philip/winded
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit: Flutter app + PHP/MySQL backend on Hostinger

Browse Source 
Replaces Firebase with a self-hosted PHP/MySQL API served from
winded.prymsolutions.com. Includes full backend (schema, auth, events,
teams, brackets, suggestions, stats, media, file upload) and updated
Flutter repositories and domain models.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Philly
2026-05-14 20:13:57 -07:00
commit b239ae3e5f
208 changed files with 19187 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/core/admin/admin_guard.dart
+24
View File
@@ -0,0 +1,24 @@
import '../../features/auth/domain/app_user.dart';
import '../../features/profile/domain/user_profile.dart';
/// Hardcoded admin allow-list for the MVP. Email match is the primary signal
/// because the hardcoded admin doesn't carry a Firestore role document.
const Set<String> _adminEmails = <String>{'philip@theguzmanfamily.com'};
/// Returns true if [user] is on the email allow-list. Primary entry point —
/// most callers only have an [AppUser] in hand.
bool isAdmin(AppUser? user) {
if (user == null) return false;
final email = user.email.trim().toLowerCase();
if (email.isEmpty) return false;
return _adminEmails.contains(email);
}
/// Returns true when admin status is established either by email allow-list
/// or by a Firestore profile document carrying [UserRole.admin]. Use this in
/// places where a profile is already loaded so a future Firestore-driven
/// admin grant works without a code change.
bool isAdminWithProfile(AppUser? user, UserProfile? profile) {
if (isAdmin(user)) return true;
return profile?.role == UserRole.admin;
}
lib/core/api/api_client.dart
+122
View File
@@ -0,0 +1,122 @@
import 'dart:convert';
import 'package:flutter_riverpod/flutter_riverpod.dart';
import 'package:flutter_secure_storage/flutter_secure_storage.dart';
import 'package:http/http.dart' as http;
import 'package:riverpod_annotation/riverpod_annotation.dart';
part 'api_client.g.dart';
// ---------------------------------------------------------------------------
// Configuration — set this to your Hostinger domain before building.
// ---------------------------------------------------------------------------
const String kApiBase = 'https://winded.prymsolutions.com/api';
const String _tokenKey = 'winded_auth_token';
// ---------------------------------------------------------------------------
// ApiClient
// ---------------------------------------------------------------------------
class ApiClient {
ApiClient(this._storage);
final FlutterSecureStorage _storage;
// --- Token management ---
Future<String?> get token => _storage.read(key: _tokenKey);
Future<void> saveToken(String token) =>
_storage.write(key: _tokenKey, value: token);
Future<void> clearToken() => _storage.delete(key: _tokenKey);
// --- HTTP helpers ---
Future<Map<String, String>> _headers({bool auth = true}) async {
final headers = <String, String>{'Content-Type': 'application/json'};
if (auth) {
final t = await token;
if (t != null) headers['Authorization'] = 'Bearer $t';
}
return headers;
}
Uri _uri(String path, [Map<String, String>? params]) {
final uri = Uri.parse('$kApiBase$path');
return params != null ? uri.replace(queryParameters: params) : uri;
}
Future<Map<String, dynamic>> get(
String path, {
Map<String, String>? params,
bool auth = true,
}) async {
final res = await http.get(_uri(path, params), headers: await _headers(auth: auth));
return _parse(res);
}
Future<Map<String, dynamic>> post(
String path,
Map<String, dynamic> body, {
bool auth = true,
}) async {
final res = await http.post(
_uri(path),
headers: await _headers(auth: auth),
body: jsonEncode(body),
);
return _parse(res);
}
Future<Map<String, dynamic>> put(
String path,
Map<String, dynamic> body, {
Map<String, String>? params,
}) async {
final res = await http.put(
_uri(path, params),
headers: await _headers(),
body: jsonEncode(body),
);
return _parse(res);
}
Future<Map<String, dynamic>> delete(
String path, {
Map<String, String>? params,
}) async {
final res = await http.delete(_uri(path, params), headers: await _headers());
return _parse(res);
}
