feat(torrent): add date sorting and display

- Sort torrents by added date (newest first) by default
- Add Date column to desktop table (after ETA)
- Add Date to mobile card view (grid-cols-3 -> grid-cols-4)
- Add Date option to mobile sort dropdown
- Display dates in DD/MM/YYYY HH:mm format
- Add chrono wasm-bindgen feature

backend/src/db.rs

@@ -111,4 +111,21 @@ impl Db {
             .await?;
         Ok(())
     }
+
+    pub async fn update_password(&self, user_id: i64, password_hash: &str) -> Result<()> {
+        sqlx::query("UPDATE users SET password_hash = ? WHERE id = ?")
+            .bind(password_hash)
+            .bind(user_id)
+            .execute(&self.pool)
+            .await?;
+        Ok(())
+    }
+
+    pub async fn delete_all_sessions_for_user(&self, user_id: i64) -> Result<()> {
+        sqlx::query("DELETE FROM sessions WHERE user_id = ?")
+            .bind(user_id)
+            .execute(&self.pool)
+            .await?;
+        Ok(())
+    }
 }

backend/src/handlers/setup.rs

@@ -6,6 +6,8 @@ use axum::{
 };
 use serde::{Deserialize, Serialize};
 use utoipa::ToSchema;
+use axum_extra::extract::cookie::{Cookie, CookieJar, SameSite};
+use time::Duration;
 
 #[derive(Deserialize, ToSchema)]
 pub struct SetupRequest {
@@ -41,7 +43,7 @@ pub async fn get_setup_status_handler(State(state): State<AppState>) -> impl Int
     path = "/api/setup",
     request_body = SetupRequest,
     responses(
-        (status = 200, description = "Setup completed"),
+        (status = 200, description = "Setup completed and logged in"),
         (status = 400, description = "Invalid request"),
         (status = 403, description = "Setup already completed"),
         (status = 500, description = "Internal server error")
@@ -49,6 +51,7 @@ pub async fn get_setup_status_handler(State(state): State<AppState>) -> impl Int
 )]
 pub async fn setup_handler(
     State(state): State<AppState>,
+    jar: CookieJar,
     Json(payload): Json<SetupRequest>,
 ) -> impl IntoResponse {
     // 1. Check if setup is already completed (i.e., users exist)
@@ -68,7 +71,6 @@ pub async fn setup_handler(
 
     // 3. Create User
     // Lower cost for faster login on low-power devices (MIPS routers etc.)
-    // Default is usually 12, which takes ~3s on slow CPUs. 6 should be much faster.
     let password_hash = match bcrypt::hash(&payload.password, 6) {
         Ok(h) => h,
         Err(e) => {
@@ -82,5 +84,42 @@ pub async fn setup_handler(
         return (StatusCode::INTERNAL_SERVER_ERROR, "Failed to create user").into_response();
     }
 
-    (StatusCode::OK, "Setup completed successfully").into_response()
+    // 4. Auto-Login (Create Session)
+    // Get the created user's ID
+    let user = match state.db.get_user_by_username(&payload.username).await {
+        Ok(Some(u)) => u,
+        Ok(None) => return (StatusCode::INTERNAL_SERVER_ERROR, "User created but not found").into_response(),
+        Err(e) => {
+            tracing::error!("DB error fetching new user: {}", e);
+            return (StatusCode::INTERNAL_SERVER_ERROR, "Database error").into_response();
+        }
+    };
+    let (user_id, _) = user;
+
+    // Create session token
+    let token: String = (0..32).map(|_| {
+        use rand::{distributions::Alphanumeric, Rng};
+        rand::thread_rng().sample(Alphanumeric) as char
+    }).collect();
+
+    // Default expiration: 1 day (since it's not "remember me")
+    let expires_in = 60 * 60 * 24;
+    let expires_at = time::OffsetDateTime::now_utc().unix_timestamp() + expires_in;
+
+    if let Err(e) = state.db.create_session(user_id, &token, expires_at).await {
+        tracing::error!("Failed to create session for new user: {}", e);
+        // Even if session fails, setup is technically complete, but login failed.
+        // We return OK but user will have to login manually.
+        return (StatusCode::OK, "Setup completed, please login").into_response();
+    }
+
+    let mut cookie = Cookie::build(("auth_token", token))
+        .path("/")
+        .http_only(true)
+        .same_site(SameSite::Lax)
+        .build();
+
+    cookie.set_max_age(Duration::seconds(expires_in));
+
+    (StatusCode::OK, jar.add(cookie), "Setup completed and logged in").into_response()
 }

