# User System Plan

## 1. Database Schema (`User` model)

- **Identity & Security**
    - `username` (unique, required)
    - `pgp` (unique, required)
    - `is_verified` (boolean)

- **Contacts**
    - `xmpp` (unique, required)
    - `email` (unique, optional)
    - `phone` (unique, optional)

- **Personal Info**
    - `firstname` (required)
    - `lastname` (required)
    - `sex` (`male` / `female`, required)
    - `date_of_birth` (required)
    - `race` (optional)

- **Profile & Media**
    - `profile_picture` (required)
    - `pictures` (optional array)

- **Location**
    - `country` (required)
    - `city` (optional)

- **Physical Attributes**
    - `height` (optional float)
    - `weight` (optional int)

- **Preferences**
    - `prefered_age_range` (optional)
    - `likes` (optional array)
    - `dislikes` (optional array)

---

## 2. Registration

1. **User fills form**
     - All fields except `id`, `is_verified`.

2. **Server receives data**
     - Validate required fields and unique constraints.
     - Temporarily store as **unverified**.

3. **PGP Verification**
     - Server encrypts a message with user's PGP public key.
     - Show **validation page** with encrypted message.
     - User decrypts message and submits.
     - Server validates ownership and sets `is_verified=True`.

4. **Create Profile Page & Redirect**
     - Generate user profile page with all info.
     - Redirect user to main page or search page.

---

## 3. Search Page

- **Display**: Public user profiles as cards
    - Show `profile_picture`, `firstname`, `lastname`, age, `country`, `city`.

- **Filters**:
    - All fields **except** `pgp`, `id`, `username`.
    - Include boolean checks for presence of `email`, `phone`, `xmpp`.

- **Profile Click**
    - Open full profile page with all info, pictures, likes/dislikes.

---

## 4. Login Flow

1. User enters `username` + `PGP key`.
2. Server verifies PGP via challenge.
3. On success:
    - User can edit **all fields** execpt `id` and `username`.
    - User can change pgp key, new pgp key must be verified.

---

## 5. Software Stack

- **Software used**:
    - Flask (backend framework)
    - MySQL (Database)
    - SQLAlchemy (ORM)
    - python-gnupg (PGP validation)
    - Flask-WTF (Forms validation)