+        dialogStates.edit = false;
+        editTarget.value = null;
+      }
+
       useMeta(() => {
         return {
           title: book?.value?.name || "Cookbook",
@@ -62,6 +116,12 @@
         recipes,
         removeRecipe,
         replaceRecipes,
+        isOwnGroup,
+        dialogStates,
+        editTarget,
+        handleEditCookbook,
+        editCookbook,
+        actions,
       };
     },
     head: {}, // Must include for useMeta

frontend/components/Domain/Group/GroupMealPlanDayContextMenu.vue

@@ -107,7 +107,7 @@ export default defineComponent({
     })
 
     async function getShoppingLists() {
-      const { data } = await api.shopping.lists.getAll();
+      const { data } = await api.shopping.lists.getAll(1, -1, { orderBy: "name", orderDirection: "asc" });
       if (data) {
         shoppingLists.value = data.items ?? [];
       }

frontend/components/Domain/Group/GroupMealPlanRuleForm.vue

@@ -19,7 +19,7 @@
 <script lang="ts">
 import { defineComponent, computed, useContext } from "@nuxtjs/composition-api";
 import RecipeOrganizerSelector from "~/components/Domain/Recipe/RecipeOrganizerSelector.vue";
-import { RecipeTag, RecipeCategory } from "~/lib/api/types/group";
+import { RecipeTag, RecipeCategory } from "~/lib/api/types/recipe";
 
 export default defineComponent({
   components: {

frontend/components/Domain/Recipe/RecipeActionMenu.vue

@@ -21,7 +21,7 @@
 
     <v-spacer></v-spacer>
     <div v-if="!open" class="custom-btn-group ma-1">
-      <RecipeFavoriteBadge v-if="loggedIn" class="mx-1" color="info" button-style :slug="recipe.slug" show-always />
+      <RecipeFavoriteBadge v-if="loggedIn" class="mx-1" color="info" button-style :recipe-id="recipe.id" show-always />
       <RecipeTimelineBadge v-if="loggedIn" button-style :slug="recipe.slug" :recipe-name="recipe.name" />
       <div v-if="loggedIn">
         <v-tooltip v-if="!locked" bottom color="info">
@@ -70,6 +70,7 @@
           print: true,
           printPreferences: true,
           share: loggedIn,
+          recipeActions: true,
         }"
         @print="$emit('print')"
       />

frontend/components/Domain/Recipe/RecipeCard.vue

@@ -3,8 +3,9 @@
     <v-hover v-slot="{ hover }" :open-delay="50">
       <v-card
         :class="{ 'on-hover': hover }"
+        :style="{ cursor }"
         :elevation="hover ? 12 : 2"
-        :to="route ? recipeRoute : ''"
+        :to="recipeRoute"
         :min-height="imageHeight + 75"
         @click="$emit('click')"
       >
@@ -33,10 +34,10 @@
         </v-card-title>
 
         <slot name="actions">
-          <v-card-actions class="px-1">
-            <RecipeFavoriteBadge v-if="isOwnGroup" class="absolute" :slug="slug" show-always />
+          <v-card-actions v-if="showRecipeContent" class="px-1">
+            <RecipeFavoriteBadge v-if="isOwnGroup" class="absolute" :recipe-id="recipeId" show-always />
 
-            <RecipeRating class="pb-1" :value="rating" :name="name" :slug="slug" :small="true" />
+            <RecipeRating class="pb-1" :value="rating" :recipe-id="recipeId" :slug="slug" :small="true" />
             <v-spacer></v-spacer>
             <RecipeChips :truncate="true" :items="tags" :title="false" :limit="2" :small="true" url-prefix="tags" />
 
@@ -96,15 +97,15 @@ export default defineComponent({
       required: false,
       default: 0,
     },
+    ratingColor: {
+      type: String,
+      default: "secondary",
+    },
     image: {
       type: String,
       required: false,
       default: "abc123",
     },
-    route: {
-      type: Boolean,
-      default: true,
-    },
     tags: {
       type: Array,
       default: () => [],
@@ -123,14 +124,18 @@ export default defineComponent({
     const { isOwnGroup } = useLoggedInState();
 
     const route = useRoute();
-    const groupSlug = computed(() => route.value.params.groupSlug || $auth.user?.groupSlug || "")
+    const groupSlug = computed(() => route.value.params.groupSlug || $auth.user?.groupSlug || "");
+    const showRecipeContent = computed(() => props.recipeId && props.slug);
     const recipeRoute = computed<string>(() => {
-      return `/g/${groupSlug.value}/r/${props.slug}`;
+      return showRecipeContent.value ? `/g/${groupSlug.value}/r/${props.slug}` : "";
     });
+    const cursor = computed(() => showRecipeContent.value ? "pointer" : "auto");
 
     return {
       isOwnGroup,
       recipeRoute,
+      showRecipeContent,
+      cursor,
     };
   },
 });

frontend/components/Domain/Recipe/RecipeCardMobile.vue

@@ -3,6 +3,7 @@
     <v-card
       :ripple="false"
       :class="isFlat ? 'mx-auto flat' : 'mx-auto'"
+      :style="{ cursor }"
       hover
       :to="$listeners.selected ? undefined : recipeRoute"
       @click="$emit('selected')"
@@ -37,22 +38,20 @@
           </v-list-item-subtitle>
           <div class="d-flex flex-wrap justify-end align-center">
             <slot name="actions">
-              <RecipeFavoriteBadge v-if="isOwnGroup" :slug="slug" show-always />
-              <v-rating
-                color="secondary"
+              <RecipeFavoriteBadge v-if="isOwnGroup && showRecipeContent" :recipe-id="recipeId" show-always />
+              <RecipeRating
                 :class="isOwnGroup ? 'ml-auto' : 'ml-auto pb-2'"
-                background-color="secondary lighten-3"
-                dense
-                length="5"
-                size="15"
                 :value="rating"
-              ></v-rating>
+                :recipe-id="recipeId"
+                :slug="slug"
+                :small="true"
+              />
               <v-spacer></v-spacer>
 
               <!-- If we're not logged-in, no items display, so we hide this menu -->
               <!-- We also add padding to the v-rating above to compensate -->
               <RecipeContextMenu
-                v-if="isOwnGroup"
+                v-if="isOwnGroup && showRecipeContent"
                 :slug="slug"
                 :menu-icon="$globals.icons.dotsHorizontal"
                 :name="name"
@@ -83,12 +82,14 @@ import { computed, defineComponent, useContext, useRoute } from "@nuxtjs/composi
 import RecipeFavoriteBadge from "./RecipeFavoriteBadge.vue";
 import RecipeContextMenu from "./RecipeContextMenu.vue";
 import RecipeCardImage from "./RecipeCardImage.vue";
+import RecipeRating from "./RecipeRating.vue";
 import { useLoggedInState } from "~/composables/use-logged-in-state";
 
 export default defineComponent({
   components: {
     RecipeFavoriteBadge,
     RecipeContextMenu,
+    RecipeRating,
     RecipeCardImage,
   },
   props: {
@@ -113,10 +114,6 @@ export default defineComponent({
       required: false,
       default: "abc123",
     },
-    route: {
-      type: Boolean,
-      default: true,
-    },
     recipeId: {
       type: String,
       required: true,
@@ -135,14 +132,19 @@ export default defineComponent({
     const { isOwnGroup } = useLoggedInState();
 
     const route = useRoute();
-    const groupSlug = computed(() => route.value.params.groupSlug || $auth.user?.groupSlug || "")
+    const groupSlug = computed(() => route.value.params.groupSlug || $auth.user?.groupSlug || "");
+    const showRecipeContent = computed(() => props.recipeId && props.slug);
     const recipeRoute = computed<string>(() => {
-      return `/g/${groupSlug.value}/r/${props.slug}`;
+      return showRecipeContent.value ? `/g/${groupSlug.value}/r/${props.slug}` : "";
     });
+    const cursor = computed(() => showRecipeContent.value ? "pointer" : "auto");
+
 
     return {
       isOwnGroup,
       recipeRoute,
+      showRecipeContent,
+      cursor,
     };
   },
 });

frontend/components/Domain/Recipe/RecipeChips.vue

@@ -9,7 +9,7 @@
       color="accent"
       :small="small"
       dark
-      :to="isOwnGroup ? `${baseRecipeRoute}?${urlPrefix}=${category.id}` : undefined"
+      :to="`${baseRecipeRoute}?${urlPrefix}=${category.id}`"
     >
       {{ truncateText(category.name) }}
     </v-chip>
@@ -18,8 +18,7 @@
 
