Refactor account adapters and admin classes; enhance type hinting for better clarity and maintainability, ensuring consistent typing across methods and improving overall code quality.

Refactor advanced search template to utilize Alpine.js for state management. Enhance search functionality with dynamic view modes and improved filter handling using HTMX.

.claude/settings.local.json

@@ -0,0 +1,12 @@
+{
+  "permissions": {
+    "allow": [
+      "Bash(python manage.py check:*)",
+      "Bash(uv run:*)",
+      "Bash(find:*)",
+      "Bash(python:*)"
+    ],
+    "deny": [],
+    "ask": []
+  }
+}

.clinerules/cline_rules.md

@@ -0,0 +1,98 @@
+---
+description: Core ThrillWiki development rules covering API organization, data models, development commands, code quality standards, and critical business rules
+author: ThrillWiki Development Team
+version: 1.0
+globs: ["**/*.py", "apps/**/*", "thrillwiki/**/*", "**/*.md"]
+tags: ["django", "api-design", "code-quality", "development-commands", "business-rules"]
+---
+
+# ThrillWiki Core Development Rules
+
+## Objective
+This rule defines the fundamental development standards, API organization patterns, code quality requirements, and critical business rules that MUST be followed for all ThrillWiki development work. It ensures consistency, maintainability, and adherence to project-specific constraints.
+
+## API Organization and Data Models
+
+### Mandatory API Structure
+- **MANDATORY NESTING**: All API directory structures MUST match URL nesting patterns. No exceptions.
+- **NO TOP-LEVEL ENDPOINTS**: URLs must be nested under top-level domains
+- **MANDATORY TRAILING SLASHES**: All API endpoints MUST include trailing forward slashes unless ending with query parameters
+- **Validation Required**: Validate all endpoint URLs against the mandatory trailing slash rule
+
+### Ride System Architecture
+**RIDE TYPES vs RIDE MODELS**: These are separate concepts for ALL ride categories:
+- **Ride Types**: How rides operate (e.g., "inverted", "trackless", "spinning", "log flume", "monorail")
+- **Ride Models**: Specific manufacturer products (e.g., "B&M Dive Coaster", "Vekoma Boomerang")
+- **Implementation**: Individual rides reference BOTH the model (what product) and type (how it operates)
+- **Coverage**: Ride types MUST be available for ALL ride categories, not just roller coasters
+
+## Development Commands and Code Quality
+
+### Required Commands
+- **Django Server**: ALWAYS use `uv run manage.py runserver_plus` instead of `python manage.py runserver`
+- **Django Migrations**: ALWAYS use `uv run manage.py makemigrations` and `uv run manage.py migrate` instead of `python manage.py`
+- **Package Management**: ALWAYS use `uv add <package>` instead of `pip install <package>`
+- **Django Management**: ALWAYS use `uv run manage.py <command>` instead of `python manage.py <command>`
+
+### Code Quality Standards
+- **Cognitive Complexity**: Break down methods with high cognitive complexity (>15) into smaller, focused helper methods
+- **Method Extraction**: Extract logical operations into separate methods with descriptive names
+- **Single Responsibility**: Each method SHOULD have one clear purpose
+- **Logic Structure**: Prefer composition over deeply nested conditional logic
+- **Null Handling**: ALWAYS handle None values explicitly to avoid type errors
+- **Type Annotations**: Use proper type annotations, including union types (e.g., `Polygon | None`)
+- **API Structure**: Structure API views with clear separation between parameter handling, business logic, and response building
+- **Quality Improvements**: When addressing SonarQube or linting warnings, focus on structural improvements rather than quick fixes
+
+## ThrillWiki Project Rules
+
+### Domain Architecture
+- **Domain Structure**: Parks contain rides, rides have models, companies have multiple roles (manufacturer/operator/designer)
+- **Media Integration**: Use CloudflareImagesField for all photo uploads with variants and transformations
+- **Change Tracking**: All models use pghistory for change tracking and TrackedModel base class
+- **Slug Management**: Unique within scope (park slugs global, ride slugs within park, ride model slugs within manufacturer)
+
+### Status and Role Management
+- **Status Management**: Rides have operational status (OPERATING, CLOSED_TEMP, SBNO, etc.) with date tracking
+- **Company Roles**: Companies can be MANUFACTURER, OPERATOR, DESIGNER, PROPERTY_OWNER with array field
+- **Location Data**: Use PostGIS for geographic data, separate location models for parks and rides
+
+### Technical Patterns
+- **API Patterns**: Use DRF with drf-spectacular, comprehensive serializers, nested endpoints, caching
+- **Photo Management**: Banner/card image references, photo types, attribution fields, primary photo logic
+- **Search Integration**: Text search, filtering, autocomplete endpoints, pagination
+- **Statistics**: Cached stats endpoints with automatic invalidation via Django signals
+
+## CRITICAL RULES
+
+### Data Integrity (ABSOLUTE)
+🚨 **NEVER MOCK DATA**: You are NEVER EVER to mock any data unless it's ONLY for API schema documentation purposes. All data MUST come from real database queries and actual model instances. Mock data is STRICTLY FORBIDDEN in all API responses, services, and business logic.
+
+### Domain Separation (CRITICAL BUSINESS RULE)
+🚨 **DOMAIN SEPARATION**: Company roles OPERATOR and PROPERTY_OWNER are EXCLUSIVELY for parks domain. They SHOULD NEVER be used in rides URLs or ride-related contexts. Only MANUFACTURER and DESIGNER roles are for rides domain.
+
+**Correct URL Patterns:**
+- **Parks**: `/parks/{park_slug}/` and `/parks/`
+- **Rides**: `/parks/{park_slug}/rides/{ride_slug}/` and `/rides/`
+- **Parks Companies**: `/parks/operators/{operator_slug}/` and `/parks/owners/{owner_slug}/`
+- **Rides Companies**: `/rides/manufacturers/{manufacturer_slug}/` and `/rides/designers/{designer_slug}/`
+
+⚠️ **WARNING**: NEVER mix these domains - this is a fundamental and DANGEROUS business rule violation.
+
+### Photo Management Standards
+🚨 **PHOTO MANAGEMENT**: 
+- Use CloudflareImagesField for all photo uploads with variants and transformations
+- Clearly define and use photo types (e.g., banner, card) for all images
+- Include attribution fields for all photos
+- Implement logic to determine the primary photo for each model
+
+## Verification Checklist
+
+Before implementing any changes, verify:
+- [ ] All API endpoints have trailing slashes
+- [ ] Domain separation is maintained (parks vs rides companies)
+- [ ] No mock data is used outside of schema documentation
+- [ ] Proper uv commands are used for all Django operations
+- [ ] Type annotations are complete and accurate
+- [ ] Methods follow single responsibility principle
+- [ ] CloudflareImagesField is used for all photo uploads

.clinerules/rich-choice-objects.md

@@ -0,0 +1,100 @@
+---
+description: Mandatory Rich Choice Objects system enforcement for ThrillWiki project replacing Django tuple-based choices with rich metadata-driven choice fields
+author: ThrillWiki Development Team
+version: 1.0
+globs: ["apps/**/choices.py", "apps/**/models.py", "apps/**/serializers.py", "apps/**/__init__.py"]
+tags: ["django", "choices", "rich-choice-objects", "data-modeling", "mandatory"]
+---
+
+# Rich Choice Objects System (MANDATORY)
+
+## Objective
+This rule enforces the mandatory use of the Rich Choice Objects system instead of Django's traditional tuple-based choices for ALL choice fields in the ThrillWiki project. It ensures consistent, metadata-rich choice handling with enhanced UI capabilities and maintainable code patterns.
+
+## Brief Overview
+Mandatory use of Rich Choice Objects system instead of Django tuple-based choices for all choice fields in ThrillWiki project.
+
+## Rich Choice Objects Enforcement
+
+### Absolute Requirements
+🚨 **NEVER use Django tuple-based choices** (e.g., `choices=[('VALUE', 'Label')]`) - ALWAYS use RichChoiceField
+
+### Implementation Standards
+- **Field Usage**: All choice fields MUST use `RichChoiceField(choice_group="group_name", domain="domain_name")` pattern
+- **Choice Definitions**: MUST be created in domain-specific `choices.py` files using RichChoice dataclass
+- **Rich Metadata**: All choices MUST include rich metadata (color, icon, description, css_class at minimum)
+- **Registration**: Choice groups MUST be registered with global registry using `register_choices()` function
+- **Auto-Registration**: Import choices in domain `__init__.py` to trigger auto-registration on Django startup
+
+### Required Patterns
+- **Categorization**: Use ChoiceCategory enum for proper categorization (STATUS, CLASSIFICATION, TECHNICAL, SECURITY)
+- **Business Logic**: Leverage rich metadata for UI styling, permissions, and business logic instead of hardcoded values
+- **Serialization**: Update serializers to use RichChoiceSerializer for choice fields
+
+### Migration Requirements
+- **NO Backwards Compatibility**: DO NOT maintain backwards compatibility with tuple-based choices - migrate fully to Rich Choice Objects
+- **Model Refactoring**: Ensure all existing models using tuple-based choices are refactored to use RichChoiceField
+- **Validation**: Validate choice groups are correctly loaded in registry during application startup
+
+### Domain Consistency
+- **Follow Established Patterns**: Follow established patterns from rides, parks, and accounts domains for consistency
+- **Domain-Specific Organization**: Maintain domain-specific choice organization in separate `choices.py` files
+
+## Implementation Checklist
+
+Before implementing choice fields, verify:
+- [ ] RichChoiceField is used instead of Django tuple choices
+- [ ] Choice group and domain are properly specified
+- [ ] Rich metadata includes color, icon, description, css_class
+- [ ] Choices are defined in domain-specific `choices.py` file
+- [ ] Choice group is registered with `register_choices()` function
+- [ ] Domain `__init__.py` imports choices for auto-registration
+- [ ] Appropriate ChoiceCategory enum is used
+- [ ] Serializers use RichChoiceSerializer for choice fields
+- [ ] No tuple-based choices remain in the codebase
+
+## Examples
+
+### ✅ CORRECT Implementation
+```python
+# In apps/rides/choices.py
+from core.choices import RichChoice, ChoiceCategory, register_choices
+
+RIDE_STATUS_CHOICES = [
+    RichChoice(
+        value="operating",
+        label="Operating",
+        color="#10b981",
+        icon="check-circle",
+        description="Ride is currently operating normally",
+        css_class="status-operating",
+        category=ChoiceCategory.STATUS
+    ),
+    # ... more choices
+]
+
+register_choices("ride_status", RIDE_STATUS_CHOICES, domain="rides")
+
+# In models.py
+status = RichChoiceField(choice_group="ride_status", domain="rides")
+```
+
+### ❌ FORBIDDEN Implementation
+```python
+# NEVER DO THIS - Tuple-based choices are forbidden
+STATUS_CHOICES = [
+    ('operating', 'Operating'),
+    ('closed', 'Closed'),
+]
+
+status = models.CharField(max_length=20, choices=STATUS_CHOICES)
+```
+
+## Verification Steps
+
+To ensure compliance:
+1. Search codebase for any remaining tuple-based choice patterns
+2. Verify all choice fields use RichChoiceField
+3. Confirm all choices have complete rich metadata
+4. Test choice group registration during application startup
+5. Validate serializers use RichChoiceSerializer where appropriate

.clinerules/thrillwiki-context.md

@@ -0,0 +1,161 @@
+---
+description: Comprehensive ThrillWiki Django project context including architecture, development patterns, business rules, and mandatory Context7 MCP integration workflow
+author: ThrillWiki Development Team
+version: 2.0
+globs: ["**/*.py", "**/*.html", "**/*.js", "**/*.css", "**/*.md"]
+tags: ["django", "architecture", "api-design", "business-rules", "context7-integration", "thrillwiki"]
+---
+
+# ThrillWiki Django Project Context
+
+## Objective
+This rule provides comprehensive context for the ThrillWiki project, defining core architecture patterns, business rules, development workflows, and mandatory integration requirements. It serves as the primary reference for maintaining consistency across all ThrillWiki development activities.
+
+## Project Overview
+ThrillWiki is a comprehensive theme park database platform with user-generated content, expert moderation, and rich media support. Built with Django REST Framework, it serves 120+ API endpoints for parks, rides, companies, and user management.
+
+## Core Architecture
+
+### Technology Stack
+- **Backend**: Django 5.0+ with DRF, PostgreSQL + PostGIS, Redis caching, Celery tasks
+- **Frontend**: HTMX + AlpineJS + Tailwind CSS + Django-Cotton 
+  - 🚨 **CRITICAL**: NO React/Vue/Angular allowed
+- **Media**: Cloudflare Images using Direct Upload with variants and transformations
+- **Tracking**: pghistory for all model changes, TrackedModel base class
+- **Choices**: Rich Choice Objects system (NEVER use Django tuple choices)
+
+### Domain Architecture
+- **Parks Domain**: `parks/`, companies (OPERATOR/PROPERTY_OWNER roles only)
+- **Rides Domain**: `rides/`, companies (MANUFACTURER/DESIGNER roles only)
+- **Core Apps**: `accounts/`, `media/`, `moderation/`, `core/`
+- 🚨 **CRITICAL BUSINESS RULE**: Never mix park/ride company roles - fundamental business rule violation
+
+## Development Patterns
+
+### Model Patterns
+- **Base Classes**: All models MUST inherit from TrackedModel
+- **Slug Handling**: Use SluggedModel for slugs with history tracking
+- **Location Data**: Use PostGIS for geographic data, separate location models
+- **Media Fields**: Use CloudflareImagesField for all image handling
+
+### API Design Patterns
+- **URL Structure**: Nested URLs (`/parks/{slug}/rides/{slug}/`)
+- **Trailing Slashes**: MANDATORY trailing slashes on all endpoints
+- **Authentication**: Token-based with role hierarchy (USER/MODERATOR/ADMIN/SUPERUSER)
+- **Filtering**: Comprehensive filtering - rides (25+ parameters), parks (15+ parameters)
+- **Responses**: Standard DRF pagination, rich error responses with details
+- **Caching**: Multi-level (Redis, CDN, browser) with signal-based invalidation
+
+### Choice System (MANDATORY)
+- **Implementation**: `RichChoiceField(choice_group="group_name", domain="domain_name")`
+- **Definition**: Domain-specific `choices.py` using RichChoice dataclass
+- **Registration**: `register_choices()` function in domain `__init__.py`
+- **Required Metadata**: color, icon, description, css_class (minimum)
+- 🚨 **FORBIDDEN**: NO tuple-based choices allowed anywhere in codebase
+
+## Development Commands
+
+### Package Management
+- **Python Packages**: `uv add <package>` (NOT `pip install`)
+- **Server**: `uv run manage.py runserver_plus` (NOT `python manage.py`)
+- **Migrations**: `uv run manage.py makemigrations/migrate`
+- **Management**: ALWAYS use `uv run manage.py <command>`
+
+## Business Rules
+
+### Company Role Separation
+- **Parks Domain**: Only OPERATOR and PROPERTY_OWNER roles
+- **Rides Domain**: Only MANUFACTURER and DESIGNER roles
+- 🚨 **CRITICAL**: Never allow cross-domain company roles
+
+### Data Integrity
+- **Model Changes**: All must be tracked via pghistory
+- **API Responses**: MUST use real database data (NEVER MOCK DATA)
+- **Geographic Data**: MUST use PostGIS for accuracy
+
+## Frontend Constraints
+
+### Architecture Requirements
+- **HTMX**: Dynamic updates and AJAX interactions
+- **AlpineJS**: Client-side state management
+- **Tailwind CSS**: Styling framework
+- **Progressive Enhancement**: Required approach
+
+### Performance Targets
+- **First Contentful Paint**: < 1.5s
+- **Time to Interactive**: < 2s
+- **Compliance**: Core Web Vitals compliance
+- **Browser Support**: Latest 2 versions of major browsers
+
+## Context7 MCP Integration (MANDATORY)
+
+### Requirement
+🚨 **CRITICAL**: ALWAYS use Context7 MCP for documentation lookups before making changes
+
+### Libraries Requiring Context7
+- **tailwindcss**: CSS utility classes, responsive design, component styling
+- **django**: Models, views, forms, URL patterns, Django-specific patterns
+- **django-cotton**: Component creation, template organization, Cotton-specific syntax
+- **htmx**: Dynamic updates, form handling, AJAX interactions
+- **alpinejs**: Client-side state management, reactive data, JavaScript interactions
+- **django-rest-framework**: API design, serializers, viewsets, DRF patterns
+- **postgresql**: Database queries, PostGIS functions, advanced SQL features
+- **postgis**: Geographic data handling and spatial queries
+- **redis**: Caching strategies, session management, performance optimization
+
+### Mandatory Workflow Steps
+1. **Before editing/creating code**: Query Context7 for relevant library documentation
+2. **During debugging**: Use Context7 to verify syntax, patterns, and best practices
+3. **When implementing new features**: Reference Context7 for current API and method signatures
+4. **For performance issues**: Consult Context7 for optimization techniques and patterns
+5. **For geographic data handling**: Use Context7 for PostGIS functions and best practices
+6. **For caching strategies**: Refer to Context7 for Redis patterns and best practices
+7. **For database queries**: Utilize Context7 for PostgreSQL best practices and advanced SQL features
+
+### Mandatory Scenarios
+- Creating new Django models or API endpoints
+- Implementing HTMX dynamic functionality
+- Writing AlpineJS reactive components
+- Designing responsive layouts with Tailwind CSS
+- Creating Django-Cotton components
+- Debugging CSS, JavaScript, or Django issues
+- Implementing caching or database optimizations
+- Handling geographic data with PostGIS
+- Utilizing Redis for session management
+- Implementing real-time features with WebSockets
+
+### Context7 Commands
+1. **Resolve Library**: Always call `Context7:resolve-library-id` first to get correct library ID
+2. **Get Documentation**: Then use `Context7:get-library-docs` with appropriate topic parameter
+
+### Example Topics by Library
+- **tailwindcss**: responsive design, flexbox, grid, animations
+- **django**: models, views, forms, admin, signals
+- **django-cotton**: components, templates, slots, props
+- **htmx**: hx-get, hx-post, hx-swap, hx-trigger, hx-target
+- **alpinejs**: x-data, x-show, x-if, x-for, x-model
+- **django-rest-framework**: serializers, viewsets, routers, permissions
+- **postgresql**: joins, indexes, transactions, window functions
+- **postgis**: geospatial queries, distance calculations, spatial indexes
+- **redis**: caching strategies, pub/sub, data structures
+
+## Code Quality Standards
+
+### Model Requirements
+- All models MUST inherit from TrackedModel
+- Use SluggedModel for entities with slugs and history tracking
+- Always use RichChoiceField instead of Django choices
+- Use CloudflareImagesField for all image handling
+- Use PostGIS fields and separate location models for geographic data
+
+### API Requirements
+- MUST include trailing slashes and follow nested pattern
+- All responses MUST use real database queries
+- Implement comprehensive filtering and pagination
+- Use signal-based cache invalidation
+
+### Development Workflow
+- Use uv for all Python package operations
+- Use runserver_plus for enhanced development server
+- Always use `uv run` for Django management commands
+- All functionality MUST work with progressive enhancement

.clinerules/thrillwiki-simple.md

@@ -0,0 +1,56 @@
+---
+description: Condensed ThrillWiki Django project context with architecture, patterns, and mandatory Context7 integration
+author: ThrillWiki Development Team
+version: 2.1
+globs: ["**/*.py", "**/*.html", "**/*.js", "**/*.css", "**/*.md"]
+tags: ["django", "architecture", "context7-integration", "thrillwiki"]
+---
+
+# ThrillWiki Django Project Context
+
+## Project Overview
+Theme park database platform with Django REST Framework serving 120+ API endpoints for parks, rides, companies, and users.
+
+## Core Architecture
+- **Backend**: Django 5.1+, DRF, PostgreSQL+PostGIS, Redis, Celery
+- **Frontend**: HTMX (V2+) + AlpineJS + Tailwind CSS (V4+) + Django-Cotton
+  - 🚨 **ABSOLUTELY NO Custom JS** - use HTMX + AlpineJS ONLY
+  - Clean, simple UX preferred
+- **Media**: Cloudflare Images with Direct Upload
+- **Tracking**: pghistory, TrackedModel base class
+- **Choices**: Rich Choice Objects (NEVER Django tuple choices)
+
+## Development Patterns
+- **Models**: TrackedModel inheritance, SluggedModel for slugs, PostGIS for location
+- **APIs**: Nested URLs (`/parks/{slug}/rides/{slug}/`), mandatory trailing slashes
+- **Commands**: `uv add <package>`, `uv run manage.py <command>` (NOT pip/python)
+- **Choices**: `RichChoiceField(choice_group="name", domain="domain")` MANDATORY
+
+## Business Rules
+🚨 **CRITICAL**: Company role separation - Parks (OPERATOR/PROPERTY_OWNER only), Rides (MANUFACTURER/DESIGNER only)
+
+## Context7 MCP Integration (MANDATORY)
+
+### Required Libraries
+tailwindcss, django, django-cotton, htmx, alpinejs, django-rest-framework, postgresql, postgis, redis
+
+### Workflow
+1. **ALWAYS** call `Context7:resolve-library-id` first
+2. Then `Context7:get-library-docs` with topic parameter
+3. Required for: new models/APIs, HTMX functionality, AlpineJS components, Tailwind layouts, Cotton components, debugging, optimizations
+
+### Example Topics
+- **tailwindcss**: responsive, flexbox, grid
+- **django**: models, views, forms
+- **htmx**: hx-get, hx-post, hx-swap, hx-target
+- **alpinejs**: x-data, x-show, x-if, x-for
+
+## Standards
+- All models inherit TrackedModel
+- Real database data only (NO MOCKING)
+- RichChoiceField over Django choices
+- Progressive enhancement required
+
+- We prefer to edit existing files instead of creating new ones.
+
+YOU ARE STRICTLY AND ABSOLUTELY FORBIDDEN FROM IGNORING, BYPASSING, OR AVOIDING THESE RULES IN ANY WAY WITH NO EXCEPTIONS!!!

.github/workflows/claude-code-review.yml

@@ -0,0 +1,54 @@
+name: Claude Code Review
+
+on:
+  pull_request:
+    types: [opened, synchronize]
+    # Optional: Only run on specific file changes
+    # paths:
+    #   - "src/**/*.ts"
+    #   - "src/**/*.tsx"
+    #   - "src/**/*.js"
+    #   - "src/**/*.jsx"
+
+jobs:
+  claude-review:
+    # Optional: Filter by PR author
+    # if: |
+    #   github.event.pull_request.user.login == 'external-contributor' ||
+    #   github.event.pull_request.user.login == 'new-developer' ||
+    #   github.event.pull_request.author_association == 'FIRST_TIME_CONTRIBUTOR'
+    
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: read
+      issues: read
+      id-token: write
+    
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 1
+
+      - name: Run Claude Code Review
+        id: claude-review
+        uses: anthropics/claude-code-action@v1
+        with:
+          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
+          prompt: |
+            Please review this pull request and provide feedback on:
+            - Code quality and best practices
+            - Potential bugs or issues
+            - Performance considerations
+            - Security concerns
+            - Test coverage
+            
+            Use the repository's CLAUDE.md for guidance on style and conventions. Be constructive and helpful in your feedback.
+
+            Use `gh pr comment` with your Bash tool to leave your review as a comment on the PR.
+          
+          # See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md
+          # or https://docs.anthropic.com/en/docs/claude-code/sdk#command-line for available options
+          claude_args: '--allowed-tools "Bash(gh issue view:*),Bash(gh search:*),Bash(gh issue list:*),Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh pr list:*)"'
+

.github/workflows/claude.yml

@@ -0,0 +1,50 @@
+name: Claude Code
+
+on:
+  issue_comment:
+    types: [created]
+  pull_request_review_comment:
+    types: [created]
+  issues:
+    types: [opened, assigned]
+  pull_request_review:
+    types: [submitted]
+
+jobs:
+  claude:
+    if: |
+      (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) ||
+      (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) ||
+      (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) ||
+      (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude')))
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: read
+      issues: read
+      id-token: write
+      actions: read # Required for Claude to read CI results on PRs
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 1
+
+      - name: Run Claude Code
+        id: claude
+        uses: anthropics/claude-code-action@v1
+        with:
+          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
+          
+          # This is an optional setting that allows Claude to read CI results on PRs
+          additional_permissions: |
+            actions: read
+
+          # Optional: Give a custom prompt to Claude. If this is not specified, Claude will perform the instructions specified in the comment that tagged it.
+          # prompt: 'Update the pull request description to include a summary of changes.'
+
+          # Optional: Add claude_args to customize behavior and configuration
+          # See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md
+          # or https://docs.anthropic.com/en/docs/claude-code/sdk#command-line for available options
+          # claude_args: '--model claude-opus-4-1-20250805 --allowed-tools Bash(gh pr:*)'
+

.gitignore

@@ -117,3 +117,10 @@ temp/
 .django_tailwind_cli/
 backend/.env
 frontend/.env
+
+# Extracted packages
+django-forwardemail/
+frontend/
+frontend
+.snapshots
+uv.lock

.nvmrc

@@ -1 +0,0 @@
-lts/*

.replit

@@ -0,0 +1,73 @@
+modules = ["bash", "web", "nodejs-20", "python-3.13", "postgresql-16"]
+
+[nix]
+channel = "stable-25_05"
+packages = [
+  "freetype",
+  "gdal",
+  "geos",
+  "gitFull",
+  "lcms2",
+  "libimagequant",
+  "libjpeg",
+  "libtiff",
+  "libwebp",
+  "libxcrypt",
+  "openjpeg",
+  "playwright-driver",
+  "postgresql",
+  "proj",
+  "tcl",
+  "tk",
+  "uv",
+  "zlib",
+]
+
+[agent]
+expertMode = true
+
+[workflows]
+runButton = "Project"
+
+[[workflows.workflow]]
+name = "Project"
+mode = "parallel"
+author = "agent"
+
+[[workflows.workflow.tasks]]
+task = "workflow.run"
+args = "ThrillWiki Server"
+
+[[workflows.workflow]]
+name = "ThrillWiki Server"
+author = "agent"
+
+[[workflows.workflow.tasks]]
+task = "shell.exec"
+args = "/home/runner/workspace/.venv/bin/python manage.py tailwind runserver 0.0.0.0:5000"
+waitForPort = 5000
+
+[workflows.workflow.metadata]
+outputType = "webview"
+
+[[ports]]
+localPort = 5000
+externalPort = 80
+
+[[ports]]
+localPort = 41923
+externalPort = 3000
+
+[[ports]]
+localPort = 45245
+externalPort = 3001
+
+[deployment]
+deploymentTarget = "autoscale"
+run = [
+  "gunicorn",
+  "--bind=0.0.0.0:5000",
+  "--reuse-port",
+  "thrillwiki.wsgi:application",
+]
+build = ["uv", "pip", "install", "--system", "-r", "requirements.txt"]

.roo/mcp.json

@@ -0,0 +1,18 @@
+{
+  "mcpServers": {
+    "context7": {
+      "command": "npx",
+      "args": [
+        "-y",
+        "@upstash/context7-mcp"
+      ],
+      "env": {
+        "DEFAULT_MINIMUM_TOKENS": ""
+      },
+      "alwaysAllow": [
+        "resolve-library-id",
+        "get-library-docs"
+      ]
+    }
+  }
+}

