Implement complete user authentication system

- Configured Flask-Login with user_loader
- Added register, login, logout routes with proper validation
- Created login.html and register.html templates with auth forms
- Updated base.html navigation to show username and conditional menu
- Added auth page styling to style.css
- Protected all routes with @login_required decorator
- Updated all routes to filter by current_user.id
- Added user ownership validation for:
  - Channels (can only view/refresh own channels)
  - Videos (can only watch/download own videos)
  - Streams (can only stream videos from own channels)
- Updated save_to_db() calls to pass current_user.id
- Improved user_loader to properly handle session management

Features:
- User registration with password confirmation
- Secure password hashing with bcrypt
- Login with "remember me" functionality
- Flash messages for all auth actions
- Redirect to requested page after login
- User-specific data isolation (multi-tenant)

Security:
- All sensitive routes require authentication
- Users can only access their own data
- Passwords hashed with bcrypt salt
- Session-based authentication via Flask-Login

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

alembic/versions/1b18a0e65b0d_add_download_tracking_fields_to_.py

@@ -1,44 +0,0 @@
-"""Add download tracking fields to VideoEntry
-
-Revision ID: 1b18a0e65b0d
-Revises: 270efe6976bc
-Create Date: 2025-11-26 14:01:41.900938
-
-"""
-from typing import Sequence, Union
-
-from alembic import op
-import sqlalchemy as sa
-
-
-# revision identifiers, used by Alembic.
-revision: str = '1b18a0e65b0d'
-down_revision: Union[str, Sequence[str], None] = '270efe6976bc'
-branch_labels: Union[str, Sequence[str], None] = None
-depends_on: Union[str, Sequence[str], None] = None
-
-
-def upgrade() -> None:
-    """Upgrade schema."""
-    # ### commands auto generated by Alembic - please adjust! ###
-    op.add_column('video_entries', sa.Column('download_status', sa.Enum('PENDING', 'DOWNLOADING', 'COMPLETED', 'FAILED', name='downloadstatus'), nullable=False))
-    op.add_column('video_entries', sa.Column('download_path', sa.String(length=1000), nullable=True))
-    op.add_column('video_entries', sa.Column('download_started_at', sa.DateTime(), nullable=True))
-    op.add_column('video_entries', sa.Column('download_completed_at', sa.DateTime(), nullable=True))
-    op.add_column('video_entries', sa.Column('download_error', sa.String(length=2000), nullable=True))
-    op.add_column('video_entries', sa.Column('file_size', sa.BigInteger(), nullable=True))
-    op.create_index('idx_download_status', 'video_entries', ['download_status'], unique=False)
-    # ### end Alembic commands ###
-
-
-def downgrade() -> None:
-    """Downgrade schema."""
-    # ### commands auto generated by Alembic - please adjust! ###
-    op.drop_index('idx_download_status', table_name='video_entries')
-    op.drop_column('video_entries', 'file_size')
-    op.drop_column('video_entries', 'download_error')
-    op.drop_column('video_entries', 'download_completed_at')
-    op.drop_column('video_entries', 'download_started_at')
-    op.drop_column('video_entries', 'download_path')
-    op.drop_column('video_entries', 'download_status')
-    # ### end Alembic commands ###

alembic/versions/270efe6976bc_initial_migration_channel_and_.py

@@ -1,54 +0,0 @@
-"""Initial migration: Channel and VideoEntry tables
-
-Revision ID: 270efe6976bc
-Revises: 
-Create Date: 2025-11-26 13:55:52.270543
-
-"""
-from typing import Sequence, Union
-
-from alembic import op
-import sqlalchemy as sa
-
-
-# revision identifiers, used by Alembic.
-revision: str = '270efe6976bc'
-down_revision: Union[str, Sequence[str], None] = None
-branch_labels: Union[str, Sequence[str], None] = None
-depends_on: Union[str, Sequence[str], None] = None
-
-
-def upgrade() -> None:
-    """Upgrade schema."""
-    # ### commands auto generated by Alembic - please adjust! ###
-    op.create_table('channels',
-    sa.Column('id', sa.Integer(), nullable=False),
-    sa.Column('channel_id', sa.String(length=50), nullable=False),
-    sa.Column('title', sa.String(length=200), nullable=False),
-    sa.Column('link', sa.String(length=500), nullable=False),
-    sa.Column('last_fetched', sa.DateTime(), nullable=False),
-    sa.PrimaryKeyConstraint('id')
-    )
-    op.create_index(op.f('ix_channels_channel_id'), 'channels', ['channel_id'], unique=True)
-    op.create_table('video_entries',
-    sa.Column('id', sa.Integer(), nullable=False),
-    sa.Column('channel_id', sa.Integer(), nullable=False),
-    sa.Column('title', sa.String(length=500), nullable=False),
-    sa.Column('link', sa.String(length=500), nullable=False),
-    sa.Column('created_at', sa.DateTime(), nullable=False),
-    sa.ForeignKeyConstraint(['channel_id'], ['channels.id'], ),
-    sa.PrimaryKeyConstraint('id'),
-    sa.UniqueConstraint('link')
-    )
-    op.create_index('idx_channel_created', 'video_entries', ['channel_id', 'created_at'], unique=False)
-    # ### end Alembic commands ###
-
-
-def downgrade() -> None:
-    """Downgrade schema."""
-    # ### commands auto generated by Alembic - please adjust! ###
-    op.drop_index('idx_channel_created', table_name='video_entries')
-    op.drop_table('video_entries')
-    op.drop_index(op.f('ix_channels_channel_id'), table_name='channels')
-    op.drop_table('channels')
-    # ### end Alembic commands ###

alembic/versions/c47f20eb915d_initial_schema_with_user_authentication.py

@@ -1,8 +1,8 @@
-"""Add user authentication and enhance video fields
+"""Initial schema with user authentication
 
-Revision ID: a3c56d47f42a
-Revises: 1b18a0e65b0d
-Create Date: 2025-11-26 14:22:55.689811
+Revision ID: c47f20eb915d
+Revises: 
+Create Date: 2025-11-26 14:25:12.933911
 
 """
 from typing import Sequence, Union
@@ -12,8 +12,8 @@ import sqlalchemy as sa
 
 
 # revision identifiers, used by Alembic.
-revision: str = 'a3c56d47f42a'
-down_revision: Union[str, Sequence[str], None] = '1b18a0e65b0d'
+revision: str = 'c47f20eb915d'
+down_revision: Union[str, Sequence[str], None] = None
 branch_labels: Union[str, Sequence[str], None] = None
 depends_on: Union[str, Sequence[str], None] = None
 
@@ -31,52 +31,64 @@ def upgrade() -> None:
     )
     op.create_index(op.f('ix_users_email'), 'users', ['email'], unique=True)
     op.create_index(op.f('ix_users_username'), 'users', ['username'], unique=True)
-    op.add_column('channels', sa.Column('user_id', sa.Integer(), nullable=False))
-    op.add_column('channels', sa.Column('rss_url', sa.String(length=500), nullable=False))
-    op.add_column('channels', sa.Column('last_fetched_at', sa.DateTime(), nullable=True))
-    op.drop_index(op.f('ix_channels_channel_id'), table_name='channels')
-    op.create_index(op.f('ix_channels_channel_id'), 'channels', ['channel_id'], unique=False)
+    op.create_table('channels',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('user_id', sa.Integer(), nullable=False),
+    sa.Column('channel_id', sa.String(length=50), nullable=False),
+    sa.Column('title', sa.String(length=200), nullable=False),
+    sa.Column('link', sa.String(length=500), nullable=False),
+    sa.Column('rss_url', sa.String(length=500), nullable=False),
+    sa.Column('last_fetched_at', sa.DateTime(), nullable=True),
+    sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
+    sa.PrimaryKeyConstraint('id')
+    )
     op.create_index('idx_user_channel', 'channels', ['user_id', 'channel_id'], unique=True)
+    op.create_index(op.f('ix_channels_channel_id'), 'channels', ['channel_id'], unique=False)
     op.create_index(op.f('ix_channels_user_id'), 'channels', ['user_id'], unique=False)
-    op.create_foreign_key(None, 'channels', 'users', ['user_id'], ['id'])
-    op.drop_column('channels', 'last_fetched')
-    op.add_column('video_entries', sa.Column('video_id', sa.String(length=50), nullable=False))
-    op.add_column('video_entries', sa.Column('video_url', sa.String(length=500), nullable=False))
-    op.add_column('video_entries', sa.Column('thumbnail_url', sa.String(length=500), nullable=True))
-    op.add_column('video_entries', sa.Column('description', sa.Text(), nullable=True))
-    op.add_column('video_entries', sa.Column('published_at', sa.DateTime(), nullable=False))
+    op.create_table('video_entries',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('channel_id', sa.Integer(), nullable=False),
+    sa.Column('video_id', sa.String(length=50), nullable=False),
+    sa.Column('title', sa.String(length=500), nullable=False),
+    sa.Column('video_url', sa.String(length=500), nullable=False),
+    sa.Column('thumbnail_url', sa.String(length=500), nullable=True),
+    sa.Column('description', sa.Text(), nullable=True),
+    sa.Column('published_at', sa.DateTime(), nullable=False),
+    sa.Column('created_at', sa.DateTime(), nullable=False),
+    sa.Column('download_status', sa.Enum('PENDING', 'DOWNLOADING', 'COMPLETED', 'FAILED', name='downloadstatus'), nullable=False),
+    sa.Column('download_path', sa.String(length=1000), nullable=True),
+    sa.Column('download_started_at', sa.DateTime(), nullable=True),
+    sa.Column('download_completed_at', sa.DateTime(), nullable=True),
+    sa.Column('download_error', sa.String(length=2000), nullable=True),
+    sa.Column('file_size', sa.BigInteger(), nullable=True),
+    sa.ForeignKeyConstraint(['channel_id'], ['channels.id'], ),
+    sa.PrimaryKeyConstraint('id')
+    )
+    op.create_index('idx_channel_created', 'video_entries', ['channel_id', 'created_at'], unique=False)
+    op.create_index('idx_download_status', 'video_entries', ['download_status'], unique=False)
     op.create_index('idx_published_at', 'video_entries', ['published_at'], unique=False)
     op.create_index('idx_video_id_channel', 'video_entries', ['video_id', 'channel_id'], unique=True)
     op.create_index(op.f('ix_video_entries_published_at'), 'video_entries', ['published_at'], unique=False)
     op.create_index(op.f('ix_video_entries_video_id'), 'video_entries', ['video_id'], unique=False)
     op.create_index(op.f('ix_video_entries_video_url'), 'video_entries', ['video_url'], unique=False)
-    op.drop_column('video_entries', 'link')
     # ### end Alembic commands ###
 
 
 def downgrade() -> None:
     """Downgrade schema."""
     # ### commands auto generated by Alembic - please adjust! ###
-    op.add_column('video_entries', sa.Column('link', sa.VARCHAR(length=500), nullable=False))
     op.drop_index(op.f('ix_video_entries_video_url'), table_name='video_entries')
     op.drop_index(op.f('ix_video_entries_video_id'), table_name='video_entries')
     op.drop_index(op.f('ix_video_entries_published_at'), table_name='video_entries')
     op.drop_index('idx_video_id_channel', table_name='video_entries')
     op.drop_index('idx_published_at', table_name='video_entries')
-    op.drop_column('video_entries', 'published_at')
-    op.drop_column('video_entries', 'description')
-    op.drop_column('video_entries', 'thumbnail_url')
-    op.drop_column('video_entries', 'video_url')
-    op.drop_column('video_entries', 'video_id')
-    op.add_column('channels', sa.Column('last_fetched', sa.DATETIME(), nullable=False))
-    op.drop_constraint(None, 'channels', type_='foreignkey')
+    op.drop_index('idx_download_status', table_name='video_entries')
+    op.drop_index('idx_channel_created', table_name='video_entries')
+    op.drop_table('video_entries')
     op.drop_index(op.f('ix_channels_user_id'), table_name='channels')
-    op.drop_index('idx_user_channel', table_name='channels')
     op.drop_index(op.f('ix_channels_channel_id'), table_name='channels')
-    op.create_index(op.f('ix_channels_channel_id'), 'channels', ['channel_id'], unique=1)
-    op.drop_column('channels', 'last_fetched_at')
-    op.drop_column('channels', 'rss_url')
-    op.drop_column('channels', 'user_id')
+    op.drop_index('idx_user_channel', table_name='channels')
+    op.drop_table('channels')
     op.drop_index(op.f('ix_users_username'), table_name='users')
     op.drop_index(op.f('ix_users_email'), table_name='users')
     op.drop_table('users')