 <script lang="ts">
 import { computed, defineComponent, useContext, useRoute } from "@nuxtjs/composition-api";
-import { useLoggedInState } from "~/composables/use-logged-in-state";
-import { RecipeCategory, RecipeTag, RecipeTool } from "~/lib/api/types/user";
+import { RecipeCategory, RecipeTag, RecipeTool } from "~/lib/api/types/recipe";
 
 export type UrlPrefixParam = "tags" | "categories" | "tools";
 
@@ -56,7 +55,6 @@ export default defineComponent({
   },
   setup(props) {
     const { $auth } = useContext();
-    const { isOwnGroup } = useLoggedInState();
 
     const route = useRoute();
     const groupSlug = computed(() => route.value.params.groupSlug || $auth.user?.groupSlug || "")
@@ -74,7 +72,6 @@ export default defineComponent({
 
     return {
       baseRecipeRoute,
-      isOwnGroup,
       truncateText,
     };
   },

frontend/components/Domain/Recipe/RecipeContextMenu.vue

@@ -59,7 +59,13 @@
               v-on="on"
             ></v-text-field>
           </template>
-          <v-date-picker v-model="newMealdate" no-title @input="pickerMenu = false"></v-date-picker>
+          <v-date-picker
+            v-model="newMealdate"
+            no-title
+            :first-day-of-week="firstDayOfWeek"
+            :local="$i18n.locale"
+            @input="pickerMenu = false"
+          />
         </v-menu>
         <v-select
           v-model="newMealType"
@@ -99,6 +105,26 @@
           </v-list-item-icon>
           <v-list-item-title>{{ item.title }}</v-list-item-title>
         </v-list-item>
+        <div v-if="useItems.recipeActions && recipeActions && recipeActions.length">
+          <v-divider />
+          <v-list-group @click.stop>
+            <template #activator>
+              <v-list-item-title>{{ $tc("recipe.recipe-actions") }}</v-list-item-title>
+            </template>
+            <v-list dense class="ma-0 pa-0">
+              <v-list-item
+                v-for="(action, index) in recipeActions"
+                :key="index"
+                class="pl-6"
+                @click="executeRecipeAction(action)"
+              >
+                <v-list-item-title>
+                  {{ action.title }}
+                </v-list-item-title>
+              </v-list-item>
+            </v-list>
+          </v-list-group>
+        </div>
       </v-list>
     </v-menu>
   </div>
@@ -111,10 +137,12 @@ import RecipeDialogPrintPreferences from "./RecipeDialogPrintPreferences.vue";
 import RecipeDialogShare from "./RecipeDialogShare.vue";
 import { useLoggedInState } from "~/composables/use-logged-in-state";
 import { useUserApi } from "~/composables/api";
+import { useGroupRecipeActions } from "~/composables/use-group-recipe-actions";
+import { useGroupSelf } from "~/composables/use-groups";
 import { alert } from "~/composables/use-toast";
 import { usePlanTypeOptions } from "~/composables/use-group-mealplan";
 import { Recipe } from "~/lib/api/types/recipe";
-import { ShoppingListSummary } from "~/lib/api/types/group";
+import { GroupRecipeActionOut, ShoppingListSummary } from "~/lib/api/types/group";
 import { PlanEntryType } from "~/lib/api/types/meal-plan";
 import { useAxiosDownloader } from "~/composables/api/use-axios-download";
 
@@ -127,6 +155,7 @@ export interface ContextMenuIncludes {
   print: boolean;
   printPreferences: boolean;
   share: boolean;
+  recipeActions: boolean;
 }
 
 export interface ContextMenuItem {
@@ -156,6 +185,7 @@ export default defineComponent({
         print: true,
         printPreferences: true,
         share: true,
+        recipeActions: true,
       }),
     },
     // Append items are added at the end of the useItems list
@@ -224,11 +254,16 @@ export default defineComponent({
     });
 
     const { i18n, $auth, $globals } = useContext();
+    const { group } = useGroupSelf();
     const { isOwnGroup } = useLoggedInState();
 
     const route = useRoute();
     const groupSlug = computed(() => route.value.params.groupSlug || $auth.user?.groupSlug || "");
 
+    const firstDayOfWeek = computed(() => {
+      return group.value?.preferences?.firstDayOfWeek || 0;
+    });
+
     // ===========================================================================
     // Context Menu Setup
 
@@ -321,7 +356,7 @@ export default defineComponent({
     const recipeRefWithScale = computed(() => recipeRef.value ? { scale: props.recipeScale, ...recipeRef.value } : undefined);
 
     async function getShoppingLists() {
-      const { data } = await api.shopping.lists.getAll();
+      const { data } = await api.shopping.lists.getAll(1, -1, { orderBy: "name", orderDirection: "asc" });
       if (data) {
         shoppingLists.value = data.items ?? [];
       }
@@ -335,6 +370,19 @@ export default defineComponent({
     }
 
     const router = useRouter();
+    const groupRecipeActionsStore = useGroupRecipeActions();
+
+    async function executeRecipeAction(action: GroupRecipeActionOut) {
+      const response = await groupRecipeActionsStore.execute(action, props.recipe);
+
+      if (action.actionType === "post") {
+        if (!response || (response.status >= 200  && response.status < 300)) {
+          alert.success(i18n.tc("events.message-sent"));
+        } else {
+          alert.error(i18n.tc("events.something-went-wrong"));
+        }
+      }
+    }
 
     async function deleteRecipe() {
       await api.recipes.deleteOne(props.slug);
@@ -425,6 +473,8 @@ export default defineComponent({
       ...toRefs(state),
       recipeRef,
       recipeRefWithScale,
+      executeRecipeAction,
+      recipeActions: groupRecipeActionsStore.recipeActions,
       shoppingLists,
       duplicateRecipe,
       contextMenuEventHandler,
@@ -432,6 +482,7 @@ export default defineComponent({
       addRecipeToPlan,
       icon,
       planTypeOptions,
+      firstDayOfWeek,
     };
   },
 });

frontend/components/Domain/Recipe/RecipeDialogAddToShoppingList.vue

@@ -3,7 +3,7 @@
     <BaseDialog v-if="shoppingListDialog" v-model="dialog" :title="$t('recipe.add-to-list')" :icon="$globals.icons.cartCheck">
       <v-card-text>
         <v-card
-          v-for="list in shoppingLists"
+          v-for="list in shoppingListChoices"
           :key="list.id"
           hover
           class="my-2 left-border"
@@ -14,6 +14,18 @@
           </v-card-title>
         </v-card>
       </v-card-text>
+      <template #card-actions>
+        <v-btn
+          text
+          color="grey"
+          @click="dialog = false"
+        >
+          {{ $t("general.cancel") }}
+        </v-btn>
+        <div class="d-flex justify-end" style="width: 100%;">
+          <v-checkbox v-model="preferences.viewAllLists" hide-details :label="$tc('general.show-all')" class="my-auto mr-4" />
+        </div>
+      </template>
     </BaseDialog>
     <BaseDialog
       v-if="shoppingListIngredientDialog"
@@ -120,6 +132,7 @@ import { toRefs } from "@vueuse/core";
 import RecipeIngredientListItem from "./RecipeIngredientListItem.vue";
 import { useUserApi } from "~/composables/api";
 import { alert } from "~/composables/use-toast";
+import { useShoppingListPreferences } from "~/composables/use-users/preferences";
 import { ShoppingListSummary } from "~/lib/api/types/group";
 import { Recipe, RecipeIngredient } from "~/lib/api/types/recipe";
 