CI_README.md

@@ -1,277 +0,0 @@
-# ThrillWiki CI/CD System
-
-This repository includes a **complete automated CI/CD system** that creates a Linux VM on Unraid and automatically deploys ThrillWiki when commits are pushed to GitHub.
-
-## 🚀 Complete Automation (Unraid)
-
-For **full automation** including VM creation on Unraid:
-
-```bash
-./scripts/unraid/setup-complete-automation.sh
-```
-
-This single command will:
-- ✅ Create and configure VM on Unraid
-- ✅ Install Ubuntu Server with all dependencies
-- ✅ Deploy ThrillWiki application
-- ✅ Set up automated CI/CD pipeline
-- ✅ Configure webhook listener
-- ✅ Test the entire system
-
-## Manual Setup (Any Linux VM)
-
-For manual setup on existing Linux VMs:
-
-```bash
-./scripts/setup-vm-ci.sh
-```
-
-## System Components
-
-### 📁 Files Created
-
-```
-scripts/
-├── ci-start.sh                      # Local development server startup
-├── webhook-listener.py              # GitHub webhook listener
-├── vm-deploy.sh                    # VM deployment script
-├── setup-vm-ci.sh                  # Manual VM setup script
-├── unraid/
-│   ├── vm-manager.py               # Unraid VM management
-│   └── setup-complete-automation.sh # Complete automation
-└── systemd/
-    ├── thrillwiki.service           # Django app service
-    └── thrillwiki-webhook.service   # Webhook listener service
-
-docs/
-├── VM_DEPLOYMENT_SETUP.md          # Manual setup documentation
-└── UNRAID_COMPLETE_AUTOMATION.md   # Complete automation guide
-```
-
-### 🔄 Deployment Flow
-
-**Complete Automation:**
-```
-GitHub Push → Webhook → Local Listener → SSH → Unraid VM → Deploy & Restart
-```
-
-**Manual Setup:**
-```
-GitHub Push → Webhook → Local Listener → SSH to VM → Deploy Script → Server Restart
-```
-
-## Features
-
-- **Complete VM Automation**: Automatically creates VMs on Unraid
-- **Automatic Deployment**: Deploys on push to main branch
-- **Health Checks**: Verifies deployment success
-- **Rollback Support**: Automatic rollback on deployment failure
-- **Service Management**: Systemd integration for reliable service management
-- **Database Setup**: Automated PostgreSQL configuration
-- **Logging**: Comprehensive logging for debugging
-- **Security**: SSH key authentication and webhook secrets
-- **One-Command Setup**: Full automation with single script
-
-## Usage
-
-### Complete Automation (Recommended)
-
-For Unraid users, run the complete automation:
-
-```bash
-./scripts/unraid/setup-complete-automation.sh
-```
-
-After setup, start the webhook listener:
-```bash
-./start-webhook.sh
-```
-
-### Local Development
-
-Start the local development server:
-
-```bash
-./scripts/ci-start.sh
-```
-
-### VM Management (Unraid)
-
-```bash
-# Check VM status
-python3 scripts/unraid/vm-manager.py status
-
-# Start/stop VM
-python3 scripts/unraid/vm-manager.py start
-python3 scripts/unraid/vm-manager.py stop
-
-# Get VM IP
-python3 scripts/unraid/vm-manager.py ip
-```
-
-### Service Management
-
-On the VM:
-
-```bash
-# Check status
-ssh thrillwiki-vm "./scripts/vm-deploy.sh status"
-
-# Restart service
-ssh thrillwiki-vm "./scripts/vm-deploy.sh restart"
-
-# View logs
-ssh thrillwiki-vm "journalctl -u thrillwiki -f"
-```
-
-### Manual VM Deployment
-
-Deploy to VM manually:
-
-```bash
-ssh thrillwiki-vm "cd thrillwiki && ./scripts/vm-deploy.sh"
-```
-
-## Configuration
-
-### Automated Configuration
-
-The complete automation script creates all necessary configuration files:
-
-- `***REMOVED***.unraid` - Unraid VM configuration
-- `***REMOVED***.webhook` - Webhook listener configuration
-- SSH keys and configuration
-- Service configurations
-
-### Manual Environment Variables
-
-For manual setup, create `***REMOVED***.webhook` file:
-
-```bash
-WEBHOOK_PORT=9000
-WEBHOOK_SECRET=your_secret_here
-VM_HOST=your_vm_ip
-VM_USER=ubuntu
-VM_KEY_PATH=/path/to/ssh/key
-VM_PROJECT_PATH=/home/ubuntu/thrillwiki
-REPO_URL=https://github.com/username/repo.git
-DEPLOY_BRANCH=main
-```
-
-### GitHub Webhook
-
-Configure in your GitHub repository:
-- **URL**: `http://YOUR_PUBLIC_IP:9000/webhook`
-- **Content Type**: `application/json`
-- **Secret**: Your webhook secret
-- **Events**: Push events
-
-## Requirements
-
-### For Complete Automation
-- **Local Machine**: Python 3.8+, SSH client
-- **Unraid Server**: 6.8+ with VM support
-- **Resources**: 4GB RAM, 50GB disk minimum
-- **Ubuntu ISO**: Ubuntu Server 22.04 in `/mnt/user/isos/`
-
-### For Manual Setup
-- **Local Machine**: Python 3.8+, SSH access to VM, Public IP
-- **Linux VM**: Ubuntu 20.04+, Python 3.8+, UV package manager, Git, SSH server
-
-## Troubleshooting
-
-### Complete Automation Issues
-
-1. **VM Creation Fails**
-   ```bash
-   # Check Unraid VM support
-   ssh unraid "virsh list --all"
-   
-   # Verify Ubuntu ISO exists
-   ssh unraid "ls -la /mnt/user/isos/ubuntu-*.iso"
-   ```
-
-2. **VM Won't Start**
-   ```bash
-   # Check VM status
-   python3 scripts/unraid/vm-manager.py status
-   
-   # Check Unraid logs
-   ssh unraid "tail -f /var/log/libvirt/qemu/thrillwiki-vm.log"
-   ```
-
-### General Issues
-
-1. **SSH Connection Failed**
-   ```bash
-   # Check SSH key permissions
-   chmod 600 ~/.ssh/thrillwiki_vm
-   
-   # Test connection
-   ssh thrillwiki-vm
-   ```
-
-2. **Webhook Not Receiving Events**
-   ```bash
-   # Check if port is open
-   sudo ufw allow 9000
-   
-   # Verify webhook URL in GitHub
-   curl -X GET http://localhost:9000/health
-   ```
-
-3. **Service Won't Start**
-   ```bash
-   # Check service logs
-   ssh thrillwiki-vm "journalctl -u thrillwiki --no-pager"
-   
-   # Manual start
-   ssh thrillwiki-vm "cd thrillwiki && ./scripts/ci-start.sh"
-   ```
-
-### Logs
-
-- **Setup logs**: `logs/unraid-automation.log`
-- **Local webhook**: `logs/webhook.log`
-- **VM deployment**: `logs/deploy.log` (on VM)
-- **Django server**: `logs/django.log` (on VM)
-- **System logs**: `journalctl -u thrillwiki -f` (on VM)
-
-## Security Notes
-
-- Automated SSH key generation and management
-- Dedicated keys for each connection (VM access, Unraid access)
-- No password authentication
-- Systemd security features enabled
-- Firewall configuration support
-- Secret management in environment files
-
-## Documentation
-
-- **Complete Automation**: [`docs/UNRAID_COMPLETE_AUTOMATION.md`](docs/UNRAID_COMPLETE_AUTOMATION.md)
-- **Manual Setup**: [`docs/VM_DEPLOYMENT_SETUP.md`](docs/VM_DEPLOYMENT_SETUP.md)
-
----
-
-## Quick Start Summary
-
-### For Unraid Users (Complete Automation)
-```bash
-# One command to set up everything
-./scripts/unraid/setup-complete-automation.sh
-
-# Start webhook listener
-./start-webhook.sh
-
-# Push commits to auto-deploy!
-```
-
-### For Existing VM Users
-```bash
-# Manual setup
-./scripts/setup-vm-ci.sh
-
-# Configure webhook and push to deploy
-```
-
-**The system will automatically deploy your Django application whenever you push commits to the main branch!** 🚀

README.md

@@ -1,200 +1,87 @@
-# ThrillWiki Django + Vue.js Monorepo
+# ThrillWiki Backend
 
-A comprehensive theme park and roller coaster information system built with a modern monorepo architecture combining Django REST API backend with Vue.js frontend.
+Django REST API backend for the ThrillWiki monorepo.
 
-## 🏗️ Architecture Overview
+## 🏗️ Architecture
 
-This project uses a monorepo structure that cleanly separates backend and frontend concerns while maintaining shared resources and documentation:
+This backend follows Django best practices with a modular app structure:
 
 ```
-thrillwiki-monorepo/
-├── backend/                 # Django REST API (Port 8000)
-│   ├── apps/               # Modular Django applications
-│   ├── config/             # Django settings and configuration
-│   ├── templates/          # Django templates
-│   └── static/             # Static assets
-├── frontend/                # Vue.js SPA (Port 5174)
-│   ├── src/                # Vue.js source code
-│   ├── public/             # Static assets
-│   └── dist/               # Build output
-├── shared/                  # Shared resources and documentation
-│   ├── docs/               # Comprehensive documentation
-│   ├── scripts/            # Development and deployment scripts
-│   ├── config/             # Shared configuration
-│   └── media/              # Shared media files
-├── architecture/            # Architecture documentation
-└── profiles/                # Development profiles
+backend/
+├── apps/                 # Django applications
+│   ├── accounts/         # User management
+│   ├── parks/           # Theme park data
+│   ├── rides/           # Ride information
+│   ├── moderation/      # Content moderation
+│   ├── location/        # Geographic data
+│   ├── media/           # File management
+│   ├── email_service/   # Email functionality
+│   └── core/            # Core utilities
+├── config/              # Django configuration
+│   ├── django/          # Settings files
+│   └── settings/        # Modular settings
+├── templates/           # Django templates
+├── static/              # Static files
+└── tests/               # Test files
 ```
 
+## 🛠️ Technology Stack
+
+- **Django 5.0+** - Web framework
+- **Django REST Framework** - API framework
+- **PostgreSQL** - Primary database
+- **Redis** - Caching and sessions
+- **UV** - Python package management
+- **Celery** - Background task processing
+
 ## 🚀 Quick Start
 
 ### Prerequisites
 
-- **Python 3.11+** with [uv](https://docs.astral.sh/uv/) for backend dependencies
-- **Node.js 18+** with [pnpm](https://pnpm.io/) for frontend dependencies
-- **PostgreSQL 14+** (optional, defaults to SQLite for development)
-- **Redis 6+** (optional, for caching and sessions)
+- Python 3.11+
+- [uv](https://docs.astral.sh/uv/) package manager
+- PostgreSQL 14+
+- Redis 6+
 
-### Development Setup
+### Setup
 
-1. **Clone the repository**
+1. **Install dependencies**
    ```bash
-   git clone <repository-url>
-   cd thrillwiki-monorepo
+   cd backend
+   uv sync
    ```
 
-2. **Install dependencies**
+2. **Environment configuration**
    ```bash
-   # Install frontend dependencies
-   pnpm install
-
-   # Install backend dependencies
-   cd backend && uv sync && cd ..
-   ```
-
-3. **Environment configuration**
-   ```bash
-   # Copy environment files
    cp .env.example .env
-   cp backend/.env.example backend/.env
-   cp frontend/.env.development frontend/.env.local
-
-   # Edit .env files with your settings
+   # Edit .env with your settings
    ```
 
-4. **Database setup**
+3. **Database setup**
    ```bash
-   cd backend
    uv run manage.py migrate
    uv run manage.py createsuperuser
-   cd ..
    ```
 
-5. **Start development servers**
+4. **Start development server**
    ```bash
-   # Start both servers concurrently
-   pnpm run dev
-
-   # Or start individually
-   pnpm run dev:frontend    # Vue.js on :5174
-   pnpm run dev:backend     # Django on :8000
-   ```
-
-## 📁 Project Structure Details
-
-### Backend (`/backend`)
-- **Django 5.0+** with REST Framework for API development
-- **Modular app architecture** with separate apps for parks, rides, accounts, etc.
-- **UV package management** for fast, reliable Python dependency management
-- **PostgreSQL/SQLite** database with comprehensive entity relationships
-- **Redis** for caching, sessions, and background tasks
-- **Comprehensive API** with frontend serializers for camelCase conversion
-
-### Frontend (`/frontend`)
-- **Vue 3** with Composition API and `<script setup>` syntax
-- **TypeScript** for type safety and better developer experience
-- **Vite** for lightning-fast development and optimized production builds
-- **Tailwind CSS** with custom design system and dark mode support
-- **Pinia** for state management with modular stores
-- **Vue Router** for client-side routing
-- **Comprehensive UI component library** with shadcn-vue components
-
-### Shared Resources (`/shared`)
-- **Documentation** - Comprehensive guides and API documentation
-- **Development scripts** - Automated setup, build, and deployment scripts
-- **Configuration** - Shared Docker, CI/CD, and infrastructure configs
-- **Media management** - Centralized media file handling and optimization
-
-## 🛠️ Development Workflow
-
-### Available Scripts
-
-```bash
-# Development
-pnpm run dev              # Start both servers concurrently
-pnpm run dev:frontend     # Frontend only (:5174)
-pnpm run dev:backend      # Backend only (:8000)
-
-# Building
-pnpm run build            # Build frontend for production
-pnpm run build:staging    # Build for staging environment
-pnpm run build:production # Build for production environment
-
-# Testing
-pnpm run test             # Run all tests
-pnpm run test:frontend    # Frontend unit and E2E tests
-pnpm run test:backend     # Backend unit and integration tests
-
-# Code Quality
-pnpm run lint             # Lint all code
-pnpm run type-check       # TypeScript type checking
-
-# Setup and Maintenance
-pnpm run install:all      # Install all dependencies
-./shared/scripts/dev/setup-dev.sh    # Full development setup
-./shared/scripts/dev/start-all.sh    # Start all services
-```
-
-### Backend Development
-
-```bash
-cd backend
-
-# Django management commands
-uv run manage.py migrate
-uv run manage.py makemigrations
-uv run manage.py createsuperuser
-uv run manage.py collectstatic
-
-# Testing and quality
-uv run manage.py test
-uv run black .           # Format code
-uv run flake8 .          # Lint code
-uv run isort .           # Sort imports
-```
-
-### Frontend Development
-
-```bash
-cd frontend
-
-# Vue.js development
-pnpm run dev            # Start dev server
-pnpm run build          # Production build
-pnpm run preview        # Preview production build
-pnpm run test:unit      # Vitest unit tests
-pnpm run test:e2e       # Playwright E2E tests
-pnpm run lint           # ESLint
-pnpm run type-check     # TypeScript checking
+   uv run manage.py runserver
    ```
 
 ## 🔧 Configuration
 
 ### Environment Variables
 
-#### Root `.env`
+Required environment variables:
+
 ```bash
 # Database
 DATABASE_URL=postgresql://user:pass@localhost/thrillwiki
-REDIS_URL=redis://localhost:6379
 
-# Security
+# Django
 SECRET_KEY=your-secret-key
 DEBUG=True
-
-# API Configuration
-API_BASE_URL=http://localhost:8000/api
-```
-
-#### Backend `.env`
-```bash
-# Django Settings
 DJANGO_SETTINGS_MODULE=config.django.local
-DEBUG=True
-ALLOWED_HOSTS=localhost,127.0.0.1
-
-# Database
-DATABASE_URL=postgresql://user:pass@localhost/thrillwiki
 
 # Redis
 REDIS_URL=redis://localhost:6379
@@ -203,142 +90,140 @@ REDIS_URL=redis://localhost:6379
 EMAIL_HOST=smtp.gmail.com
 EMAIL_PORT=587
 EMAIL_USE_TLS=True
+EMAIL_HOST_USER=your-email@gmail.com
+EMAIL_HOST_PASSWORD=your-app-password
 ```
 
-#### Frontend `.env.local`
+### Settings Structure
+
+- `config/django/base.py` - Base settings
+- `config/django/local.py` - Development settings
+- `config/django/production.py` - Production settings
+- `config/django/test.py` - Test settings
+
+## 📁 Apps Overview
+
+### Core Apps
+
+- **accounts** - User authentication and profile management
+- **parks** - Theme park models and operations
+- **rides** - Ride information and relationships
+- **core** - Shared utilities and base classes
+
+### Support Apps
+
+- **moderation** - Content moderation workflows
+- **location** - Geographic data and services
+- **media** - File upload and management
+- **email_service** - Email sending and templates
+
+## 🔌 API Endpoints
+
+Base URL: `http://localhost:8000/api/`
+
+### Authentication
+- `POST /auth/login/` - User login
+- `POST /auth/logout/` - User logout
+- `POST /auth/register/` - User registration
+
+### Parks
+- `GET /parks/` - List parks
+- `GET /parks/{id}/` - Park details
+- `POST /parks/` - Create park (admin)
+
+### Rides
+- `GET /rides/` - List rides
+- `GET /rides/{id}/` - Ride details
+- `GET /parks/{park_id}/rides/` - Rides by park
+
+## 🧪 Testing
+
 ```bash
-# API Configuration
-VITE_API_BASE_URL=http://localhost:8000/api
+# Run all tests
+uv run manage.py test
 
-# Development
-VITE_APP_TITLE=ThrillWiki (Development)
+# Run specific app tests
+uv run manage.py test apps.parks
 