Map<String, dynamic> _parse(http.Response res) {
final body = jsonDecode(res.body) as Map<String, dynamic>;
if (res.statusCode >= 400) {
throw ApiException(
message: (body['error'] as String?) ?? 'Unknown error',
statusCode: res.statusCode,
);
}
return body;
}
}
class ApiException implements Exception {
const ApiException({required this.message, required this.statusCode});
final String message;
final int statusCode;
@override
String toString() => 'ApiException($statusCode): $message';
}
// ---------------------------------------------------------------------------
// Providers
// ---------------------------------------------------------------------------
@Riverpod(keepAlive: true)
ApiClient apiClient(ApiClientRef ref) {
return ApiClient(const FlutterSecureStorage());
}
lib/core/api/api_client.g.dart
+25
View File
@@ -0,0 +1,25 @@
// GENERATED CODE - DO NOT MODIFY BY HAND
// ignore_for_file: type=lint
// ignore_for_file: subtype_of_sealed_class, invalid_use_of_internal_member, invalid_use_of_visible_for_testing_member, deprecated_member_use_from_same_package, deprecated_member_use
part of 'api_client.dart';
// **************************************************************************
// RiverpodGenerator
// **************************************************************************
String _$apiClientHash() => r'api_client_hash_placeholder';
/// See also [apiClient].
@ProviderFor(apiClient)
final apiClientProvider = Provider<ApiClient>.internal(
apiClient,
name: r'apiClientProvider',
debugGetCreateSourceHash:
const bool.fromEnvironment('dart.vm.product') ? null : _$apiClientHash,
dependencies: null,
allTransitiveDependencies: null,
);
typedef ApiClientRef = ProviderRef<ApiClient>;
lib/core/router/app_router.dart
+245
View File
@@ -0,0 +1,245 @@
import 'package:flutter/foundation.dart';
import 'package:flutter_riverpod/flutter_riverpod.dart';
import 'package:go_router/go_router.dart';
import '../../features/admin/presentation/admin_shell.dart';
import '../../features/admin/presentation/brackets/admin_bracket_form_screen.dart';
import '../../features/admin/presentation/brackets/admin_brackets_screen.dart';
import '../../features/admin/presentation/events/admin_event_form_screen.dart';
import '../../features/admin/presentation/events/admin_events_screen.dart';
import '../../features/admin/presentation/pending/admin_pending_screen.dart';
import '../../features/admin/presentation/suggestions/admin_suggestions_screen.dart';
import '../../features/admin/presentation/teams/admin_team_form_screen.dart';
import '../../features/admin/presentation/teams/admin_teams_screen.dart';
import '../../features/auth/application/auth_notifier.dart';
import '../../features/auth/presentation/login_screen.dart';
import '../../features/auth/presentation/register_screen.dart';
import '../../features/brackets/presentation/bracket_detail_screen.dart';
import '../../features/brackets/presentation/brackets_screen.dart';
import '../../features/events/presentation/event_detail_screen.dart';
import '../../features/events/presentation/events_screen.dart';
import '../../features/media/presentation/media_screen.dart';
import '../../features/profile/application/profile_notifier.dart';
import '../../features/profile/domain/user_profile.dart';
import '../../features/profile/presentation/manager_dashboard_screen.dart';
import '../../features/profile/presentation/my_profile_screen.dart';
import '../../features/profile/presentation/player_profile_screen.dart';
import '../../features/stats/presentation/stats_screen.dart';
import '../../features/suggestions/presentation/suggestions_screen.dart';
import '../../features/teams/presentation/create_team_screen.dart';
import '../../features/teams/presentation/team_detail_screen.dart';
import '../../features/teams/presentation/teams_screen.dart';
import '../admin/admin_guard.dart';
import '../shell/main_shell.dart';
/// Routes that an unauthenticated user is allowed to visit. Anything else
/// triggers a redirect to `/login`. Player profile pages stay reachable to
/// signed-out viewers so shared links work.
const _publicRoutes = {'/login', '/register'};
/// Path prefixes that anonymous viewers may visit even without a session.
/// Player profile pages are intentionally readable so a roster link shared
/// outside the app still works.
const _viewerPrefixes = <String>['/players/'];
final appRouterProvider = Provider<GoRouter>((ref) {
// GoRouter listens to this notifier and re-evaluates `redirect` whenever
// it fires — we ping it on every auth state change.
final refresh = _AuthRouterRefresh(ref);
ref.onDispose(refresh.dispose);
return GoRouter(
initialLocation: '/events',
refreshListenable: refresh,
redirect: (context, state) {
final auth = ref.read(authNotifierProvider);
// Don't redirect while the initial auth check is still loading —
// GoRouter will re-run this once the notifier has data.
if (auth.isLoading || !auth.hasValue) return null;
final user = auth.value;
final location = state.matchedLocation;
final isPublic = _publicRoutes.contains(location);
final isViewerOk = _viewerPrefixes.any(location.startsWith);
final isAdminRoute = location.startsWith('/admin');
final isManagerRoute = location == '/manager';
if (user == null && !isPublic && !isViewerOk) {
return '/login';
}
if (user != null && isPublic) {
return '/events';
}
if (isAdminRoute && !isAdmin(user)) {
return '/events';
}
if (isManagerRoute) {
// Manager dashboard is reserved for users with the manager role
// (admins also fall through — they have their own panel).
final role = ref.read(currentUserRoleProvider);
if (role != UserRole.manager) {
return '/events';
}
}
return null;
},
routes: [
GoRoute(path: '/login', builder: (context, state) => const LoginScreen()),
GoRoute(
path: '/register',
builder: (context, state) => const RegisterScreen(),
),
ShellRoute(
builder: (context, state, child) => MainShell(child: child),
routes: [
GoRoute(
path: '/events',
builder: (context, state) => const EventsScreen(),
routes: [
GoRoute(
path: ':id',
builder: (context, state) =>
EventDetailScreen(eventId: state.pathParameters['id']!),
),
],
),
GoRoute(
path: '/brackets',
builder: (context, state) => const BracketsScreen(),
routes: [
GoRoute(
path: ':id',
builder: (context, state) =>
BracketDetailScreen(bracketId: state.pathParameters['id']!),
),
],
),
GoRoute(
path: '/teams',
builder: (context, state) => const TeamsScreen(),
routes: [
GoRoute(
path: 'new',
builder: (context, state) => const CreateTeamScreen(),
),
GoRoute(
path: ':id',
builder: (context, state) =>
TeamDetailScreen(teamId: state.pathParameters['id']!),
),
],
),
GoRoute(
path: '/stats',
builder: (context, state) => const StatsScreen(),
),
GoRoute(
path: '/media',
builder: (context, state) => const MediaScreen(),
),
GoRoute(
path: '/suggestions',
builder: (context, state) => const SuggestionsScreen(),
),
GoRoute(
path: '/profile',
builder: (context, state) => const MyProfileScreen(),
),
GoRoute(
path: '/players/:uid',
builder: (context, state) =>
PlayerProfileScreen(uid: state.pathParameters['uid']!),
),
GoRoute(
path: '/manager',
builder: (context, state) => const ManagerDashboardScreen(),
),
],
),
ShellRoute(
builder: (context, state, child) => AdminShell(child: child),
routes: [
GoRoute(
path: '/admin/events',
builder: (context, state) => const AdminEventsScreen(),
),
GoRoute(
path: '/admin/events/new',
builder: (context, state) => const AdminEventFormScreen(),
),
GoRoute(
path: '/admin/events/:id/edit',
builder: (context, state) =>
AdminEventFormScreen(eventId: state.pathParameters['id']),
),
GoRoute(
path: '/admin/teams',
builder: (context, state) => const AdminTeamsScreen(),
),
GoRoute(
path: '/admin/teams/new',
builder: (context, state) => const AdminTeamFormScreen(),
),
GoRoute(
path: '/admin/teams/:id/edit',
builder: (context, state) =>
AdminTeamFormScreen(teamId: state.pathParameters['id']),
),
GoRoute(
path: '/admin/brackets',
builder: (context, state) => const AdminBracketsScreen(),
),
GoRoute(
path: '/admin/brackets/new',
builder: (context, state) => const AdminBracketFormScreen(),
),
GoRoute(
path: '/admin/brackets/:id/edit',
builder: (context, state) =>
AdminBracketFormScreen(bracketId: state.pathParameters['id']),
),
GoRoute(
path: '/admin/suggestions',
builder: (context, state) => const AdminSuggestionsScreen(),
),
GoRoute(
path: '/admin/pending',
builder: (context, state) => const AdminPendingScreen(),
),
],
),
],
);
});
/// Bridges the Riverpod auth notifier (and the derived role provider) to a
/// [ChangeNotifier] that GoRouter can subscribe to via `refreshListenable`.
/// Sign-in/out and role changes both ping GoRouter to re-run `redirect`.
class _AuthRouterRefresh extends ChangeNotifier {
_AuthRouterRefresh(this._ref) {
_authSub = _ref.listen<AsyncValue>(
authNotifierProvider,
(prev, next) => notifyListeners(),
fireImmediately: false,
);
_roleSub = _ref.listen<UserRole>(
currentUserRoleProvider,
(prev, next) {
if (prev != next) notifyListeners();
},
fireImmediately: false,
);
}
final Ref _ref;
late final ProviderSubscription<AsyncValue> _authSub;
late final ProviderSubscription<UserRole> _roleSub;
@override
void dispose() {
_authSub.close();
_roleSub.close();
super.dispose();
}
}
lib/core/shell/main_shell.dart
+176
View File
@@ -0,0 +1,176 @@
import 'package:flutter/material.dart';
import 'package:flutter_riverpod/flutter_riverpod.dart';
import 'package:go_router/go_router.dart';
import '../../features/auth/application/auth_notifier.dart';
import '../../features/profile/application/profile_notifier.dart';
import '../../features/profile/domain/user_profile.dart';
import '../admin/admin_guard.dart';
/// Root shell holding the bottom navigation bar that switches between the
/// six top-level tabs of the app. Labels are uppercase to match the
/// aggressive, jersey-inspired visual language; a thin purple accent line
/// sits above the nav bar for an edgy soccer-badge feel.
///
/// Admins (per [isAdmin]) see a small gear button overlaid in the top-right
/// of the AppBar band that links into the admin panel.
class MainShell extends ConsumerWidget {
const MainShell({super.key, required this.child});
final Widget child;
static const _tabs = [
(
label: 'EVENTS',
icon: Icons.event_outlined,
activeIcon: Icons.event,
path: '/events',
),
(
label: 'BRACKETS',
icon: Icons.account_tree_outlined,
activeIcon: Icons.account_tree,
path: '/brackets',
),
(
label: 'TEAMS',
icon: Icons.groups_outlined,
activeIcon: Icons.groups,
path: '/teams',
),
(
label: 'STATS',
icon: Icons.bar_chart_outlined,
activeIcon: Icons.bar_chart,
path: '/stats',
),
(
label: 'MEDIA',
icon: Icons.play_circle_outline,
activeIcon: Icons.play_circle,
path: '/media',
),
(
label: 'SUGGEST',
icon: Icons.lightbulb_outline,
activeIcon: Icons.lightbulb,
path: '/suggestions',
),
];
int _currentIndex(BuildContext context) {
final location = GoRouterState.of(context).uri.path;
final idx = _tabs.indexWhere((t) => location.startsWith(t.path));
return idx < 0 ? 0 : idx;
}
@override
Widget build(BuildContext context, WidgetRef ref) {
final currentIndex = _currentIndex(context);
final user = ref.watch(authNotifierProvider).valueOrNull;
final showAdmin = isAdmin(user);
final role = ref.watch(currentUserRoleProvider);
final showProfile = user != null;
final showManager = role == UserRole.manager;
return Scaffold(
body: Stack(
children: <Widget>[
Positioned.fill(child: child),
Positioned(
top: 0,
right: 0,
child: SafeArea(
child: Row(
mainAxisSize: MainAxisSize.min,
children: <Widget>[
if (showManager)
Material(
color: Colors.transparent,
child: IconButton(
icon: const Icon(Icons.shield_outlined),
tooltip: 'Manager dashboard',
onPressed: () => context.go('/manager'),
),
),
if (showAdmin)
Material(
color: Colors.transparent,
child: IconButton(
icon: const Icon(Icons.settings_outlined),
tooltip: 'Admin panel',
onPressed: () => context.go('/admin/events'),
),
),
if (showProfile)
Material(
color: Colors.transparent,
child: IconButton(
icon: const Icon(Icons.person_outline),
tooltip: 'My profile',
onPressed: () => context.go('/profile'),
),
),
Material(
color: Colors.transparent,
child: PopupMenuButton<_UserMenuAction>(
icon: const Icon(Icons.account_circle_outlined),
tooltip: 'Account',
onSelected: (action) async {
if (action == _UserMenuAction.signOut) {
await ref.read(authNotifierProvider.notifier).signOut();
}
},
itemBuilder: (context) => <PopupMenuEntry<_UserMenuAction>>[
PopupMenuItem<_UserMenuAction>(
enabled: false,
child: Text(
user?.email ?? '',
style: Theme.of(context).textTheme.bodySmall,
),
),
const PopupMenuDivider(),
const PopupMenuItem<_UserMenuAction>(
value: _UserMenuAction.signOut,
child: Row(
children: <Widget>[
Icon(Icons.logout, size: 18),
SizedBox(width: 8),
Text('Sign out'),
],
),
),
],
),
),
],
),
),
),
],
),
bottomNavigationBar: Column(
mainAxisSize: MainAxisSize.min,
children: [
// Sharp purple accent line above the nav bar for an edgy look.
Container(height: 1, color: const Color(0xFF8B30C8)),
NavigationBar(
selectedIndex: currentIndex,
onDestinationSelected: (i) => context.go(_tabs[i].path),
destinations: _tabs
.map(
(t) => NavigationDestination(
icon: Icon(t.icon),
selectedIcon: Icon(t.activeIcon),
label: t.label,
),
)
.toList(),
),
],
),
);
}
}
enum _UserMenuAction { signOut }
lib/core/theme/app_theme.dart
+157
View File
@@ -0,0 +1,157 @@
import 'package:flutter/material.dart';
/// Aggressive, high-contrast Shadow Oak theme.
///
/// Visual direction: urban soccer / techy / grunge badge style.
/// Sharp corners, deep purple primary, near-black surfaces, heavy weight
/// type with negative tracking on headings and uppercase tracking on labels.
class AppTheme {
AppTheme._();
static const purple = Color(0xFF8B30C8);
static const purpleLight = Color(0xFFBF77F6);
static const black = Color(0xFF0A0A0A);
static const surface = Color(0xFF141414);
static const surfaceVariant = Color(0xFF1E1E1E);
static final dark = ThemeData(
useMaterial3: true,
brightness: Brightness.dark,
scaffoldBackgroundColor: black,
colorScheme: const ColorScheme.dark(
primary: purple,
onPrimary: Colors.white,
primaryContainer: Color(0xFF3D1260),
onPrimaryContainer: purpleLight,
secondary: purpleLight,
onSecondary: Colors.black,
secondaryContainer: Color(0xFF2A1045),
onSecondaryContainer: purpleLight,
surface: surface,
onSurface: Colors.white,
surfaceContainerHighest: surfaceVariant,
onSurfaceVariant: Color(0xFFBBBBBB),
outline: Color(0xFF444444),
outlineVariant: Color(0xFF2A2A2A),
error: Color(0xFFF44336),
onError: Colors.white,
),
// Sharp shapes throughout
cardTheme: CardThemeData(
color: surface,
elevation: 0,
shape: RoundedRectangleBorder(
borderRadius: BorderRadius.circular(4),
side: const BorderSide(color: Color(0xFF2A2A2A)),
),
margin: EdgeInsets.zero,
),
appBarTheme: const AppBarTheme(
backgroundColor: Color(0xFF0A0A0A),
foregroundColor: Colors.white,
elevation: 0,
centerTitle: false,
titleTextStyle: TextStyle(
color: Colors.white,
fontSize: 20,
fontWeight: FontWeight.w900,
letterSpacing: 1.5,
),
surfaceTintColor: Colors.transparent,
),
navigationBarTheme: NavigationBarThemeData(
backgroundColor: surface,
indicatorColor: const Color(0xFF3D1260),
labelTextStyle: WidgetStateProperty.resolveWith((states) {
final selected = states.contains(WidgetState.selected);
return TextStyle(
fontSize: 10,
fontWeight: FontWeight.w700,
letterSpacing: 0.5,
color: selected ? purpleLight : const Color(0xFF888888),
);
}),
iconTheme: WidgetStateProperty.resolveWith((states) {
final selected = states.contains(WidgetState.selected);
return IconThemeData(
color: selected ? purpleLight : const Color(0xFF888888),
size: 22,
);
}),
height: 64,
elevation: 0,
surfaceTintColor: Colors.transparent,
shadowColor: Colors.transparent,
),
filledButtonTheme: FilledButtonThemeData(
style: FilledButton.styleFrom(
backgroundColor: purple,
foregroundColor: Colors.white,
shape: const RoundedRectangleBorder(
borderRadius: BorderRadius.all(Radius.circular(4)),
),
textStyle: const TextStyle(
fontWeight: FontWeight.w800,
letterSpacing: 1.2,
),
padding: const EdgeInsets.symmetric(vertical: 16, horizontal: 24),
),
),
outlinedButtonTheme: OutlinedButtonThemeData(
style: OutlinedButton.styleFrom(
foregroundColor: purpleLight,
side: const BorderSide(color: Color(0xFF8B30C8)),
shape: const RoundedRectangleBorder(
borderRadius: BorderRadius.all(Radius.circular(4)),
),
textStyle: const TextStyle(
fontWeight: FontWeight.w700,
letterSpacing: 1.0,
),
padding: const EdgeInsets.symmetric(vertical: 14, horizontal: 20),
),
),
inputDecorationTheme: InputDecorationTheme(
filled: true,
fillColor: surfaceVariant,
border: OutlineInputBorder(
borderRadius: BorderRadius.circular(4),
borderSide: const BorderSide(color: Color(0xFF444444)),
),
enabledBorder: OutlineInputBorder(
borderRadius: BorderRadius.circular(4),
borderSide: const BorderSide(color: Color(0xFF555555)),
),
focusedBorder: OutlineInputBorder(
borderRadius: BorderRadius.circular(4),
borderSide: const BorderSide(color: purple, width: 2),
),
labelStyle: const TextStyle(color: Color(0xFF888888)),
hintStyle: const TextStyle(color: Color(0xFF555555)),
),
chipTheme: ChipThemeData(
shape: RoundedRectangleBorder(borderRadius: BorderRadius.circular(2)),
side: BorderSide.none,
),
dividerTheme: const DividerThemeData(
color: Color(0xFF1E1E1E),
thickness: 1,
),
textTheme: const TextTheme(
displayLarge: TextStyle(fontWeight: FontWeight.w900, letterSpacing: -1.5),
displayMedium: TextStyle(fontWeight: FontWeight.w900, letterSpacing: -1.0),
displaySmall: TextStyle(fontWeight: FontWeight.w800, letterSpacing: -0.5),
headlineLarge: TextStyle(fontWeight: FontWeight.w800),
headlineMedium: TextStyle(fontWeight: FontWeight.w800),
headlineSmall: TextStyle(fontWeight: FontWeight.w700),
titleLarge: TextStyle(fontWeight: FontWeight.w700),
titleMedium: TextStyle(fontWeight: FontWeight.w600, letterSpacing: 0.5),
titleSmall: TextStyle(fontWeight: FontWeight.w600, letterSpacing: 0.8),
labelLarge: TextStyle(fontWeight: FontWeight.w700, letterSpacing: 1.2),
labelMedium: TextStyle(fontWeight: FontWeight.w600, letterSpacing: 0.8),
labelSmall: TextStyle(fontWeight: FontWeight.w600, letterSpacing: 1.0),
),
);
static final light = dark; // dark-only app for now
}