@@ -164,8 +177,9 @@ export default defineComponent({
     },
   },
   setup(props, context) {
-    const { i18n } = useContext();
+    const { $auth, i18n } = useContext();
     const api = useUserApi();
+    const preferences = useShoppingListPreferences();
 
     // v-model support
     const dialog = computed({
@@ -183,6 +197,10 @@ export default defineComponent({
       shoppingListIngredientDialog: false,
     });
 
+    const shoppingListChoices = computed(() => {
+      return props.shoppingLists.filter((list) => preferences.value.viewAllLists || list.userId === $auth.user?.id);
+    });
+
     const recipeIngredientSections = ref<ShoppingListRecipeIngredientSection[]>([]);
     const selectedShoppingList = ref<ShoppingListSummary | null>(null);
 
@@ -334,6 +352,8 @@ export default defineComponent({
 
     return {
       dialog,
+      preferences,
+      shoppingListChoices,
       ...toRefs(state),
       addRecipesToList,
       bulkCheckIngredients,

frontend/components/Domain/Recipe/RecipeDialogSearch.vue

@@ -45,7 +45,6 @@
           :rating="recipe.rating"
           :image="recipe.image"
           :recipe-id="recipe.id"
-          :route="true"
           v-on="$listeners.selected ? { selected: () => handleSelect(recipe) } : {}"
         />
       </v-card>

frontend/components/Domain/Recipe/RecipeDialogShare.vue

@@ -22,7 +22,13 @@
               v-on="on"
             ></v-text-field>
           </template>
-          <v-date-picker v-model="expirationDate" no-title @input="datePickerMenu = false"></v-date-picker>
+          <v-date-picker
+            v-model="expirationDate"
+            no-title
+            :first-day-of-week="firstDayOfWeek"
+            :local="$i18n.locale"
+            @input="datePickerMenu = false"
+          />
         </v-menu>
       </v-card-text>
       <v-card-actions class="justify-end">
@@ -60,6 +66,7 @@ import { defineComponent, computed, toRefs, reactive, useContext, useRoute } fro
 import { useClipboard, useShare, whenever } from "@vueuse/core";
 import { RecipeShareToken } from "~/lib/api/types/recipe";
 import { useUserApi } from "~/composables/api";
+import { useGroupSelf } from "~/composables/use-groups";
 import { alert } from "~/composables/use-toast";
 
 export default defineComponent({
@@ -106,9 +113,14 @@ export default defineComponent({
     );
 
     const { $auth, i18n } = useContext();
+    const { group } = useGroupSelf();
     const route = useRoute();
     const groupSlug = computed(() => route.value.params.groupSlug || $auth.user?.groupSlug || "");
 
+    const firstDayOfWeek = computed(() => {
+      return group.value?.preferences?.firstDayOfWeek || 0;
+    });
+
     // ============================================================
     // Token Actions
 
@@ -185,6 +197,7 @@ export default defineComponent({
       dialog,
       createNewToken,
       deleteToken,
+      firstDayOfWeek,
       shareRecipe,
       copyTokenLink,
     };

frontend/components/Domain/Recipe/RecipeExplorerPage.vue

@@ -67,12 +67,16 @@
               <v-list>
                 <v-list-item @click="toggleOrderDirection()">
                   <v-icon left>
-                    {{ $globals.icons.sort }}
+                    {{
+                      state.orderDirection === "asc" ?
+                      $globals.icons.sortDescending : $globals.icons.sortAscending
+                    }}
                   </v-icon>
                   <v-list-item-title>
-                    {{ state.orderDirection === "asc" ? "Sort Descending" : "Sort Ascending" }}
+                    {{ state.orderDirection === "asc" ? $tc("general.sort-descending") : $tc("general.sort-ascending") }}
                   </v-list-item-title>
                 </v-list-item>
+                <v-divider />
                 <v-list-item
                   v-for="v in sortable"
                   :key="v.name"
@@ -120,11 +124,12 @@
     <v-divider></v-divider>
     <v-container class="mt-6 px-md-6">
       <RecipeCardSection
+        v-if="state.ready"
         class="mt-n5"
         :icon="$globals.icons.search"
         :title="$tc('search.results')"
         :recipes="recipes"
-        :query="passedQuery"
+        :query="passedQueryWithSeed"
         @replaceRecipes="replaceRecipes"
         @appendRecipes="appendRecipes"
       />
@@ -133,11 +138,12 @@
 </template>
 
 <script lang="ts">
-import { ref, defineComponent, useRouter, onMounted, useContext, computed, Ref, useRoute } from "@nuxtjs/composition-api";
+import { ref, defineComponent, useRouter, onMounted, useContext, computed, Ref, useRoute, watch } from "@nuxtjs/composition-api";
 import { watchDebounced } from "@vueuse/shared";
 import SearchFilter from "~/components/Domain/SearchFilter.vue";
 import { useLoggedInState } from "~/composables/use-logged-in-state";
 import { useCategoryStore, useFoodStore, useTagStore, useToolStore } from "~/composables/store";
+import { useUserSearchQuerySession } from "~/composables/use-users/preferences";
 import RecipeCardSection from "~/components/Domain/Recipe/RecipeCardSection.vue";
 import { IngredientFood, RecipeCategory, RecipeTag, RecipeTool } from "~/lib/api/types/recipe";
 import { NoUndefinedField } from "~/lib/api/types/non-generated";
@@ -157,6 +163,7 @@ export default defineComponent({
     const { isOwnGroup } = useLoggedInState();
     const state = ref({
       auto: true,
+      ready: false,
       search: "",
       orderBy: "created_at",
       orderDirection: "desc" as "asc" | "desc",
@@ -170,6 +177,7 @@ export default defineComponent({
 
     const route = useRoute();
     const groupSlug = computed(() => route.value.params.groupSlug || $auth.user?.groupSlug || "");
+    const searchQuerySession = useUserSearchQuerySession();
 
     const { recipes, appendRecipes, assignSorted, removeRecipe, replaceRecipes } = useLazyRecipes(isOwnGroup.value ? null : groupSlug.value);
     const categories = isOwnGroup.value ? useCategoryStore() : usePublicCategoryStore(groupSlug.value);
@@ -184,65 +192,11 @@ export default defineComponent({
     const tools = isOwnGroup.value ? useToolStore() : usePublicToolStore(groupSlug.value);
     const selectedTools = ref<NoUndefinedField<RecipeTool>[]>([]);
 