-# Feature Flags
-VITE_ENABLE_DEBUG=true
+# Run with coverage
+uv run coverage run manage.py test
+uv run coverage report
 ```
 
-## 📊 Key Features
+## 🔧 Management Commands
 
-### Backend Features
-- **Comprehensive Park Database** - Detailed information about theme parks worldwide
-- **Extensive Ride Database** - Complete roller coaster and ride information
-- **User Management** - Authentication, profiles, and permissions
-- **Content Moderation** - Review and approval workflows
-- **API Documentation** - Auto-generated OpenAPI/Swagger docs
-- **Background Tasks** - Celery integration for long-running processes
-- **Caching Strategy** - Redis-based caching for performance
-- **Search Functionality** - Full-text search across all content
+Custom management commands:
 
-### Frontend Features
-- **Responsive Design** - Mobile-first approach with Tailwind CSS
-- **Dark Mode Support** - Complete dark/light theme system
-- **Real-time Search** - Instant search with debouncing and highlighting
-- **Interactive Maps** - Park and ride location visualization
-- **Photo Galleries** - High-quality image management
-- **User Dashboard** - Personalized content and contributions
-- **Progressive Web App** - PWA capabilities for mobile experience
-- **Accessibility** - WCAG 2.1 AA compliance
+```bash
+# Import park data
+uv run manage.py import_parks data/parks.json
 
-## 📖 Documentation
+# Generate test data
+uv run manage.py generate_test_data
 
-### Core Documentation
-- **[Backend Documentation](./backend/README.md)** - Django setup and API details
-- **[Frontend Documentation](./frontend/README.md)** - Vue.js setup and development
-- **[API Documentation](./shared/docs/api/README.md)** - Complete API reference
-- **[Development Workflow](./shared/docs/development/workflow.md)** - Daily development processes
+# Clean up expired sessions
+uv run manage.py clearsessions
+```
 
-### Architecture & Deployment
-- **[Architecture Overview](./architecture/)** - System design and decisions
-- **[Deployment Guide](./shared/docs/deployment/)** - Production deployment instructions
-- **[Development Scripts](./shared/scripts/)** - Automation and tooling
+## 📊 Database
 
-### Additional Resources
-- **[Contributing Guide](./CONTRIBUTING.md)** - How to contribute to the project
-- **[Code of Conduct](./CODE_OF_CONDUCT.md)** - Community guidelines
-- **[Security Policy](./SECURITY.md)** - Security reporting and policies
+### Entity Relationships
+
+- **Parks** have Operators (required) and PropertyOwners (optional)
+- **Rides** belong to Parks and may have Manufacturers/Designers
+- **Users** can create submissions and moderate content
+
+### Migrations
+
+```bash
+# Create migrations
+uv run manage.py makemigrations
+
+# Apply migrations
+uv run manage.py migrate
+
+# Show migration status
+uv run manage.py showmigrations
+```
+
+## 🔐 Security
+
+- CORS configured for frontend integration
+- CSRF protection enabled
+- JWT token authentication
+- Rate limiting on API endpoints
+- Input validation and sanitization
+
+## 📈 Performance
+
+- Database query optimization
+- Redis caching for frequent queries
+- Background task processing with Celery
+- Database connection pooling
 
 ## 🚀 Deployment
 
-### Development Environment
-```bash
-# Quick start with all services
-./shared/scripts/dev/start-all.sh
+See the [Deployment Guide](../shared/docs/deployment/) for production setup.
 
-# Full development setup
-./shared/scripts/dev/setup-dev.sh
-```
+## 🐛 Debugging
 
-### Production Deployment
-```bash
-# Build all components
-./shared/scripts/build/build-all.sh
+### Development Tools
 
-# Deploy to production
-./shared/scripts/deploy/deploy.sh
-```
+- Django Debug Toolbar
+- Django Extensions
+- Silk profiler for performance analysis
 
-See [Deployment Guide](./shared/docs/deployment/) for detailed production setup instructions.
+### Logging
 
-## 🧪 Testing Strategy
-
-### Backend Testing
-- **Unit Tests** - Individual function and method testing
-- **Integration Tests** - API endpoint and database interaction testing
-- **E2E Tests** - Full user journey testing with Selenium
-
-### Frontend Testing
-- **Unit Tests** - Component and utility function testing with Vitest
-- **Integration Tests** - Component interaction testing
-- **E2E Tests** - User journey testing with Playwright
-
-### Code Quality
-- **Linting** - ESLint for JavaScript/TypeScript, Flake8 for Python
-- **Type Checking** - TypeScript for frontend, mypy for Python
-- **Code Formatting** - Prettier for frontend, Black for Python
+Logs are written to:
+- Console (development)
+- Files in `logs/` directory (production)
+- External logging service (production)
 
 ## 🤝 Contributing
 
-We welcome contributions! Please see our [Contributing Guide](./CONTRIBUTING.md) for details on:
-
-1. **Development Setup** - Getting your development environment ready
-2. **Code Standards** - Coding conventions and best practices
-3. **Pull Request Process** - How to submit your changes
-4. **Issue Reporting** - How to report bugs and request features
-
-### Quick Contribution Start
-```bash
-# Fork and clone the repository
-git clone https://github.com/your-username/thrillwiki-monorepo.git
-cd thrillwiki-monorepo
-
-# Set up development environment
-./shared/scripts/dev/setup-dev.sh
-
-# Create a feature branch
-git checkout -b feature/your-feature-name
-
-# Make your changes and test
-pnpm run test
-
-# Submit a pull request
-```
-
-## 📄 License
-
-This project is licensed under the MIT License - see the [LICENSE](./LICENSE) file for details.
-
-## 🙏 Acknowledgments
-
-- **Theme Park Community** - For providing data and inspiration
-- **Open Source Contributors** - For the amazing tools and libraries
-- **Vue.js and Django Communities** - For excellent documentation and support
-
-## 📞 Support
-
-- **Issues** - [GitHub Issues](https://github.com/your-repo/thrillwiki-monorepo/issues)
-- **Discussions** - [GitHub Discussions](https://github.com/your-repo/thrillwiki-monorepo/discussions)
-- **Documentation** - [Project Wiki](https://github.com/your-repo/thrillwiki-monorepo/wiki)
-
----
-
-**Built with ❤️ for the theme park and roller coaster community**
+1. Follow Django coding standards
+2. Write tests for new features
+3. Update documentation
+4. Run linting: `uv run flake8 .`
+5. Format code: `uv run black .`

TAILWIND_V4_MIGRATION.md

@@ -1,326 +0,0 @@
-# Tailwind CSS v3 to v4 Migration Documentation
-
-## Overview
-
-This document details the complete migration process from Tailwind CSS v3 to v4 for the Django ThrillWiki project. The migration was performed on August 15, 2025, and includes all changes, configurations, and verification steps.
-
-## Migration Summary
-
-- **From**: Tailwind CSS v3.x
-- **To**: Tailwind CSS v4.1.12
-- **Project**: Django ThrillWiki (Django + Tailwind CSS integration)
-- **Status**: ✅ Complete and Verified
-- **Breaking Changes**: None (all styling preserved)
-
-## Key Changes in Tailwind CSS v4
-
-### 1. CSS Import Syntax
-- **v3**: Used `@tailwind` directives
-- **v4**: Uses single `@import "tailwindcss"` statement
-
-### 2. Theme Configuration
-- **v3**: Configuration in `tailwind.config.js`
-- **v4**: CSS-first approach with `@theme` blocks
-
-### 3. Deprecated Utilities
-Multiple utility classes were renamed or deprecated in v4.
-
-## Migration Steps Performed
-
-### Step 1: Update Main CSS File
-
-**File**: `static/css/src/input.css`
-
-**Before (v3)**:
-```css
-@tailwind base;
-@tailwind components;
-@tailwind utilities;
-
-/* Custom styles... */
-```
-
-**After (v4)**:
-```css
-@import "tailwindcss";
-
-@theme {
-  --color-primary: #4f46e5;
-  --color-secondary: #e11d48;
-  --color-accent: #8b5cf6;
-  --font-family-sans: Poppins, sans-serif;
-}
-
-/* Custom styles... */
-```
-
-### Step 2: Theme Variable Migration
-
-Migrated custom colors and fonts from `tailwind.config.js` to CSS variables in `@theme` block:
-
-| Variable | Value | Description |
-|----------|-------|-------------|
-| `--color-primary` | `#4f46e5` | Indigo-600 (primary brand color) |
-| `--color-secondary` | `#e11d48` | Rose-600 (secondary brand color) |
-| `--color-accent` | `#8b5cf6` | Violet-500 (accent color) |
-| `--font-family-sans` | `Poppins, sans-serif` | Primary font family |
-
-### Step 3: Deprecated Utility Updates
-
-#### Outline Utilities
-- **Changed**: `outline-none` → `outline-hidden`
-- **Files affected**: All template files, component CSS
-
-#### Ring Utilities  
-- **Changed**: `ring` → `ring-3`
-- **Reason**: Default ring width now requires explicit specification
-
-#### Shadow Utilities
-- **Changed**: 
-  - `shadow-sm` → `shadow-xs`
-  - `shadow` → `shadow-sm`
-- **Files affected**: Button components, card components
-
-#### Opacity Utilities
-- **Changed**: `bg-opacity-*` format → `color/opacity` format
-- **Example**: `bg-blue-500 bg-opacity-50` → `bg-blue-500/50`
-
-#### Flex Utilities
-- **Changed**: `flex-shrink-0` → `shrink-0`
-
-#### Important Modifier
-- **Changed**: `!important` → `!` (shorter syntax)
-- **Example**: `!outline-none` → `!outline-hidden`
-
-### Step 4: Template File Updates
-
-Updated the following template files with new utility classes:
-
-#### Core Templates
-- `templates/base.html`
-- `templates/components/navbar.html`
-- `templates/components/footer.html`
-
-#### Page Templates
-- `templates/parks/park_list.html`
-- `templates/parks/park_detail.html`
-- `templates/rides/ride_list.html`
-- `templates/rides/ride_detail.html`
-- `templates/companies/company_list.html`
-- `templates/companies/company_detail.html`
-
-#### Form Templates
-- `templates/parks/park_form.html`
-- `templates/rides/ride_form.html`
-- `templates/companies/company_form.html`
-
-#### Component Templates
-- `templates/components/search_results.html`
-- `templates/components/pagination.html`
-
-### Step 5: Component CSS Updates
-
-Updated custom component classes in `static/css/src/input.css`:
-
-**Button Components**:
-```css
-.btn-primary {
-    @apply inline-flex items-center px-6 py-2.5 border border-transparent rounded-full shadow-md text-sm font-medium text-white bg-gradient-to-r from-primary to-secondary hover:from-primary/90 hover:to-secondary/90 focus:outline-hidden focus:ring-3 focus:ring-offset-2 focus:ring-primary/50 transform hover:scale-105 transition-all;
-}
-
-.btn-secondary {
-    @apply inline-flex items-center px-6 py-2.5 border border-gray-200 dark:border-gray-700 rounded-full shadow-md text-sm font-medium text-gray-700 dark:text-gray-200 bg-white dark:bg-gray-800 hover:bg-gray-50 dark:hover:bg-gray-700 focus:outline-hidden focus:ring-3 focus:ring-offset-2 focus:ring-primary/50 transform hover:scale-105 transition-all;
-}
-```
-
-## Configuration Files
-
-### Tailwind Config (Preserved for Reference)
-
-**File**: `tailwind.config.js`
-
-The original v3 configuration was preserved for reference but is no longer the primary configuration method:
-
-```javascript
-module.exports = {
-  content: [
-    './templates/**/*.html',
-    './static/js/**/*.js',
-    './*/templates/**/*.html',
-  ],
-  darkMode: 'class',
-  theme: {
-    extend: {
-      colors: {
-        primary: '#4f46e5',
-        secondary: '#e11d48', 
-        accent: '#8b5cf6',
-      },
-      fontFamily: {
-        sans: ['Poppins', 'sans-serif'],
-      },
-    },
-  },
-  plugins: [
-    require('@tailwindcss/forms'),
-    require('@tailwindcss/typography'),
-  ],
-}
-```
-
-### Package.json Updates
-
-No changes required to `package.json` as the Django-Tailwind package handles version management.
-
-## Verification Steps
-
-### 1. Build Process Verification
-```bash
-# Clean and rebuild CSS
-lsof -ti :8000 | xargs kill -9
-find . -type d -name "__pycache__" -exec rm -r {} +
-uv run manage.py tailwind runserver
-```
-
-**Result**: ✅ Build successful, no errors
-
-### 2. CSS Compilation Check
-```bash
-# Check compiled CSS size and content
-ls -la static/css/tailwind.css
-head -50 static/css/tailwind.css | grep -E "(primary|secondary|accent)"
-```
-
-**Result**: ✅ CSS properly compiled with theme variables
-
-### 3. Server Response Check
-```bash
-curl -s -o /dev/null -w "%{http_code}" http://localhost:8000/
-```
-
-**Result**: ✅ HTTP 200 - Server responding correctly
-
-### 4. Visual Verification
-- ✅ Primary colors (indigo) displaying correctly
-- ✅ Secondary colors (rose) displaying correctly  
-- ✅ Accent colors (violet) displaying correctly
-- ✅ Poppins font family loading correctly
-- ✅ Button styling and interactions working
-- ✅ Dark mode functionality preserved
-- ✅ Responsive design intact
-- ✅ All animations and transitions working
-
-## Files Modified
-
-### CSS Files
-- `static/css/src/input.css` - ✅ Major updates (import syntax, theme variables, component classes)
-
-### Template Files (Updated utility classes)
-- `templates/base.html`
-- `templates/components/navbar.html`
-- `templates/components/footer.html`
-- `templates/parks/park_list.html`
-- `templates/parks/park_detail.html`
-- `templates/parks/park_form.html`
-- `templates/rides/ride_list.html`
-- `templates/rides/ride_detail.html`
-- `templates/rides/ride_form.html`
-- `templates/companies/company_list.html`
-- `templates/companies/company_detail.html`
-- `templates/companies/company_form.html`
-- `templates/components/search_results.html`
-- `templates/components/pagination.html`
-
-### Configuration Files (Preserved)
-- `tailwind.config.js` - ✅ Preserved for reference
-
-## Benefits of v4 Migration
-
-### Performance Improvements
-- Smaller CSS bundle size
-- Faster compilation times
-- Improved CSS-in-JS performance
-
-### Developer Experience
-- CSS-first configuration approach
-- Better IDE support for theme variables
-- Simplified import syntax
-
-### Future Compatibility
-- Modern CSS features support
-- Better container queries support
-- Enhanced dark mode capabilities
-
-## Troubleshooting Guide
-
-### Common Issues and Solutions
-
-#### Issue: "Cannot apply unknown utility class"
-**Solution**: Check if utility was renamed in v4 migration table above
-
-#### Issue: Custom colors not working
-**Solution**: Ensure `@theme` block is properly defined with CSS variables
-
-#### Issue: Build errors
-**Solution**: Run clean build process:
-```bash
-lsof -ti :8000 | xargs kill -9
-find . -type d -name "__pycache__" -exec rm -r {} +
-uv run manage.py tailwind runserver
-```
-
-## Rollback Plan
-
-If rollback is needed:
-
-1. **Restore CSS Import Syntax**:
-```css
-@tailwind base;
-@tailwind components; 
-@tailwind utilities;
-```
-
-2. **Remove @theme Block**: Delete the `@theme` section from input.css
-
-3. **Revert Utility Classes**: Use search/replace to revert utility class changes
-
-4. **Downgrade Tailwind**: Update package to v3.x version
-
-## Post-Migration Checklist
-
-- [x] CSS compilation working
-- [x] Development server running
-- [x] All pages loading correctly
-- [x] Colors displaying properly
-- [x] Fonts loading correctly
-- [x] Interactive elements working
-- [x] Dark mode functioning
-- [x] Responsive design intact
-- [x] No console errors
-- [x] Performance acceptable
-
-## Future Considerations
-
-### New v4 Features to Explore
-- Enhanced container queries
-- Improved dark mode utilities
-- New color-mix() support
-- Advanced CSS nesting
-
-### Maintenance Notes
-- Monitor for v4 updates and new features
-- Consider migrating more configuration to CSS variables
-- Evaluate new utility classes as they're released
-
-## Contact and Support
-
-For questions about this migration:
-- Review this documentation
-- Check Tailwind CSS v4 official documentation
-- Consult the preserved `tailwind.config.js` for original settings
-
----
-
-**Migration Completed**: August 15, 2025  
-**Tailwind Version**: v4.1.12  
-**Status**: Production Ready ✅

TAILWIND_V4_QUICK_REFERENCE.md

@@ -1,80 +0,0 @@
-# Tailwind CSS v4 Quick Reference Guide
-
-## Common v3 → v4 Utility Migrations
-
-| v3 Utility | v4 Utility | Notes |
-|------------|------------|-------|
-| `outline-none` | `outline-hidden` | Accessibility improvement |
-| `ring` | `ring-3` | Must specify ring width |
-| `shadow-sm` | `shadow-xs` | Renamed for consistency |
-| `shadow` | `shadow-sm` | Renamed for consistency |
-| `flex-shrink-0` | `shrink-0` | Shortened syntax |
-| `bg-blue-500 bg-opacity-50` | `bg-blue-500/50` | New opacity syntax |
-| `text-gray-700 text-opacity-75` | `text-gray-700/75` | New opacity syntax |
-| `!outline-none` | `!outline-hidden` | Updated important syntax |
-
-## Theme Variables (Available in CSS)
-
-```css
-/* Colors */
-var(--color-primary)    /* #4f46e5 - Indigo-600 */
-var(--color-secondary)  /* #e11d48 - Rose-600 */
-var(--color-accent)     /* #8b5cf6 - Violet-500 */
-
-/* Fonts */
-var(--font-family-sans) /* Poppins, sans-serif */
-```
-
-## Usage in Templates
-
-### Before (v3)
-```html
-<button class="outline-none ring hover:ring-2 shadow-sm bg-blue-500 bg-opacity-75">
-  Click me
-</button>
-```
-
-### After (v4)
-```html
-<button class="outline-hidden ring-3 hover:ring-2 shadow-xs bg-blue-500/75">
-  Click me
-</button>
-```
-
-## Development Commands
-
-### Start Development Server
-```bash
-lsof -ti :8000 | xargs kill -9; find . -type d -name "__pycache__" -exec rm -r {} +; uv run manage.py tailwind runserver
-```
-
-### Force CSS Rebuild
-```bash
-uv run manage.py tailwind build
-```
-
-## New v4 Features
-
-- **CSS-first configuration** via `@theme` blocks
-- **Improved opacity syntax** with `/` operator  
-- **Better color-mix() support**
-- **Enhanced dark mode utilities**
-- **Faster compilation**
-
-## Troubleshooting
-
-### Unknown utility class error
-1. Check if utility was renamed (see table above)
-2. Verify custom theme variables are defined
-3. Run clean build process
-
-### Colors not working
-1. Ensure `@theme` block exists in `static/css/src/input.css`
-2. Check CSS variable names match usage
-3. Verify CSS compilation completed
-
-## Resources
-
-- [Full Migration Documentation](./TAILWIND_V4_MIGRATION.md)
-- [Tailwind CSS v4 Official Docs](https://tailwindcss.com/docs)
-- [Django-Tailwind Package](https://django-tailwind.readthedocs.io/)

apps/accounts/__init__.py

@@ -0,0 +1,2 @@
+# Import choices to trigger registration
+from .choices import *

apps/accounts/adapters.py

@@ -0,0 +1,95 @@
+from django.conf import settings
+from django.http import HttpRequest
+from typing import Optional, Any, Dict, Literal, TYPE_CHECKING, cast
+from allauth.account.adapter import DefaultAccountAdapter  # type: ignore[import]
+from allauth.account.models import EmailConfirmation, EmailAddress  # type: ignore[import]
+from allauth.socialaccount.adapter import DefaultSocialAccountAdapter  # type: ignore[import]
+from allauth.socialaccount.models import SocialLogin  # type: ignore[import]
+from django.contrib.auth import get_user_model
+from django.contrib.sites.shortcuts import get_current_site
+
+if TYPE_CHECKING:
+    from django.contrib.auth.models import AbstractUser
+
+User = get_user_model()
+
+
+class CustomAccountAdapter(DefaultAccountAdapter):
+    def is_open_for_signup(self, request: HttpRequest) -> Literal[True]:
+        """
+        Whether to allow sign ups.
+        """
+        return True
+
+    def get_email_confirmation_url(self, request: HttpRequest, emailconfirmation: EmailConfirmation) -> str:
+        """
+        Constructs the email confirmation (activation) url.
+        """
+        get_current_site(request)
+        # Ensure the key is treated as a string for the type checker
+        key = cast(str, getattr(emailconfirmation, "key", ""))
+        return f"{settings.LOGIN_REDIRECT_URL}verify-email?key={key}"
+
+    def send_confirmation_mail(self, request: HttpRequest, emailconfirmation: EmailConfirmation, signup: bool) -> None:
+        """
+        Sends the confirmation email.
+        """
+        current_site = get_current_site(request)
+        activate_url = self.get_email_confirmation_url(request, emailconfirmation)
+        # Cast key to str for typing consistency and template context
+        key = cast(str, getattr(emailconfirmation, "key", ""))
+
+        # Determine template early
+        if signup:
+            email_template = "account/email/email_confirmation_signup"
+        else:
+            email_template = "account/email/email_confirmation"
+
+        # Cast the possibly-unknown email_address to EmailAddress so the type checker knows its attributes
+        email_address = cast(EmailAddress, getattr(emailconfirmation, "email_address", None))
+
+        # Safely obtain email string (fallback to any top-level email on confirmation)
+        email_str = cast(str, getattr(email_address, "email", getattr(emailconfirmation, "email", "")))
+
+        # Safely obtain the user object, cast to the project's User model for typing
+        user_obj = cast("AbstractUser", getattr(email_address, "user", None))
+
+        # Explicitly type the context to avoid partial-unknown typing issues
+        ctx: Dict[str, Any] = {
+            "user": user_obj,
+            "activate_url": activate_url,
+            "current_site": current_site,
+            "key": key,
+        }
+        # Remove unnecessary cast; ctx is already Dict[str, Any]
+        self.send_mail(email_template, email_str, ctx)  # type: ignore
+
+
+class CustomSocialAccountAdapter(DefaultSocialAccountAdapter):
+    def is_open_for_signup(self, request: HttpRequest, sociallogin: SocialLogin) -> Literal[True]:
+        """
+        Whether to allow social account sign ups.
+        """
+        return True
+
+    def populate_user(
+        self, request: HttpRequest, sociallogin: SocialLogin, data: Dict[str, Any]
+    ) -> "AbstractUser":  # type: ignore[override]
+        """
+        Hook that can be used to further populate the user instance.
+        """
+        user = super().populate_user(request, sociallogin, data)  # type: ignore
+        if getattr(sociallogin.account, "provider", None) == "discord":  # type: ignore
+            user.discord_id = getattr(sociallogin.account, "uid", None)  # type: ignore
+        return cast("AbstractUser", user)  # Ensure return type is explicit
+
+    def save_user(
+        self, request: HttpRequest, sociallogin: SocialLogin, form: Optional[Any] = None
+    ) -> "AbstractUser":  # type: ignore[override]
+        """
+        Save the newly signed up social login.
+        """
+        user = super().save_user(request, sociallogin, form)  # type: ignore
+        if user is None:
+            raise ValueError("User creation failed")
+        return cast("AbstractUser", user)  # Ensure return type is explicit

apps/accounts/admin.py

@@ -1,7 +1,10 @@
+from typing import Any
 from django.contrib import admin
-from django.contrib.auth.admin import UserAdmin
+from django.contrib.auth.admin import UserAdmin as DjangoUserAdmin
 from django.utils.html import format_html
 from django.contrib.auth.models import Group
+from django.http import HttpRequest
+from django.db.models import QuerySet
 from .models import (
     User,
     UserProfile,
@@ -12,7 +15,7 @@ from .models import (
 )
 
 
-class UserProfileInline(admin.StackedInline):
+class UserProfileInline(admin.StackedInline[UserProfile, admin.options.AdminSite]):
     model = UserProfile
     can_delete = False
     verbose_name_plural = "Profile"
@@ -39,7 +42,7 @@ class UserProfileInline(admin.StackedInline):
     )
 
 
-class TopListItemInline(admin.TabularInline):
+class TopListItemInline(admin.TabularInline[TopListItem]):
     model = TopListItem
     extra = 1
     fields = ("content_type", "object_id", "rank", "notes")
@@ -47,7 +50,7 @@ class TopListItemInline(admin.TabularInline):
 
 
 @admin.register(User)
-class CustomUserAdmin(UserAdmin):
+class CustomUserAdmin(DjangoUserAdmin[User]):
     list_display = (
         "username",
         "email",
@@ -74,7 +77,7 @@ class CustomUserAdmin(UserAdmin):
         "ban_users",
         "unban_users",
     ]
-    inlines = [UserProfileInline]
+    inlines: list[type[admin.StackedInline[UserProfile]]] = [UserProfileInline]
 
     fieldsets = (
         (None, {"fields": ("username", "password")}),
@@ -126,75 +129,82 @@ class CustomUserAdmin(UserAdmin):
     )
 
     @admin.display(description="Avatar")
-    def get_avatar(self, obj):
-        if obj.profile.avatar:
+    def get_avatar(self, obj: User) -> str:
+        profile = getattr(obj, "profile", None)
+        if profile and getattr(profile, "avatar", None):
             return format_html(
-                '<img src="{}" width="30" height="30" style="border-radius:50%;" />',
-                obj.profile.avatar.url,
+                '<img src="{0}" width="30" height="30" style="border-radius:50%;" />',
+                getattr(profile.avatar, "url", ""),  # type: ignore
             )
         return format_html(
             '<div style="width:30px; height:30px; border-radius:50%; '
             "background-color:#007bff; color:white; display:flex; "
-            'align-items:center; justify-content:center;">{}</div>',
-            obj.username[0].upper(),
+            'align-items:center; justify-content:center;">{0}</div>',
+            getattr(obj, "username", "?")[0].upper(),  # type: ignore
         )
 
     @admin.display(description="Status")
-    def get_status(self, obj):
-        if obj.is_banned:
-            return format_html('<span style="color: red;">Banned</span>')
-        if not obj.is_active:
-            return format_html('<span style="color: orange;">Inactive</span>')
-        if obj.is_superuser:
-            return format_html('<span style="color: purple;">Superuser</span>')
-        if obj.is_staff:
-            return format_html('<span style="color: blue;">Staff</span>')
-        return format_html('<span style="color: green;">Active</span>')
+    def get_status(self, obj: User) -> str:
+        if getattr(obj, "is_banned", False):
+            return format_html('<span style="color: red;">{}</span>', "Banned")
+        if not getattr(obj, "is_active", True):
+            return format_html('<span style="color: orange;">{}</span>', "Inactive")
+        if getattr(obj, "is_superuser", False):
+            return format_html('<span style="color: purple;">{}</span>', "Superuser")
+        if getattr(obj, "is_staff", False):
+            return format_html('<span style="color: blue;">{}</span>', "Staff")
+        return format_html('<span style="color: green;">{}</span>', "Active")
 
     @admin.display(description="Ride Credits")
-    def get_credits(self, obj):
+    def get_credits(self, obj: User) -> str:
         try:
-            profile = obj.profile
+            profile = getattr(obj, "profile", None)
+            if not profile:
+                return "-"
             return format_html(
-                "RC: {}<br>DR: {}<br>FR: {}<br>WR: {}",
-                profile.coaster_credits,
-                profile.dark_ride_credits,
-                profile.flat_ride_credits,
-                profile.water_ride_credits,
+                "RC: {0}<br>DR: {1}<br>FR: {2}<br>WR: {3}",
+                getattr(profile, "coaster_credits", 0),
+                getattr(profile, "dark_ride_credits", 0),
+                getattr(profile, "flat_ride_credits", 0),
+                getattr(profile, "water_ride_credits", 0),
             )
         except UserProfile.DoesNotExist:
             return "-"
 
     @admin.action(description="Activate selected users")
-    def activate_users(self, request, queryset):
+    def activate_users(self, request: HttpRequest, queryset: QuerySet[User]) -> None:
         queryset.update(is_active=True)
 
     @admin.action(description="Deactivate selected users")
-    def deactivate_users(self, request, queryset):
+    def deactivate_users(self, request: HttpRequest, queryset: QuerySet[User]) -> None:
         queryset.update(is_active=False)
 
     @admin.action(description="Ban selected users")
-    def ban_users(self, request, queryset):
+    def ban_users(self, request: HttpRequest, queryset: QuerySet[User]) -> None:
         from django.utils import timezone
-
         queryset.update(is_banned=True, ban_date=timezone.now())
 
     @admin.action(description="Unban selected users")
-    def unban_users(self, request, queryset):
+    def unban_users(self, request: HttpRequest, queryset: QuerySet[User]) -> None:
         queryset.update(is_banned=False, ban_date=None, ban_reason="")
 
-    def save_model(self, request, obj, form, change):
+    def save_model(
+        self,
+        request: HttpRequest,
+        obj: User,
+        form: Any,
+        change: bool
+    ) -> None:
         creating = not obj.pk
         super().save_model(request, obj, form, change)
-        if creating and obj.role != User.Roles.USER:
-            # Ensure new user with role gets added to appropriate group
-            group = Group.objects.filter(name=obj.role).first()
+        if creating and getattr(obj, "role", "USER") != "USER":
+            group = Group.objects.filter(name=getattr(obj, "role", None)).first()
             if group:
-                obj.groups.add(group)
+                obj.groups.add(group)  # type: ignore[attr-defined]
 
 
 @admin.register(UserProfile)
-class UserProfileAdmin(admin.ModelAdmin):
+class UserProfileAdmin(admin.ModelAdmin[UserProfile]):
     list_display = (
         "user",
         "display_name",
@@ -235,7 +245,7 @@ class UserProfileAdmin(admin.ModelAdmin):
 
 
 @admin.register(EmailVerification)
-class EmailVerificationAdmin(admin.ModelAdmin):
+class EmailVerificationAdmin(admin.ModelAdmin[EmailVerification]):
     list_display = ("user", "created_at", "last_sent", "is_expired")
     list_filter = ("created_at", "last_sent")
     search_fields = ("user__username", "user__email", "token")
@@ -247,21 +257,21 @@ class EmailVerificationAdmin(admin.ModelAdmin):
     )
 
     @admin.display(description="Status")
-    def is_expired(self, obj):
+    def is_expired(self, obj: EmailVerification) -> str:
         from django.utils import timezone
         from datetime import timedelta
 
-        if timezone.now() - obj.last_sent > timedelta(days=1):
-            return format_html('<span style="color: red;">Expired</span>')
-        return format_html('<span style="color: green;">Valid</span>')
+        if timezone.now() - getattr(obj, "last_sent", timezone.now()) > timedelta(days=1):
+            return format_html('<span style="color: red;">{}</span>', "Expired")
+        return format_html('<span style="color: green;">{}</span>', "Valid")
 
 
 @admin.register(TopList)
-class TopListAdmin(admin.ModelAdmin):
+class TopListAdmin(admin.ModelAdmin[TopList]):
     list_display = ("title", "user", "category", "created_at", "updated_at")
     list_filter = ("category", "created_at", "updated_at")
     search_fields = ("title", "user__username", "description")
-    inlines = [TopListItemInline]
+    inlines: list[type[admin.TabularInline[TopListItem]]] = [TopListItemInline]
 
     fieldsets = (
         (
@@ -277,7 +287,7 @@ class TopListAdmin(admin.ModelAdmin):
 
 
 @admin.register(TopListItem)
-class TopListItemAdmin(admin.ModelAdmin):
+class TopListItemAdmin(admin.ModelAdmin[TopListItem]):
     list_display = ("top_list", "content_type", "object_id", "rank")
     list_filter = ("top_list__category", "rank")
     search_fields = ("top_list__title", "notes")
@@ -290,7 +300,7 @@ class TopListItemAdmin(admin.ModelAdmin):
 
 
 @admin.register(PasswordReset)
-class PasswordResetAdmin(admin.ModelAdmin):
+class PasswordResetAdmin(admin.ModelAdmin[PasswordReset]):
     """Admin interface for password reset tokens"""
 
     list_display = (
@@ -341,20 +351,19 @@ class PasswordResetAdmin(admin.ModelAdmin):
     )
 
     @admin.display(description="Status", boolean=True)
-    def is_expired(self, obj):
-        """Display expiration status with color coding"""
+    def is_expired(self, obj: PasswordReset) -> str:
         from django.utils import timezone
 
-        if obj.used:
-            return format_html('<span style="color: blue;">Used</span>')
-        elif timezone.now() > obj.expires_at:
-            return format_html('<span style="color: red;">Expired</span>')
-        return format_html('<span style="color: green;">Valid</span>')
+        if getattr(obj, "used", False):
+            return format_html('<span style="color: blue;">{}</span>', "Used")
+        elif timezone.now() > getattr(obj, "expires_at", timezone.now()):
+            return format_html('<span style="color: red;">{}</span>', "Expired")
+        return format_html('<span style="color: green;">{}</span>', "Valid")
 
-    def has_add_permission(self, request):
+    def has_add_permission(self, request: HttpRequest) -> bool:
         """Disable manual creation of password reset tokens"""
         return False
 
-    def has_change_permission(self, request, obj=None):
+    def has_change_permission(self, request: HttpRequest, obj: Any = None) -> bool:
         """Allow viewing but restrict editing of password reset tokens"""
         return getattr(request.user, "is_superuser", False)

apps/accounts/choices.py

@@ -0,0 +1,563 @@
+"""
+Rich Choice Objects for Accounts Domain
+
+This module defines all choice objects used in the accounts domain,
+replacing tuple-based choices with rich, metadata-enhanced choice objects.
+
+Last updated: 2025-01-15
+"""
+
+from apps.core.choices import RichChoice, ChoiceGroup, register_choices
+
+
+# =============================================================================
+# USER ROLES
+# =============================================================================
+
+user_roles = ChoiceGroup(
+    name="user_roles",
+    choices=[
+        RichChoice(
+            value="USER",
+            label="User",
+            description="Standard user with basic permissions to create content, reviews, and lists",
+            metadata={
+                "color": "blue",
+                "icon": "user",
+                "css_class": "text-blue-600 bg-blue-50",
+                "permissions": ["create_content", "create_reviews", "create_lists"],
+                "sort_order": 1,
+            }
+        ),
+        RichChoice(
+            value="MODERATOR",
+            label="Moderator",
+            description="Trusted user with permissions to moderate content and assist other users",
+            metadata={
+                "color": "green",
+                "icon": "shield-check",
+                "css_class": "text-green-600 bg-green-50",
+                "permissions": ["moderate_content", "review_submissions", "manage_reports"],
+                "sort_order": 2,
+            }
+        ),
+        RichChoice(
+            value="ADMIN",
+            label="Admin",
+            description="Administrator with elevated permissions to manage users and site configuration",
+            metadata={
+                "color": "purple",
+                "icon": "cog",
+                "css_class": "text-purple-600 bg-purple-50",
+                "permissions": ["manage_users", "site_configuration", "advanced_moderation"],
+                "sort_order": 3,
+            }
+        ),
+        RichChoice(
+            value="SUPERUSER",
+            label="Superuser",
+            description="Full system administrator with unrestricted access to all features",
+            metadata={
+                "color": "red",
+                "icon": "key",
+                "css_class": "text-red-600 bg-red-50",
+                "permissions": ["full_access", "system_administration", "database_access"],
+                "sort_order": 4,
+            }
+        ),
+    ]
+)
+
+
+# =============================================================================
+# THEME PREFERENCES
+# =============================================================================
+
+theme_preferences = ChoiceGroup(
+    name="theme_preferences",
+    choices=[
+        RichChoice(
+            value="light",
+            label="Light",
+            description="Light theme with bright backgrounds and dark text for daytime use",
+            metadata={
+                "color": "yellow",
+                "icon": "sun",
+                "css_class": "text-yellow-600 bg-yellow-50",
+                "preview_colors": {
+                    "background": "#ffffff",
+                    "text": "#1f2937",
+                    "accent": "#3b82f6"
+                },
+                "sort_order": 1,
+            }
+        ),
+        RichChoice(
+            value="dark",
+            label="Dark",
+            description="Dark theme with dark backgrounds and light text for nighttime use",
+            metadata={
+                "color": "gray",
+                "icon": "moon",
+                "css_class": "text-gray-600 bg-gray-50",
+                "preview_colors": {
+                    "background": "#1f2937",
+                    "text": "#f9fafb",
+                    "accent": "#60a5fa"
+                },
+                "sort_order": 2,
+            }
+        ),
+    ]
+)
+
+
+# =============================================================================
+# PRIVACY LEVELS
+# =============================================================================
+
+privacy_levels = ChoiceGroup(
+    name="privacy_levels",
+    choices=[
+        RichChoice(
+            value="public",
+            label="Public",
+            description="Profile and activity visible to all users and search engines",