backend/src/main.rs

@@ -90,6 +90,10 @@ struct Args {
     /// Database URL
     #[arg(long, env = "DATABASE_URL", default_value = "sqlite:vibetorrent.db")]
     db_url: String,
+
+    /// Reset password for the specified user
+    #[arg(long)]
+    reset_password: Option<String>,
 }
 
 #[cfg(feature = "push-notifications")]
@@ -130,7 +134,8 @@ struct Args {
             push::PushKeys,
             handlers::auth::LoginRequest,
             handlers::setup::SetupRequest,
-            handlers::setup::SetupStatusResponse
+            handlers::setup::SetupStatusResponse,
+            handlers::auth::UserResponse
         )
     ),
     tags(
@@ -173,7 +178,8 @@ struct ApiDoc;
             shared::GlobalLimitRequest,
             handlers::auth::LoginRequest,
             handlers::setup::SetupRequest,
-            handlers::setup::SetupStatusResponse
+            handlers::setup::SetupStatusResponse,
+            handlers::auth::UserResponse
         )
     ),
     tags(
@@ -197,9 +203,6 @@ async fn main() {
 
     // Parse CLI Args
     let args = Args::parse();
-    tracing::info!("Starting VibeTorrent Backend...");
-    tracing::info!("Socket: {}", args.socket);
-    tracing::info!("Port: {}", args.port);
 
     // Initialize Database
     tracing::info!("Connecting to database: {}", args.db_url);
@@ -224,6 +227,68 @@ async fn main() {
     };
     tracing::info!("Database connected successfully.");
 
+    // Handle Password Reset
+    if let Some(username) = args.reset_password {
+        tracing::info!("Resetting password for user: {}", username);
+
+        // Check if user exists
+        let user_result = db.get_user_by_username(&username).await;
+
+        match user_result {
+            Ok(Some((user_id, _))) => {
+                // Generate random password
+                use rand::{distributions::Alphanumeric, Rng};
+                let new_password: String = rand::thread_rng()
+                    .sample_iter(&Alphanumeric)
+                    .take(12)
+                    .map(char::from)
+                    .collect();
+
+                // Hash password (low cost for performance)
+                let password_hash = match bcrypt::hash(&new_password, 6) {
+                    Ok(h) => h,
+                    Err(e) => {
+                        tracing::error!("Failed to hash password: {}", e);
+                        std::process::exit(1);
+                    }
+                };
+
+                // Update in DB (using a direct query since db.rs doesn't have update_password yet)
+                // We should add `update_password` to db.rs for cleaner code, but for now direct query is fine or we can extend Db.
+                // Let's extend Db.rs first to be clean.
+                if let Err(e) = db.update_password(user_id, &password_hash).await {
+                     tracing::error!("Failed to update password in DB: {}", e);
+                     std::process::exit(1);
+                }
+
+                println!("--------------------------------------------------");
+                println!("Password reset successfully for user: {}", username);
+                println!("New Password: {}", new_password);
+                println!("--------------------------------------------------");
+
+                // Invalidate existing sessions for security
+                if let Err(e) = db.delete_all_sessions_for_user(user_id).await {
+                    tracing::warn!("Failed to invalidate existing sessions: {}", e);
+                }
+
+                std::process::exit(0);
+            },
+            Ok(None) => {
+                tracing::error!("User '{}' not found.", username);
+                std::process::exit(1);
+            },
+            Err(e) => {
+                tracing::error!("Database error: {}", e);
+                std::process::exit(1);
+            }
+        }
+    }
+
+    tracing::info!("Starting VibeTorrent Backend...");
+    tracing::info!("Socket: {}", args.socket);
+    tracing::info!("Port: {}", args.port);
+
+    // ... rest of the main function ...
     // Startup Health Check
     let socket_path = std::path::Path::new(&args.socket);
     if !socket_path.exists() {

frontend/Cargo.toml

@@ -21,7 +21,7 @@ wasm-bindgen = "0.2"
 wasm-bindgen-futures = "0.4"
 uuid = { version = "1", features = ["v4", "js"] }
 futures = "0.3"
-chrono = { version = "0.4", features = ["serde"] }
+chrono = { version = "0.4", features = ["serde", "wasm-bindgen"] }
 web-sys = { version = "0.3", features = [
     "HtmlDivElement",
     "HtmlUListElement",

frontend/src/app.rs

@@ -69,6 +69,14 @@ pub fn App() -> impl IntoView {
                                     }
 
                                     set_is_authenticated.set(true);
+
+                                    // If user is already authenticated but on login/setup page, redirect to home
+                                    let pathname = window().location().pathname().unwrap_or_default();
+                                    if pathname == "/login" || pathname == "/setup" {
+                                        logging::log!("Already authenticated, redirecting to home");
+                                        let navigate = use_navigate();
+                                        navigate("/", Default::default());
+                                    }
                                 } else {
                                     logging::log!("Not authenticated, redirecting to /login");
                                     let navigate = use_navigate();
@@ -80,7 +88,6 @@ pub fn App() -> impl IntoView {
                             }
                             Err(e) => logging::error!("Network error checking auth status: {}", e),
                         }
-
             set_is_loading.set(false);
         });
     });

frontend/src/components/auth/login.rs

@@ -1,5 +1,4 @@
 use leptos::*;
-use leptos_router::*;
 use serde::Serialize;
 
 #[derive(Serialize)]

frontend/src/components/auth/setup.rs

@@ -1,5 +1,4 @@
 use leptos::*;
-use leptos_router::*;
 use serde::Serialize;
 
 #[derive(Serialize)]
@@ -49,8 +48,9 @@ pub fn Setup() -> impl IntoView {
             match client.send().await {
                 Ok(resp) => {
                     if resp.ok() {
-                        // Redirect to login after setup (full reload to be safe)
+                        // Redirect to home after setup (auto-login handled by backend)
-                        let _ = window().location().set_href("/login");
+                        // Full reload to ensure auth state is refreshed
+                        let _ = window().location().set_href("/");
                     } else {
                         let text = resp.text().await.unwrap_or_default();
                         set_error.set(Some(format!("Hata: {}", text)));

frontend/src/components/torrent/table.rs

@@ -45,6 +45,14 @@ fn format_duration(seconds: i64) -> String {
     }
 }
 
+fn format_date(timestamp: i64) -> String {
+    let dt = chrono::DateTime::from_timestamp(timestamp, 0);
+    match dt {
+        Some(dt) => dt.format("%d/%m/%Y %H:%M").to_string(),
+        None => "N/A".to_string(),
+    }
+}
+
 #[derive(Clone, Copy, Debug, PartialEq, Eq)]
 enum SortColumn {
     Name,
@@ -54,6 +62,7 @@ enum SortColumn {
     DownSpeed,
     UpSpeed,
     ETA,
+    AddedDate,
 }
 
 #[derive(Clone, Copy, Debug, PartialEq, Eq)]
@@ -66,8 +75,8 @@ enum SortDirection {
 pub fn TorrentTable() -> impl IntoView {
     let store = use_context::<crate::store::TorrentStore>().expect("store not provided");
 
-    let sort_col = create_rw_signal(SortColumn::Name);
+    let sort_col = create_rw_signal(SortColumn::AddedDate);
-    let sort_dir = create_rw_signal(SortDirection::Ascending);
+    let sort_dir = create_rw_signal(SortDirection::Descending);
 
     let filtered_torrents = move || {
         let mut torrents = store
@@ -127,6 +136,7 @@ pub fn TorrentTable() -> impl IntoView {
                     let b_eta = if b.eta <= 0 { i64::MAX } else { b.eta };
                     a_eta.cmp(&b_eta)
                 }
+                SortColumn::AddedDate => a.added_date.cmp(&b.added_date),
             };
             if dir == SortDirection::Descending {
                 cmp.reverse()
@@ -264,6 +274,9 @@ pub fn TorrentTable() -> impl IntoView {
                             <th class="w-24 cursor-pointer hover:bg-base-300 group select-none" on:click=move |_| handle_sort(SortColumn::ETA)>
                                  <div class="flex items-center">"ETA" {move || sort_arrow(SortColumn::ETA)}</div>
                             </th>
+                            <th class="w-32 cursor-pointer hover:bg-base-300 group select-none" on:click=move |_| handle_sort(SortColumn::AddedDate)>
+                                 <div class="flex items-center">"Date" {move || sort_arrow(SortColumn::AddedDate)}</div>
+                            </th>
                         </tr>
                     </thead>
                     <tbody>
@@ -317,6 +330,7 @@ pub fn TorrentTable() -> impl IntoView {
                                     <td class="text-right font-mono text-[11px] opacity-80 text-success">{format_speed(t.down_rate)}</td>
                                     <td class="text-right font-mono text-[11px] opacity-80 text-primary">{format_speed(t.up_rate)}</td>
                                     <td class="text-right font-mono text-[11px] opacity-80">{format_duration(t.eta)}</td>
+                                    <td class="text-right font-mono text-[11px] opacity-80 whitespace-nowrap">{format_date(t.added_date)}</td>
                                 </tr>
                             }
                         }).collect::<Vec<_>>()}
@@ -366,6 +380,7 @@ pub fn TorrentTable() -> impl IntoView {
                                                   (SortColumn::DownSpeed, "Down Speed"),
                                                   (SortColumn::UpSpeed, "Up Speed"),
                                                   (SortColumn::ETA, "ETA"),
+                                                  (SortColumn::AddedDate, "Date"),
                                               ];
 
                                              columns.into_iter().map(|(col, label)| {
@@ -500,7 +515,7 @@ pub fn TorrentTable() -> impl IntoView {
                                     <progress class={format!("progress w-full h-1.5 {}", progress_class)} value={t.percent_complete} max="100"></progress>
                                 </div>
 
-                                <div class="grid grid-cols-3 gap-2 text-[10px] font-mono opacity-80 pt-1 border-t border-base-200/50">
+                                <div class="grid grid-cols-4 gap-2 text-[10px] font-mono opacity-80 pt-1 border-t border-base-200/50">
                                     <div class="flex flex-col">
                                         <span class="text-[9px] opacity-60 uppercase">"Down"</span>
                                         <span class="text-success">{format_speed(t.down_rate)}</span>
@@ -509,10 +524,14 @@ pub fn TorrentTable() -> impl IntoView {
                                         <span class="text-[9px] opacity-60 uppercase">"Up"</span>
                                         <span class="text-primary">{format_speed(t.up_rate)}</span>
                                     </div>
-                                    <div class="flex flex-col text-right">
+                                    <div class="flex flex-col text-center border-r border-base-200/50">
                                         <span class="text-[9px] opacity-60 uppercase">"ETA"</span>
                                         <span>{format_duration(t.eta)}</span>
                                     </div>
+                                    <div class="flex flex-col text-right">
+                                        <span class="text-[9px] opacity-60 uppercase">"Date"</span>
+                                        <span>{format_date(t.added_date)}</span>
+                                    </div>
                                 </div>
                             </div>
                         </div>