-    const passedQuery = ref<RecipeSearchQuery | null>(null);
-
-    function reset() {
-      state.value.search = "";
-      state.value.orderBy = "created_at";
-      state.value.orderDirection = "desc";
-      state.value.requireAllCategories = false;
-      state.value.requireAllTags = false;
-      state.value.requireAllTools = false;
-      state.value.requireAllFoods = false;
-      selectedCategories.value = [];
-      selectedFoods.value = [];
-      selectedTags.value = [];
-      selectedTools.value = [];
-
-      router.push({
-        query: {},
-      });
-
-      search();
-    }
-
-    function toggleOrderDirection() {
-      state.value.orderDirection = state.value.orderDirection === "asc" ? "desc" : "asc";
-    }
-
-    function toIDArray(array: { id: string }[]) {
-      return array.map((item) => item.id);
-    }
-
-    function hideKeyboard() {
-      input.value.blur()
-    }
-
-    const input: Ref<any> = ref(null);
-
-    async function search() {
-      await router.push({
-        query: {
-          categories: toIDArray(selectedCategories.value),
-          foods: toIDArray(selectedFoods.value),
-          tags: toIDArray(selectedTags.value),
-          tools: toIDArray(selectedTools.value),
-          // Only add the query param if it's or not default
-          ...{
-            auto: state.value.auto ? undefined : "false",
-            search: state.value.search === "" ? undefined : state.value.search,
-            orderBy: state.value.orderBy === "createdAt" ? undefined : state.value.orderBy,
-            orderDirection: state.value.orderDirection === "desc" ? undefined : state.value.orderDirection,
-            requireAllCategories: state.value.requireAllCategories ? "true" : undefined,
-            requireAllTags: state.value.requireAllTags ? "true" : undefined,
-            requireAllTools: state.value.requireAllTools ? "true" : undefined,
-            requireAllFoods: state.value.requireAllFoods ? "true" : undefined,
-          },
-        },
-      });
-
-      passedQuery.value = {
-        search: state.value.search,
+    function calcPassedQuery(): RecipeSearchQuery {
+      return {
+        // the search clear button sets search to null, which still renders the query param for a moment,
+        // whereas an empty string is not rendered
+        search: state.value.search ? state.value.search : "",
         categories: toIDArray(selectedCategories.value),
         foods: toIDArray(selectedFoods.value),
         tags: toIDArray(selectedTags.value),
@@ -253,8 +207,87 @@ export default defineComponent({
         requireAllFoods: state.value.requireAllFoods,
         orderBy: state.value.orderBy,
         orderDirection: state.value.orderDirection,
+      };
+    }
+    const passedQuery = ref<RecipeSearchQuery>(calcPassedQuery());
+
+    // we calculate this separately because otherwise we can't check for query changes
+    const passedQueryWithSeed = computed(() => {
+      return {
+        ...passedQuery.value,
         _searchSeed: Date.now().toString()
       };
+    })
+
+    const queryDefaults = {
+      search: "",
+      orderBy: "created_at",
+      orderDirection: "desc" as "asc" | "desc",
+      requireAllCategories: false,
+      requireAllTags: false,
+      requireAllTools: false,
+      requireAllFoods: false,
+    }
+
+    function reset() {
+      state.value.search = queryDefaults.search;
+      state.value.orderBy = queryDefaults.orderBy;
+      state.value.orderDirection = queryDefaults.orderDirection;
+      state.value.requireAllCategories = queryDefaults.requireAllCategories;
+      state.value.requireAllTags = queryDefaults.requireAllTags;
+      state.value.requireAllTools = queryDefaults.requireAllTools;
+      state.value.requireAllFoods = queryDefaults.requireAllFoods;
+      selectedCategories.value = [];
+      selectedFoods.value = [];
+      selectedTags.value = [];
+      selectedTools.value = [];
+
+      search();
+    }
+
+    function toggleOrderDirection() {
+      state.value.orderDirection = state.value.orderDirection === "asc" ? "desc" : "asc";
+    }
+
+    function toIDArray(array: { id: string }[]) {
+      // we sort the array to make sure the query is always the same
+      return array.map((item) => item.id).sort();
+    }
+
+    function hideKeyboard() {
+      input.value.blur()
+    }
+
+    const input: Ref<any> = ref(null);
+
+    async function search() {
+      const oldQueryValueString = JSON.stringify(passedQuery.value);
+      const newQueryValue = calcPassedQuery();
+      const newQueryValueString = JSON.stringify(newQueryValue);
+      if (oldQueryValueString === newQueryValueString) {
+        return;
+      }
+
+      passedQuery.value = newQueryValue;
+      const query = {
+        categories: passedQuery.value.categories,
+        foods: passedQuery.value.foods,
+        tags: passedQuery.value.tags,
+        tools: passedQuery.value.tools,
+        // Only add the query param if it's not the default value
+        ...{
+          auto: state.value.auto ? undefined : "false",
+          search: passedQuery.value.search === queryDefaults.search ? undefined : passedQuery.value.search,
+          orderBy: passedQuery.value.orderBy === queryDefaults.orderBy ? undefined : passedQuery.value.orderBy,
+          orderDirection: passedQuery.value.orderDirection === queryDefaults.orderDirection ? undefined : passedQuery.value.orderDirection,
+          requireAllCategories: passedQuery.value.requireAllCategories ? "true" : undefined,
+          requireAllTags: passedQuery.value.requireAllTags ? "true" : undefined,
+          requireAllTools: passedQuery.value.requireAllTools ? "true" : undefined,
+          requireAllFoods: passedQuery.value.requireAllFoods ? "true" : undefined,
+        },
+      }
+      await router.push({ query });
+      searchQuerySession.value.recipe = JSON.stringify(query);
     }
 
     function waitUntilAndExecute(
@@ -325,32 +358,69 @@ export default defineComponent({
       },
     ];
 
-    onMounted(() => {
-      // Hydrate Search
-      // wait for stores to be hydrated
+    watch(
+      () => route.value.query,
+      () => {
+        if (state.value.ready) {
+          hydrateSearch();
+        }
+      },
+      {
+        deep: true,
+      },
+    )
 
-      // read query params
+    async function hydrateSearch() {
       const query = router.currentRoute.query;
-
-      if (query.auto) {
+      if (query.auto?.length) {
         state.value.auto = query.auto === "true";
       }
 
-      if (query.search) {
+      if (query.search?.length) {
         state.value.search = query.search as string;
+      } else {
+        state.value.search = queryDefaults.search;
       }
 
-      if (query.orderBy) {
+      if (query.orderBy?.length) {
         state.value.orderBy = query.orderBy as string;
+      } else {
+        state.value.orderBy = queryDefaults.orderBy;
       }
 
-      if (query.orderDirection) {
+      if (query.orderDirection?.length) {
         state.value.orderDirection = query.orderDirection as "asc" | "desc";
+      } else {
+        state.value.orderDirection = queryDefaults.orderDirection;
+      }
+
+      if (query.requireAllCategories?.length) {
+        state.value.requireAllCategories = query.requireAllCategories === "true";
+      } else {
+        state.value.requireAllCategories = queryDefaults.requireAllCategories;
+      }
+
+      if (query.requireAllTags?.length) {
+        state.value.requireAllTags = query.requireAllTags === "true";
+      } else {
+        state.value.requireAllTags = queryDefaults.requireAllTags;
+      }
+
+      if (query.requireAllTools?.length) {
+        state.value.requireAllTools = query.requireAllTools === "true";
+      } else {
+        state.value.requireAllTools = queryDefaults.requireAllTools;
+      }
+
+      if (query.requireAllFoods?.length) {
+        state.value.requireAllFoods = query.requireAllFoods === "true";
+      } else {
+        state.value.requireAllFoods = queryDefaults.requireAllFoods;
       }
 
       const promises: Promise<void>[] = [];
 
-      if (query.categories) {
+      if (query.categories?.length) {
         promises.push(
           waitUntilAndExecute(
             () => categories.items.value.length > 0,
@@ -363,9 +433,39 @@ export default defineComponent({
             }
           )
         );
+      } else {
+        selectedCategories.value = [];
       }
 
-      if (query.foods) {
+      if (query.tags?.length) {
+        promises.push(
+          waitUntilAndExecute(
+            () => tags.items.value.length > 0,
+            () => {
+              const result = tags.items.value.filter((item) => (query.tags as string[]).includes(item.id as string));
+              selectedTags.value = result as NoUndefinedField<RecipeTag>[];
+            }
+          )
+        );
+      } else {
+        selectedTags.value = [];
+      }
+
+      if (query.tools?.length) {
+        promises.push(
+          waitUntilAndExecute(
+            () => tools.items.value.length > 0,
+            () => {
+              const result = tools.items.value.filter((item) => (query.tools as string[]).includes(item.id));
+              selectedTools.value = result as NoUndefinedField<RecipeTool>[];
+            }
+          )
+        );
+      } else {
+        selectedTools.value = [];
+      }
+
+      if (query.foods?.length) {
         promises.push(
           waitUntilAndExecute(
             () => {
@@ -380,35 +480,28 @@ export default defineComponent({
             }
           )
         );
+      } else {
+        selectedFoods.value = [];
       }
 
-      if (query.tags) {
-        promises.push(
-          waitUntilAndExecute(
-            () => tags.items.value.length > 0,
-            () => {
-              const result = tags.items.value.filter((item) => (query.tags as string[]).includes(item.id as string));
-              selectedTags.value = result as NoUndefinedField<RecipeTag>[];
-            }
-          )
-        );
+      await Promise.allSettled(promises);
+    };
+
+    onMounted(async () => {
+      // restore the user's last search query
+      if (searchQuerySession.value.recipe && !(Object.keys(route.value.query).length > 0)) {
+        try {
+          const query = JSON.parse(searchQuerySession.value.recipe);
+          await router.replace({ query });
+        } catch (error) {
+          searchQuerySession.value.recipe = "";
+          router.replace({ query: {} });
+        }
       }
 
-      if (query.tools) {
-        promises.push(
-          waitUntilAndExecute(
-            () => tools.items.value.length > 0,
-            () => {
-              const result = tools.items.value.filter((item) => (query.tools as string[]).includes(item.id));
-              selectedTools.value = result as NoUndefinedField<RecipeTool>[];
-            }
-          )
-        );
-      }
-
-      Promise.allSettled(promises).then(() => {
-        search();
-      });
+      await hydrateSearch();
+      await search();
+      state.value.ready = true;
     });
 
     watchDebounced(
@@ -426,7 +519,7 @@ export default defineComponent({
         selectedTools,
       ],
       async () => {
-        if (state.value.auto) {
+        if (state.value.ready && state.value.auto) {
           await search();
         }
       },
@@ -459,7 +552,7 @@ export default defineComponent({
       recipes,
       removeRecipe,
       replaceRecipes,
-      passedQuery,
+      passedQueryWithSeed,
     };
   },
   head: {},

frontend/components/Domain/Recipe/RecipeFavoriteBadge.vue

@@ -22,11 +22,12 @@
 
 <script lang="ts">
 import { computed, defineComponent, useContext } from "@nuxtjs/composition-api";
+import { useUserSelfRatings } from "~/composables/use-users";
 import { useUserApi } from "~/composables/api";
 import { UserOut } from "~/lib/api/types/user";
 export default defineComponent({
   props: {
-    slug: {
+    recipeId: {
       type: String,
       default: "",
     },
@@ -42,19 +43,23 @@ export default defineComponent({
   setup(props) {
     const api = useUserApi();
     const { $auth } = useContext();
+    const { userRatings, refreshUserRatings } = useUserSelfRatings();
 
     // TODO Setup the correct type for $auth.user
     // See https://github.com/nuxt-community/auth-module/issues/1097
     const user = computed(() => $auth.user as unknown as UserOut);
-    const isFavorite = computed(() => user.value?.favoriteRecipes?.includes(props.slug));
+    const isFavorite = computed(() => {
+      const rating = userRatings.value.find((r) => r.recipeId === props.recipeId);
+      return rating?.isFavorite || false;
+    });
 
     async function toggleFavorite() {
       if (!isFavorite.value) {
-        await api.users.addFavorite(user.value?.id, props.slug);
+        await api.users.addFavorite(user.value?.id, props.recipeId);
       } else {
-        await api.users.removeFavorite(user.value?.id, props.slug);
+        await api.users.removeFavorite(user.value?.id, props.recipeId);
       }
-      $auth.fetchUser();
+      await refreshUserRatings();
     }
 
     return { isFavorite, toggleFavorite };

frontend/components/Domain/Recipe/RecipeIngredientEditor.vue

@@ -29,6 +29,7 @@
       </v-col>
       <v-col v-if="!disableAmount" sm="12" md="3" cols="12">
         <v-autocomplete
+          ref="unitAutocomplete"
           v-model="value.unit"
           :search-input.sync="unitSearch"
           auto-select-first
@@ -57,6 +58,7 @@
       <!-- Foods Input -->
       <v-col v-if="!disableAmount" m="12" md="3" cols="12" class="">
         <v-autocomplete
+          ref="foodAutocomplete"
           v-model="value.food"
           :search-input.sync="foodSearch"
           auto-select-first
@@ -200,11 +202,13 @@ export default defineComponent({
     const foodStore = useFoodStore();
     const foodData = useFoodData();
     const foodSearch = ref("");
+    const foodAutocomplete = ref<HTMLInputElement>();
 
     async function createAssignFood() {
       foodData.data.name = foodSearch.value;
       props.value.food = await foodStore.actions.createOne(foodData.data) || undefined;
       foodData.reset();
+      foodAutocomplete.value?.blur();
     }
 
     // ==================================================
@@ -212,11 +216,13 @@ export default defineComponent({
     const unitStore = useUnitStore();
     const unitsData = useUnitData();
     const unitSearch = ref("");
+    const unitAutocomplete = ref<HTMLInputElement>();
 
     async function createAssignUnit() {
       unitsData.data.name = unitSearch.value;
       props.value.unit = await unitStore.actions.createOne(unitsData.data) || undefined;
       unitsData.reset();
+      unitAutocomplete.value?.blur();
     }
 
     const state = reactive({
@@ -269,7 +275,9 @@ export default defineComponent({
       contextMenuOptions,
       handleUnitEnter,
       handleFoodEnter,
+      foodAutocomplete,
       createAssignFood,
+      unitAutocomplete,
       createAssignUnit,
       foods: foodStore.foods,
       foodSearch,

frontend/components/Domain/Recipe/RecipeLastMade.vue

@@ -41,6 +41,7 @@
                     <v-date-picker
                       v-model="newTimelineEventTimestamp"
                       no-title
+                      :first-day-of-week="firstDayOfWeek"
                       :local="$i18n.locale"
                       @input="datePickerMenu = false"
                     />
@@ -109,10 +110,11 @@
 </template>
 
 <script lang="ts">
-import { defineComponent, reactive, ref, toRefs, useContext } from "@nuxtjs/composition-api";
+import { computed, defineComponent, reactive, ref, toRefs, useContext } from "@nuxtjs/composition-api";
 import { whenever } from "@vueuse/core";
 import { VForm } from "~/types/vuetify";
 import { useUserApi } from "~/composables/api";
+import { useGroupSelf } from "~/composables/use-groups";
 import { Recipe, RecipeTimelineEventIn } from "~/lib/api/types/recipe";
 
 export default defineComponent({
@@ -129,11 +131,11 @@ export default defineComponent({
   setup(props, context) {
     const madeThisDialog = ref(false);
     const userApi = useUserApi();
+    const { group } = useGroupSelf();
     const { $auth, i18n } = useContext();
     const domMadeThisForm = ref<VForm>();
     const newTimelineEvent = ref<RecipeTimelineEventIn>({
-      // @ts-expect-error - TS doesn't like the $auth global user attribute
-      subject: i18n.t("recipe.user-made-this", { user: $auth.user.fullName } as string),
+      subject: "",
       eventType: "comment",
       eventMessage: "",
       timestamp: undefined,
@@ -154,6 +156,10 @@ export default defineComponent({
       }
     );
 
+    const firstDayOfWeek = computed(() => {
+      return group.value?.preferences?.firstDayOfWeek || 0;
+    });
+
     function clearImage() {
       newTimelineEventImage.value = undefined;
       newTimelineEventImageName.value = "";
@@ -178,6 +184,8 @@ export default defineComponent({
       }
 
       newTimelineEvent.value.recipeId = props.recipe.id
+      // @ts-expect-error - TS doesn't like the $auth global user attribute
+      newTimelineEvent.value.subject = i18n.t("recipe.user-made-this", { user: $auth.user.fullName })
 
       // the user only selects the date, so we set the time to end of day local time
       // we choose the end of day so it always comes after "new recipe" events
@@ -225,6 +233,7 @@ export default defineComponent({
       ...toRefs(state),
       domMadeThisForm,
       madeThisDialog,
+      firstDayOfWeek,
       newTimelineEvent,
       newTimelineEventImage,
       newTimelineEventImagePreviewUrl,

frontend/components/Domain/Recipe/RecipeNotes.vue

@@ -24,7 +24,7 @@
     </div>
 
     <div v-if="edit" class="d-flex justify-end">
-      <BaseButton class="ml-auto my-2" @click="addNote"> {{ $t("general.new") }}</BaseButton>
+      <BaseButton class="ml-auto my-2" @click="addNote"> {{ $t("general.add") }}</BaseButton>
     </div>
   </div>
 </template>

frontend/components/Domain/Recipe/RecipeNutrition.vue

@@ -19,11 +19,11 @@
         </div>
       </v-card-text>
       <v-list v-if="showViewer" dense class="mt-0 pt-0">
-        <v-list-item v-for="(item, key, index) in labels" :key="index" style="min-height: 25px" dense>
+        <v-list-item v-for="(item, key, index) in renderedList" :key="index" style="min-height: 25px" dense>
           <v-list-item-content>
             <v-list-item-title class="pl-4 caption flex row">
               <div>{{ item.label }}</div>
-              <div class="ml-auto mr-1">{{ value[key] }}</div>
+              <div class="ml-auto mr-1">{{ item.value }}</div>
               <div>{{ item.suffix }}</div>
             </v-list-item-title>
           </v-list-item-content>
@@ -37,6 +37,14 @@
 import { computed, defineComponent, useContext } from "@nuxtjs/composition-api";
 import { Nutrition } from "~/lib/api/types/recipe";
 
+type NutritionLabelType = {
+  [key: string]: {
+    label: string;
+    suffix: string;
+    value?: string;
+  };
+};
+
 export default defineComponent({
   props: {
     value: {
@@ -50,34 +58,34 @@ export default defineComponent({
   },
   setup(props, context) {
     const { i18n } = useContext();
-    const labels = {
+    const labels = <NutritionLabelType>{
       calories: {
-        label: i18n.t("recipe.calories"),
-        suffix: i18n.t("recipe.calories-suffix"),
+        label: i18n.tc("recipe.calories"),
+        suffix: i18n.tc("recipe.calories-suffix"),
       },
       fatContent: {
-        label: i18n.t("recipe.fat-content"),
-        suffix: i18n.t("recipe.grams"),
+        label: i18n.tc("recipe.fat-content"),
+        suffix: i18n.tc("recipe.grams"),
       },
       fiberContent: {
-        label: i18n.t("recipe.fiber-content"),
-        suffix: i18n.t("recipe.grams"),
+        label: i18n.tc("recipe.fiber-content"),
+        suffix: i18n.tc("recipe.grams"),
       },
       proteinContent: {
-        label: i18n.t("recipe.protein-content"),
-        suffix: i18n.t("recipe.grams"),
+        label: i18n.tc("recipe.protein-content"),
+        suffix: i18n.tc("recipe.grams"),
       },
       sodiumContent: {
-        label: i18n.t("recipe.sodium-content"),
-        suffix: i18n.t("recipe.milligrams"),
+        label: i18n.tc("recipe.sodium-content"),
+        suffix: i18n.tc("recipe.milligrams"),
       },
       sugarContent: {
-        label: i18n.t("recipe.sugar-content"),
-        suffix: i18n.t("recipe.grams"),
+        label: i18n.tc("recipe.sugar-content"),
+        suffix: i18n.tc("recipe.grams"),
       },
       carbohydrateContent: {
-        label: i18n.t("recipe.carbohydrate-content"),
-        suffix: i18n.t("recipe.grams"),
+        label: i18n.tc("recipe.carbohydrate-content"),
+        suffix: i18n.tc("recipe.grams"),
       },
     };
     const valueNotNull = computed(() => {
@@ -96,11 +104,25 @@ export default defineComponent({
       context.emit("input", { ...props.value, [key]: event });
     }
 
+    // Build a new list that only contains nutritional information that has a value
+    const renderedList = computed(() => {
+      return Object.entries(labels).reduce((item: NutritionLabelType, [key, label]) => {
+        if (props.value[key]?.trim()) {
+          item[key] = {
+            ...label,
+            value: props.value[key],
+          };
+        }
+        return item;
+      }, {});
+    });
+
     return {
       labels,
       valueNotNull,
       showViewer,
       updateValue,
+      renderedList,
     };
   },
 });

frontend/components/Domain/Recipe/RecipeOrganizerPage.vue

@@ -18,7 +18,7 @@
 
     <BaseDialog v-if="updateTarget" v-model="dialogs.update" :title="$t('general.update')" @confirm="updateOne()">
       <v-card-text>
-        <v-text-field v-model="updateTarget.name" label="$t('general.name')"> </v-text-field>
+        <v-text-field v-model="updateTarget.name" :label="$t('general.name')"> </v-text-field>
         <v-checkbox v-if="itemType === Organizer.Tool" v-model="updateTarget.onHand" :label="$t('tool.on-hand')"></v-checkbox>
       </v-card-text>
     </BaseDialog>

frontend/components/Domain/Recipe/RecipeOrganizerSelector.vue

@@ -13,6 +13,9 @@
       $globals.icons.tags"
     return-object
     v-bind="inputAttrs"
+    auto-select-first
+    :search-input.sync="searchInput"
+    @change="resetSearchInput"
   >
     <template #selection="data">
       <v-chip
@@ -43,7 +46,7 @@
 <script lang="ts">
 import { defineComponent, ref, useContext, computed, onMounted } from "@nuxtjs/composition-api";
 import RecipeOrganizerDialog from "./RecipeOrganizerDialog.vue";
-import { RecipeCategory, RecipeTag } from "~/lib/api/types/user";
+import { RecipeCategory, RecipeTag } from "~/lib/api/types/recipe";
 import { RecipeTool } from "~/lib/api/types/admin";
 import { useTagStore } from "~/composables/store/use-tag-store";
 import { useCategoryStore, useToolStore } from "~/composables/store";
@@ -138,7 +141,6 @@ export default defineComponent({
     }
 
     function appendCreated(item: RecipeTag | RecipeCategory | RecipeTool) {
-      console.log(item);
       if (selected.value === undefined) {
         return;
       }
@@ -148,6 +150,12 @@ export default defineComponent({
 
     const dialog = ref(false);
 
+    const searchInput = ref("");
+
+    function resetSearchInput() {
+      searchInput.value = "";
+    }
+
     return {
       Organizer,
       appendCreated,
@@ -156,6 +164,8 @@ export default defineComponent({
       label,
       selected,
       removeByIndex,
+      searchInput,
+      resetSearchInput,
     };
   },
 });

frontend/components/Domain/Recipe/RecipePage/RecipePage.vue

@@ -51,7 +51,7 @@
             />
             <div v-if="isEditForm" class="d-flex">
               <RecipeDialogBulkAdd class="ml-auto my-2 mr-1" @bulk-data="addStep" />
-              <BaseButton class="my-2" @click="addStep()"> {{ $t("general.new") }}</BaseButton>
+              <BaseButton class="my-2" @click="addStep()"> {{ $t("general.add") }}</BaseButton>
             </div>
             <div v-if="!$vuetify.breakpoint.mdAndUp">
               <RecipePageOrganizers :recipe="recipe" />
@@ -112,6 +112,7 @@ import { useUserApi } from "~/composables/api";
 import { uuid4, deepCopy } from "~/composables/use-utils";
 import RecipeDialogBulkAdd from "~/components/Domain/Recipe/RecipeDialogBulkAdd.vue";
 import RecipeNotes from "~/components/Domain/Recipe/RecipeNotes.vue";
+import { useNavigationWarning } from "~/composables/use-navigation-warning";
 
 const EDITOR_OPTIONS = {
   mode: "code",
@@ -151,6 +152,7 @@ export default defineComponent({
     const api = useUserApi();
     const { pageMode, editMode, setMode, isEditForm, isEditJSON, isCookMode, isEditMode, toggleCookMode } =
       usePageState(props.recipe.slug);
+    const { deactivateNavigationWarning } = useNavigationWarning();
 
     /** =============================================================
      * Recipe Snapshot on Mount
@@ -175,6 +177,7 @@ export default defineComponent({
           await api.recipes.updateOne(props.recipe.slug, props.recipe);
         }
       }
+      deactivateNavigationWarning();
     });
 
     /** =============================================================

frontend/components/Domain/Recipe/RecipePage/RecipePageParts/RecipePageHeader.vue

@@ -5,7 +5,7 @@
         <v-card-text>
           <v-card-title class="headline pa-0 flex-column align-center">
             {{ recipe.name }}
-            <RecipeRating :key="recipe.slug" v-model="recipe.rating" :name="recipe.name" :slug="recipe.slug" />
+            <RecipeRating :key="recipe.slug" :value="recipe.rating" :recipe-id="recipe.id" :slug="recipe.slug" />
           </v-card-title>
           <v-divider class="my-2"></v-divider>
           <SafeMarkdown :source="recipe.description" />

frontend/components/Domain/Recipe/RecipePage/RecipePageParts/RecipePageIngredientEditor.vue

@@ -47,7 +47,7 @@
         <span>{{ parserToolTip }}</span>
       </v-tooltip>
       <RecipeDialogBulkAdd class="mx-1 mb-1" @bulk-data="addIngredient" />
-      <BaseButton class="mb-1" @click="addIngredient" > {{ $t("general.new") }} </BaseButton>
+      <BaseButton class="mb-1" @click="addIngredient" > {{ $t("general.add") }} </BaseButton>
     </div>
   </div>
 </template>

frontend/components/Domain/Recipe/RecipePage/RecipePageParts/RecipePageInstructions.vue

@@ -148,10 +148,6 @@
                               text: $tc('recipe.link-ingredients'),
                               event: 'link-ingredients',
                             },
-                            {
-                              text: $tc('recipe.merge-above'),
-                              event: 'merge-above',
-                            },
                             {
                               text: $tc('recipe.upload-image'),
                               event: 'upload-image'
@@ -160,11 +156,26 @@
                               icon: previewStates[index] ? $globals.icons.edit : $globals.icons.eye,
                               text: previewStates[index] ? $tc('recipe.edit-markdown') : $tc('markdown-editor.preview-markdown-button-label'),
                               event: 'preview-step',
+                              divider: true,
+                            },
+                            {
+                              text: $tc('recipe.merge-above'),
+                              event: 'merge-above',
+                            },
+                            {
+                              text: $tc('recipe.move-to-top'),
+                              event: 'move-to-top',
+                            },
+                            {
+                              text: $tc('recipe.move-to-bottom'),
+                              event: 'move-to-bottom',
                             },
                           ],
                         },
                       ]"
                       @merge-above="mergeAbove(index - 1, index)"
+                      @move-to-top="moveTo('top', index)"
+                      @move-to-bottom="moveTo('bottom', index)"
                       @toggle-section="toggleShowTitle(step.id)"
                       @link-ingredients="openDialog(index, step.text, step.ingredientReferences)"
                       @preview-step="togglePreviewState(index)"
@@ -531,6 +542,14 @@ export default defineComponent({
       }
     }
 
+    function moveTo(dest: string, source: number) {
+      if (dest === "top") {
+        props.value.unshift(props.value.splice(source, 1)[0]);
+      } else {
+        props.value.push(props.value.splice(source, 1)[0]);
+      }
+    }
+
     const previewStates = ref<boolean[]>([]);
 
     function togglePreviewState(index: number) {
@@ -646,6 +665,7 @@ export default defineComponent({
       getIngredientByRefId,
       showTitleEditor,
       mergeAbove,
+      moveTo,
       openDialog,
       setIngredientIds,
       availableNextStep,

frontend/components/Domain/Recipe/RecipePage/RecipePageParts/RecipePageScale.vue

@@ -20,7 +20,7 @@
       v-if="landscape && $vuetify.breakpoint.smAndUp"
       :key="recipe.slug"
       v-model="recipe.rating"
-      :name="recipe.name"
+      :recipe-id="recipe.id"
       :slug="recipe.slug"
     />
   </div>

frontend/components/Domain/Recipe/RecipePage/RecipePageParts/RecipePageTitleContent.vue

@@ -24,7 +24,7 @@
           v-if="$vuetify.breakpoint.smAndDown"
           :key="recipe.slug"
           v-model="recipe.rating"
-          :name="recipe.name"
+          :recipe-id="recipe.id"
           :slug="recipe.slug"
         />
       </div>

frontend/components/Domain/Recipe/RecipeRating.vue

@@ -1,34 +1,48 @@
 <template>
   <div @click.prevent>
-    <v-rating
-      v-model="rating"
-      :readonly="!isOwnGroup"
-      color="secondary"
-      background-color="secondary lighten-3"
-      length="5"
-      :dense="small ? true : undefined"
-      :size="small ? 15 : undefined"
-      hover
-      :value="value"
-      clearable
-      @input="updateRating"
-      @click="updateRating"
-    ></v-rating>
+    <!-- User Rating -->
+    <v-hover v-slot="{ hover }">
+      <v-rating
+        v-if="isOwnGroup && (userRating || hover || !ratingsLoaded)"
+        :value="userRating"
+        color="secondary"
+        background-color="secondary lighten-3"
+        length="5"
+        :dense="small ? true : undefined"
+        :size="small ? 15 : undefined"
+        hover
+        clearable
+        @input="updateRating"
+        @click="updateRating"
+      />
+      <!-- Group Rating -->
+      <v-rating
+        v-else
+        :value="groupRating"
+        :half-increments="true"
+        :readonly="true"
+        color="grey darken-1"
+        background-color="secondary lighten-3"
+        length="5"
+        :dense="small ? true : undefined"
+        :size="small ? 15 : undefined"
+        hover
+      />
+    </v-hover>
   </div>
 </template>
 
 <script lang="ts">
-import { defineComponent, ref } from "@nuxtjs/composition-api";
+import { computed, defineComponent, ref, watch } from "@nuxtjs/composition-api";
 import { useLoggedInState } from "~/composables/use-logged-in-state";
-import { useUserApi } from "~/composables/api";
+import { useUserSelfRatings } from "~/composables/use-users";
 export default defineComponent({
   props: {
     emitOnly: {
       type: Boolean,
       default: false,
     },
-    // TODO Remove name prop?
-    name: {
+    recipeId: {
       type: String,
       default: "",
     },
@@ -47,23 +61,45 @@ export default defineComponent({
   },
   setup(props, context) {
     const { isOwnGroup } = useLoggedInState();
+    const { userRatings, setRating, ready: ratingsLoaded } = useUserSelfRatings();
 
-    const rating = ref(props.value);
+    const userRating = computed(() => {
+      return userRatings.value.find((r) => r.recipeId === props.recipeId)?.rating;
+    });
+
+    // if a user unsets their rating, we don't want to fall back to the group rating since it's out of sync
+    const hideGroupRating = ref(!!userRating.value);
+    watch(
+      () => userRating.value,
+      () => {
+        if (userRating.value) {
+          hideGroupRating.value = true;
+        }
+      },
+    )
+
+    const groupRating = computed(() => {
+      return hideGroupRating.value ? 0 : props.value;
+    });
 
-    const api = useUserApi();
     function updateRating(val: number | null) {
-      if (val === 0) {
-        val = null;
+      if (!isOwnGroup.value) {
+        return;
       }
+
       if (!props.emitOnly) {
-        api.recipes.patchOne(props.slug, {
-          rating: val,
-        });
+        setRating(props.slug, val || 0, null);
       }
       context.emit("input", val);
     }
 
-    return { isOwnGroup, rating, updateRating };
+    return {
+      isOwnGroup,
+      ratingsLoaded,
+      groupRating,
+      userRating,
+      updateRating,
+    };
   },
 });
 </script>

frontend/components/Domain/Recipe/RecipeTimeline.vue

@@ -3,9 +3,53 @@
     <v-row class="my-0 mx-7">
       <v-spacer />
       <v-col class="text-right">
-        <v-btn fab small color="info" @click="reverseSort">
-          <v-icon> {{ preferences.orderDirection === "asc" ? $globals.icons.sortCalendarAscending : $globals.icons.sortCalendarDescending }} </v-icon>
-        </v-btn>
+        <!-- Filters -->
+        <v-menu offset-y bottom left nudge-bottom="3" :close-on-content-click="false">
+          <template #activator="{ on, attrs }">
+            <v-badge :content="filterBadgeCount" :value="filterBadgeCount" bordered overlap>
+              <v-btn fab small color="info" v-bind="attrs" v-on="on">
+                <v-icon> {{ $globals.icons.filter }} </v-icon>
+              </v-btn>
+            </v-badge>
+          </template>
+          <v-card>
+            <v-list>
+              <v-list-item @click="reverseSort">
+                <v-icon left>
+                  {{
+                    preferences.orderDirection === "asc" ?
+                    $globals.icons.sortCalendarDescending : $globals.icons.sortCalendarAscending
+                  }}
+                </v-icon>
+                <v-list-item-title>
+                  {{ preferences.orderDirection === "asc" ? $tc("general.sort-descending") : $tc("general.sort-ascending") }}
+                </v-list-item-title>
+              </v-list-item>
+              <v-divider />
+              <v-list-item class="pa-0">
+                <v-list class="py-0" style="width: 100%;">
+                  <v-list-item
+                    v-for="option, idx in eventTypeFilterState"
+                    :key="idx"
+                  >
+                    <v-checkbox
+                      :input-value="option.checked"
+                      readonly
+                      @click="toggleEventTypeOption(option.value)"
+                    >
+                      <template #label>
+                        <v-icon left>
+                          {{ option.icon }}
+                        </v-icon>
+                        {{ option.label }}
+                      </template>
+                    </v-checkbox>
+                  </v-list-item>
+                </v-list>
+              </v-list-item>
+            </v-list>
+          </v-card>
+        </v-menu>
       </v-col>
     </v-row>
     <v-divider class="mx-2"/>
@@ -29,9 +73,9 @@
         />
       </v-timeline>
     </div>
-    <v-card v-else-if="!loading">
+    <v-card v-else-if="!loading" class="mt-2">
       <v-card-title class="justify-center pa-9">
-        {{ $t("recipe.timeline-is-empty") }}
+        {{ $t("recipe.timeline-no-events-found-try-adjusting-filters") }}
       </v-card-title>
     </v-card>
     <div v-if="loading" class="mb-3 text-center">
@@ -41,14 +85,15 @@
 </template>
 
 <script lang="ts">
-import { defineComponent, onMounted, ref, useAsync, useContext } from "@nuxtjs/composition-api";
+import { computed, defineComponent, onMounted, ref, useAsync, useContext } from "@nuxtjs/composition-api";
 import { useThrottleFn, whenever } from "@vueuse/core";
 import RecipeTimelineItem from "./RecipeTimelineItem.vue"
 import { useTimelinePreferences } from "~/composables/use-users/preferences";
+import { useTimelineEventTypes } from "~/composables/recipes/use-recipe-timeline-events";
 import { useAsyncKey } from "~/composables/use-utils";
 import { alert } from "~/composables/use-toast";
 import { useUserApi } from "~/composables/api";
-import { Recipe, RecipeTimelineEventOut, RecipeTimelineEventUpdate } from "~/lib/api/types/recipe"
+import { Recipe, RecipeTimelineEventOut, RecipeTimelineEventUpdate, TimelineEventType } from "~/lib/api/types/recipe";
 
 export default defineComponent({
   components: { RecipeTimelineItem },
@@ -76,6 +121,7 @@ export default defineComponent({
     const api = useUserApi();
     const { i18n } = useContext();
     const preferences = useTimelinePreferences();
+    const { eventTypeOptions } = useTimelineEventTypes();
     const loading = ref(true);
     const ready = ref(false);
 
@@ -85,6 +131,15 @@ export default defineComponent({
 
     const timelineEvents = ref([] as RecipeTimelineEventOut[]);
     const recipes = new Map<string, Recipe>();
+    const filterBadgeCount = computed(() => eventTypeOptions.value.length - preferences.value.types.length);
+    const eventTypeFilterState = computed(() => {
+      return eventTypeOptions.value.map(option => {
+        return {
+          ...option,
+          checked: preferences.value.types.includes(option.value),
+        }
+      });
+    });
 
     interface ScrollEvent extends Event {
         target: HTMLInputElement;
@@ -112,7 +167,7 @@ export default defineComponent({
       }
     );
 
-    // Sorting
+    // Preferences
     function reverseSort() {
       if (loading.value) {
         return;
@@ -122,6 +177,21 @@ export default defineComponent({
       initializeTimelineEvents();
     }
 
+    function toggleEventTypeOption(option: TimelineEventType) {
+      if (loading.value) {
+        return;
+      }
+
+      const index = preferences.value.types.indexOf(option);
+      if (index === -1) {
+        preferences.value.types.push(option);
+      } else {
+        preferences.value.types.splice(index, 1);
+      }
+
+      initializeTimelineEvents();
+    }
+
     // Timeline Actions
     async function updateTimelineEvent(index: number) {
       const event = timelineEvents.value[index]
@@ -179,8 +249,11 @@ export default defineComponent({
     async function scrollTimelineEvents() {
       const orderBy = "timestamp";
       const orderDirection = preferences.value.orderDirection === "asc" ? "asc" : "desc";
+      // eslint-disable-next-line quotes
+      const eventTypeValue = `["${preferences.value.types.join('", "')}"]`;
+      const queryFilter = `(${props.queryFilter}) AND eventType IN ${eventTypeValue}`
 
-      const response = await api.recipes.getAllTimelineEvents(page.value, perPage, { orderBy, orderDirection, queryFilter: props.queryFilter });
+      const response = await api.recipes.getAllTimelineEvents(page.value, perPage, { orderBy, orderDirection, queryFilter });
       page.value += 1;
       if (!response?.data) {
         return;
@@ -256,11 +329,14 @@ export default defineComponent({
 
     return {
       deleteTimelineEvent,
+      filterBadgeCount,
       loading,
       onScroll,
       preferences,
+      eventTypeFilterState,
       recipes,
       reverseSort,
+      toggleEventTypeOption,
       timelineEvents,
       updateTimelineEvent,
     };