+            metadata={
+                "color": "green",
+                "icon": "globe",
+                "css_class": "text-green-600 bg-green-50",
+                "visibility_scope": "everyone",
+                "search_indexable": True,
+                "implications": [
+                    "Profile visible to all users",
+                    "Activity appears in public feeds",
+                    "Searchable by search engines",
+                    "Can be found by username search"
+                ],
+                "sort_order": 1,
+            }
+        ),
+        RichChoice(
+            value="friends",
+            label="Friends Only",
+            description="Profile and activity visible only to accepted friends",
+            metadata={
+                "color": "blue",
+                "icon": "users",
+                "css_class": "text-blue-600 bg-blue-50",
+                "visibility_scope": "friends",
+                "search_indexable": False,
+                "implications": [
+                    "Profile visible only to friends",
+                    "Activity hidden from public feeds",
+                    "Not searchable by search engines",
+                    "Requires friend request approval"
+                ],
+                "sort_order": 2,
+            }
+        ),
+        RichChoice(
+            value="private",
+            label="Private",
+            description="Profile and activity completely private, visible only to you",
+            metadata={
+                "color": "red",
+                "icon": "lock",
+                "css_class": "text-red-600 bg-red-50",
+                "visibility_scope": "self",
+                "search_indexable": False,
+                "implications": [
+                    "Profile completely hidden",
+                    "No activity in any feeds",
+                    "Not discoverable by other users",
+                    "Maximum privacy protection"
+                ],
+                "sort_order": 3,
+            }
+        ),
+    ]
+)
+
+
+# =============================================================================
+# TOP LIST CATEGORIES
+# =============================================================================
+
+top_list_categories = ChoiceGroup(
+    name="top_list_categories",
+    choices=[
+        RichChoice(
+            value="RC",
+            label="Roller Coaster",
+            description="Top lists for roller coasters and thrill rides",
+            metadata={
+                "color": "red",
+                "icon": "roller-coaster",
+                "css_class": "text-red-600 bg-red-50",
+                "ride_category": "roller_coaster",
+                "typical_list_size": 10,
+                "sort_order": 1,
+            }
+        ),
+        RichChoice(
+            value="DR",
+            label="Dark Ride",
+            description="Top lists for dark rides and indoor attractions",
+            metadata={
+                "color": "purple",
+                "icon": "moon",
+                "css_class": "text-purple-600 bg-purple-50",
+                "ride_category": "dark_ride",
+                "typical_list_size": 10,
+                "sort_order": 2,
+            }
+        ),
+        RichChoice(
+            value="FR",
+            label="Flat Ride",
+            description="Top lists for flat rides and spinning attractions",
+            metadata={
+                "color": "blue",
+                "icon": "refresh",
+                "css_class": "text-blue-600 bg-blue-50",
+                "ride_category": "flat_ride",
+                "typical_list_size": 10,
+                "sort_order": 3,
+            }
+        ),
+        RichChoice(
+            value="WR",
+            label="Water Ride",
+            description="Top lists for water rides and splash attractions",
+            metadata={
+                "color": "cyan",
+                "icon": "droplet",
+                "css_class": "text-cyan-600 bg-cyan-50",
+                "ride_category": "water_ride",
+                "typical_list_size": 10,
+                "sort_order": 4,
+            }
+        ),
+        RichChoice(
+            value="PK",
+            label="Park",
+            description="Top lists for theme parks and amusement parks",
+            metadata={
+                "color": "green",
+                "icon": "map",
+                "css_class": "text-green-600 bg-green-50",
+                "entity_type": "park",
+                "typical_list_size": 10,
+                "sort_order": 5,
+            }
+        ),
+    ]
+)
+
+
+# =============================================================================
+# NOTIFICATION TYPES
+# =============================================================================
+
+notification_types = ChoiceGroup(
+    name="notification_types",
+    choices=[
+        # Submission related
+        RichChoice(
+            value="submission_approved",
+            label="Submission Approved",
+            description="Notification when user's submission is approved by moderators",
+            metadata={
+                "color": "green",
+                "icon": "check-circle",
+                "css_class": "text-green-600 bg-green-50",
+                "category": "submission",
+                "default_channels": ["email", "push", "inapp"],
+                "priority": "normal",
+                "sort_order": 1,
+            }
+        ),
+        RichChoice(
+            value="submission_rejected",
+            label="Submission Rejected",
+            description="Notification when user's submission is rejected by moderators",
+            metadata={
+                "color": "red",
+                "icon": "x-circle",
+                "css_class": "text-red-600 bg-red-50",
+                "category": "submission",
+                "default_channels": ["email", "push", "inapp"],
+                "priority": "normal",
+                "sort_order": 2,
+            }
+        ),
+        RichChoice(
+            value="submission_pending",
+            label="Submission Pending Review",
+            description="Notification when user's submission is pending moderator review",
+            metadata={
+                "color": "yellow",
+                "icon": "clock",
+                "css_class": "text-yellow-600 bg-yellow-50",
+                "category": "submission",
+                "default_channels": ["inapp"],
+                "priority": "low",
+                "sort_order": 3,
+            }
+        ),
+        # Review related
+        RichChoice(
+            value="review_reply",
+            label="Review Reply",
+            description="Notification when someone replies to user's review",
+            metadata={
+                "color": "blue",
+                "icon": "chat-bubble",
+                "css_class": "text-blue-600 bg-blue-50",
+                "category": "review",
+                "default_channels": ["email", "push", "inapp"],
+                "priority": "normal",
+                "sort_order": 4,
+            }
+        ),
+        RichChoice(
+            value="review_helpful",
+            label="Review Marked Helpful",
+            description="Notification when user's review is marked as helpful",
+            metadata={
+                "color": "green",
+                "icon": "thumbs-up",
+                "css_class": "text-green-600 bg-green-50",
+                "category": "review",
+                "default_channels": ["push", "inapp"],
+                "priority": "low",
+                "sort_order": 5,
+            }
+        ),
+        # Social related
+        RichChoice(
+            value="friend_request",
+            label="Friend Request",
+            description="Notification when user receives a friend request",
+            metadata={
+                "color": "blue",
+                "icon": "user-plus",
+                "css_class": "text-blue-600 bg-blue-50",
+                "category": "social",
+                "default_channels": ["email", "push", "inapp"],
+                "priority": "normal",
+                "sort_order": 6,
+            }
+        ),
+        RichChoice(
+            value="friend_accepted",
+            label="Friend Request Accepted",
+            description="Notification when user's friend request is accepted",
+            metadata={
+                "color": "green",
+                "icon": "user-check",
+                "css_class": "text-green-600 bg-green-50",
+                "category": "social",
+                "default_channels": ["push", "inapp"],
+                "priority": "low",
+                "sort_order": 7,
+            }
+        ),
+        RichChoice(
+            value="message_received",
+            label="Message Received",
+            description="Notification when user receives a private message",
+            metadata={
+                "color": "blue",
+                "icon": "mail",
+                "css_class": "text-blue-600 bg-blue-50",
+                "category": "social",
+                "default_channels": ["email", "push", "inapp"],
+                "priority": "normal",
+                "sort_order": 8,
+            }
+        ),
+        RichChoice(
+            value="profile_comment",
+            label="Profile Comment",
+            description="Notification when someone comments on user's profile",
+            metadata={
+                "color": "blue",
+                "icon": "chat",
+                "css_class": "text-blue-600 bg-blue-50",
+                "category": "social",
+                "default_channels": ["email", "push", "inapp"],
+                "priority": "normal",
+                "sort_order": 9,
+            }
+        ),
+        # System related
+        RichChoice(
+            value="system_announcement",
+            label="System Announcement",
+            description="Important announcements from the ThrillWiki team",
+            metadata={
+                "color": "purple",
+                "icon": "megaphone",
+                "css_class": "text-purple-600 bg-purple-50",
+                "category": "system",
+                "default_channels": ["email", "inapp"],
+                "priority": "normal",
+                "sort_order": 10,
+            }
+        ),
+        RichChoice(
+            value="account_security",
+            label="Account Security",
+            description="Security-related notifications for user's account",
+            metadata={
+                "color": "red",
+                "icon": "shield-exclamation",
+                "css_class": "text-red-600 bg-red-50",
+                "category": "system",
+                "default_channels": ["email", "push", "inapp"],
+                "priority": "high",
+                "sort_order": 11,
+            }
+        ),
+        RichChoice(
+            value="feature_update",
+            label="Feature Update",
+            description="Notifications about new features and improvements",
+            metadata={
+                "color": "blue",
+                "icon": "sparkles",
+                "css_class": "text-blue-600 bg-blue-50",
+                "category": "system",
+                "default_channels": ["email", "inapp"],
+                "priority": "low",
+                "sort_order": 12,
+            }
+        ),
+        RichChoice(
+            value="maintenance",
+            label="Maintenance Notice",
+            description="Scheduled maintenance and downtime notifications",
+            metadata={
+                "color": "yellow",
+                "icon": "wrench",
+                "css_class": "text-yellow-600 bg-yellow-50",
+                "category": "system",
+                "default_channels": ["email", "inapp"],
+                "priority": "normal",
+                "sort_order": 13,
+            }
+        ),
+        # Achievement related
+        RichChoice(
+            value="achievement_unlocked",
+            label="Achievement Unlocked",
+            description="Notification when user unlocks a new achievement",
+            metadata={
+                "color": "gold",
+                "icon": "trophy",
+                "css_class": "text-yellow-600 bg-yellow-50",
+                "category": "achievement",
+                "default_channels": ["push", "inapp"],
+                "priority": "low",
+                "sort_order": 14,
+            }
+        ),
+        RichChoice(
+            value="milestone_reached",
+            label="Milestone Reached",
+            description="Notification when user reaches a significant milestone",
+            metadata={
+                "color": "purple",
+                "icon": "flag",
+                "css_class": "text-purple-600 bg-purple-50",
+                "category": "achievement",
+                "default_channels": ["push", "inapp"],
+                "priority": "low",
+                "sort_order": 15,
+            }
+        ),
+    ]
+)
+
+
+# =============================================================================
+# NOTIFICATION PRIORITIES
+# =============================================================================
+
+notification_priorities = ChoiceGroup(
+    name="notification_priorities",
+    choices=[
+        RichChoice(
+            value="low",
+            label="Low",
+            description="Low priority notifications that can be delayed or batched",
+            metadata={
+                "color": "gray",
+                "icon": "arrow-down",
+                "css_class": "text-gray-600 bg-gray-50",
+                "urgency_level": 1,
+                "batch_eligible": True,
+                "delay_minutes": 60,
+                "sort_order": 1,
+            }
+        ),
+        RichChoice(
+            value="normal",
+            label="Normal",
+            description="Standard priority notifications sent in regular intervals",
+            metadata={
+                "color": "blue",
+                "icon": "minus",
+                "css_class": "text-blue-600 bg-blue-50",
+                "urgency_level": 2,
+                "batch_eligible": True,
+                "delay_minutes": 15,
+                "sort_order": 2,
+            }
+        ),
+        RichChoice(
+            value="high",
+            label="High",
+            description="High priority notifications sent immediately",
+            metadata={
+                "color": "orange",
+                "icon": "arrow-up",
+                "css_class": "text-orange-600 bg-orange-50",
+                "urgency_level": 3,
+                "batch_eligible": False,
+                "delay_minutes": 0,
+                "sort_order": 3,
+            }
+        ),
+        RichChoice(
+            value="urgent",
+            label="Urgent",
+            description="Critical notifications requiring immediate attention",
+            metadata={
+                "color": "red",
+                "icon": "exclamation",
+                "css_class": "text-red-600 bg-red-50",
+                "urgency_level": 4,
+                "batch_eligible": False,
+                "delay_minutes": 0,
+                "bypass_preferences": True,
+                "sort_order": 4,
+            }
+        ),
+    ]
+)
+
+
+# =============================================================================
+# REGISTER ALL CHOICE GROUPS
+# =============================================================================
+
+# Register each choice group individually
+register_choices("user_roles", user_roles.choices, "accounts", "User role classifications")
+register_choices("theme_preferences", theme_preferences.choices, "accounts", "Theme preference options")
+register_choices("privacy_levels", privacy_levels.choices, "accounts", "Privacy level settings")
+register_choices("top_list_categories", top_list_categories.choices, "accounts", "Top list category types")
+register_choices("notification_types", notification_types.choices, "accounts", "Notification type classifications")
+register_choices("notification_priorities", notification_priorities.choices, "accounts", "Notification priority levels")

apps/accounts/management/commands/delete_user.py

@@ -0,0 +1,164 @@
+"""
+Django management command to delete a user while preserving their submissions.
+
+Usage:
+    uv run manage.py delete_user <username>
+    uv run manage.py delete_user --user-id <user_id>
+    uv run manage.py delete_user <username> --dry-run
+"""
+
+from django.core.management.base import BaseCommand, CommandError
+from apps.accounts.models import User
+from apps.accounts.services import UserDeletionService
+
+
+class Command(BaseCommand):
+    help = "Delete a user while preserving all their submissions"
+
+    def add_arguments(self, parser):
+        parser.add_argument(
+            "username", nargs="?", type=str, help="Username of the user to delete"
+        )
+        parser.add_argument(
+            "--user-id",
+            type=str,
+            help="User ID of the user to delete (alternative to username)",
+        )
+        parser.add_argument(
+            "--dry-run",
+            action="store_true",
+            help="Show what would be deleted without actually deleting",
+        )
+        parser.add_argument(
+            "--force", action="store_true", help="Skip confirmation prompt"
+        )
+
+    def handle(self, *args, **options):
+        username = options.get("username")
+        user_id = options.get("user_id")
+        dry_run = options.get("dry_run", False)
+        force = options.get("force", False)
+
+        # Validate arguments
+        if not username and not user_id:
+            raise CommandError("You must provide either a username or --user-id")
+
+        if username and user_id:
+            raise CommandError("You cannot provide both username and --user-id")
+
+        # Find the user
+        try:
+            if username:
+                user = User.objects.get(username=username)
+            else:
+                user = User.objects.get(user_id=user_id)
+        except User.DoesNotExist:
+            identifier = username or user_id
+            raise CommandError(f'User "{identifier}" does not exist')
+
+        # Check if user can be deleted
+        can_delete, reason = UserDeletionService.can_delete_user(user)
+        if not can_delete:
+            raise CommandError(f"Cannot delete user: {reason}")
+
+        # Count submissions
+        submission_counts = {
+            "park_reviews": getattr(
+                user, "park_reviews", user.__class__.objects.none()
+            ).count(),
+            "ride_reviews": getattr(
+                user, "ride_reviews", user.__class__.objects.none()
+            ).count(),
+            "uploaded_park_photos": getattr(
+                user, "uploaded_park_photos", user.__class__.objects.none()
+            ).count(),
+            "uploaded_ride_photos": getattr(
+                user, "uploaded_ride_photos", user.__class__.objects.none()
+            ).count(),
+            "top_lists": getattr(
+                user, "top_lists", user.__class__.objects.none()
+            ).count(),
+            "edit_submissions": getattr(
+                user, "edit_submissions", user.__class__.objects.none()
+            ).count(),
+            "photo_submissions": getattr(
+                user, "photo_submissions", user.__class__.objects.none()
+            ).count(),
+        }
+
+        total_submissions = sum(submission_counts.values())
+
+        # Display user information
+        self.stdout.write(self.style.WARNING("\nUser Information:"))
+        self.stdout.write(f"  Username: {user.username}")
+        self.stdout.write(f"  User ID: {user.user_id}")
+        self.stdout.write(f"  Email: {user.email}")
+        self.stdout.write(f"  Date Joined: {user.date_joined}")
+        self.stdout.write(f"  Role: {user.role}")
+
+        # Display submission counts
+        self.stdout.write(self.style.WARNING("\nSubmissions to preserve:"))
+        for submission_type, count in submission_counts.items():
+            if count > 0:
+                self.stdout.write(
+                    f'  {submission_type.replace("_", " ").title()}: {count}'
+                )
+
+        self.stdout.write(f"\nTotal submissions: {total_submissions}")
+
+        if total_submissions > 0:
+            self.stdout.write(
+                self.style.SUCCESS(
+                    f'\nAll {total_submissions} submissions will be transferred to the "deleted_user" placeholder.'
+                )
+            )
+        else:
+            self.stdout.write(
+                self.style.WARNING("\nNo submissions found for this user.")
+            )
+
+        if dry_run:
+            self.stdout.write(self.style.SUCCESS("\n[DRY RUN] No changes were made."))
+            return
+
+        # Confirmation prompt
+        if not force:
+            self.stdout.write(
+                self.style.WARNING(
+                    f'\nThis will permanently delete the user "{user.username}" '
+                    f"but preserve all {total_submissions} submissions."
+                )
+            )
+            confirm = input("Are you sure you want to continue? (yes/no): ")
+            if confirm.lower() not in ["yes", "y"]:
+                self.stdout.write(self.style.ERROR("Operation cancelled."))
+                return
+
+        # Perform the deletion
+        try:
+            result = UserDeletionService.delete_user_preserve_submissions(user)
+
+            self.stdout.write(
+                self.style.SUCCESS(
+                    f'\nSuccessfully deleted user "{result["deleted_user"]["username"]}"'
+                )
+            )
+
+            preserved_count = sum(result["preserved_submissions"].values())
+            if preserved_count > 0:
+                self.stdout.write(
+                    self.style.SUCCESS(
+                        f'Preserved {preserved_count} submissions under user "{result["transferred_to"]["username"]}"'
+                    )
+                )
+
+            # Show detailed preservation summary
+            self.stdout.write(self.style.WARNING("\nPreservation Summary:"))
+            for submission_type, count in result["preserved_submissions"].items():
+                if count > 0:
+                    self.stdout.write(
+                        f'  {submission_type.replace("_", " ").title()}: {count}'
+                    )
+
+        except Exception as e:
+            raise CommandError(f"Error deleting user: {str(e)}")

apps/accounts/management/commands/setup_groups.py

@@ -15,17 +15,17 @@ class Command(BaseCommand):
             create_default_groups()
 
             # Sync existing users with groups based on their roles
-            users = User.objects.exclude(role=User.Roles.USER)
+            users = User.objects.exclude(role="USER")
             for user in users:
                 group = Group.objects.filter(name=user.role).first()
                 if group:
                     user.groups.add(group)
 
                     # Update staff/superuser status based on role
-                    if user.role == User.Roles.SUPERUSER:
+                    if user.role == "SUPERUSER":
                         user.is_superuser = True
                         user.is_staff = True
-                    elif user.role in [User.Roles.ADMIN, User.Roles.MODERATOR]:
+                    elif user.role in ["ADMIN", "MODERATOR"]:
                         user.is_staff = True
                     user.save()
 

apps/accounts/management/commands/setup_social_auth_admin.py

@@ -41,7 +41,7 @@ class Command(BaseCommand):
 Social auth setup instructions:
 
 1. Run the development server:
-   python manage.py runserver
+   uv run manage.py runserver_plus
 
 2. Go to the admin interface:
    http://localhost:8000/admin/

apps/accounts/migrations/0002_remove_userprofile_insert_insert_and_more.py

@@ -0,0 +1,76 @@
+# Generated by Django 5.2.6 on 2025-09-21 01:29
+
+import django.db.models.deletion
+import pgtrigger.compiler
+import pgtrigger.migrations
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("accounts", "0001_initial"),
+    ]
+
+    operations = [
+        pgtrigger.migrations.RemoveTrigger(
+            model_name="userprofile",
+            name="insert_insert",
+        ),
+        pgtrigger.migrations.RemoveTrigger(
+            model_name="userprofile",
+            name="update_update",
+        ),
+        migrations.AddField(
+            model_name="userprofile",
+            name="avatar",
+            field=models.ForeignKey(
+                blank=True,
+                null=True,
+                on_delete=django.db.models.deletion.SET_NULL,
+                to="django_cloudflareimages_toolkit.cloudflareimage",
+            ),
+        ),
+        migrations.AddField(
+            model_name="userprofileevent",
+            name="avatar",
+            field=models.ForeignKey(
+                blank=True,
+                db_constraint=False,
+                null=True,
+                on_delete=django.db.models.deletion.DO_NOTHING,
+                related_name="+",
+                related_query_name="+",
+                to="django_cloudflareimages_toolkit.cloudflareimage",
+            ),
+        ),
+        pgtrigger.migrations.AddTrigger(
+            model_name="userprofile",
+            trigger=pgtrigger.compiler.Trigger(
+                name="insert_insert",
+                sql=pgtrigger.compiler.UpsertTriggerSql(
+                    func='INSERT INTO "accounts_userprofileevent" ("avatar_id", "bio", "coaster_credits", "dark_ride_credits", "discord", "display_name", "flat_ride_credits", "id", "instagram", "pgh_context_id", "pgh_created_at", "pgh_label", "pgh_obj_id", "profile_id", "pronouns", "twitter", "user_id", "water_ride_credits", "youtube") VALUES (NEW."avatar_id", NEW."bio", NEW."coaster_credits", NEW."dark_ride_credits", NEW."discord", NEW."display_name", NEW."flat_ride_credits", NEW."id", NEW."instagram", _pgh_attach_context(), NOW(), \'insert\', NEW."id", NEW."profile_id", NEW."pronouns", NEW."twitter", NEW."user_id", NEW."water_ride_credits", NEW."youtube"); RETURN NULL;',
+                    hash="a7ecdb1ac2821dea1fef4ec917eeaf6b8e4f09c8",
+                    operation="INSERT",
+                    pgid="pgtrigger_insert_insert_c09d7",
+                    table="accounts_userprofile",
+                    when="AFTER",
+                ),
+            ),
+        ),
+        pgtrigger.migrations.AddTrigger(
+            model_name="userprofile",
+            trigger=pgtrigger.compiler.Trigger(
+                name="update_update",
+                sql=pgtrigger.compiler.UpsertTriggerSql(
+                    condition="WHEN (OLD.* IS DISTINCT FROM NEW.*)",
+                    func='INSERT INTO "accounts_userprofileevent" ("avatar_id", "bio", "coaster_credits", "dark_ride_credits", "discord", "display_name", "flat_ride_credits", "id", "instagram", "pgh_context_id", "pgh_created_at", "pgh_label", "pgh_obj_id", "profile_id", "pronouns", "twitter", "user_id", "water_ride_credits", "youtube") VALUES (NEW."avatar_id", NEW."bio", NEW."coaster_credits", NEW."dark_ride_credits", NEW."discord", NEW."display_name", NEW."flat_ride_credits", NEW."id", NEW."instagram", _pgh_attach_context(), NOW(), \'update\', NEW."id", NEW."profile_id", NEW."pronouns", NEW."twitter", NEW."user_id", NEW."water_ride_credits", NEW."youtube"); RETURN NULL;',
+                    hash="81607e492ffea2a4c741452b860ee660374cc01d",
+                    operation="UPDATE",
+                    pgid="pgtrigger_update_update_87ef6",
+                    table="accounts_userprofile",
+                    when="AFTER",
+                ),
+            ),
+        ),
+    ]

apps/accounts/models.py

@@ -0,0 +1,636 @@
+from django.dispatch import receiver
+from django.db.models.signals import post_save
+from django.contrib.auth.models import AbstractUser
+from django.contrib.contenttypes.fields import GenericForeignKey
+from django.db import models
+from django.urls import reverse
+from django.utils.translation import gettext_lazy as _
+import secrets
+from datetime import timedelta
+from django.utils import timezone
+from apps.core.history import TrackedModel
+from apps.core.choices import RichChoiceField
+import pghistory
+
+
+def generate_random_id(model_class, id_field):
+    """Generate a random ID starting at 4 digits, expanding to 5 if needed"""
+    while True:
+        # Try to get a 4-digit number first
+        new_id = str(secrets.SystemRandom().randint(1000, 9999))
+        if not model_class.objects.filter(**{id_field: new_id}).exists():
+            return new_id
+
+        # If all 4-digit numbers are taken, try 5 digits
+        new_id = str(secrets.SystemRandom().randint(10000, 99999))
+        if not model_class.objects.filter(**{id_field: new_id}).exists():
+            return new_id
+
+
+@pghistory.track()
+class User(AbstractUser):
+    # Override inherited fields to remove them
+    first_name = None
+    last_name = None
+
+    # Read-only ID
+    user_id = models.CharField(
+        max_length=10,
+        unique=True,
+        editable=False,
+        help_text=(
+            "Unique identifier for this user that remains constant even if the "
+            "username changes"
+        ),
+    )
+
+    role = RichChoiceField(
+        choice_group="user_roles",
+        domain="accounts",
+        max_length=10,
+        default="USER",
+    )
+    is_banned = models.BooleanField(default=False)
+    ban_reason = models.TextField(blank=True)
+    ban_date = models.DateTimeField(null=True, blank=True)
+    pending_email = models.EmailField(blank=True, null=True)
+    theme_preference = RichChoiceField(
+        choice_group="theme_preferences",
+        domain="accounts",
+        max_length=5,
+        default="light",
+    )
+
+    # Notification preferences
+    email_notifications = models.BooleanField(default=True)
+    push_notifications = models.BooleanField(default=False)
+
+    # Privacy settings
+    privacy_level = RichChoiceField(
+        choice_group="privacy_levels",
+        domain="accounts",
+        max_length=10,
+        default="public",
+    )
+    show_email = models.BooleanField(default=False)
+    show_real_name = models.BooleanField(default=True)
+    show_join_date = models.BooleanField(default=True)
+    show_statistics = models.BooleanField(default=True)
+    show_reviews = models.BooleanField(default=True)
+    show_photos = models.BooleanField(default=True)
+    show_top_lists = models.BooleanField(default=True)
+    allow_friend_requests = models.BooleanField(default=True)
+    allow_messages = models.BooleanField(default=True)
+    allow_profile_comments = models.BooleanField(default=False)
+    search_visibility = models.BooleanField(default=True)
+    activity_visibility = RichChoiceField(
+        choice_group="privacy_levels",
+        domain="accounts",
+        max_length=10,
+        default="friends",
+    )
+
+    # Security settings
+    two_factor_enabled = models.BooleanField(default=False)
+    login_notifications = models.BooleanField(default=True)
+    session_timeout = models.IntegerField(default=30)  # days
+    login_history_retention = models.IntegerField(default=90)  # days
+    last_password_change = models.DateTimeField(auto_now_add=True)
+
+    # Display name - core user data for better performance
+    display_name = models.CharField(
+        max_length=50,
+        blank=True,
+        help_text="Display name shown throughout the site. Falls back to username if not set.",
+    )
+
+    # Detailed notification preferences (JSON field for flexibility)
+    notification_preferences = models.JSONField(
+        default=dict,
+        blank=True,
+        help_text="Detailed notification preferences stored as JSON",
+    )
+
+    def __str__(self):
+        return self.get_display_name()
+
+    def get_absolute_url(self):
+        return reverse("profile", kwargs={"username": self.username})
+
+    def get_display_name(self):
+        """Get the user's display name, falling back to username if not set"""
+        if self.display_name:
+            return self.display_name
+        return self.username
+
+    def save(self, *args, **kwargs):
+        if not self.user_id:
+            self.user_id = generate_random_id(User, "user_id")
+        super().save(*args, **kwargs)
+
+
+@pghistory.track()
+class UserProfile(models.Model):
+    # Read-only ID
+    profile_id = models.CharField(
+        max_length=10,
+        unique=True,
+        editable=False,
+        help_text="Unique identifier for this profile that remains constant",
+    )
+
+    user = models.OneToOneField(User, on_delete=models.CASCADE, related_name="profile")
+    display_name = models.CharField(
+        max_length=50,
+        blank=True,
+        help_text="Legacy display name field - use User.display_name instead",
+    )
+    avatar = models.ForeignKey(
+        'django_cloudflareimages_toolkit.CloudflareImage',
+        on_delete=models.SET_NULL,
+        null=True,
+        blank=True
+    )
+    pronouns = models.CharField(max_length=50, blank=True)
+
+    bio = models.TextField(max_length=500, blank=True)
+
+    # Social media links
+    twitter = models.URLField(blank=True)
+    instagram = models.URLField(blank=True)
+    youtube = models.URLField(blank=True)
+    discord = models.CharField(max_length=100, blank=True)
+
+    # Ride statistics
+    coaster_credits = models.IntegerField(default=0)
+    dark_ride_credits = models.IntegerField(default=0)
+    flat_ride_credits = models.IntegerField(default=0)
+    water_ride_credits = models.IntegerField(default=0)
+
+    def get_avatar_url(self):
+        """
+        Return the avatar URL or generate a default letter-based avatar URL
+        """
+        if self.avatar and self.avatar.is_uploaded:
+            # Try to get avatar variant first, fallback to public
+            avatar_url = self.avatar.get_url('avatar')
+            if avatar_url:
+                return avatar_url
+
+            # Fallback to public variant
+            public_url = self.avatar.get_url('public')
+            if public_url:
+                return public_url
+
+            # Last fallback - try any available variant
+            if self.avatar.variants:
+                if isinstance(self.avatar.variants, list) and self.avatar.variants:
+                    return self.avatar.variants[0]
+                elif isinstance(self.avatar.variants, dict):
+                    # Return first available variant
+                    for variant_url in self.avatar.variants.values():
+                        if variant_url:
+                            return variant_url
+
+        # Generate default letter-based avatar using first letter of username
+        first_letter = self.user.username[0].upper() if self.user.username else "U"
+        # Use a service like UI Avatars or generate a simple colored avatar
+        return f"https://ui-avatars.com/api/?name={first_letter}&size=200&background=random&color=fff&bold=true"
+
+    def get_avatar_variants(self):
+        """
+        Return avatar variants for different use cases
+        """
+        if self.avatar and self.avatar.is_uploaded:
+            variants = {}
+
+            # Try to get specific variants
+            thumbnail_url = self.avatar.get_url('thumbnail')
+            avatar_url = self.avatar.get_url('avatar')
+            large_url = self.avatar.get_url('large')
+            public_url = self.avatar.get_url('public')
+
+            # Use specific variants if available, otherwise fallback to public or first available
+            fallback_url = public_url
+            if not fallback_url and self.avatar.variants:
+                if isinstance(self.avatar.variants, list) and self.avatar.variants:
+                    fallback_url = self.avatar.variants[0]
+                elif isinstance(self.avatar.variants, dict):
+                    fallback_url = next(iter(self.avatar.variants.values()), None)
+
+            variants = {
+                "thumbnail": thumbnail_url or fallback_url,
+                "avatar": avatar_url or fallback_url,
+                "large": large_url or fallback_url,
+            }
+
+            # Only return variants if we have at least one valid URL
+            if any(variants.values()):
+                return variants
+
+        # For default avatars, return the same URL for all variants
+        default_url = self.get_avatar_url()
+        return {
+            "thumbnail": default_url,
+            "avatar": default_url,
+            "large": default_url,
+        }
+
+    def save(self, *args, **kwargs):
+        # If no display name is set, use the username
+        if not self.display_name:
+            self.display_name = self.user.username
+
+        if not self.profile_id:
+            self.profile_id = generate_random_id(UserProfile, "profile_id")
+        super().save(*args, **kwargs)
+
+    def __str__(self):
+        return self.display_name
+
+
+@pghistory.track()
+class EmailVerification(models.Model):
+    user = models.OneToOneField(User, on_delete=models.CASCADE)
