stuff changed:

- ui has been made 'kinda better' (after making it worse for a while lol
- ESP rfid readers are now supported [ill upload the code for them in another repo later]
- admin system has been secured a bit better and seems to be working well

backend/app/api/v1/events.py

@@ -1,9 +1,9 @@
 from fastapi import APIRouter, Depends, HTTPException, status
 from sqlalchemy.orm import Session
 from typing import List
-from datetime import datetime
 
 from ...core.database import get_db
+from ...core.datetime import utc_now
 from ...models.models import Event, EventRSVP, User, EventStatus
 from ...schemas import (
     EventCreate, EventUpdate, EventResponse, EventRSVPResponse, EventRSVPUpdate, MessageResponse
@@ -13,6 +13,10 @@ from ...api.dependencies import get_current_active_user, get_admin_user
 router = APIRouter()
 
 
+def _utc_time_string(value) -> str:
+    return value.strftime("%H:%M")
+
+
 @router.get("/", response_model=List[EventResponse])
 async def get_events(
     current_user: User = Depends(get_current_active_user),
@@ -34,9 +38,9 @@ async def get_upcoming_events(
     db: Session = Depends(get_db)
 ):
     """Get upcoming events"""
-    now = datetime.now()
+    now = utc_now()
     events = db.query(Event).filter(
-        Event.event_date >= now.date(),
+        Event.event_date >= now,
         Event.status == EventStatus.PUBLISHED
     ).order_by(Event.event_date).all()
     return events
@@ -50,7 +54,7 @@ async def create_event(
 ):
     """Create a new event (admin only)"""
     # Validate event date is in the future
-    if event_data.event_date < datetime.now():
+    if event_data.event_date < utc_now():
         raise HTTPException(
             status_code=status.HTTP_400_BAD_REQUEST,
             detail="Event date must be in the future"
@@ -60,7 +64,7 @@ async def create_event(
         title=event_data.title,
         description=event_data.description,
         event_date=event_data.event_date,
-        event_time=event_data.event_time,
+        event_time=_utc_time_string(event_data.event_date),
         location=event_data.location,
         max_attendees=event_data.max_attendees,
         status=EventStatus.DRAFT,
@@ -89,10 +93,14 @@ async def update_event(
         )
 
     # Update fields
-    for field, value in event_data.dict(exclude_unset=True).items():
+    update_data = event_data.model_dump(exclude_unset=True)
+    if "event_date" in update_data:
+        update_data["event_time"] = _utc_time_string(update_data["event_date"])
+
+    for field, value in update_data.items():
         setattr(event, field, value)
 
-    event.updated_at = datetime.now()
+    event.updated_at = utc_now()
     db.commit()
     db.refresh(event)
     return event
@@ -167,7 +175,7 @@ async def create_or_update_rsvp(
         existing_rsvp.status = rsvp_data.status
         if rsvp_data.notes is not None:
             existing_rsvp.notes = rsvp_data.notes
-        existing_rsvp.updated_at = datetime.now()
+        existing_rsvp.updated_at = utc_now()
         db.commit()
         db.refresh(existing_rsvp)
         return existing_rsvp
@@ -204,4 +212,4 @@ async def get_my_rsvps(
 ):
     """Get current user's RSVPs"""
     rsvps = db.query(EventRSVP).filter(EventRSVP.user_id == current_user.id).all()
-    return rsvps
+    return rsvps