+    token = models.CharField(max_length=64, unique=True)
+    created_at = models.DateTimeField(auto_now_add=True)
+    last_sent = models.DateTimeField(auto_now_add=True)
+
+    def __str__(self):
+        return f"Email verification for {self.user.username}"
+
+    class Meta:
+        verbose_name = "Email Verification"
+        verbose_name_plural = "Email Verifications"
+
+
+@pghistory.track()
+class PasswordReset(models.Model):
+    user = models.ForeignKey(User, on_delete=models.CASCADE)
+    token = models.CharField(max_length=64)
+    created_at = models.DateTimeField(auto_now_add=True)
+    expires_at = models.DateTimeField()
+    used = models.BooleanField(default=False)
+
+    def __str__(self):
+        return f"Password reset for {self.user.username}"
+
+    class Meta:
+        verbose_name = "Password Reset"
+        verbose_name_plural = "Password Resets"
+
+
+# @pghistory.track()
+
+
+class TopList(TrackedModel):
+    user = models.ForeignKey(
+        User,
+        on_delete=models.CASCADE,
+        related_name="top_lists",  # Added related_name for User model access
+    )
+    title = models.CharField(max_length=100)
+    category = RichChoiceField(
+        choice_group="top_list_categories",
+        domain="accounts",
+        max_length=2,
+    )
+    description = models.TextField(blank=True)
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+
+    class Meta(TrackedModel.Meta):
+        ordering = ["-updated_at"]
+
+    def __str__(self):
+        return (
+            f"{self.user.get_display_name()}'s {self.category} Top List: {self.title}"
+        )
+
+
+# @pghistory.track()
+
+
+class TopListItem(TrackedModel):
+    top_list = models.ForeignKey(
+        TopList, on_delete=models.CASCADE, related_name="items"
+    )
+    content_type = models.ForeignKey(
+        "contenttypes.ContentType", on_delete=models.CASCADE
+    )
+    object_id = models.PositiveIntegerField()
+    rank = models.PositiveIntegerField()
+    notes = models.TextField(blank=True)
+
+    class Meta(TrackedModel.Meta):
+        ordering = ["rank"]
+        unique_together = [["top_list", "rank"]]
+
+    def __str__(self):
+        return f"#{self.rank} in {self.top_list.title}"
+
+
+@pghistory.track()
+class UserDeletionRequest(models.Model):
+    """
+    Model to track user deletion requests with email verification.
+
+    When a user requests to delete their account, a verification code
+    is sent to their email. The deletion is only processed when they
+    provide the correct code.
+    """
+
+    user = models.OneToOneField(
+        User, on_delete=models.CASCADE, related_name="deletion_request"
+    )
+
+    verification_code = models.CharField(
+        max_length=32,
+        unique=True,
+        help_text="Unique verification code sent to user's email",
+    )
+
+    created_at = models.DateTimeField(auto_now_add=True)
+    expires_at = models.DateTimeField(help_text="When this deletion request expires")
+
+    email_sent_at = models.DateTimeField(
+        null=True, blank=True, help_text="When the verification email was sent"
+    )
+
+    attempts = models.PositiveIntegerField(
+        default=0, help_text="Number of verification attempts made"
+    )
+
+    max_attempts = models.PositiveIntegerField(
+        default=5, help_text="Maximum number of verification attempts allowed"
+    )
+
+    is_used = models.BooleanField(
+        default=False, help_text="Whether this deletion request has been used"
+    )
+
+    class Meta:
+        ordering = ["-created_at"]
+        indexes = [
+            models.Index(fields=["verification_code"]),
+            models.Index(fields=["expires_at"]),
+            models.Index(fields=["user", "is_used"]),
+        ]
+
+    def __str__(self):
+        return f"Deletion request for {self.user.username} - {self.verification_code}"
+
+    def save(self, *args, **kwargs):
+        if not self.verification_code:
+            self.verification_code = self.generate_verification_code()
+
+        if not self.expires_at:
+            # Deletion requests expire after 24 hours
+            self.expires_at = timezone.now() + timedelta(hours=24)
+
+        super().save(*args, **kwargs)
+
+    @staticmethod
+    def generate_verification_code():
+        """Generate a unique 8-character verification code."""
+        while True:
+            # Generate a random 8-character alphanumeric code
+            code = "".join(
+                secrets.choice("ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789") for _ in range(8)
+            )
+
+            # Ensure it's unique
+            if not UserDeletionRequest.objects.filter(verification_code=code).exists():
+                return code
+
+    def is_expired(self):
+        """Check if this deletion request has expired."""
+        return timezone.now() > self.expires_at
+
+    def is_valid(self):
+        """Check if this deletion request is still valid."""
+        return (
+            not self.is_used
+            and not self.is_expired()
+            and self.attempts < self.max_attempts
+        )
+
+    def increment_attempts(self):
+        """Increment the number of verification attempts."""
+        self.attempts += 1
+        self.save(update_fields=["attempts"])
+
+    def mark_as_used(self):
+        """Mark this deletion request as used."""
+        self.is_used = True
+        self.save(update_fields=["is_used"])
+
+    @classmethod
+    def cleanup_expired(cls):
+        """Remove expired deletion requests."""
+        expired_requests = cls.objects.filter(
+            expires_at__lt=timezone.now(), is_used=False
+        )
+        count = expired_requests.count()
+        expired_requests.delete()
+        return count
+
+
+@pghistory.track()
+class UserNotification(TrackedModel):
+    """
+    Model to store user notifications for various events.
+
+    This includes submission approvals, rejections, system announcements,
+    and other user-relevant notifications.
+    """
+
+    # Core fields
+    user = models.ForeignKey(
+        User, on_delete=models.CASCADE, related_name="notifications"
+    )
+
+    notification_type = RichChoiceField(
+        choice_group="notification_types",
+        domain="accounts",
+        max_length=30,
+    )
+
+    title = models.CharField(max_length=200)
+    message = models.TextField()
+
+    # Optional related object (submission, review, etc.)
+    content_type = models.ForeignKey(
+        "contenttypes.ContentType", on_delete=models.CASCADE, null=True, blank=True
+    )
+    object_id = models.PositiveIntegerField(null=True, blank=True)
+    related_object = GenericForeignKey("content_type", "object_id")
+
+    # Metadata
+    priority = RichChoiceField(
+        choice_group="notification_priorities",
+        domain="accounts",
+        max_length=10,
+        default="normal",
+    )
+
+    # Status tracking
+    is_read = models.BooleanField(default=False)
+    read_at = models.DateTimeField(null=True, blank=True)
+
+    # Delivery tracking
+    email_sent = models.BooleanField(default=False)
+    email_sent_at = models.DateTimeField(null=True, blank=True)
+    push_sent = models.BooleanField(default=False)
+    push_sent_at = models.DateTimeField(null=True, blank=True)
+
+    # Additional data (JSON field for flexibility)
+    extra_data = models.JSONField(default=dict, blank=True)
+
+    # Timestamps
+    created_at = models.DateTimeField(auto_now_add=True)
+    expires_at = models.DateTimeField(null=True, blank=True)
+
+    class Meta(TrackedModel.Meta):
+        ordering = ["-created_at"]
+        indexes = [
+            models.Index(fields=["user", "is_read"]),
+            models.Index(fields=["user", "notification_type"]),
+            models.Index(fields=["created_at"]),
+            models.Index(fields=["expires_at"]),
+        ]
+
+    def __str__(self):
+        return f"{self.user.username}: {self.title}"
+
+    def mark_as_read(self):
+        """Mark notification as read."""
+        if not self.is_read:
+            self.is_read = True
+            self.read_at = timezone.now()
+            self.save(update_fields=["is_read", "read_at"])
+
+    def is_expired(self):
+        """Check if notification has expired."""
+        if not self.expires_at:
+            return False
+        return timezone.now() > self.expires_at
+
+    @classmethod
+    def cleanup_expired(cls):
+        """Remove expired notifications."""
+        expired_notifications = cls.objects.filter(expires_at__lt=timezone.now())
+        count = expired_notifications.count()
+        expired_notifications.delete()
+        return count
+
+    @classmethod
+    def mark_all_read_for_user(cls, user):
+        """Mark all notifications as read for a specific user."""
+        return cls.objects.filter(user=user, is_read=False).update(
+            is_read=True, read_at=timezone.now()
+        )
+
+
+@pghistory.track()
+class NotificationPreference(TrackedModel):
+    """
+    User preferences for different types of notifications.
+
+    This allows users to control which notifications they receive
+    and through which channels (email, push, in-app).
+    """
+
+    user = models.OneToOneField(
+        User, on_delete=models.CASCADE, related_name="notification_preference"
+    )
+
+    # Submission notifications
+    submission_approved_email = models.BooleanField(default=True)
+    submission_approved_push = models.BooleanField(default=True)
+    submission_approved_inapp = models.BooleanField(default=True)
+
+    submission_rejected_email = models.BooleanField(default=True)
+    submission_rejected_push = models.BooleanField(default=True)
+    submission_rejected_inapp = models.BooleanField(default=True)
+
+    submission_pending_email = models.BooleanField(default=False)
+    submission_pending_push = models.BooleanField(default=False)
+    submission_pending_inapp = models.BooleanField(default=True)
+
+    # Review notifications
+    review_reply_email = models.BooleanField(default=True)
+    review_reply_push = models.BooleanField(default=True)
+    review_reply_inapp = models.BooleanField(default=True)
+
+    review_helpful_email = models.BooleanField(default=False)
+    review_helpful_push = models.BooleanField(default=True)
+    review_helpful_inapp = models.BooleanField(default=True)
+
+    # Social notifications
+    friend_request_email = models.BooleanField(default=True)
+    friend_request_push = models.BooleanField(default=True)
+    friend_request_inapp = models.BooleanField(default=True)
+
+    friend_accepted_email = models.BooleanField(default=False)
+    friend_accepted_push = models.BooleanField(default=True)
+    friend_accepted_inapp = models.BooleanField(default=True)
+
+    message_received_email = models.BooleanField(default=True)
+    message_received_push = models.BooleanField(default=True)
+    message_received_inapp = models.BooleanField(default=True)
+
+    # System notifications
+    system_announcement_email = models.BooleanField(default=True)
+    system_announcement_push = models.BooleanField(default=False)
+    system_announcement_inapp = models.BooleanField(default=True)
+
+    account_security_email = models.BooleanField(default=True)
+    account_security_push = models.BooleanField(default=True)
+    account_security_inapp = models.BooleanField(default=True)
+
+    feature_update_email = models.BooleanField(default=True)
+    feature_update_push = models.BooleanField(default=False)
+    feature_update_inapp = models.BooleanField(default=True)
+
+    # Achievement notifications
+    achievement_unlocked_email = models.BooleanField(default=False)
+    achievement_unlocked_push = models.BooleanField(default=True)
+    achievement_unlocked_inapp = models.BooleanField(default=True)
+
+    milestone_reached_email = models.BooleanField(default=False)
+    milestone_reached_push = models.BooleanField(default=True)
+    milestone_reached_inapp = models.BooleanField(default=True)
+
+    class Meta(TrackedModel.Meta):
+        verbose_name = "Notification Preference"
+        verbose_name_plural = "Notification Preferences"
+
+    def __str__(self):
+        return f"Notification preferences for {self.user.username}"
+
+    def should_send_notification(self, notification_type, channel):
+        """
+        Check if a notification should be sent for a specific type and channel.
+
+        Args:
+            notification_type: The type of notification (from UserNotification.NotificationType)
+            channel: The delivery channel ('email', 'push', 'inapp')
+
+        Returns:
+            bool: True if notification should be sent, False otherwise
+        """
+        field_name = f"{notification_type}_{channel}"
+        return getattr(self, field_name, False)
+
+
+# Signal handlers for automatic notification preference creation
+
+
+@receiver(post_save, sender=User)
+def create_notification_preference(sender, instance, created, **kwargs):
+    """Create notification preferences when a new user is created."""
+    if created:
+        NotificationPreference.objects.get_or_create(user=instance)
+
+# Signal moved to signals.py to avoid duplication

apps/accounts/selectors.py

@@ -176,8 +176,7 @@ def user_search_autocomplete(*, query: str, limit: int = 10) -> QuerySet:
     """
     return User.objects.filter(
         Q(username__icontains=query)
-        | Q(first_name__icontains=query)
-        | Q(last_name__icontains=query),
+        | Q(display_name__icontains=query),
         is_active=True,
     ).order_by("username")[:limit]
 

apps/accounts/serializers.py

@@ -6,7 +6,7 @@ from django.utils import timezone
 from datetime import timedelta
 from django.contrib.sites.shortcuts import get_current_site
 from .models import User, PasswordReset
-from apps.email_service.services import EmailService
+from django_forwardemail.services import EmailService
 from django.template.loader import render_to_string
 from typing import cast
 
@@ -19,6 +19,7 @@ class UserSerializer(serializers.ModelSerializer):
     """
 
     avatar_url = serializers.SerializerMethodField()
+    display_name = serializers.SerializerMethodField()
 
     class Meta:
         model = User
@@ -26,8 +27,7 @@ class UserSerializer(serializers.ModelSerializer):
             "id",
             "username",
             "email",
-            "first_name",
-            "last_name",
+            "display_name",
             "date_joined",
             "is_active",
             "avatar_url",
@@ -40,6 +40,10 @@ class UserSerializer(serializers.ModelSerializer):
             return obj.profile.avatar.url
         return None
 
+    def get_display_name(self, obj) -> str:
+        """Get user display name"""
+        return obj.get_display_name()
+
 
 class LoginSerializer(serializers.Serializer):
     """
@@ -82,14 +86,14 @@ class SignupSerializer(serializers.ModelSerializer):
         fields = [
             "username",
             "email",
-            "first_name",
-            "last_name",
+            "display_name",
             "password",
             "password_confirm",
         ]
         extra_kwargs = {
             "password": {"write_only": True},
             "email": {"required": True},
+            "display_name": {"required": True},
         }
 
     def validate_email(self, value):

apps/accounts/services.py

@@ -0,0 +1,366 @@
+"""
+User management services for ThrillWiki.
+
+This module contains services for user account management including
+user deletion while preserving submissions.
+"""
+
+from typing import Optional
+from django.db import transaction
+from django.utils import timezone
+from django.conf import settings
+from django.contrib.sites.models import Site
+from django_forwardemail.services import EmailService
+from .models import User, UserProfile, UserDeletionRequest
+
+
+class UserDeletionService:
+    """Service for handling user deletion while preserving submissions."""
+
+    DELETED_USER_USERNAME = "deleted_user"
+    DELETED_USER_EMAIL = "deleted@thrillwiki.com"
+    DELETED_DISPLAY_NAME = "Deleted User"
+
+    @classmethod
+    def get_or_create_deleted_user(cls) -> User:
+        """Get or create the system deleted user placeholder."""
+        deleted_user, created = User.objects.get_or_create(
+            username=cls.DELETED_USER_USERNAME,
+            defaults={
+                "email": cls.DELETED_USER_EMAIL,
+                "is_active": False,
+                "is_staff": False,
+                "is_superuser": False,
+                "role": "USER",
+                "is_banned": True,
+                "ban_reason": "System placeholder for deleted users",
+                "ban_date": timezone.now(),
+            },
+        )
+
+        if created:
+            # Create profile for deleted user
+            UserProfile.objects.create(
+                user=deleted_user,
+                display_name=cls.DELETED_DISPLAY_NAME,
+                bio="This user account has been deleted.",
+            )
+
+        return deleted_user
+
+    @classmethod
+    @transaction.atomic
+    def delete_user_preserve_submissions(cls, user: User) -> dict:
+        """
+        Delete a user while preserving all their submissions.
+
+        This method:
+        1. Transfers all user submissions to a system "deleted_user" placeholder
+        2. Deletes the user's profile and account data
+        3. Returns a summary of what was preserved
+
+        Args:
+            user: The user to delete
+
+        Returns:
+            dict: Summary of preserved submissions
+        """
+        if user.username == cls.DELETED_USER_USERNAME:
+            raise ValueError("Cannot delete the system deleted user placeholder")
+
+        deleted_user = cls.get_or_create_deleted_user()
+
+        # Count submissions before transfer
+        submission_counts = {
+            "park_reviews": getattr(
+                user, "park_reviews", user.__class__.objects.none()
+            ).count(),
+            "ride_reviews": getattr(
+                user, "ride_reviews", user.__class__.objects.none()
+            ).count(),
+            "uploaded_park_photos": getattr(
+                user, "uploaded_park_photos", user.__class__.objects.none()
+            ).count(),
+            "uploaded_ride_photos": getattr(
+                user, "uploaded_ride_photos", user.__class__.objects.none()
+            ).count(),
+            "top_lists": getattr(
+                user, "top_lists", user.__class__.objects.none()
+            ).count(),
+            "edit_submissions": getattr(
+                user, "edit_submissions", user.__class__.objects.none()
+            ).count(),
+            "photo_submissions": getattr(
+                user, "photo_submissions", user.__class__.objects.none()
+            ).count(),
+            "moderated_park_reviews": getattr(
+                user, "moderated_park_reviews", user.__class__.objects.none()
+            ).count(),
+            "moderated_ride_reviews": getattr(
+                user, "moderated_ride_reviews", user.__class__.objects.none()
+            ).count(),
+            "handled_submissions": getattr(
+                user, "handled_submissions", user.__class__.objects.none()
+            ).count(),
+            "handled_photos": getattr(
+                user, "handled_photos", user.__class__.objects.none()
+            ).count(),
+        }
+
+        # Transfer all submissions to deleted user
+        # Reviews
+        if hasattr(user, "park_reviews"):
+            getattr(user, "park_reviews").update(user=deleted_user)
+        if hasattr(user, "ride_reviews"):
+            getattr(user, "ride_reviews").update(user=deleted_user)
+
+        # Photos
+        if hasattr(user, "uploaded_park_photos"):
+            getattr(user, "uploaded_park_photos").update(uploaded_by=deleted_user)
+        if hasattr(user, "uploaded_ride_photos"):
+            getattr(user, "uploaded_ride_photos").update(uploaded_by=deleted_user)
+
+        # Top Lists
+        if hasattr(user, "top_lists"):
+            getattr(user, "top_lists").update(user=deleted_user)
+
+        # Moderation submissions
+        if hasattr(user, "edit_submissions"):
+            getattr(user, "edit_submissions").update(user=deleted_user)
+        if hasattr(user, "photo_submissions"):
+            getattr(user, "photo_submissions").update(user=deleted_user)
+
+        # Moderation actions - these can be set to NULL since they're not user content
+        if hasattr(user, "moderated_park_reviews"):
+            getattr(user, "moderated_park_reviews").update(moderated_by=None)
+        if hasattr(user, "moderated_ride_reviews"):
+            getattr(user, "moderated_ride_reviews").update(moderated_by=None)
+        if hasattr(user, "handled_submissions"):
+            getattr(user, "handled_submissions").update(handled_by=None)
+        if hasattr(user, "handled_photos"):
+            getattr(user, "handled_photos").update(handled_by=None)
+
+        # Store user info for the summary
+        user_info = {
+            "username": user.username,
+            "user_id": user.user_id,
+            "email": user.email,
+            "date_joined": user.date_joined,
+        }
+
+        # Delete the user (this will cascade delete the profile)
+        user.delete()
+
+        return {
+            "deleted_user": user_info,
+            "preserved_submissions": submission_counts,
+            "transferred_to": {
+                "username": deleted_user.username,
+                "user_id": deleted_user.user_id,
+            },
+        }
+
+    @classmethod
+    def can_delete_user(cls, user: User) -> tuple[bool, Optional[str]]:
+        """
+        Check if a user can be safely deleted.
+
+        Args:
+            user: The user to check
+
+        Returns:
+            tuple: (can_delete: bool, reason: Optional[str])
+        """
+        if user.username == cls.DELETED_USER_USERNAME:
+            return False, "Cannot delete the system deleted user placeholder"
+
+        if user.is_superuser:
+            return False, "Superuser accounts cannot be deleted for security reasons. Please contact system administrator or remove superuser privileges first."
+
+        # Check if user has critical admin role
+        if user.role == "ADMIN" and user.is_staff:
+            return False, "Admin accounts with staff privileges cannot be deleted. Please remove admin privileges first or contact system administrator."
+
+        # Add any other business rules here
+
+        return True, None
+
+    @classmethod
+    def request_user_deletion(cls, user: User) -> UserDeletionRequest:
+        """
+        Create a user deletion request and send verification email.
+
+        Args:
+            user: The user requesting deletion
+
+        Returns:
+            UserDeletionRequest: The created deletion request
+        """
+        # Check if user can be deleted
+        can_delete, reason = cls.can_delete_user(user)
+        if not can_delete:
+            raise ValueError(f"Cannot delete user: {reason}")
+
+        # Remove any existing deletion request for this user
+        UserDeletionRequest.objects.filter(user=user).delete()
+
+        # Create new deletion request
+        deletion_request = UserDeletionRequest.objects.create(user=user)
+
+        # Send verification email
+        cls.send_deletion_verification_email(deletion_request)
+
+        return deletion_request
+
+    @classmethod
+    def send_deletion_verification_email(cls, deletion_request: UserDeletionRequest):
+        """
+        Send verification email for account deletion.
+
+        Args:
+            deletion_request: The deletion request to send email for
+        """
+        user = deletion_request.user
+
+        # Get current site for email service
+        try:
+            site = Site.objects.get_current()
+        except Site.DoesNotExist:
+            # Fallback to default site
+            site = Site.objects.get_or_create(
+                id=1, defaults={"domain": "localhost:8000", "name": "localhost:8000"}
+            )[0]
+
+        # Prepare email context
+        context = {
+            "user": user,
+            "verification_code": deletion_request.verification_code,
+            "expires_at": deletion_request.expires_at,
+            "site_name": getattr(settings, "SITE_NAME", "ThrillWiki"),
+            "frontend_domain": getattr(
+                settings, "FRONTEND_DOMAIN", "http://localhost:3000"
+            ),
+        }
+
+        # Render email content
+        subject = f"Confirm Account Deletion - {context['site_name']}"
+
+        # Create email message with 1-hour expiration notice
+        message = f"""
+Hello {user.get_display_name()},
+
+You have requested to delete your ThrillWiki account. To confirm this action, please use the following verification code:
+
+Verification Code: {deletion_request.verification_code}
+
+This code will expire in 1 hour on {deletion_request.expires_at.strftime('%B %d, %Y at %I:%M %p UTC')}.
+
+IMPORTANT: This action cannot be undone. Your account will be permanently deleted, but all your reviews, photos, and other contributions will be preserved on the site.
+
+If you did not request this deletion, please ignore this email and your account will remain active.
+
+To complete the deletion, enter the verification code in the account deletion form on our website.
+
+Best regards,
+The ThrillWiki Team
+        """.strip()
+
+        # Send email using custom email service
+        try:
+            EmailService.send_email(
+                to=user.email,
+                subject=subject,
+                text=message,
+                site=site,
+                from_email="no-reply@thrillwiki.com",
+            )
+
+            # Update email sent timestamp
+            deletion_request.email_sent_at = timezone.now()
+            deletion_request.save(update_fields=["email_sent_at"])
+
+        except Exception as e:
+            # Log the error but don't fail the request creation
+            print(f"Failed to send deletion verification email to {user.email}: {e}")
+
+    @classmethod
+    @transaction.atomic
+    def verify_and_delete_user(cls, verification_code: str) -> dict:
+        """
+        Verify deletion code and delete the user account.
+
+        Args:
+            verification_code: The verification code from the email
+
+        Returns:
+            dict: Summary of the deletion
+
+        Raises:
+            ValueError: If verification fails
+        """
+        try:
+            deletion_request = UserDeletionRequest.objects.get(
+                verification_code=verification_code
+            )
+        except UserDeletionRequest.DoesNotExist:
+            raise ValueError("Invalid verification code")
+
+        # Check if request is still valid
+        if not deletion_request.is_valid():
+            if deletion_request.is_expired():
+                raise ValueError("Verification code has expired")
+            elif deletion_request.is_used:
+                raise ValueError("Verification code has already been used")
+            elif deletion_request.attempts >= deletion_request.max_attempts:
+                raise ValueError("Too many verification attempts")
+            else:
+                raise ValueError("Invalid verification code")
+
+        # Increment attempts
+        deletion_request.increment_attempts()
+
+        # Mark as used
+        deletion_request.mark_as_used()
+
+        # Delete the user
+        user = deletion_request.user
+        result = cls.delete_user_preserve_submissions(user)
+
+        # Add deletion request info to result
+        result["deletion_request"] = {
+            "verification_code": verification_code,
+            "created_at": deletion_request.created_at,
+            "verified_at": timezone.now(),
+        }
+
+        return result
+
+    @classmethod
+    def cancel_deletion_request(cls, user: User) -> bool:
+        """
+        Cancel a pending deletion request.
+
+        Args:
+            user: The user whose deletion request to cancel
+
+        Returns:
+            bool: True if a request was cancelled, False if no request existed
+        """
+        try:
+            deletion_request = getattr(user, "deletion_request", None)
+            if deletion_request:
+                deletion_request.delete()
+                return True
+            return False
+        except UserDeletionRequest.DoesNotExist:
+            return False
+
+    @classmethod
+    def cleanup_expired_deletion_requests(cls) -> int:
+        """
+        Clean up expired deletion requests.
+
+        Returns:
+            int: Number of expired requests cleaned up
+        """
+        return UserDeletionRequest.cleanup_expired()

apps/accounts/services/__init__.py

@@ -0,0 +1,11 @@
+"""
+Accounts Services Package
+
+This package contains business logic services for account management,
+including social provider management, user authentication, and profile services.
+"""
+
+from .social_provider_service import SocialProviderService
+from .user_deletion_service import UserDeletionService
+
+__all__ = ['SocialProviderService', 'UserDeletionService']

apps/accounts/services/notification_service.py

@@ -0,0 +1,351 @@
+"""
+Notification service for creating and managing user notifications.
+
+This service handles the creation, delivery, and management of notifications
+for various events including submission approvals/rejections.
+"""
+
+from django.utils import timezone
+from django.contrib.contenttypes.models import ContentType
+from django.template.loader import render_to_string
+from django.conf import settings
+from django.db import models
+from typing import Optional, Dict, Any, List
+from datetime import datetime, timedelta
+import logging
+
+from apps.accounts.models import User, UserNotification, NotificationPreference
+from django_forwardemail.services import EmailService
+
+logger = logging.getLogger(__name__)
+
+
+class NotificationService:
+    """Service for creating and managing user notifications."""
+
+    @staticmethod
+    def create_notification(
+        user: User,
+        notification_type: str,
+        title: str,
+        message: str,
+        related_object: Optional[Any] = None,
+        priority: str = UserNotification.Priority.NORMAL,
+        extra_data: Optional[Dict[str, Any]] = None,
+        expires_at: Optional[datetime] = None,
+    ) -> UserNotification:
+        """
+        Create a new notification for a user.
+
+        Args:
+            user: The user to notify
+            notification_type: Type of notification (from UserNotification.NotificationType)
+            title: Notification title
+            message: Notification message
+            related_object: Optional related object (submission, review, etc.)
+            priority: Notification priority
+            extra_data: Additional data to store with notification
+            expires_at: When the notification expires
+
+        Returns:
+            UserNotification: The created notification
+        """
+        # Get content type and object ID if related object provided
+        content_type = None
+        object_id = None
+        if related_object:
+            content_type = ContentType.objects.get_for_model(related_object)
+            object_id = related_object.pk
+
+        # Create the notification
+        notification = UserNotification.objects.create(
+            user=user,
+            notification_type=notification_type,
+            title=title,
+            message=message,
+            content_type=content_type,
+            object_id=object_id,
+            priority=priority,
+            extra_data=extra_data or {},
+            expires_at=expires_at,
+        )
+
+        # Send notification through appropriate channels
+        NotificationService._send_notification(notification)
+
+        return notification
+
+    @staticmethod
+    def create_submission_approved_notification(
+        user: User,
+        submission_object: Any,
+        submission_type: str,
+        additional_message: str = "",
+    ) -> UserNotification:
+        """
+        Create a notification for submission approval.
+
+        Args:
+            user: User who submitted the content
+            submission_object: The approved submission object
+            submission_type: Type of submission (e.g., "park photo", "ride review")
+            additional_message: Additional message from moderator
+
+        Returns:
+            UserNotification: The created notification
+        """
+        title = f"Your {submission_type} has been approved!"
+        message = f"Great news! Your {submission_type} submission has been approved and is now live on ThrillWiki."
+
+        if additional_message:
+            message += f"\n\nModerator note: {additional_message}"
+
+        extra_data = {
+            "submission_type": submission_type,
+            "moderator_message": additional_message,
+            "approved_at": timezone.now().isoformat(),
+        }
+
+        return NotificationService.create_notification(
+            user=user,
+            notification_type=UserNotification.NotificationType.SUBMISSION_APPROVED,
+            title=title,
+            message=message,
+            related_object=submission_object,
+            priority=UserNotification.Priority.NORMAL,
+            extra_data=extra_data,
+        )
+
+    @staticmethod
+    def create_submission_rejected_notification(
+        user: User,
+        submission_object: Any,
+        submission_type: str,
+        rejection_reason: str,
+        additional_message: str = "",
+    ) -> UserNotification:
+        """
+        Create a notification for submission rejection.
+
+        Args:
+            user: User who submitted the content
+            submission_object: The rejected submission object
+            submission_type: Type of submission (e.g., "park photo", "ride review")
+            rejection_reason: Reason for rejection
+            additional_message: Additional message from moderator
+
+        Returns:
+            UserNotification: The created notification
+        """
+        title = f"Your {submission_type} needs attention"
+        message = f"Your {submission_type} submission has been reviewed and needs some changes before it can be approved."
+        message += f"\n\nReason: {rejection_reason}"
+
+        if additional_message:
+            message += f"\n\nModerator note: {additional_message}"
+
+        message += "\n\nYou can edit and resubmit your content from your profile page."
+
+        extra_data = {
+            "submission_type": submission_type,
+            "rejection_reason": rejection_reason,
+            "moderator_message": additional_message,
+            "rejected_at": timezone.now().isoformat(),
+        }
+
+        return NotificationService.create_notification(
+            user=user,
+            notification_type=UserNotification.NotificationType.SUBMISSION_REJECTED,
+            title=title,
+            message=message,
+            related_object=submission_object,
+            priority=UserNotification.Priority.HIGH,
+            extra_data=extra_data,
+        )
+
+    @staticmethod
+    def create_submission_pending_notification(
+        user: User, submission_object: Any, submission_type: str
+    ) -> UserNotification:
+        """
+        Create a notification for submission pending review.
+
+        Args:
+            user: User who submitted the content
+            submission_object: The pending submission object
+            submission_type: Type of submission (e.g., "park photo", "ride review")
+
+        Returns:
+            UserNotification: The created notification
+        """
+        title = f"Your {submission_type} is under review"
+        message = f"Thanks for your {submission_type} submission! It's now under review by our moderation team."
+        message += "\n\nWe'll notify you once it's been reviewed. This usually takes 1-2 business days."
+
+        extra_data = {
+            "submission_type": submission_type,
+            "submitted_at": timezone.now().isoformat(),
+        }
+
+        return NotificationService.create_notification(
+            user=user,
+            notification_type=UserNotification.NotificationType.SUBMISSION_PENDING,
+            title=title,
+            message=message,
+            related_object=submission_object,
+            priority=UserNotification.Priority.LOW,
+            extra_data=extra_data,
+        )
+
+    @staticmethod
+    def _send_notification(notification: UserNotification) -> None:
+        """
+        Send notification through appropriate channels based on user preferences.
+
+        Args:
+            notification: The notification to send
+        """
+        user = notification.user
+
+        # Get user's notification preferences
+        try:
+            preferences = user.notification_preference
+        except NotificationPreference.DoesNotExist:
+            # Create default preferences if they don't exist
+            preferences = NotificationPreference.objects.create(user=user)
+
+        # Send email notification if enabled
+        if preferences.should_send_notification(
+            notification.notification_type, "email"
+        ):
+            NotificationService._send_email_notification(notification)
+
+        # Toast notifications are always created (the notification object itself)
+        # The frontend will display them as toast notifications based on preferences
+
+    @staticmethod
+    def _send_email_notification(notification: UserNotification) -> None:
+        """
+        Send email notification to user using the custom ForwardEmail service.
+
+        Args:
+            notification: The notification to send via email
+        """
+        try:
+            user = notification.user
+
+            # Prepare email context
+            context = {
+                "user": user,
+                "notification": notification,
+                "site_name": "ThrillWiki",
+                "site_url": getattr(settings, "SITE_URL", "https://thrillwiki.com"),
+            }
+
+            # Render email templates
+            subject = f"ThrillWiki: {notification.title}"
+            html_message = render_to_string("emails/notification.html", context)
+            plain_message = render_to_string("emails/notification.txt", context)
+
+            # Send email using custom ForwardEmail service
+            EmailService.send_email(
+                to=user.email,
+                subject=subject,
+                text=plain_message,
+                html=html_message,
+            )
+
+            # Mark as sent
+            notification.email_sent = True
+            notification.email_sent_at = timezone.now()
+            notification.save(update_fields=["email_sent", "email_sent_at"])
+
+            logger.info(
+                f"Email notification sent to {user.email} for notification {notification.id}"
+            )
+
+        except Exception as e:
+            logger.error(
+                f"Failed to send email notification {notification.id}: {str(e)}"
+            )
+
+    @staticmethod
+    def get_user_notifications(
+        user: User,
+        unread_only: bool = False,
+        notification_types: Optional[List[str]] = None,
+        limit: Optional[int] = None,
+    ) -> List[UserNotification]:
+        """
+        Get notifications for a user.
+
+        Args:
+            user: User to get notifications for
+            unread_only: Only return unread notifications
+            notification_types: Filter by notification types
+            limit: Limit number of results
+
+        Returns:
+            List[UserNotification]: List of notifications
+        """
+        queryset = UserNotification.objects.filter(user=user)
+
+        if unread_only:
+            queryset = queryset.filter(is_read=False)
+
+        if notification_types:
+            queryset = queryset.filter(notification_type__in=notification_types)
+
+        # Exclude expired notifications
+        queryset = queryset.filter(
+            models.Q(expires_at__isnull=True) | models.Q(expires_at__gt=timezone.now())
+        )
+
+        if limit:
+            queryset = queryset[:limit]
+
+        return list(queryset)
+
+    @staticmethod
+    def mark_notifications_read(
+        user: User, notification_ids: Optional[List[int]] = None
+    ) -> int:
+        """
+        Mark notifications as read for a user.
+
+        Args:
+            user: User whose notifications to mark as read
+            notification_ids: Specific notification IDs to mark as read (if None, marks all)
+
+        Returns:
+            int: Number of notifications marked as read
+        """
+        queryset = UserNotification.objects.filter(user=user, is_read=False)
+
+        if notification_ids:
+            queryset = queryset.filter(id__in=notification_ids)
+
+        return queryset.update(is_read=True, read_at=timezone.now())
+
+    @staticmethod
+    def cleanup_old_notifications(days: int = 90) -> int:
+        """
+        Clean up old read notifications.
+
+        Args:
+            days: Number of days to keep read notifications
+
+        Returns:
+            int: Number of notifications deleted
+        """
+        cutoff_date = timezone.now() - timedelta(days=days)
+
+        old_notifications = UserNotification.objects.filter(
+            is_read=True, read_at__lt=cutoff_date
+        )
+
+        count = old_notifications.count()
+        old_notifications.delete()
+
+        logger.info(f"Cleaned up {count} old notifications")
+        return count

apps/accounts/services/social_provider_service.py

@@ -0,0 +1,257 @@
+"""
+Social Provider Management Service
+
+This service handles the business logic for connecting and disconnecting
+social authentication providers while ensuring users never lock themselves
+out of their accounts.
+"""
+
+from typing import Dict, List, Tuple, TYPE_CHECKING
+from django.contrib.auth import get_user_model
+from allauth.socialaccount.models import SocialApp
+from allauth.socialaccount.providers import registry
+from django.contrib.sites.shortcuts import get_current_site
+from django.http import HttpRequest
+import logging
+
+if TYPE_CHECKING:
+    from apps.accounts.models import User
+else:
+    User = get_user_model()
+
+logger = logging.getLogger(__name__)
+
+
+class SocialProviderService:
+    """Service for managing social provider connections."""
+
+    @staticmethod
+    def can_disconnect_provider(user: User, provider: str) -> Tuple[bool, str]:
+        """
+        Check if a user can safely disconnect a social provider.
+
+        Args:
+            user: The user attempting to disconnect
+            provider: The provider to disconnect (e.g., 'google', 'discord')
+
+        Returns:
+            Tuple of (can_disconnect: bool, reason: str)
+        """
+        try:
+            # Count remaining social accounts after disconnection
+            remaining_social_accounts = user.socialaccount_set.exclude(
+                provider=provider
+            ).count()
+
+            # Check if user has email/password auth
+            has_password_auth = (
+                user.email and
+                user.has_usable_password() and
+                bool(user.password)  # Not empty/unusable
+            )
+
+            # Allow disconnection only if alternative auth exists
+            can_disconnect = remaining_social_accounts > 0 or has_password_auth
+
+            if not can_disconnect:
+                if remaining_social_accounts == 0 and not has_password_auth:
+                    return False, "Cannot disconnect your only authentication method. Please set up a password or connect another social provider first."
+                elif not has_password_auth:
+                    return False, "Please set up email/password authentication before disconnecting this provider."
+                else:
+                    return False, "Cannot disconnect this provider at this time."
+
+            return True, "Provider can be safely disconnected."
+
+        except Exception as e:
+            logger.error(
+                f"Error checking disconnect permission for user {user.id}, provider {provider}: {e}")
+            return False, "Unable to verify disconnection safety. Please try again."
+
+    @staticmethod
+    def get_connected_providers(user: "User") -> List[Dict]:
+        """
+        Get all social providers connected to a user's account.
+
+        Args:
+            user: The user to check
+
+        Returns:
+            List of connected provider information
+        """
+        try:
+            connected_providers = []
+
+            for social_account in user.socialaccount_set.all():
+                can_disconnect, reason = SocialProviderService.can_disconnect_provider(
+                    user, social_account.provider
+                )
+
+                provider_info = {
+                    'provider': social_account.provider,
+                    'provider_name': social_account.get_provider().name,
+                    'uid': social_account.uid,
+                    'date_joined': social_account.date_joined,
+                    'can_disconnect': can_disconnect,
+                    'disconnect_reason': reason if not can_disconnect else None,
+                    'extra_data': social_account.extra_data
+                }
+
+                connected_providers.append(provider_info)
+
+            return connected_providers
+
+        except Exception as e:
+            logger.error(f"Error getting connected providers for user {user.id}: {e}")
+            return []
+
+    @staticmethod
+    def get_available_providers(request: HttpRequest) -> List[Dict]:
+        """
+        Get all available social providers for the current site.
+
+        Args:
+            request: The HTTP request
+
+        Returns:
+            List of available provider information
+        """
+        try:
+            site = get_current_site(request)
+            available_providers = []
+
+            # Get all social apps configured for this site
+            social_apps = SocialApp.objects.filter(sites=site).order_by('provider')
+
+            for social_app in social_apps:
+                try:
+                    provider = registry.by_id(social_app.provider)
+
+                    provider_info = {
+                        'id': social_app.provider,
+                        'name': provider.name,
+                        'auth_url': request.build_absolute_uri(
+                            f'/accounts/{social_app.provider}/login/'
+                        ),
+                        'connect_url': request.build_absolute_uri(
+                            f'/api/v1/auth/social/connect/{social_app.provider}/'
+                        )
+                    }
+
+                    available_providers.append(provider_info)
+
+                except Exception as e:
+                    logger.warning(
+                        f"Error processing provider {social_app.provider}: {e}")
+                    continue
+
+            return available_providers
+
+        except Exception as e:
+            logger.error(f"Error getting available providers: {e}")
+            return []
+
+    @staticmethod
+    def disconnect_provider(user: "User", provider: str) -> Tuple[bool, str]:
+        """
+        Disconnect a social provider from a user's account.
+
+        Args:
+            user: The user to disconnect from
+            provider: The provider to disconnect
+
+        Returns:
+            Tuple of (success: bool, message: str)
+        """
+        try:
+            # First check if disconnection is allowed
+            can_disconnect, reason = SocialProviderService.can_disconnect_provider(
+                user, provider)
+
+            if not can_disconnect:
+                return False, reason
+
+            # Find and delete the social account
+            social_accounts = user.socialaccount_set.filter(provider=provider)
+
+            if not social_accounts.exists():
+                return False, f"No {provider} account found to disconnect."
+
+            # Delete all social accounts for this provider (in case of duplicates)
+            deleted_count = social_accounts.count()
+            social_accounts.delete()
+
+            logger.info(
+                f"User {user.id} disconnected {deleted_count} {provider} account(s)")
+
+            return True, f"{provider.title()} account disconnected successfully."
+
+        except Exception as e:
+            logger.error(f"Error disconnecting {provider} for user {user.id}: {e}")
+            return False, f"Failed to disconnect {provider} account. Please try again."
+
+    @staticmethod
+    def get_auth_status(user: "User") -> Dict:
+        """
+        Get comprehensive authentication status for a user.
+
+        Args:
+            user: The user to check
+
+        Returns:
+            Dictionary with authentication status information
+        """
+        try:
+            connected_providers = SocialProviderService.get_connected_providers(user)
+
+            has_password_auth = (
+                user.email and
+                user.has_usable_password() and
+                bool(user.password)
+            )
+
+            auth_methods_count = len(connected_providers) + \
+                (1 if has_password_auth else 0)
+
+            return {
+                'user_id': user.id,
+                'username': user.username,
+                'email': user.email,
+                'has_password_auth': has_password_auth,
+                'connected_providers': connected_providers,
+                'total_auth_methods': auth_methods_count,
+                'can_disconnect_any': auth_methods_count > 1,
+                'requires_password_setup': not has_password_auth and len(connected_providers) == 1
+            }
+
+        except Exception as e:
+            logger.error(f"Error getting auth status for user {user.id}: {e}")
+            return {
+                'error': 'Unable to retrieve authentication status'
+            }
+
+    @staticmethod
+    def validate_provider_exists(provider: str) -> Tuple[bool, str]:
+        """
+        Validate that a social provider is configured and available.
+
+        Args:
+            provider: The provider ID to validate
+
+        Returns:
+            Tuple of (is_valid: bool, message: str)
+        """
+        try:
+            # Check if provider is registered with allauth
+            if provider not in registry.provider_map:
+                return False, f"Provider '{provider}' is not supported."
+
+            # Check if provider has a social app configured
+            if not SocialApp.objects.filter(provider=provider).exists():
+                return False, f"Provider '{provider}' is not configured on this site."
+
+            return True, f"Provider '{provider}' is valid and available."
+
+        except Exception as e:
+            logger.error(f"Error validating provider {provider}: {e}")
+            return False, "Unable to validate provider."

apps/accounts/services/user_deletion_service.py

@@ -0,0 +1,309 @@
+"""
+User Deletion Service
+
+This service handles user account deletion while preserving submissions
+and maintaining data integrity across the platform.
+"""
+
+from django.utils import timezone
+from django.db import transaction
+from django.contrib.auth import get_user_model
+from django.core.mail import send_mail
+from django.conf import settings
+from django.template.loader import render_to_string
+from typing import Dict, Any, Tuple, Optional
+import logging
+import secrets
+import string
+from datetime import datetime
+
+from apps.accounts.models import User
+
+logger = logging.getLogger(__name__)
+
+User = get_user_model()
+
+
+class UserDeletionRequest:
+    """Model for tracking user deletion requests."""
+
+    def __init__(self, user: User, verification_code: str, expires_at: datetime):
+        self.user = user
+        self.verification_code = verification_code
+        self.expires_at = expires_at
+        self.created_at = timezone.now()
+
+
+class UserDeletionService:
+    """Service for handling user account deletion with submission preservation."""
+
+    # In-memory storage for deletion requests (in production, use Redis or database)
+    _deletion_requests = {}
+
+    @staticmethod
+    def can_delete_user(user: User) -> Tuple[bool, Optional[str]]:
+        """
+        Check if a user can be safely deleted.
+
+        Args:
+            user: User to check for deletion eligibility
+
+        Returns:
+            Tuple[bool, Optional[str]]: (can_delete, reason_if_not)
+        """
+        # Prevent deletion of superusers
+        if user.is_superuser:
+            return False, "Cannot delete superuser accounts"
+
+        # Prevent deletion of staff/admin users
+        if user.is_staff:
+            return False, "Cannot delete staff accounts"
+
+        # Check for system users (if you have any special system accounts)
+        if hasattr(user, 'role') and user.role in ['ADMIN', 'MODERATOR']:
+            return False, "Cannot delete admin or moderator accounts"
+
+        return True, None
+
+    @staticmethod
+    def request_user_deletion(user: User) -> UserDeletionRequest:
+        """
+        Create a deletion request for a user and send verification email.
+
+        Args:
+            user: User requesting deletion
+
+        Returns:
+            UserDeletionRequest: The deletion request object
+
+        Raises:
+            ValueError: If user cannot be deleted
+        """
+        # Check if user can be deleted
+        can_delete, reason = UserDeletionService.can_delete_user(user)
+        if not can_delete:
+            raise ValueError(reason)
+
+        # Generate verification code
+        verification_code = ''.join(secrets.choice(
+            string.ascii_uppercase + string.digits) for _ in range(8))
+
+        # Set expiration (24 hours from now)
+        expires_at = timezone.now() + timezone.timedelta(hours=24)
+
+        # Create deletion request
+        deletion_request = UserDeletionRequest(user, verification_code, expires_at)
+
+        # Store request (in production, use Redis or database)
+        UserDeletionService._deletion_requests[verification_code] = deletion_request
+
+        # Send verification email
+        UserDeletionService._send_deletion_verification_email(
+            user, verification_code, expires_at)
+
+        return deletion_request
+
+    @staticmethod
+    def verify_and_delete_user(verification_code: str) -> Dict[str, Any]:
+        """
+        Verify deletion code and delete user account.
+
+        Args:
+            verification_code: Verification code from email
+
+        Returns:
+            Dict[str, Any]: Deletion result information
+
+        Raises:
+            ValueError: If verification code is invalid or expired
+        """
+        # Find deletion request
+        deletion_request = UserDeletionService._deletion_requests.get(verification_code)
+        if not deletion_request:
+            raise ValueError("Invalid verification code")
+
+        # Check if expired
+        if timezone.now() > deletion_request.expires_at:
+            # Clean up expired request
+            del UserDeletionService._deletion_requests[verification_code]
+            raise ValueError("Verification code has expired")
+
+        user = deletion_request.user
+
+        # Perform deletion
+        result = UserDeletionService.delete_user_preserve_submissions(user)
+
+        # Clean up deletion request
+        del UserDeletionService._deletion_requests[verification_code]
+
+        # Add verification info to result
+        result['deletion_request'] = {
+            'verification_code': verification_code,
+            'created_at': deletion_request.created_at,
+            'verified_at': timezone.now(),
+        }
+
+        return result
+
+    @staticmethod
+    def cancel_deletion_request(user: User) -> bool:
+        """
+        Cancel a pending deletion request for a user.
+
+        Args:
+            user: User whose deletion request to cancel
+
+        Returns:
+            bool: True if request was found and cancelled, False if no request found
+        """
+        # Find and remove any deletion requests for this user
+        to_remove = []
+        for code, request in UserDeletionService._deletion_requests.items():
+            if request.user.id == user.id:
+                to_remove.append(code)
+
+        for code in to_remove:
+            del UserDeletionService._deletion_requests[code]
+
+        return len(to_remove) > 0
+
+    @staticmethod
+    @transaction.atomic
+    def delete_user_preserve_submissions(user: User) -> Dict[str, Any]:
+        """
+        Delete a user account while preserving all their submissions.
+
+        Args:
+            user: User to delete
+
+        Returns:
+            Dict[str, Any]: Information about the deletion and preserved submissions
+        """
+        # Get or create the "deleted_user" placeholder
+        deleted_user_placeholder, created = User.objects.get_or_create(
+            username='deleted_user',
+            defaults={
+                'email': 'deleted@thrillwiki.com',
+                'first_name': 'Deleted',
+                'last_name': 'User',
+                'is_active': False,
+            }
+        )
+
+        # Count submissions before transfer
+        submission_counts = UserDeletionService._count_user_submissions(user)
+
+        # Transfer submissions to placeholder user
+        UserDeletionService._transfer_user_submissions(user, deleted_user_placeholder)
+
+        # Store user info before deletion
+        deleted_user_info = {
+            'username': user.username,
+            'user_id': getattr(user, 'user_id', user.id),
+            'email': user.email,
+            'date_joined': user.date_joined,
+        }
+
+        # Delete the user account
+        user.delete()
+
+        return {
+            'deleted_user': deleted_user_info,
+            'preserved_submissions': submission_counts,
+            'transferred_to': {
+                'username': deleted_user_placeholder.username,
+                'user_id': getattr(deleted_user_placeholder, 'user_id', deleted_user_placeholder.id),
+            }
+        }
+
+    @staticmethod
+    def _count_user_submissions(user: User) -> Dict[str, int]:
+        """Count all submissions for a user."""
+        counts = {}
+
+        # Count different types of submissions
+        # Note: These are placeholder counts - adjust based on your actual models
+        counts['park_reviews'] = getattr(
+            user, 'park_reviews', user.__class__.objects.none()).count()
+        counts['ride_reviews'] = getattr(
+            user, 'ride_reviews', user.__class__.objects.none()).count()
+        counts['uploaded_park_photos'] = getattr(
+            user, 'uploaded_park_photos', user.__class__.objects.none()).count()
+        counts['uploaded_ride_photos'] = getattr(
+            user, 'uploaded_ride_photos', user.__class__.objects.none()).count()
+        counts['top_lists'] = getattr(
+            user, 'top_lists', user.__class__.objects.none()).count()
+        counts['edit_submissions'] = getattr(
+            user, 'edit_submissions', user.__class__.objects.none()).count()
+        counts['photo_submissions'] = getattr(
+            user, 'photo_submissions', user.__class__.objects.none()).count()
+
+        return counts
+
+    @staticmethod
+    def _transfer_user_submissions(user: User, placeholder_user: User) -> None:
+        """Transfer all user submissions to placeholder user."""
+
+        # Transfer different types of submissions
+        # Note: Adjust these based on your actual model relationships
+
+        # Park reviews
+        if hasattr(user, 'park_reviews'):
+            user.park_reviews.all().update(user=placeholder_user)
+
+        # Ride reviews
+        if hasattr(user, 'ride_reviews'):
+            user.ride_reviews.all().update(user=placeholder_user)
+
+        # Uploaded photos
+        if hasattr(user, 'uploaded_park_photos'):
+            user.uploaded_park_photos.all().update(user=placeholder_user)
+
+        if hasattr(user, 'uploaded_ride_photos'):
+            user.uploaded_ride_photos.all().update(user=placeholder_user)
+
+        # Top lists
+        if hasattr(user, 'top_lists'):
+            user.top_lists.all().update(user=placeholder_user)
+
+        # Edit submissions
+        if hasattr(user, 'edit_submissions'):
+            user.edit_submissions.all().update(user=placeholder_user)
+
+        # Photo submissions
+        if hasattr(user, 'photo_submissions'):
+            user.photo_submissions.all().update(user=placeholder_user)
+
+    @staticmethod
+    def _send_deletion_verification_email(user: User, verification_code: str, expires_at: timezone.datetime) -> None:
+        """Send verification email for account deletion."""
+        try:
+            context = {
+                'user': user,
+                'verification_code': verification_code,
+                'expires_at': expires_at,
+                'site_name': 'ThrillWiki',
+                'site_url': getattr(settings, 'SITE_URL', 'https://thrillwiki.com'),
+            }
+
+            subject = 'ThrillWiki: Confirm Account Deletion'
+            html_message = render_to_string(
+                'emails/account_deletion_verification.html', context)
+            plain_message = render_to_string(
+                'emails/account_deletion_verification.txt', context)
+
+            send_mail(
+                subject=subject,
+                message=plain_message,
+                html_message=html_message,
+                from_email=settings.DEFAULT_FROM_EMAIL,
+                recipient_list=[user.email],
+                fail_silently=False,
+            )
+
+            logger.info(f"Deletion verification email sent to {user.email}")
+
+        except Exception as e:
+            logger.error(
+                f"Failed to send deletion verification email to {user.email}: {str(e)}")
+            raise

apps/accounts/signals.py

@@ -10,13 +10,15 @@ from .models import User, UserProfile
 
 @receiver(post_save, sender=User)
 def create_user_profile(sender, instance, created, **kwargs):
-    """Create UserProfile for new users"""
-    try:
+    """Create UserProfile for new users - unified signal handler"""
     if created:
-            # Create profile
-            profile = UserProfile.objects.create(user=instance)
+        try:
+            # Use get_or_create to prevent duplicates
+            profile, profile_created = UserProfile.objects.get_or_create(user=instance)
             
+            if profile_created:
                 # If user has a social account with avatar, download it
+                try:
                     social_account = instance.socialaccount_set.first()
                     if social_account:
                         extra_data = social_account.extra_data
@@ -31,7 +33,6 @@ def create_user_profile(sender, instance, created, **kwargs):
                                 avatar_url = f"https://cdn.discordapp.com/avatars/{discord_id}/{avatar}.png"
 
                         if avatar_url:
-                    try:
                             response = requests.get(avatar_url, timeout=60)
                             if response.status_code == 200:
                                 img_temp = NamedTemporaryFile(delete=True)
@@ -41,30 +42,11 @@ def create_user_profile(sender, instance, created, **kwargs):
                                 file_name = f"avatar_{instance.username}.png"
                                 profile.avatar.save(file_name, File(img_temp), save=True)
                 except Exception as e:
-                        print(
-                            f"Error downloading avatar for user {instance.username}: {
-                                str(e)
-                            }"
-                        )
+                    print(f"Error downloading avatar for user {instance.username}: {str(e)}")
         except Exception as e:
             print(f"Error creating profile for user {instance.username}: {str(e)}")
 
 
-@receiver(post_save, sender=User)
-def save_user_profile(sender, instance, **kwargs):
-    """Ensure UserProfile exists and is saved"""
-    try:
-        # Try to get existing profile first
-        try:
-            profile = instance.profile
-            profile.save()
-        except UserProfile.DoesNotExist:
-            # Profile doesn't exist, create it
-            UserProfile.objects.create(user=instance)
-    except Exception as e:
-        print(f"Error saving profile for user {instance.username}: {str(e)}")
-
-
 @receiver(pre_save, sender=User)
 def sync_user_role_with_groups(sender, instance, **kwargs):
     """Sync user role with Django groups"""
@@ -75,43 +57,43 @@ def sync_user_role_with_groups(sender, instance, **kwargs):
                 # Role has changed, update groups
                 with transaction.atomic():
                     # Remove from old role group if exists
-                    if old_instance.role != User.Roles.USER:
+                    if old_instance.role != "USER":
                         old_group = Group.objects.filter(name=old_instance.role).first()
                         if old_group:
                             instance.groups.remove(old_group)
 
                     # Add to new role group
-                    if instance.role != User.Roles.USER:
+                    if instance.role != "USER":
                         new_group, _ = Group.objects.get_or_create(name=instance.role)
                         instance.groups.add(new_group)
 
                         # Special handling for superuser role
-                        if instance.role == User.Roles.SUPERUSER:
+                        if instance.role == "SUPERUSER":
                             instance.is_superuser = True
                             instance.is_staff = True
-                        elif old_instance.role == User.Roles.SUPERUSER:
+                        elif old_instance.role == "SUPERUSER":
                             # If removing superuser role, remove superuser
                             # status
                             instance.is_superuser = False
                             if instance.role not in [
-                                User.Roles.ADMIN,
-                                User.Roles.MODERATOR,
+                                "ADMIN",
+                                "MODERATOR",
                             ]:
                                 instance.is_staff = False
 
                         # Handle staff status for admin and moderator roles
                         if instance.role in [
-                            User.Roles.ADMIN,
-                            User.Roles.MODERATOR,
+                            "ADMIN",
+                            "MODERATOR",
                         ]:
                             instance.is_staff = True
                         elif old_instance.role in [
-                            User.Roles.ADMIN,
-                            User.Roles.MODERATOR,
+                            "ADMIN",
+                            "MODERATOR",
                         ]:
                             # If removing admin/moderator role, remove staff
                             # status
-                            if instance.role not in [User.Roles.SUPERUSER]:
+                            if instance.role not in ["SUPERUSER"]:
                                 instance.is_staff = False
         except User.DoesNotExist:
             pass
@@ -130,7 +112,7 @@ def create_default_groups():
         from django.contrib.auth.models import Permission
 
         # Create Moderator group
-        moderator_group, _ = Group.objects.get_or_create(name=User.Roles.MODERATOR)
+        moderator_group, _ = Group.objects.get_or_create(name="MODERATOR")
         moderator_permissions = [
             # Review moderation permissions
             "change_review",
@@ -149,7 +131,7 @@ def create_default_groups():
         ]
 
         # Create Admin group
-        admin_group, _ = Group.objects.get_or_create(name=User.Roles.ADMIN)
+        admin_group, _ = Group.objects.get_or_create(name="ADMIN")
         admin_permissions = moderator_permissions + [
             # User management permissions
             "change_user",

apps/accounts/tests.py

@@ -109,7 +109,7 @@ class SignalsTestCase(TestCase):
 
         create_default_groups()
 
-        moderator_group = Group.objects.get(name=User.Roles.MODERATOR)
+        moderator_group = Group.objects.get(name="MODERATOR")
         self.assertIsNotNone(moderator_group)
         self.assertTrue(
             moderator_group.permissions.filter(codename="change_review").exists()
@@ -118,7 +118,7 @@ class SignalsTestCase(TestCase):
             moderator_group.permissions.filter(codename="change_user").exists()
         )
 
-        admin_group = Group.objects.get(name=User.Roles.ADMIN)
+        admin_group = Group.objects.get(name="ADMIN")
         self.assertIsNotNone(admin_group)
         self.assertTrue(
             admin_group.permissions.filter(codename="change_review").exists()

apps/accounts/tests/test_user_deletion.py

@@ -0,0 +1,155 @@
+"""
+Tests for user deletion while preserving submissions.
+"""
+
+from django.test import TestCase
+from django.db import transaction
+from apps.accounts.services import UserDeletionService
+from apps.accounts.models import User, UserProfile
+
+
+class UserDeletionServiceTest(TestCase):
+    """Test cases for UserDeletionService."""
+
+    def setUp(self):
+        """Set up test data."""
+        # Create test users
+        self.user = User.objects.create_user(
+            username="testuser", email="test@example.com", password="testpass123"
+        )
+
+        self.admin_user = User.objects.create_user(
+            username="admin",
+            email="admin@example.com",
+            password="adminpass123",
+            is_superuser=True,
+        )
+
+        # Create user profiles
+        UserProfile.objects.create(
+            user=self.user, display_name="Test User", bio="Test bio"
+        )
+
+        UserProfile.objects.create(
+            user=self.admin_user, display_name="Admin User", bio="Admin bio"
+        )
+
+    def test_get_or_create_deleted_user(self):
+        """Test that deleted user placeholder is created correctly."""
+        deleted_user = UserDeletionService.get_or_create_deleted_user()
+
+        self.assertEqual(deleted_user.username, "deleted_user")
+        self.assertEqual(deleted_user.email, "deleted@thrillwiki.com")
+        self.assertFalse(deleted_user.is_active)
+        self.assertTrue(deleted_user.is_banned)
+        self.assertEqual(deleted_user.role, "USER")
+
+        # Check profile was created
+        self.assertTrue(hasattr(deleted_user, "profile"))
+        self.assertEqual(deleted_user.profile.display_name, "Deleted User")
+
+    def test_get_or_create_deleted_user_idempotent(self):
+        """Test that calling get_or_create_deleted_user multiple times returns same user."""
+        deleted_user1 = UserDeletionService.get_or_create_deleted_user()
+        deleted_user2 = UserDeletionService.get_or_create_deleted_user()
+
+        self.assertEqual(deleted_user1.id, deleted_user2.id)
+        self.assertEqual(User.objects.filter(username="deleted_user").count(), 1)
+
+    def test_can_delete_user_normal_user(self):
+        """Test that normal users can be deleted."""
+        can_delete, reason = UserDeletionService.can_delete_user(self.user)
+
+        self.assertTrue(can_delete)
+        self.assertIsNone(reason)
+
+    def test_can_delete_user_superuser(self):
+        """Test that superusers cannot be deleted."""
+        can_delete, reason = UserDeletionService.can_delete_user(self.admin_user)
+
+        self.assertFalse(can_delete)
+        self.assertEqual(reason, "Cannot delete superuser accounts")
+
+    def test_can_delete_user_deleted_user_placeholder(self):
+        """Test that deleted user placeholder cannot be deleted."""
+        deleted_user = UserDeletionService.get_or_create_deleted_user()
+        can_delete, reason = UserDeletionService.can_delete_user(deleted_user)
+
+        self.assertFalse(can_delete)
+        self.assertEqual(reason, "Cannot delete the system deleted user placeholder")
+
+    def test_delete_user_preserve_submissions_no_submissions(self):
+        """Test deleting user with no submissions."""
+        user_id = self.user.user_id
+        username = self.user.username
+
+        result = UserDeletionService.delete_user_preserve_submissions(self.user)
+
+        # Check user was deleted
+        self.assertFalse(User.objects.filter(user_id=user_id).exists())
+
+        # Check result structure
+        self.assertIn("deleted_user", result)
+        self.assertIn("preserved_submissions", result)
+        self.assertIn("transferred_to", result)
+
+        self.assertEqual(result["deleted_user"]["username"], username)
+        self.assertEqual(result["deleted_user"]["user_id"], user_id)
+
+        # All submission counts should be 0
+        for count in result["preserved_submissions"].values():
+            self.assertEqual(count, 0)
+
+    def test_delete_user_cannot_delete_deleted_user_placeholder(self):
+        """Test that attempting to delete the deleted user placeholder raises error."""
+        deleted_user = UserDeletionService.get_or_create_deleted_user()
+
+        with self.assertRaises(ValueError) as context:
+            UserDeletionService.delete_user_preserve_submissions(deleted_user)
+
+        self.assertIn(
+            "Cannot delete the system deleted user placeholder", str(context.exception)
+        )
+
+    def test_delete_user_with_submissions_transfers_correctly(self):
+        """Test that user submissions are transferred to deleted user placeholder."""
+        # This test would require creating park/ride data which is complex
+        # For now, we'll test the basic functionality
+
+        # Create deleted user first to ensure it exists
+        UserDeletionService.get_or_create_deleted_user()
+
+        # Delete the test user
+        result = UserDeletionService.delete_user_preserve_submissions(self.user)
+
+        # Verify the deleted user placeholder still exists
+        self.assertTrue(User.objects.filter(username="deleted_user").exists())
+
+        # Verify result structure
+        self.assertIn("deleted_user", result)
+        self.assertIn("preserved_submissions", result)
+        self.assertIn("transferred_to", result)
+
+        self.assertEqual(result["transferred_to"]["username"], "deleted_user")
+
+    def test_delete_user_atomic_transaction(self):
+        """Test that user deletion is atomic."""
+        # This test ensures that if something goes wrong during deletion,
+        # the transaction is rolled back
+
+        original_user_count = User.objects.count()
+
+        # Mock a failure during the deletion process
+        with self.assertRaises(Exception):
+            with transaction.atomic():
+                # Start the deletion process
+                UserDeletionService.get_or_create_deleted_user()
+
+                # Simulate an error
+                raise Exception("Simulated error during deletion")
+
+        # Verify user count hasn't changed
+        self.assertEqual(User.objects.count(), original_user_count)
+
+        # Verify our test user still exists
+        self.assertTrue(User.objects.filter(user_id=self.user.user_id).exists())

apps/accounts/views.py

@@ -24,7 +24,7 @@ from apps.accounts.models import (
     EmailVerification,
     UserProfile,
 )
-from apps.email_service.services import EmailService
+from django_forwardemail.services import EmailService
 from apps.parks.models import ParkReview
 from apps.rides.models import RideReview
 from allauth.account.views import LoginView, SignupView

apps/core/__init__.py

@@ -0,0 +1,12 @@
+"""
+Core Django App
+
+This app handles core system functionality including health checks,
+system status, and other foundational features.
+"""
+
+# Import core choices to ensure they are registered with the global registry
+from .choices import core_choices
+
+# Ensure choices are registered on app startup
+__all__ = ['core_choices']

apps/core/api/exceptions.py

@@ -137,6 +137,39 @@ def custom_exception_handler(
         )
         response = Response(custom_response_data, status=status.HTTP_403_FORBIDDEN)
 
+    # Catch-all for any other exceptions that might slip through
+    # This ensures we ALWAYS return JSON for API endpoints
+    else:
+        # Check if this is an API request by looking at the URL path
+        request = context.get("request")
+        if request and hasattr(request, "path") and "/api/" in request.path:
+            # This is an API request, so we must return JSON
+            custom_response_data = {
+                "status": "error",
+                "error": {
+                    "code": exc.__class__.__name__.upper(),
+                    "message": str(exc) if str(exc) else "An unexpected error occurred",
+                    "details": None,
+                },
+                "data": None,
+            }
+
+            # Add request context for debugging
+            if hasattr(request, "user"):
+                custom_response_data["error"]["request_user"] = str(request.user)
+
+            # Log the error for monitoring
+            log_exception(
+                logger,
+                exc,
+                context={"response_status": status.HTTP_500_INTERNAL_SERVER_ERROR},
+                request=request,
+            )
+
+            response = Response(
+                custom_response_data, status=status.HTTP_500_INTERNAL_SERVER_ERROR
+            )
+
     return response
 
 

apps/core/choices/__init__.py

@@ -0,0 +1,32 @@
+"""
+Rich Choice Objects System
+
+This module provides a comprehensive system for managing choice fields throughout
+the ThrillWiki application. It replaces simple tuple-based choices with rich
+dataclass objects that support metadata, descriptions, categories, and deprecation.
+
+Key Components:
+- RichChoice: Base dataclass for choice objects
+- ChoiceRegistry: Centralized management of all choice definitions
+- RichChoiceField: Django model field for rich choices
+- RichChoiceSerializer: DRF serializer for API responses
+"""
+
+from .base import RichChoice, ChoiceCategory, ChoiceGroup
+from .registry import ChoiceRegistry, register_choices
+from .fields import RichChoiceField
+from .serializers import RichChoiceSerializer, RichChoiceOptionSerializer
+from .utils import validate_choice_value, get_choice_display
+
+__all__ = [
+    'RichChoice',
+    'ChoiceCategory',
+    'ChoiceGroup',
+    'ChoiceRegistry',
+    'register_choices',
+    'RichChoiceField',
+    'RichChoiceSerializer',
+    'RichChoiceOptionSerializer',
+    'validate_choice_value',
+    'get_choice_display',
+]

apps/core/choices/base.py

@@ -0,0 +1,154 @@
+"""
+Base Rich Choice Objects
+
+This module defines the core dataclass structures for rich choice objects.
+"""
+
+from dataclasses import dataclass, field
+from typing import Dict, Any, Optional
+from enum import Enum
+
+
+class ChoiceCategory(Enum):
+    """Categories for organizing choice types"""
+    STATUS = "status"
+    TYPE = "type"
+    CLASSIFICATION = "classification"
+    PREFERENCE = "preference"
+    PERMISSION = "permission"
+    PRIORITY = "priority"
+    ACTION = "action"
+    NOTIFICATION = "notification"
+    MODERATION = "moderation"
+    TECHNICAL = "technical"
+    BUSINESS = "business"
+    SECURITY = "security"
+    OTHER = "other"
+
+
+@dataclass(frozen=True)
+class RichChoice:
+    """
+    Rich choice object with metadata support.
+    
+    This replaces simple tuple choices with a comprehensive object that can
+    carry additional information like descriptions, colors, icons, and custom metadata.
+    
+    Attributes:
+        value: The stored value (equivalent to first element of tuple choice)
+        label: Human-readable display name (equivalent to second element of tuple choice)
+        description: Detailed description of what this choice means
+        metadata: Dictionary of additional properties (colors, icons, etc.)
+        deprecated: Whether this choice is deprecated and should not be used for new entries
+        category: Category for organizing related choices
+    """
+    value: str
+    label: str
+    description: str = ""
+    metadata: Dict[str, Any] = field(default_factory=dict)
+    deprecated: bool = False
+    category: ChoiceCategory = ChoiceCategory.OTHER
+    
+    def __post_init__(self):
+        """Validate the choice object after initialization"""
+        if not self.value:
+            raise ValueError("Choice value cannot be empty")
+        if not self.label:
+            raise ValueError("Choice label cannot be empty")
+    
+    @property
+    def color(self) -> Optional[str]:
+        """Get the color from metadata if available"""
+        return self.metadata.get('color')
+    
+    @property
+    def icon(self) -> Optional[str]:
+        """Get the icon from metadata if available"""
+        return self.metadata.get('icon')
+    
+    @property
+    def css_class(self) -> Optional[str]:
+        """Get the CSS class from metadata if available"""
+        return self.metadata.get('css_class')
+    
+    @property
+    def sort_order(self) -> int:
+        """Get the sort order from metadata, defaulting to 0"""
+        return self.metadata.get('sort_order', 0)
+    
+    
+    def to_dict(self) -> Dict[str, Any]:
+        """Convert to dictionary representation for API serialization"""
+        return {
+            'value': self.value,
+            'label': self.label,
+            'description': self.description,
+            'metadata': self.metadata,
+            'deprecated': self.deprecated,
+            'category': self.category.value,
+            'color': self.color,
+            'icon': self.icon,
+            'css_class': self.css_class,
+            'sort_order': self.sort_order,
+        }
+    
+    
+    def __str__(self) -> str:
+        return self.label
+    
+    def __repr__(self) -> str:
+        return f"RichChoice(value='{self.value}', label='{self.label}')"
+
+
+@dataclass
+class ChoiceGroup:
+    """
+    A group of related choices with shared metadata.
+    
+    This allows for organizing choices into logical groups with
+    common properties and behaviors.
+    """
+    name: str
+    choices: list[RichChoice]
+    description: str = ""
+    metadata: Dict[str, Any] = field(default_factory=dict)
+    
+    def __post_init__(self):
+        """Validate the choice group after initialization"""
+        if not self.name:
+            raise ValueError("Choice group name cannot be empty")
+        if not self.choices:
+            raise ValueError("Choice group must contain at least one choice")
+        
+        # Validate that all choice values are unique within the group
+        values = [choice.value for choice in self.choices]
+        if len(values) != len(set(values)):
+            raise ValueError("All choice values within a group must be unique")
+    
+    def get_choice(self, value: str) -> Optional[RichChoice]:
+        """Get a choice by its value"""
+        for choice in self.choices:
+            if choice.value == value:
+                return choice
+        return None
+    
+    def get_choices_by_category(self, category: ChoiceCategory) -> list[RichChoice]:
+        """Get all choices in a specific category"""
+        return [choice for choice in self.choices if choice.category == category]
+    
+    def get_active_choices(self) -> list[RichChoice]:
+        """Get all non-deprecated choices"""
+        return [choice for choice in self.choices if not choice.deprecated]
+    
+    def to_tuple_choices(self) -> list[tuple[str, str]]:
+        """Convert to legacy tuple choices format"""
+        return [(choice.value, choice.label) for choice in self.choices]
+    
+    def to_dict(self) -> Dict[str, Any]:
+        """Convert to dictionary representation for API serialization"""
+        return {
+            'name': self.name,
+            'description': self.description,
+            'metadata': self.metadata,
+            'choices': [choice.to_dict() for choice in self.choices]
+        }

apps/core/choices/core_choices.py

@@ -0,0 +1,158 @@
+"""
+Core System Rich Choice Objects
+
+This module defines all choice objects for core system functionality,
+including health checks, API statuses, and other system-level choices.
+"""
+
+from .base import RichChoice, ChoiceCategory
+from .registry import register_choices
+
+
+# Health Check Status Choices
+HEALTH_STATUSES = [
+    RichChoice(
+        value="healthy",
+        label="Healthy",
+        description="System is operating normally with no issues detected",
+        metadata={
+            'color': 'green',
+            'icon': 'check-circle',
+            'css_class': 'bg-green-100 text-green-800',
+            'sort_order': 1,
+            'http_status': 200
+        },
+        category=ChoiceCategory.STATUS
+    ),
+    RichChoice(
+        value="unhealthy",
+        label="Unhealthy",
+        description="System has detected issues that may affect functionality",
+        metadata={
+            'color': 'red',
+            'icon': 'x-circle',
+            'css_class': 'bg-red-100 text-red-800',
+            'sort_order': 2,
+            'http_status': 503
+        },
+        category=ChoiceCategory.STATUS
+    ),
+]
+
+# Simple Health Check Status Choices
+SIMPLE_HEALTH_STATUSES = [
+    RichChoice(
+        value="ok",
+        label="OK",
+        description="Basic health check passed",
+        metadata={
+            'color': 'green',
+            'icon': 'check',
+            'css_class': 'bg-green-100 text-green-800',
+            'sort_order': 1,
+            'http_status': 200
+        },
+        category=ChoiceCategory.STATUS
+    ),
+    RichChoice(
+        value="error",
+        label="Error",
+        description="Basic health check failed",
+        metadata={
+            'color': 'red',
+            'icon': 'x',
+            'css_class': 'bg-red-100 text-red-800',
+            'sort_order': 2,
+            'http_status': 500
+        },
+        category=ChoiceCategory.STATUS
+    ),
+]
+
+# Entity Type Choices for Search
+ENTITY_TYPES = [
+    RichChoice(
+        value="park",
+        label="Park",
+        description="Theme parks and amusement parks",
+        metadata={
+            'color': 'green',
+            'icon': 'map-pin',
+            'css_class': 'bg-green-100 text-green-800',
+            'sort_order': 1,
+            'search_weight': 1.0
+        },
+        category=ChoiceCategory.CLASSIFICATION
+    ),
+    RichChoice(
+        value="ride",
+        label="Ride",
+        description="Individual rides and attractions",
+        metadata={
+            'color': 'blue',
+            'icon': 'activity',
+            'css_class': 'bg-blue-100 text-blue-800',
+            'sort_order': 2,
+            'search_weight': 1.0
+        },
+        category=ChoiceCategory.CLASSIFICATION
+    ),
+    RichChoice(
+        value="company",
+        label="Company",
+        description="Manufacturers, operators, and designers",
+        metadata={
+            'color': 'purple',
+            'icon': 'building',
+            'css_class': 'bg-purple-100 text-purple-800',
+            'sort_order': 3,
+            'search_weight': 0.8
+        },
+        category=ChoiceCategory.CLASSIFICATION
+    ),
+    RichChoice(
+        value="user",
+        label="User",
+        description="User profiles and accounts",
+        metadata={
+            'color': 'orange',
+            'icon': 'user',
+            'css_class': 'bg-orange-100 text-orange-800',
+            'sort_order': 4,
+            'search_weight': 0.5
+        },
+        category=ChoiceCategory.CLASSIFICATION
+    ),
+]
+
+
+def register_core_choices():
+    """Register all core system choices with the global registry"""
+    
+    register_choices(
+        name="health_statuses",
+        choices=HEALTH_STATUSES,
+        domain="core",
+        description="Health check status options",
+        metadata={'domain': 'core', 'type': 'health_status'}
+    )
+    
+    register_choices(
+        name="simple_health_statuses",
+        choices=SIMPLE_HEALTH_STATUSES,
+        domain="core",
+        description="Simple health check status options",
+        metadata={'domain': 'core', 'type': 'simple_health_status'}
+    )
+    
+    register_choices(
+        name="entity_types",
+        choices=ENTITY_TYPES,
+        domain="core",
+        description="Entity type classifications for search functionality",
+        metadata={'domain': 'core', 'type': 'entity_type'}
+    )
+
+
+# Auto-register choices when module is imported
+register_core_choices()

apps/core/choices/fields.py

@@ -0,0 +1,198 @@
+"""
+Django Model Fields for Rich Choices
+
+This module provides Django model field implementations for rich choice objects.
+"""
+
+from typing import Any, Optional
+from django.db import models
+from django.core.exceptions import ValidationError
+from django.forms import ChoiceField
+from .base import RichChoice
+from .registry import registry
+
+
+class RichChoiceField(models.CharField):
+    """
+    Django model field for rich choice objects.
+    
+    This field stores the choice value as a CharField but provides
+    rich choice functionality through the registry system.
+    """
+    
+    def __init__(
+        self,
+        choice_group: str,
+        domain: str = "core",
+        max_length: int = 50,
+        allow_deprecated: bool = False,
+        **kwargs
+    ):
+        """
+        Initialize the RichChoiceField.
+        
+        Args:
+            choice_group: Name of the choice group in the registry
+            domain: Domain namespace for the choice group
+            max_length: Maximum length for the stored value
+            allow_deprecated: Whether to allow deprecated choices
+            **kwargs: Additional arguments passed to CharField
+        """
+        self.choice_group = choice_group
+        self.domain = domain
+        self.allow_deprecated = allow_deprecated
+        
+        # Set choices from registry for Django admin and forms
+        if self.allow_deprecated:
+            choices_list = registry.get_choices(choice_group, domain)
+        else:
+            choices_list = registry.get_active_choices(choice_group, domain)
+        
+        choices = [(choice.value, choice.label) for choice in choices_list]
+        
+        kwargs['choices'] = choices
+        kwargs['max_length'] = max_length
+        
+        super().__init__(**kwargs)
+    
+    def validate(self, value: Any, model_instance: Any) -> None:
+        """Validate the choice value"""
+        super().validate(value, model_instance)
+        
+        if value is None or value == '':
+            return
+        
+        # Check if choice exists in registry
+        choice = registry.get_choice(self.choice_group, value, self.domain)
+        if choice is None:
+            raise ValidationError(
+                f"'{value}' is not a valid choice for {self.choice_group}"
+            )
+        
+        # Check if deprecated choices are allowed
+        if choice.deprecated and not self.allow_deprecated:
+            raise ValidationError(
+                f"'{value}' is deprecated and cannot be used for new entries"
+            )
+    
+    def get_rich_choice(self, value: str) -> Optional[RichChoice]:
+        """Get the RichChoice object for a value"""
+        return registry.get_choice(self.choice_group, value, self.domain)
+    
+    def get_choice_display(self, value: str) -> str:
+        """Get the display label for a choice value"""
+        return registry.get_choice_display(self.choice_group, value, self.domain)
+    
+    def contribute_to_class(self, cls: Any, name: str, private_only: bool = False, **kwargs: Any) -> None:
+        """Add helper methods to the model class (signature compatible with Django Field)"""
+        super().contribute_to_class(cls, name, private_only=private_only, **kwargs)
+        
+        # Add get_FOO_rich_choice method
+        def get_rich_choice_method(instance):
+            value = getattr(instance, name)
+            return self.get_rich_choice(value) if value else None
+        
+        setattr(cls, f'get_{name}_rich_choice', get_rich_choice_method)
+        
+        # Add get_FOO_display method (Django provides this, but we enhance it)
+        def get_display_method(instance):
+            value = getattr(instance, name)
+            return self.get_choice_display(value) if value else ''
+        
+        setattr(cls, f'get_{name}_display', get_display_method)
+    
+    def deconstruct(self):
+        """Support for Django migrations"""
+        name, path, args, kwargs = super().deconstruct()
+        kwargs['choice_group'] = self.choice_group
+        kwargs['domain'] = self.domain
+        kwargs['allow_deprecated'] = self.allow_deprecated
+        return name, path, args, kwargs
+
+
+class RichChoiceFormField(ChoiceField):
+    """
+    Form field for rich choices with enhanced functionality.
+    """
+    
+    def __init__(
+        self,
+        choice_group: str,
+        domain: str = "core",
+        allow_deprecated: bool = False,
+        show_descriptions: bool = False,
+        **kwargs
+    ):
+        """
+        Initialize the form field.
+        
+        Args:
+            choice_group: Name of the choice group in the registry
+            domain: Domain namespace for the choice group
+            allow_deprecated: Whether to allow deprecated choices
+            show_descriptions: Whether to show descriptions in choice labels
+            **kwargs: Additional arguments passed to ChoiceField
+        """
+        self.choice_group = choice_group
+        self.domain = domain
+        self.allow_deprecated = allow_deprecated
+        self.show_descriptions = show_descriptions
+        
+        # Get choices from registry
+        if allow_deprecated:
+            choices_list = registry.get_choices(choice_group, domain)
+        else:
+            choices_list = registry.get_active_choices(choice_group, domain)
+        
+        # Format choices for display
+        choices = []
+        for choice in choices_list:
+            label = choice.label
+            if show_descriptions and choice.description:
+                label = f"{choice.label} - {choice.description}"
+            choices.append((choice.value, label))
+        
+        kwargs['choices'] = choices
+        super().__init__(**kwargs)
+    
+    def validate(self, value: Any) -> None:
+        """Validate the choice value"""
+        super().validate(value)
+        
+        if value is None or value == '':
+            return
+        
+        # Check if choice exists in registry
+        choice = registry.get_choice(self.choice_group, value, self.domain)
+        if choice is None:
+            raise ValidationError(
+                f"'{value}' is not a valid choice for {self.choice_group}"
+            )
+        
+        # Check if deprecated choices are allowed
+        if choice.deprecated and not self.allow_deprecated:
+            raise ValidationError(
+                f"'{value}' is deprecated and cannot be used"
+            )
+
+
+def create_rich_choice_field(
+    choice_group: str,
+    domain: str = "core",
+    max_length: int = 50,
+    allow_deprecated: bool = False,
+    **kwargs
+) -> RichChoiceField:
+    """
+    Factory function to create a RichChoiceField.
+    
+    This is useful for creating fields with consistent settings
+    across multiple models.
+    """
+    return RichChoiceField(
+        choice_group=choice_group,
+        domain=domain,
+        max_length=max_length,
+        allow_deprecated=allow_deprecated,
+        **kwargs
+    )

apps/core/choices/registry.py

@@ -0,0 +1,197 @@
+"""
+Choice Registry
+
+Centralized registry for managing all choice definitions across the application.
+"""
+
+from typing import Dict, List, Optional, Any
+from django.core.exceptions import ImproperlyConfigured
+from .base import RichChoice, ChoiceGroup
+
+
+class ChoiceRegistry:
+    """
+    Centralized registry for managing all choice definitions.
+    
+    This provides a single source of truth for all choice objects
+    throughout the application, with support for namespacing by domain.
+    """
+    
+    def __init__(self):
+        self._choices: Dict[str, ChoiceGroup] = {}
+        self._domains: Dict[str, List[str]] = {}
+    
+    def register(
+        self, 
+        name: str, 
+        choices: List[RichChoice], 
+        domain: str = "core",
+        description: str = "",
+        metadata: Optional[Dict[str, Any]] = None
+    ) -> ChoiceGroup:
+        """
+        Register a group of choices.
+        
+        Args:
+            name: Unique name for the choice group
+            choices: List of RichChoice objects
+            domain: Domain namespace (e.g., 'rides', 'parks', 'accounts')
+            description: Description of the choice group
+            metadata: Additional metadata for the group
+            
+        Returns:
+            The registered ChoiceGroup
+            
+        Raises:
+            ImproperlyConfigured: If name is already registered with different choices
+        """
+        full_name = f"{domain}.{name}"
+        
+        if full_name in self._choices:
+            # Check if the existing registration is identical
+            existing_group = self._choices[full_name]
+            existing_values = [choice.value for choice in existing_group.choices]
+            new_values = [choice.value for choice in choices]
+            
+            if existing_values == new_values:
+                # Same choices, return existing group (allow duplicate registration)
+                return existing_group
+            else:
+                # Different choices, this is an error
+                raise ImproperlyConfigured(
+                    f"Choice group '{full_name}' is already registered with different choices. "
+                    f"Existing: {existing_values}, New: {new_values}"
+                )
+        
+        choice_group = ChoiceGroup(
+            name=full_name,
+            choices=choices,
+            description=description,
+            metadata=metadata or {}
+        )
+        
+        self._choices[full_name] = choice_group
+        
+        # Track domain
+        if domain not in self._domains:
+            self._domains[domain] = []
+        self._domains[domain].append(name)
+        
+        return choice_group
+    
+    def get(self, name: str, domain: str = "core") -> Optional[ChoiceGroup]:
+        """Get a choice group by name and domain"""
+        full_name = f"{domain}.{name}"
+        return self._choices.get(full_name)
+    
+    def get_choice(self, group_name: str, value: str, domain: str = "core") -> Optional[RichChoice]:
+        """Get a specific choice by group name, value, and domain"""
+        choice_group = self.get(group_name, domain)
+        if choice_group:
+            return choice_group.get_choice(value)
+        return None
+    
+    def get_choices(self, name: str, domain: str = "core") -> List[RichChoice]:
+        """Get all choices in a group"""
+        choice_group = self.get(name, domain)
+        return choice_group.choices if choice_group else []
+    
+    def get_active_choices(self, name: str, domain: str = "core") -> List[RichChoice]:
+        """Get all non-deprecated choices in a group"""
+        choice_group = self.get(name, domain)
+        return choice_group.get_active_choices() if choice_group else []
+    
+    
+    def get_domains(self) -> List[str]:
+        """Get all registered domains"""
+        return list(self._domains.keys())
+    
+    def get_domain_choices(self, domain: str) -> Dict[str, ChoiceGroup]:
+        """Get all choice groups for a specific domain"""
+        if domain not in self._domains:
+            return {}
+        
+        return {
+            name: self._choices[f"{domain}.{name}"]
+            for name in self._domains[domain]
+        }
+    
+    def list_all(self) -> Dict[str, ChoiceGroup]:
+        """Get all registered choice groups"""
+        return self._choices.copy()
+    
+    def validate_choice(self, group_name: str, value: str, domain: str = "core") -> bool:
+        """Validate that a choice value exists in a group"""
+        choice = self.get_choice(group_name, value, domain)
+        return choice is not None and not choice.deprecated
+    
+    def get_choice_display(self, group_name: str, value: str, domain: str = "core") -> str:
+        """Get the display label for a choice value"""
+        choice = self.get_choice(group_name, value, domain)
+        if choice:
+            return choice.label
+        else:
+            raise ValueError(f"Choice value '{value}' not found in group '{group_name}' for domain '{domain}'")
+    
+    def clear_domain(self, domain: str) -> None:
+        """Clear all choices for a specific domain (useful for testing)"""
+        if domain in self._domains:
+            for name in self._domains[domain]:
+                full_name = f"{domain}.{name}"
+                if full_name in self._choices:
+                    del self._choices[full_name]
+            del self._domains[domain]
+    
+    def clear_all(self) -> None:
+        """Clear all registered choices (useful for testing)"""
+        self._choices.clear()
+        self._domains.clear()
+
+
+# Global registry instance
+registry = ChoiceRegistry()
+
+
+def register_choices(
+    name: str,
+    choices: List[RichChoice],
+    domain: str = "core",
+    description: str = "",
+    metadata: Optional[Dict[str, Any]] = None
+) -> ChoiceGroup:
+    """
+    Convenience function to register choices with the global registry.
+    
+    Args:
+        name: Unique name for the choice group
+        choices: List of RichChoice objects
+        domain: Domain namespace
+        description: Description of the choice group
+        metadata: Additional metadata for the group
+        
+    Returns:
+        The registered ChoiceGroup
+    """
+    return registry.register(name, choices, domain, description, metadata)
+
+
+def get_choices(name: str, domain: str = "core") -> List[RichChoice]:
+    """Get choices from the global registry"""
+    return registry.get_choices(name, domain)
+
+
+def get_choice(group_name: str, value: str, domain: str = "core") -> Optional[RichChoice]:
+    """Get a specific choice from the global registry"""
+    return registry.get_choice(group_name, value, domain)
+
+
+
+
+def validate_choice(group_name: str, value: str, domain: str = "core") -> bool:
+    """Validate a choice value using the global registry"""
+    return registry.validate_choice(group_name, value, domain)
+
+
+def get_choice_display(group_name: str, value: str, domain: str = "core") -> str:
+    """Get choice display label using the global registry"""
+    return registry.get_choice_display(group_name, value, domain)

apps/core/choices/serializers.py

@@ -0,0 +1,275 @@
+"""
+DRF Serializers for Rich Choices
+
+This module provides Django REST Framework serializer implementations
+for rich choice objects.
+"""
+
+from typing import Any, Dict, List
+from rest_framework import serializers
+from .base import RichChoice, ChoiceGroup
+from .registry import registry
+
+
+class RichChoiceSerializer(serializers.Serializer):
+    """
+    Serializer for individual RichChoice objects.
+    
+    This provides a consistent API representation for choice objects
+    with all their metadata.
+    """
+    value = serializers.CharField()
+    label = serializers.CharField()
+    description = serializers.CharField()
+    metadata = serializers.DictField()
+    deprecated = serializers.BooleanField()
+    category = serializers.CharField()
+    color = serializers.CharField(allow_null=True)
+    icon = serializers.CharField(allow_null=True)
+    css_class = serializers.CharField(allow_null=True)
+    sort_order = serializers.IntegerField()
+    
+    def to_representation(self, instance: RichChoice) -> Dict[str, Any]:
+        """Convert RichChoice to dictionary representation"""
+        return instance.to_dict()
+
+
+class RichChoiceOptionSerializer(serializers.Serializer):
+    """
+    Serializer for choice options in filter endpoints.
+    
+    This replaces the legacy FilterOptionSerializer with rich choice support.
+    """
+    value = serializers.CharField()
+    label = serializers.CharField()
+    description = serializers.CharField(allow_blank=True)
+    count = serializers.IntegerField(required=False, allow_null=True)
+    selected = serializers.BooleanField(default=False)
+    deprecated = serializers.BooleanField(default=False)
+    color = serializers.CharField(allow_null=True, required=False)
+    icon = serializers.CharField(allow_null=True, required=False)
+    css_class = serializers.CharField(allow_null=True, required=False)
+    metadata = serializers.DictField(required=False)
+    
+    def to_representation(self, instance) -> Dict[str, Any]:
+        """Convert choice option to dictionary representation"""
+        if isinstance(instance, RichChoice):
+            # Convert RichChoice to option format
+            return {
+                'value': instance.value,
+                'label': instance.label,
+                'description': instance.description,
+                'count': None,
+                'selected': False,
+                'deprecated': instance.deprecated,
+                'color': instance.color,
+                'icon': instance.icon,
+                'css_class': instance.css_class,
+                'metadata': instance.metadata,
+            }
+        elif isinstance(instance, dict):
+            # Handle dictionary input (for backwards compatibility)
+            return {
+                'value': instance.get('value', ''),
+                'label': instance.get('label', ''),
+                'description': instance.get('description', ''),
+                'count': instance.get('count'),
+                'selected': instance.get('selected', False),
+                'deprecated': instance.get('deprecated', False),
+                'color': instance.get('color'),
+                'icon': instance.get('icon'),
+                'css_class': instance.get('css_class'),
+                'metadata': instance.get('metadata', {}),
+            }
+        else:
+            return super().to_representation(instance)
+
+
+class ChoiceGroupSerializer(serializers.Serializer):
+    """
+    Serializer for ChoiceGroup objects.
+    
+    This provides API representation for entire choice groups
+    with all their choices and metadata.
+    """
+    name = serializers.CharField()
+    description = serializers.CharField()
+    metadata = serializers.DictField()
+    choices = RichChoiceSerializer(many=True)
+    
+    def to_representation(self, instance: ChoiceGroup) -> Dict[str, Any]:
+        """Convert ChoiceGroup to dictionary representation"""
+        return instance.to_dict()
+
+
+class RichChoiceFieldSerializer(serializers.CharField):
+    """
+    Serializer field for rich choice values.
+    
+    This field serializes the choice value but can optionally
+    include rich choice metadata in the response.
+    """
+    
+    def __init__(
+        self,
+        choice_group: str,
+        domain: str = "core",
+        include_metadata: bool = False,
+        **kwargs
+    ):
+        """
+        Initialize the serializer field.
+        
+        Args:
+            choice_group: Name of the choice group in the registry
+            domain: Domain namespace for the choice group
+            include_metadata: Whether to include rich choice metadata
+            **kwargs: Additional arguments passed to CharField
+        """
+        self.choice_group = choice_group
+        self.domain = domain
+        self.include_metadata = include_metadata
+        super().__init__(**kwargs)
+    
+    def to_representation(self, value: str) -> Any:
+        """Convert choice value to representation"""
+        if not value:
+            return value
+        
+        if self.include_metadata:
+            # Return rich choice object
+            choice = registry.get_choice(self.choice_group, value, self.domain)
+            if choice:
+                return RichChoiceSerializer(choice).data
+            else:
+                # Fallback for unknown values
+                return {
+                    'value': value,
+                    'label': value,
+                    'description': '',
+                    'metadata': {},
+                    'deprecated': False,
+                    'category': 'other',
+                    'color': None,
+                    'icon': None,
+                    'css_class': None,
+                    'sort_order': 0,
+                }
+        else:
+            # Return just the value
+            return value
+    
+    def to_internal_value(self, data: Any) -> str:
+        """Convert input data to choice value"""
+        if isinstance(data, dict) and 'value' in data:
+            # Handle rich choice object input
+            return data['value']
+        else:
+            # Handle string input
+            return super().to_internal_value(data)
+
+
+def create_choice_options_serializer(
+    choice_group: str,
+    domain: str = "core",
+    include_counts: bool = False,
+    queryset=None,
+    count_field: str = 'id'
+) -> List[Dict[str, Any]]:
+    """
+    Create choice options for filter endpoints.
+    
+    This function generates choice options with optional counts
+    for use in filter metadata endpoints.
+    
+    Args:
+        choice_group: Name of the choice group in the registry
+        domain: Domain namespace for the choice group
+        include_counts: Whether to include counts for each option
+        queryset: QuerySet to count against (required if include_counts=True)
+        count_field: Field to filter on for counting (default: 'id')
+        
+    Returns:
+        List of choice option dictionaries
+    """
+    choices = registry.get_active_choices(choice_group, domain)
+    options = []
+    
+    for choice in choices:
+        option_data = {
+            'value': choice.value,
+            'label': choice.label,
+            'description': choice.description,
+            'selected': False,
+            'deprecated': choice.deprecated,
+            'color': choice.color,
+            'icon': choice.icon,
+            'css_class': choice.css_class,
+            'metadata': choice.metadata,
+        }
+        
+        if include_counts and queryset is not None:
+            # Count items for this choice
+            try:
+                count = queryset.filter(**{count_field: choice.value}).count()
+                option_data['count'] = count
+            except Exception:
+                # If counting fails, set count to None
+                option_data['count'] = None
+        else:
+            option_data['count'] = None
+        
+        options.append(option_data)
+    
+    # Sort by sort_order, then by label
+    options.sort(key=lambda x: (
+        (lambda c: c.sort_order if (c is not None and hasattr(c, 'sort_order')) else 0)(
+            registry.get_choice(choice_group, x['value'], domain)
+        ),
+         x['label']
+     ))
+    
+    return options
+
+
+def serialize_choice_value(
+    value: str,
+    choice_group: str,
+    domain: str = "core",
+    include_metadata: bool = False
+) -> Any:
+    """
+    Serialize a single choice value.
+    
+    Args:
+        value: The choice value to serialize
+        choice_group: Name of the choice group in the registry
+        domain: Domain namespace for the choice group
+        include_metadata: Whether to include rich choice metadata
+        
+    Returns:
+        Serialized choice value (string or rich object)
+    """
+    if not value:
+        return value
+    
+    if include_metadata:
+        choice = registry.get_choice(choice_group, value, domain)
+        if choice:
+            return RichChoiceSerializer(choice).data
+        else:
+            # Fallback for unknown values
+            return {
+                'value': value,
+                'label': value,
+                'description': '',
+                'metadata': {},
+                'deprecated': False,
+                'category': 'other',
+                'color': None,
+                'icon': None,
+                'css_class': None,
+                'sort_order': 0,
+            }
+    else:
+        return value

apps/core/choices/utils.py

@@ -0,0 +1,318 @@
+"""
+Utility Functions for Rich Choices
+
+This module provides utility functions for working with rich choice objects.
+"""
+
+from typing import Any, Dict, List, Optional, Tuple
+from .base import RichChoice, ChoiceCategory
+from .registry import registry
+
+
+def validate_choice_value(
+    value: str,
+    choice_group: str,
+    domain: str = "core",
+    allow_deprecated: bool = False
+) -> bool:
+    """
+    Validate that a choice value is valid for a given choice group.
+    
+    Args:
+        value: The choice value to validate
+        choice_group: Name of the choice group in the registry
+        domain: Domain namespace for the choice group
+        allow_deprecated: Whether to allow deprecated choices
+        
+    Returns:
+        True if valid, False otherwise
+    """
+    if not value:
+        return True  # Allow empty values (handled by field's null/blank settings)
+    
+    choice = registry.get_choice(choice_group, value, domain)
+    if choice is None:
+        return False
+    
+    if choice.deprecated and not allow_deprecated:
+        return False
+    
+    return True
+
+
+def get_choice_display(
+    value: str,
+    choice_group: str,
+    domain: str = "core"
+) -> str:
+    """
+    Get the display label for a choice value.
+    
+    Args:
+        value: The choice value
+        choice_group: Name of the choice group in the registry
+        domain: Domain namespace for the choice group
+        
+    Returns:
+        Display label for the choice
+        
+    Raises:
+        ValueError: If the choice value is not found in the registry
+    """
+    if not value:
+        return ""
+    
+    choice = registry.get_choice(choice_group, value, domain)
+    if choice:
+        return choice.label
+    else:
+        raise ValueError(f"Choice value '{value}' not found in group '{choice_group}' for domain '{domain}'")
+
+
+
+
+def create_status_choices(
+    statuses: Dict[str, Dict[str, Any]],
+    category: ChoiceCategory = ChoiceCategory.STATUS
+) -> List[RichChoice]:
+    """
+    Create status choices with consistent color coding.
+    
+    Args:
+        statuses: Dictionary mapping status value to config dict
+        category: Choice category (defaults to STATUS)
+        
+    Returns:
+        List of RichChoice objects for statuses
+    """
+    choices = []
+    
+    for value, config in statuses.items():
+        metadata = config.get('metadata', {})
+        
+        # Add default status colors if not specified
+        if 'color' not in metadata:
+            if 'operating' in value.lower() or 'active' in value.lower():
+                metadata['color'] = 'green'
+            elif 'closed' in value.lower() or 'inactive' in value.lower():
+                metadata['color'] = 'red'
+            elif 'temp' in value.lower() or 'pending' in value.lower():
+                metadata['color'] = 'yellow'
+            elif 'construction' in value.lower():
+                metadata['color'] = 'blue'
+            else:
+                metadata['color'] = 'gray'
+        
+        choice = RichChoice(
+            value=value,
+            label=config['label'],
+            description=config.get('description', ''),
+            metadata=metadata,
+            deprecated=config.get('deprecated', False),
+            category=category
+        )
+        choices.append(choice)
+    
+    return choices
+
+
+def create_type_choices(
+    types: Dict[str, Dict[str, Any]],
+    category: ChoiceCategory = ChoiceCategory.TYPE
+) -> List[RichChoice]:
+    """
+    Create type/classification choices.
+    
+    Args:
+        types: Dictionary mapping type value to config dict
+        category: Choice category (defaults to TYPE)
+        
+    Returns:
+        List of RichChoice objects for types
+    """
+    choices = []
+    
+    for value, config in types.items():
+        choice = RichChoice(
+            value=value,
+            label=config['label'],
+            description=config.get('description', ''),
+            metadata=config.get('metadata', {}),
+            deprecated=config.get('deprecated', False),
+            category=category
+        )
+        choices.append(choice)
+    
+    return choices
+
+
+def merge_choice_metadata(
+    base_metadata: Dict[str, Any],
+    override_metadata: Dict[str, Any]
+) -> Dict[str, Any]:
+    """
+    Merge choice metadata dictionaries.
+    
+    Args:
+        base_metadata: Base metadata dictionary
+        override_metadata: Override metadata dictionary
+        
+    Returns:
+        Merged metadata dictionary
+    """
+    merged = base_metadata.copy()
+    merged.update(override_metadata)
+    return merged
+
+
+def filter_choices_by_category(
+    choices: List[RichChoice],
+    category: ChoiceCategory
+) -> List[RichChoice]:
+    """
+    Filter choices by category.
+    
+    Args:
+        choices: List of RichChoice objects
+        category: Category to filter by
+        
+    Returns:
+        Filtered list of choices
+    """
+    return [choice for choice in choices if choice.category == category]
+
+
+def sort_choices(
+    choices: List[RichChoice],
+    sort_by: str = "sort_order"
+) -> List[RichChoice]:
+    """
+    Sort choices by specified criteria.
+    
+    Args:
+        choices: List of RichChoice objects
+        sort_by: Sort criteria ("sort_order", "label", "value")
+        
+    Returns:
+        Sorted list of choices
+    """
+    if sort_by == "sort_order":
+        return sorted(choices, key=lambda x: (x.sort_order, x.label))
+    elif sort_by == "label":
+        return sorted(choices, key=lambda x: x.label)
+    elif sort_by == "value":
+        return sorted(choices, key=lambda x: x.value)
+    else:
+        return choices
+
+
+def get_choice_colors(
+    choice_group: str,
+    domain: str = "core"
+) -> Dict[str, str]:
+    """
+    Get a mapping of choice values to their colors.
+    
+    Args:
+        choice_group: Name of the choice group in the registry
+        domain: Domain namespace for the choice group
+        
+    Returns:
+        Dictionary mapping choice values to colors
+    """
+    choices = registry.get_choices(choice_group, domain)
+    return {
+        choice.value: choice.color
+        for choice in choices
+        if choice.color
+    }
+
+
+def validate_choice_group_data(
+    name: str,
+    choices: List[RichChoice],
+    domain: str = "core"
+) -> List[str]:
+    """
+    Validate choice group data and return list of errors.
+    
+    Args:
+        name: Choice group name
+        choices: List of RichChoice objects
+        domain: Domain namespace
+        
+    Returns:
+        List of validation error messages
+    """
+    errors = []
+    
+    if not name:
+        errors.append("Choice group name cannot be empty")
+    
+    if not choices:
+        errors.append("Choice group must contain at least one choice")
+        return errors
+    
+    # Check for duplicate values
+    values = [choice.value for choice in choices]
+    if len(values) != len(set(values)):
+        duplicates = [v for v in values if values.count(v) > 1]
+        errors.append(f"Duplicate choice values found: {', '.join(set(duplicates))}")
+    
+    # Validate individual choices
+    for i, choice in enumerate(choices):
+        try:
+            # This will trigger __post_init__ validation
+            RichChoice(
+                value=choice.value,
+                label=choice.label,
+                description=choice.description,
+                metadata=choice.metadata,
+                deprecated=choice.deprecated,
+                category=choice.category
+            )
+        except ValueError as e:
+            errors.append(f"Choice {i}: {str(e)}")
+    
+    return errors
+
+
+def create_choice_from_config(config: Dict[str, Any]) -> RichChoice:
+    """
+    Create a RichChoice from a configuration dictionary.
+    
+    Args:
+        config: Configuration dictionary with choice data
+        
+    Returns:
+        RichChoice object
+    """
+    return RichChoice(
+        value=config['value'],
+        label=config['label'],
+        description=config.get('description', ''),
+        metadata=config.get('metadata', {}),
+        deprecated=config.get('deprecated', False),
+        category=ChoiceCategory(config.get('category', 'other'))
+    )
+
+
+def export_choices_to_dict(
+    choice_group: str,
+    domain: str = "core"
+) -> Dict[str, Any]:
+    """
+    Export a choice group to a dictionary format.
+    
+    Args:
+        choice_group: Name of the choice group in the registry
+        domain: Domain namespace for the choice group
+        
+    Returns:
+        Dictionary representation of the choice group
+    """
+    group = registry.get(choice_group, domain)
+    if not group:
+        return {}
+    
+    return group.to_dict()

apps/core/management/commands/calculate_new_content.py

@@ -0,0 +1,217 @@
+"""
+Django management command to calculate new content.
+
+This replaces the Celery task for calculating new content.
+Run with: uv run manage.py calculate_new_content
+"""
+
+import logging
+from datetime import datetime, timedelta
+from typing import Dict, List, Any
+from django.core.management.base import BaseCommand, CommandError
+from django.utils import timezone
+from django.core.cache import cache
+from django.db.models import Q
+
+from apps.parks.models import Park
+from apps.rides.models import Ride
+
+logger = logging.getLogger(__name__)
+
+
+class Command(BaseCommand):
+    help = "Calculate new content and cache results"
+
+    def add_arguments(self, parser):
+        parser.add_argument(
+            "--content-type",
+            type=str,
+            default="all",
+            choices=["all", "parks", "rides"],
+            help="Type of content to calculate (default: all)",
+        )
+        parser.add_argument(
+            "--days-back",
+            type=int,
+            default=30,
+            help="Number of days to look back for new content (default: 30)",
+        )
+        parser.add_argument(
+            "--limit",
+            type=int,
+            default=50,
+            help="Maximum number of results to calculate (default: 50)",
+        )
+        parser.add_argument(
+            "--verbose", action="store_true", help="Enable verbose output"
+        )
+
+    def handle(self, *args, **options):
+        content_type = options["content_type"]
+        days_back = options["days_back"]
+        limit = options["limit"]
+        verbose = options["verbose"]
+
+        if verbose:
+            self.stdout.write(f"Starting new content calculation for {content_type}")
+
+        try:
+            cutoff_date = timezone.now() - timedelta(days=days_back)
+            new_items = []
+
+            if content_type in ["all", "parks"]:
+                parks = self._get_new_parks(
+                    cutoff_date, limit if content_type == "parks" else limit * 2
+                )
+                new_items.extend(parks)
+                if verbose:
+                    self.stdout.write(f"Found {len(parks)} new parks")
+
+            if content_type in ["all", "rides"]:
+                rides = self._get_new_rides(
+                    cutoff_date, limit if content_type == "rides" else limit * 2
+                )
+                new_items.extend(rides)
+                if verbose:
+                    self.stdout.write(f"Found {len(rides)} new rides")
+
+            # Sort by date added (most recent first) and apply limit
+            new_items.sort(key=lambda x: x.get("date_added", ""), reverse=True)
+            new_items = new_items[:limit]
+
+            # Format results for API consumption
+            formatted_results = self._format_new_content_results(new_items)
+
+            # Cache results
+            cache_key = f"new_content:calculated:{content_type}:{days_back}:{limit}"
+            cache.set(cache_key, formatted_results, 1800)  # Cache for 30 minutes
+
+            self.stdout.write(
+                self.style.SUCCESS(
+                    f"Successfully calculated {len(formatted_results)} new items for {content_type}"
+                )
+            )
+
+            if verbose:
+                for item in formatted_results[:5]:  # Show first 5 items
+                    self.stdout.write(
+                        f"  {item['name']} ({item['park']}) - opened: {item['date_opened']}"
+                    )
+
+        except Exception as e:
+            logger.error(f"Error calculating new content: {e}", exc_info=True)
+            raise CommandError(f"Failed to calculate new content: {e}")
+
+    def _get_new_parks(self, cutoff_date: datetime, limit: int) -> List[Dict[str, Any]]:
+        """Get recently added parks using real data."""
+        new_parks = (
+            Park.objects.filter(
+                Q(created_at__gte=cutoff_date)
+                | Q(opening_date__gte=cutoff_date.date()),
+                status="OPERATING",
+            )
+            .select_related("location", "operator")
+            .order_by("-created_at", "-opening_date")[:limit]
+        )
+
+        results = []
+        for park in new_parks:
+            date_added = park.opening_date or park.created_at
+            if date_added:
+                if isinstance(date_added, datetime):
+                    date_added = date_added.date()
+
+            opening_date = getattr(park, "opening_date", None)
+            if opening_date and isinstance(opening_date, datetime):
+                opening_date = opening_date.date()
+
+            results.append(
+                {
+                    "content_object": park,
+                    "content_type": "park",
+                    "id": park.pk,
+                    "name": park.name,
+                    "slug": park.slug,
+                    "park": park.name,  # For parks, park field is the park name itself
+                    "category": "park",
+                    "date_added": date_added.isoformat() if date_added else "",
+                    "date_opened": opening_date.isoformat() if opening_date else "",
+                    "url": park.url,
+                }
+            )
+
+        return results
+
+    def _get_new_rides(self, cutoff_date: datetime, limit: int) -> List[Dict[str, Any]]:
+        """Get recently added rides using real data."""
+        new_rides = (
+            Ride.objects.filter(
+                Q(created_at__gte=cutoff_date)
+                | Q(opening_date__gte=cutoff_date.date()),
+                status="OPERATING",
+            )
+            .select_related("park", "park__location")
+            .order_by("-created_at", "-opening_date")[:limit]
+        )
+
+        results = []
+        for ride in new_rides:
+            date_added = getattr(ride, "opening_date", None) or getattr(
+                ride, "created_at", None
+            )
+            if date_added:
+                if isinstance(date_added, datetime):
+                    date_added = date_added.date()
+
+            opening_date = getattr(ride, "opening_date", None)
+            if opening_date and isinstance(opening_date, datetime):
+                opening_date = opening_date.date()
+
+            results.append(
+                {
+                    "content_object": ride,
+                    "content_type": "ride",
+                    "id": ride.pk,
+                    "name": ride.name,
+                    "slug": ride.slug,
+                    "park": ride.park.name if ride.park else "",
+                    "category": "ride",
+                    "date_added": date_added.isoformat() if date_added else "",
+                    "date_opened": opening_date.isoformat() if opening_date else "",
+                    "url": ride.url,
+                    "park_url": ride.park.url if ride.park else "",
+                }
+            )
+
+        return results
+
+    def _format_new_content_results(
+        self, new_items: List[Dict[str, Any]]
+    ) -> List[Dict[str, Any]]:
+        """Format new content results for frontend consumption."""
+        formatted_results = []
+
+        for item in new_items:
+            try:
+                # Format exactly as frontend expects
+                formatted_item = {
+                    "id": item["id"],
+                    "name": item["name"],
+                    "park": item["park"],
+                    "category": item["category"],
+                    "date_added": item["date_added"],
+                    "date_opened": item["date_opened"],
+                    "slug": item["slug"],
+                    "url": item["url"],
+                }
+
+                # Add park_url for rides
+                if item.get("park_url"):
+                    formatted_item["park_url"] = item["park_url"]
+
+                formatted_results.append(formatted_item)
+
+            except Exception as e:
+                logger.warning(f"Error formatting new content item: {e}")
+
+        return formatted_results

apps/core/management/commands/calculate_trending.py

@@ -0,0 +1,391 @@
+"""
+Django management command to calculate trending content.
+
+This replaces the Celery task for calculating trending content.
+Run with: uv run manage.py calculate_trending
+"""
+
+import logging
+from typing import Dict, List, Any
+from django.core.management.base import BaseCommand, CommandError
+from django.utils import timezone
+from django.core.cache import cache
+from django.contrib.contenttypes.models import ContentType
+
+from apps.core.analytics import PageView
+from apps.parks.models import Park
+from apps.rides.models import Ride
+
+logger = logging.getLogger(__name__)
+
+
+class Command(BaseCommand):
+    help = "Calculate trending content and cache results"
+
+    def add_arguments(self, parser):
+        parser.add_argument(
+            "--content-type",
+            type=str,
+            default="all",
+            choices=["all", "parks", "rides"],
+            help="Type of content to calculate (default: all)",
+        )
+        parser.add_argument(
+            "--limit",
+            type=int,
+            default=50,
+            help="Maximum number of results to calculate (default: 50)",
+        )
+        parser.add_argument(
+            "--verbose", action="store_true", help="Enable verbose output"
+        )
+
+    def handle(self, *args, **options):
+        content_type = options["content_type"]
+        limit = options["limit"]
+        verbose = options["verbose"]
+
+        if verbose:
+            self.stdout.write(f"Starting trending calculation for {content_type}")
+
+        try:
+            # Time windows for calculations
+            current_period_hours = 168  # 7 days
+            # 14 days (for previous 7-day window comparison)
+            previous_period_hours = 336
+
+            trending_items = []
+
+            if content_type in ["all", "parks"]:
+                park_items = self._calculate_trending_parks(
+                    current_period_hours,
+                    previous_period_hours,
+                    limit if content_type == "parks" else limit * 2,
+                )
+                trending_items.extend(park_items)
+                if verbose:
+                    self.stdout.write(f"Calculated {len(park_items)} trending parks")
+
+            if content_type in ["all", "rides"]:
+                ride_items = self._calculate_trending_rides(
+                    current_period_hours,
+                    previous_period_hours,
+                    limit if content_type == "rides" else limit * 2,
+                )
+                trending_items.extend(ride_items)
+                if verbose:
+                    self.stdout.write(f"Calculated {len(ride_items)} trending rides")
+
+            # Sort by trending score and apply limit
+            trending_items.sort(key=lambda x: x.get("trending_score", 0), reverse=True)
+            trending_items = trending_items[:limit]
+
+            # Format results for API consumption
+            formatted_results = self._format_trending_results(
+                trending_items, current_period_hours, previous_period_hours
+            )
+
+            # Cache results
+            cache_key = f"trending:calculated:{content_type}:{limit}"
+            cache.set(cache_key, formatted_results, 3600)  # Cache for 1 hour
+
+            self.stdout.write(
+                self.style.SUCCESS(
+                    f"Successfully calculated {len(formatted_results)} trending items for {content_type}"
+                )
+            )
+
+            if verbose:
+                for item in formatted_results[:5]:  # Show first 5 items
+                    self.stdout.write(
+                        f"  {item['name']} (score: {item.get('views_change', 'N/A')})"
+                    )
+
+        except Exception as e:
+            logger.error(f"Error calculating trending content: {e}", exc_info=True)
+            raise CommandError(f"Failed to calculate trending content: {e}")
+
+    def _calculate_trending_parks(
+        self, current_period_hours: int, previous_period_hours: int, limit: int
+    ) -> List[Dict[str, Any]]:
+        """Calculate trending scores for parks using real data."""
+        parks = Park.objects.filter(status="OPERATING").select_related(
+            "location", "operator"
+        )
+
+        trending_parks = []
+
+        for park in parks:
+            try:
+                score = self._calculate_content_score(
+                    park, "park", current_period_hours, previous_period_hours
+                )
+                if score > 0:  # Only include items with positive trending scores
+                    trending_parks.append(
+                        {
+                            "content_object": park,
+                            "content_type": "park",
+                            "trending_score": score,
+                            "id": park.id,
+                            "name": park.name,
+                            "slug": park.slug,
+                            "park": park.name,  # For parks, park field is the park name itself
+                            "category": "park",
+                            "rating": (
+                                float(park.average_rating)
+                                if park.average_rating
+                                else 0.0
+                            ),
+                            "date_opened": (
+                                park.opening_date.isoformat()
+                                if park.opening_date
+                                else ""
+                            ),
+                            "url": park.url,
+                        }
+                    )
+            except Exception as e:
+                logger.warning(f"Error calculating score for park {park.id}: {e}")
+
+        return trending_parks
+
+    def _calculate_trending_rides(
+        self, current_period_hours: int, previous_period_hours: int, limit: int
+    ) -> List[Dict[str, Any]]:
+        """Calculate trending scores for rides using real data."""
+        rides = Ride.objects.filter(status="OPERATING").select_related(
+            "park", "park__location"
+        )
+
+        trending_rides = []
+
+        for ride in rides:
+            try:
+                score = self._calculate_content_score(
+                    ride, "ride", current_period_hours, previous_period_hours
+                )
+                if score > 0:  # Only include items with positive trending scores
+                    trending_rides.append(
+                        {
+                            "content_object": ride,
+                            "content_type": "ride",
+                            "trending_score": score,
+                            "id": ride.pk,
+                            "name": ride.name,
+                            "slug": ride.slug,
+                            "park": ride.park.name if ride.park else "",
+                            "category": "ride",
+                            "rating": (
+                                float(ride.average_rating)
+                                if ride.average_rating
+                                else 0.0
+                            ),
+                            "date_opened": (
+                                ride.opening_date.isoformat()
+                                if ride.opening_date
+                                else ""
+                            ),
+                            "url": ride.url,
+                            "park_url": ride.park.url if ride.park else "",
+                        }
+                    )
+            except Exception as e:
+                logger.warning(f"Error calculating score for ride {ride.pk}: {e}")
+
+        return trending_rides
+
+    def _calculate_content_score(
+        self,
+        content_obj: Any,
+        content_type: str,
+        current_period_hours: int,
+        previous_period_hours: int,
+    ) -> float:
+        """Calculate weighted trending score for content object using real analytics data."""
+        try:
+            # Get content type for PageView queries
+            ct = ContentType.objects.get_for_model(content_obj)
+
+            # 1. View Growth Score (40% weight)
+            view_growth_score = self._calculate_view_growth_score(
+                ct, content_obj.id, current_period_hours, previous_period_hours
+            )
+
+            # 2. Rating Score (30% weight)
+            rating_score = self._calculate_rating_score(content_obj)
+
+            # 3. Recency Score (20% weight)
+            recency_score = self._calculate_recency_score(content_obj)
+
+            # 4. Popularity Score (10% weight)
+            popularity_score = self._calculate_popularity_score(
+                ct, content_obj.id, current_period_hours
+            )
+
+            # Calculate weighted final score
+            final_score = (
+                view_growth_score * 0.4
+                + rating_score * 0.3
+                + recency_score * 0.2
+                + popularity_score * 0.1
+            )
+
+            return final_score
+
+        except Exception as e:
+            logger.error(
+                f"Error calculating score for {content_type} {content_obj.id}: {e}"
+            )
+            return 0.0
+
+    def _calculate_view_growth_score(
+        self,
+        content_type: ContentType,
+        object_id: int,
+        current_period_hours: int,
+        previous_period_hours: int,
+    ) -> float:
+        """Calculate normalized view growth score using real PageView data."""
+        try:
+            current_views, previous_views, growth_percentage = (
+                PageView.get_views_growth(
+                    content_type,
+                    object_id,
+                    current_period_hours,
+                    previous_period_hours,
+                )
+            )
+
+            if previous_views == 0:
+                # New content with views gets boost
+                return min(current_views / 100.0, 1.0) if current_views > 0 else 0.0
+
+            # Normalize growth percentage to 0-1 scale
+            normalized_growth = (
+                min(growth_percentage / 500.0, 1.0) if growth_percentage > 0 else 0.0
+            )
+            return max(normalized_growth, 0.0)
+
+        except Exception as e:
+            logger.warning(f"Error calculating view growth: {e}")
+            return 0.0
+
+    def _calculate_rating_score(self, content_obj: Any) -> float:
+        """Calculate normalized rating score."""
+        try:
+            rating = getattr(content_obj, "average_rating", None)
+            if rating is None or rating == 0:
+                return 0.3  # Neutral score for unrated content
+
+            # Normalize rating from 1-10 scale to 0-1 scale
+            return min(max((float(rating) - 1) / 9.0, 0.0), 1.0)
+
+        except Exception as e:
+            logger.warning(f"Error calculating rating score: {e}")
+            return 0.3
+
+    def _calculate_recency_score(self, content_obj: Any) -> float:
+        """Calculate recency score based on when content was added/updated."""
+        try:
+            # Use opening_date for parks/rides, or created_at as fallback
+            date_added = getattr(content_obj, "opening_date", None)
+            if not date_added:
+                date_added = getattr(content_obj, "created_at", None)
+            if not date_added:
+                return 0.5  # Neutral score for unknown dates
+
+            # Handle both date and datetime objects
+            if hasattr(date_added, "date"):
+                date_added = date_added.date()
+
+            # Calculate days since added
+            today = timezone.now().date()
+            days_since_added = (today - date_added).days
+
+            # Recency score: newer content gets higher scores
+            if days_since_added <= 0:
+                return 1.0
+            elif days_since_added <= 30:
+                return 1.0 - (days_since_added / 30.0) * 0.2  # 1.0 to 0.8
+            elif days_since_added <= 365:
+                return 0.8 - ((days_since_added - 30) / (365 - 30)) * 0.7  # 0.8 to 0.1
+            else:
+                return 0.0
+
+        except Exception as e:
+            logger.warning(f"Error calculating recency score: {e}")
+            return 0.5
+
+    def _calculate_popularity_score(
+        self, content_type: ContentType, object_id: int, hours: int
+    ) -> float:
+        """Calculate popularity score based on total view count."""
+        try:
+            total_views = PageView.get_total_views_count(
+                content_type, object_id, hours=hours
+            )
+
+            # Normalize views to 0-1 scale
+            if total_views == 0:
+                return 0.0
+            elif total_views <= 100:
+                return total_views / 200.0  # 0.0 to 0.5
+            else:
+                return min(0.5 + (total_views - 100) / 1800.0, 1.0)  # 0.5 to 1.0
+
+        except Exception as e:
+            logger.warning(f"Error calculating popularity score: {e}")
+            return 0.0
+
+    def _format_trending_results(
+        self,
+        trending_items: List[Dict[str, Any]],
+        current_period_hours: int,
+        previous_period_hours: int,
+    ) -> List[Dict[str, Any]]:
+        """Format trending results for frontend consumption."""
+        formatted_results = []
+
+        for rank, item in enumerate(trending_items, 1):
+            try:
+                # Get view change for display
+                content_obj = item["content_object"]
+                ct = ContentType.objects.get_for_model(content_obj)
+                current_views, previous_views, growth_percentage = (
+                    PageView.get_views_growth(
+                        ct,
+                        content_obj.id,
+                        current_period_hours,
+                        previous_period_hours,
+                    )
+                )
+
+                # Format exactly as frontend expects
+                formatted_item = {
+                    "id": item["id"],
+                    "name": item["name"],
+                    "park": item["park"],
+                    "category": item["category"],
+                    "rating": item["rating"],
+                    "rank": rank,
+                    "views": current_views,
+                    "views_change": (
+                        f"+{growth_percentage:.1f}%"
+                        if growth_percentage > 0
+                        else f"{growth_percentage:.1f}%"
+                    ),
+                    "slug": item["slug"],
+                    "date_opened": item["date_opened"],
+                    "url": item["url"],
+                }
+
+                # Add park_url for rides
+                if item.get("park_url"):
+                    formatted_item["park_url"] = item["park_url"]
+
+                formatted_results.append(formatted_item)
+
+            except Exception as e:
+                logger.warning(f"Error formatting trending item: {e}")
+
+        return formatted_results

apps/core/management/commands/rundev.py

@@ -54,7 +54,7 @@ class Command(BaseCommand):
             )
 
         # Determine which server command to use
-        server_command = self.get_server_command(options)
+        self.get_server_command(options)
 
         # Start the server
         self.stdout.write("")

apps/core/management/commands/setup_dev.py

@@ -94,7 +94,7 @@ class Command(BaseCommand):
         try:
             # Check if migrations are up to date
             result = subprocess.run(
-                [sys.executable, "manage.py", "migrate", "--check"],
+                ["uv", "run", "manage.py", "migrate", "--check"],
                 capture_output=True,
                 text=True,
             )
@@ -106,7 +106,7 @@ class Command(BaseCommand):
             else:
                 self.stdout.write("🔄 Running database migrations...")
                 subprocess.run(
-                    [sys.executable, "manage.py", "migrate", "--noinput"], check=True
+                    ["uv", "run", "manage.py", "migrate", "--noinput"], check=True
                 )
                 self.stdout.write(
                     self.style.SUCCESS("✅ Database migrations completed")
@@ -123,7 +123,7 @@ class Command(BaseCommand):
 
         try:
             subprocess.run(
-                [sys.executable, "manage.py", "seed_sample_data"], check=True
+                ["uv", "run", "manage.py", "seed_sample_data"], check=True
             )
             self.stdout.write(self.style.SUCCESS("✅ Sample data seeded"))
         except subprocess.CalledProcessError:
@@ -163,7 +163,7 @@ class Command(BaseCommand):
 
         try:
             subprocess.run(
-                [sys.executable, "manage.py", "collectstatic", "--noinput", "--clear"],
+                ["uv", "run", "manage.py", "collectstatic", "--noinput", "--clear"],
                 check=True,
             )
             self.stdout.write(self.style.SUCCESS("✅ Static files collected"))
@@ -182,7 +182,7 @@ class Command(BaseCommand):
 
             # Build Tailwind CSS
             subprocess.run(
-                [sys.executable, "manage.py", "tailwind", "build"], check=True
+                ["uv", "run", "manage.py", "tailwind", "build"], check=True
             )
             self.stdout.write(self.style.SUCCESS("✅ Tailwind CSS built"))
 
@@ -198,7 +198,7 @@ class Command(BaseCommand):
         self.stdout.write("🔍 Running system checks...")
 
         try:
-            subprocess.run([sys.executable, "manage.py", "check"], check=True)
+            subprocess.run(["uv", "run", "manage.py", "check"], check=True)
             self.stdout.write(self.style.SUCCESS("✅ System checks passed"))
         except subprocess.CalledProcessError:
             self.stdout.write(
@@ -220,5 +220,5 @@ class Command(BaseCommand):
         self.stdout.write("  - API Documentation: http://localhost:8000/api/docs/")
         self.stdout.write("")
         self.stdout.write("🌟 Ready to start development server with:")
-        self.stdout.write("   python manage.py runserver")
+        self.stdout.write("   uv run manage.py runserver_plus")
         self.stdout.write("")

apps/core/management/commands/test_trending.py

@@ -266,13 +266,13 @@ class Command(BaseCommand):
         trending_parks = trending_service.get_trending_content(
             content_type="parks", limit=3
         )
-        trending_rides = trending_service.get_trending_content(
+        trending_service.get_trending_content(
             content_type="rides", limit=3
         )
 
         # Test new content format
         new_parks = trending_service.get_new_content(content_type="parks", limit=3)
-        new_rides = trending_service.get_new_content(content_type="rides", limit=3)
+        trending_service.get_new_content(content_type="rides", limit=3)
 
         # Verify trending data structure
         if trending_parks: