Refined network configuration and login UI

The login screen now labels the server input as "Server-Domain", and the network provider has been updated to automatically prepend the HTTPS protocol. The database version has been incremented, and a network security configuration has been added to allow user certificates for debugging. Additionally, the encrypted shared preferences storage name was updated.

.gitignore

@@ -1,10 +1,36 @@
+# Build artifacts
+bin/
+gen/
+out/
+build/
+app/build/
+
+# Kotlin / Java
 *.iml
-.gradle
+*.ipr
-/local.properties
+*.iws
-/.idea
+.idea/
-.DS_Store
+.gradle/
-/build
-/captures
-.externalNativeBuild
-.cxx
 local.properties
+
+# Android Studio
+captures/
+.externalNativeBuild/
+.cxx/
+.navigation/
+
+# Keys & Secrets
+*.jks
+*.keystore
+*.p12
+google-services.json
+
+# OS generated files
+.DS_Store
+Thumbs.db
+
+# Log files
+*.log
+
+# Bundle/Release
+/app/release/

LICENSE

@@ -0,0 +1,121 @@
+Creative Commons Legal Code
+
+CC0 1.0 Universal
+
+    CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE
+    LEGAL SERVICES. DISTRIBUTION OF THIS DOCUMENT DOES NOT CREATE AN
+    ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS
+    INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES
+    REGARDING THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS
+    PROVIDED HEREUNDER, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM
+    THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS PROVIDED
+    HEREUNDER.
+
+Statement of Purpose
+
+The laws of most jurisdictions throughout the world automatically confer
+exclusive Copyright and Related Rights (defined below) upon the creator
+and subsequent owner(s) (each and all, an "owner") of an original work of
+authorship and/or a database (each, a "Work").
+
+Certain owners wish to permanently relinquish those rights to a Work for
+the purpose of contributing to a commons of creative, cultural and
+scientific works ("Commons") that the public can reliably and without fear
+of later claims of infringement build upon, modify, incorporate in other
+works, reuse and redistribute as freely as possible in any form whatsoever
+and for any purposes, including without limitation commercial purposes.
+These owners may contribute to the Commons to promote the ideal of a free
+culture and the further production of creative, cultural and scientific
+works, or to gain reputation or greater distribution for their Work in
+part through the use and efforts of others.
+
+For these and/or other purposes and motivations, and without any
+expectation of additional consideration or compensation, the person
+associating CC0 with a Work (the "Affirmer"), to the extent that he or she
+is an owner of Copyright and Related Rights in the Work, voluntarily
+elects to apply CC0 to the Work and publicly distribute the Work under its
+terms, with knowledge of his or her Copyright and Related Rights in the
+Work and the meaning and intended legal effect of CC0 on those rights.
+
+1. Copyright and Related Rights. A Work made available under CC0 may be
+protected by copyright and related or neighboring rights ("Copyright and
+Related Rights"). Copyright and Related Rights include, but are not
+limited to, the following:
+
+  i. the right to reproduce, adapt, distribute, perform, display,
+     communicate, and translate a Work;
+ ii. moral rights retained by the original author(s) and/or performer(s);
+iii. publicity and privacy rights pertaining to a person's image or
+     likeness depicted in a Work;
+ iv. rights protecting against unfair competition in regards to a Work,
+     subject to the limitations in paragraph 4(a), below;
+  v. rights protecting the extraction, dissemination, use and reuse of data
+     in a Work;
+ vi. database rights (such as those arising under Directive 96/9/EC of the
+     European Parliament and of the Council of 11 March 1996 on the legal
+     protection of databases, and under any national implementation
+     thereof, including any amended or successor version of such
+     directive); and
+vii. other similar, equivalent or corresponding rights throughout the
+     world based on applicable law or treaty, and any national
+     implementations thereof.
+
+2. Waiver. To the greatest extent permitted by, but not in contravention
+of, applicable law, Affirmer hereby overtly, fully, permanently,
+irrevocably and unconditionally waives, abandons, and surrenders all of
+Affirmer's Copyright and Related Rights and associated claims and causes
+of action, whether now known or unknown (including existing as well as
+future claims and causes of action), in the Work (i) in all territories
+worldwide, (ii) for the maximum duration provided by applicable law or
+treaty (including future time extensions), (iii) in any current or future
+medium and for any number of copies, and (iv) for any purpose whatsoever,
+including without limitation commercial, advertising or promotional
+purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each
+member of the public at large and to the detriment of Affirmer's heirs and
+successors, fully intending that such Waiver shall not be subject to
+revocation, rescission, cancellation, termination, or any other legal or
+equitable action to disrupt the quiet enjoyment of the Work by the public
+as contemplated by Affirmer's express Statement of Purpose.
+
+3. Public License Fallback. Should any part of the Waiver for any reason
+be judged legally invalid or ineffective under applicable law, then the
+Waiver shall be preserved to the maximum extent permitted taking into
+account Affirmer's express Statement of Purpose. In addition, to the
+extent the Waiver is so judged Affirmer hereby grants to each affected
+person a royalty-free, non transferable, non sublicensable, non exclusive,
+irrevocable and unconditional license to exercise Affirmer's Copyright and
+Related Rights in the Work (i) in all territories worldwide, (ii) for the
+maximum duration provided by applicable law or treaty (including future
+time extensions), (iii) in any current or future medium and for any number
+of copies, and (iv) for any purpose whatsoever, including without
+limitation commercial, advertising or promotional purposes (the
+"License"). The License shall be deemed effective as of the date CC0 was
+applied by Affirmer to the Work. Should any part of the License for any
+reason be judged legally invalid or ineffective under applicable law, such
+partial invalidity or ineffectiveness shall not invalidate the remainder
+of the License, and in such case Affirmer hereby affirms that he or she
+will not (i) exercise any of his or her remaining Copyright and Related
+Rights in the Work or (ii) assert any associated claims and causes of
+action with respect to the Work, in either case contrary to Affirmer's
+express Statement of Purpose.
+
+4. Limitations and Disclaimers.
+
+ a. No trademark or patent rights held by Affirmer are waived, abandoned,
+    surrendered, licensed or otherwise affected by this document.
+ b. Affirmer offers the Work as-is and makes no representations or
+    warranties of any kind concerning the Work, express, implied,
+    statutory or otherwise, including without limitation warranties of
+    title, merchantability, fitness for a particular purpose, non
+    infringement, or the absence of latent or other defects, accuracy, or
+    the present or absence of errors, whether or not discoverable, all to
+    the greatest extent permissible under applicable law.
+ c. Affirmer disclaims responsibility for clearing rights of other persons
+    that may apply to the Work or any use thereof, including without
+    limitation any person's Copyright and Related Rights in the Work.
+    Further, Affirmer disclaims responsibility for obtaining any necessary
+    consents, permissions or other rights required for any use of the
+    Work.
+ d. Affirmer understands and acknowledges that Creative Commons is not a
+    party to this document and has no duty or obligation with respect to
+    this CC0 or use of the Work.

README.md

@@ -0,0 +1,20 @@
+# ShAp-Planner
+
+ShAp-Planner is a **self-hosted app** for managing finances, tasks, and data within shared households.  
+The app is fully open source, lightweight, and can run on small devices like Raspberry Pi or older computers.
+
+**[Backend](https://git.miaurizius.de/MiauRizius/shap-planner-backend):** Go  
+**[Frontend](https://git.miaurizius.de/MiauRizius/shap-planner-android):** Android (Kotlin)  
+**[License](https://git.miaurizius.de/MiauRizius/shap-planner-android/src/branch/main/LICENSE):** [CC0 1.0](https://creativecommons.org/publicdomain/zero/1.0/)
+
+---
+
+## Installation
+
+You can either build the app from source or download the apk _(will be available soon)_
+
+---
+
+## License
+
+This work is marked <a href="https://creativecommons.org/publicdomain/zero/1.0/">CC0 1.0</a>

app/.gitignore

@@ -1 +0,0 @@
-/build

app/build.gradle.kts

@@ -65,4 +65,12 @@ dependencies {
     val room_version = "2.8.4"
     implementation("androidx.room:room-runtime:$room_version")
     ksp("androidx.room:room-compiler:$room_version")
+
+    // Retrofit + Gson
+    implementation("com.squareup.retrofit2:retrofit:2.9.0")
+    implementation("com.squareup.retrofit2:converter-gson:2.9.0")
+    // OkHttp logging (debug)
+    implementation("com.squareup.okhttp3:logging-interceptor:4.9.3")
+    // AndroidX Security (EncryptedSharedPreferences)
+    implementation("androidx.security:security-crypto:1.1.0-alpha03")
 }

app/src/main/AndroidManifest.xml

@@ -1,7 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
-<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+<manifest xmlns:android="http://schemas.android.com/apk/res/android">
-    xmlns:tools="http://schemas.android.com/tools">
+    <uses-permission android:name="android.permission.INTERNET" />
-
     <application
         android:allowBackup="true"
         android:dataExtractionRules="@xml/data_extraction_rules"
@@ -10,18 +9,16 @@
         android:label="@string/app_name"
         android:roundIcon="@mipmap/ic_launcher_round"
         android:supportsRtl="true"
+        android:networkSecurityConfig="@xml/network_security_config"
         android:theme="@style/Theme.ShapPlanner">
         <activity
             android:name=".activities.MainActivity"
             android:exported="true"
-            android:label="@string/app_name"
             android:theme="@style/Theme.ShapPlanner">
             <intent-filter>
                 <action android:name="android.intent.action.MAIN" />
-
                 <category android:name="android.intent.category.LAUNCHER" />
             </intent-filter>
         </activity>
     </application>
-
 </manifest>

app/src/main/java/de/miaurizius/shap_planner/TokenStorage.kt

@@ -0,0 +1,40 @@
+package de.miaurizius.shap_planner
+
+import android.content.Context
+import androidx.security.crypto.EncryptedSharedPreferences
+import androidx.security.crypto.MasterKey
+
+class TokenStorage(context: Context) {
+
+    private val masterKey = MasterKey.Builder(context)
+        .setKeyScheme(MasterKey.KeyScheme.AES256_GCM)
+        .build()
+
+    private val prefs = EncryptedSharedPreferences.create(
+        context,
+        "wg_token_prefs2",
+        masterKey,
+        EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,
+        EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM
+    )
+
+    fun saveTokens(accountId: String, accessToken: String, refreshToken: String) {
+//        println("Account ID: ${accountId}\nAToken: ${accessToken}\nRToken: ${refreshToken}")
+        prefs.edit()
+            .putString("access_$accountId", accessToken)
+            .putString("refresh_$accountId", refreshToken)
+            .apply()
+    }
+
+    fun getAccess(accountId: String): String? = prefs.getString("access_$accountId", null)
+    fun getRefresh(accountId: String): String? = prefs.getString("refresh_$accountId", null)
+
+    fun clearTokens(accountId: String) {
+        prefs.edit()
+            .remove("access_$accountId")
+            .remove("refresh_$accountId")
+            .apply()
+    }
+
+
+}

app/src/main/java/de/miaurizius/shap_planner/activities/MainActivity.kt

@@ -2,184 +2,63 @@ package de.miaurizius.shap_planner.activities
 
 import android.os.Bundle
 import androidx.activity.ComponentActivity
+import androidx.activity.compose.BackHandler
 import androidx.activity.compose.setContent
-import androidx.compose.foundation.background
-import androidx.compose.foundation.clickable
-import androidx.compose.foundation.layout.Arrangement
-import androidx.compose.foundation.layout.Box
-import androidx.compose.foundation.layout.Column
-import androidx.compose.foundation.layout.Row
-import androidx.compose.foundation.layout.Spacer
-import androidx.compose.foundation.layout.fillMaxSize
-import androidx.compose.foundation.layout.fillMaxWidth
-import androidx.compose.foundation.layout.height
-import androidx.compose.foundation.layout.padding
-import androidx.compose.foundation.layout.size
-import androidx.compose.foundation.layout.statusBarsPadding
-import androidx.compose.foundation.layout.width
-import androidx.compose.foundation.lazy.LazyColumn
-import androidx.compose.foundation.lazy.items
-import androidx.compose.foundation.shape.CircleShape
-import androidx.compose.material3.Button
-import androidx.compose.material3.Card
-import androidx.compose.material3.MaterialTheme
-import androidx.compose.material3.Text
-import androidx.compose.material3.TextField
-import androidx.compose.runtime.Composable
-import androidx.compose.runtime.LaunchedEffect
 import androidx.compose.runtime.collectAsState
 import androidx.compose.runtime.getValue
 import androidx.compose.runtime.mutableStateOf
 import androidx.compose.runtime.remember
-import androidx.compose.runtime.setValue
+import de.miaurizius.shap_planner.TokenStorage
-import androidx.compose.ui.Alignment
-import androidx.compose.ui.Modifier
-import androidx.compose.ui.graphics.Color
-import androidx.compose.ui.text.font.FontWeight
-import androidx.compose.ui.unit.dp
 import de.miaurizius.shap_planner.UserPreferences
-import de.miaurizius.shap_planner.entities.Account
 import de.miaurizius.shap_planner.room.AppDatabase
+import de.miaurizius.shap_planner.ui.AppContent
 import de.miaurizius.shap_planner.ui.theme.ShapPlannerTheme
 import de.miaurizius.shap_planner.viewmodels.LoginViewModel
 import de.miaurizius.shap_planner.viewmodels.MainViewModel
-import java.util.UUID
 
 class MainActivity : ComponentActivity() {
     override fun onCreate(savedInstanceState: Bundle?) {
         super.onCreate(savedInstanceState)
-//        enableEdgeToEdge()
 
         val prefs = UserPreferences(this)
-        val loginViewModel = LoginViewModel(prefs)
+        val loginViewModel = LoginViewModel(prefs, applicationContext)
-
         val database = AppDatabase.getDatabase(applicationContext)
         val dao = database.accountDao()
-        val mainViewModel = MainViewModel(dao)
+        val tokenStorage = TokenStorage(applicationContext)
+        val mainViewModel = MainViewModel(dao, tokenStorage)
+
 
         setContent {
             ShapPlannerTheme {
-                val isLoggedIn by loginViewModel.isLoggedIn.collectAsState()
                 val accountList by mainViewModel.accounts.collectAsState()
                 val selectedAccount = mainViewModel.selectedAccount
+                val showLoginForNewAccount = remember { mutableStateOf(false) }
+                val expenses by mainViewModel.expenses.collectAsState()
 
-                when {
+                BackHandler(enabled = showLoginForNewAccount.value && accountList.isNotEmpty()) {
-                    !isLoggedIn || accountList.isEmpty() -> {
+                    showLoginForNewAccount.value = false
-                        LoginScreen { userId ->
-                            val acc = Account(userId, "MiauRizius", "Pfadi-WG") //TODO: get data from backend
-                            mainViewModel.addAccount(acc)
-                            loginViewModel.login(acc.id.toString())
-                        }
                 }
 
-                    selectedAccount != null -> {
+                AppContent(
-                        DashboardScreen(
+                    accountList = accountList,
-                            account = selectedAccount,
+                    selectedAccount = selectedAccount,
-                            onBack = { mainViewModel.logoutFromAccount() }
+                    showLoginForNewAccount = showLoginForNewAccount.value,
-                        )
+                    onLogin = { server, user, pass ->
-                    }
+                        loginViewModel.login(server, user, pass, mainViewModel)
-
+                        showLoginForNewAccount.value = false
-                    else -> {
-                        AccountSelectionScreen(
-                            accounts = accountList,
-                            onAccountClick = { account ->
-                                mainViewModel.selectAccount(account)
                     },
-                            onAddAccountClick = {
+                    onSelectAccount = { mainViewModel.selectAccount(it) },
-                                loginViewModel.logout()
+                    onLogoutAccount = { mainViewModel.logoutFromAccount() },
-                            }
+                    onAddAccountClick = { showLoginForNewAccount.value = true },
+                    onDeleteAccount = { mainViewModel.deleteAccount(selectedAccount!!) },
+                    sessionState = mainViewModel.sessionState,
+                    onValidateSession = { mainViewModel.validateSession(selectedAccount!!) },
+                    onSessionInvalid = { mainViewModel.logoutFromAccount() },
+                    expenses = expenses,
+                    onExpenseClick = { expense -> println("Clicked: ${expense.title}") },
+                    viewModel = mainViewModel
                 )
             }
         }
     }
-        }
-    }
-}
-
-@Composable
-fun AccountSelectionScreen(accounts: List<Account>, onAccountClick: (Account) -> Unit, onAddAccountClick: () -> Unit) {
-    LazyColumn(
-        modifier = Modifier.fillMaxSize().padding(16.dp).statusBarsPadding(),
-        verticalArrangement = Arrangement.spacedBy(12.dp)
-    ) {
-        item {
-            Text("Wähle einen Account", style = MaterialTheme.typography.headlineSmall)
-        }
-
-        items(accounts) { account ->
-            Card(modifier = Modifier.fillMaxWidth().clickable{ onAccountClick(account) }) {
-                Row(modifier = Modifier.padding(16.dp), verticalAlignment = Alignment.CenterVertically) {
-                    Box(modifier = Modifier.size(40.dp).background(Color.Gray, shape = CircleShape))
-                    Spacer(modifier = Modifier.width(16.dp))
-                    Column {
-                        Text(text = account.name, fontWeight = FontWeight.Bold)
-                        Text(text = account.wgName, style = MaterialTheme.typography.bodyMedium)
-                    }
-                }
-            }
-        }
-        item {
-            Spacer(modifier = Modifier.height(8.dp))
-            Button(
-                onClick = onAddAccountClick,
-                modifier = Modifier.fillMaxWidth()
-            ) {
-                Text("Anderen Account hinzufügen")
-            }
-        }
-    }
-}
-
-@Composable
-fun LoginScreen(onLogin: (UUID) -> Unit) {
-    var userId by remember { mutableStateOf("") }
-
-    Column(modifier = Modifier.padding(16.dp).statusBarsPadding()) {
-        Text("Bitte anmelden")
-        Spacer(modifier = Modifier.height(8.dp))
-        TextField(
-            value = userId,
-            onValueChange = { userId = it },
-            label = { Text("User ID") }
-        )
-        Spacer(modifier = Modifier.height(8.dp))
-        Button(onClick = { if(userId.isNotEmpty()) onLogin(UUID.fromString(userId)) }) {
-            Text("Login")
-        }
-    }
-}
-
-@Composable
-fun DashboardScreen(account: Account, onBack: () -> Unit) {
-    Column(
-        modifier = Modifier
-            .fillMaxSize()
-            .padding(16.dp)
-            .statusBarsPadding()
-    ) {
-        Row(
-            modifier = Modifier.fillMaxWidth(),
-            horizontalArrangement = Arrangement.SpaceBetween,
-            verticalAlignment = Alignment.CenterVertically
-        ) {
-            Column {
-                Text(text = "Hallo, ${account.name}!", style = MaterialTheme.typography.headlineMedium)
-                Text(text = "WG: ${account.wgName}", style = MaterialTheme.typography.bodyLarge, color = Color.Gray)
-            }
-            Button(onClick = onBack) {
-                Text("Wechseln")
-            }
-        }
-
-        Spacer(modifier = Modifier.height(32.dp))
-
-        Box(
-            modifier = Modifier
-                .fillMaxSize()
-                .background(MaterialTheme.colorScheme.surfaceVariant, shape = MaterialTheme.shapes.medium),
-            contentAlignment = Alignment.Center
-        ) {
-            Text("Hier kommen bald deine WG-Kosten hin 🚀")
-        }
-    }
 }

app/src/main/java/de/miaurizius/shap_planner/entities/Account.kt

@@ -15,7 +15,9 @@ data class Account (
     @PrimaryKey val id: UUID,
     val name: String,
     val wgName: String,
-    val avatarUrl: String? = null
+    val avatarUrl: String? = null,
+    val serverUrl: String,
+    val role: String,
 )
 
 @Dao

app/src/main/java/de/miaurizius/shap_planner/entities/Expense.kt

@@ -1,12 +1,34 @@
 package de.miaurizius.shap_planner.entities
 
+import androidx.room.Dao
+import androidx.room.Delete
+import androidx.room.Entity
+import androidx.room.Insert
+import androidx.room.OnConflictStrategy
+import androidx.room.Query
+import kotlinx.coroutines.flow.Flow
 import java.util.UUID
 
+@Entity(tableName = "expenses")
 data class Expense (
     val id: UUID,
-    val amt: Double,
+    val payer_id: UUID,
-    val desc: String,
+    val amount: Int,
+    val title: String,
+    val description: String,
+    val attachments: List<String>,
+    val created_at: Int,
+    val last_updated_at: Int
+    )
 
-    val payerId: UUID,
+@Dao
-    val debtors: List<User>
+interface ExpenseDao {
-)
+    @Query("SELECT * FROM expenses")
+    fun getAllExpenses(): Flow<List<Expense>>
+
+    @Insert(onConflict = OnConflictStrategy.REPLACE)
+    suspend fun insertExpense(expense: Expense)
+
+    @Delete
+    suspend fun deleteExpense(expense: Expense)
+}

app/src/main/java/de/miaurizius/shap_planner/entities/ExpenseShare.kt

@@ -0,0 +1,33 @@
+package de.miaurizius.shap_planner.entities
+
+import androidx.room.Dao
+import androidx.room.Delete
+import androidx.room.Entity
+import androidx.room.Insert
+import androidx.room.OnConflictStrategy
+import androidx.room.Query
+import kotlinx.coroutines.flow.Flow
+import java.util.UUID
+
+@Entity(tableName = "expense_shares")
+data class ExpenseShare(
+    val id: UUID,
+    val expense_id: UUID,
+    val user_id: UUID,
+    val share_cents: Int
+)
+
+@Dao
+interface ExpenseShareDao {
+    @Query("SELECT * FROM expense_shares")
+    fun getAllShares(): Flow<List<ExpenseShare>>
+
+    @Query("SELECT * FROM expense_shares WHERE id = :shareId")
+    fun getShareById(shareId: UUID)
+
+    @Insert(onConflict = OnConflictStrategy.REPLACE)
+    suspend fun insertShare(share: ExpenseShare)
+
+    @Delete
+    suspend fun deleteShare(share: ExpenseShare)
+}

app/src/main/java/de/miaurizius/shap_planner/entities/User.kt

@@ -1,8 +1,29 @@
 package de.miaurizius.shap_planner.entities
 
+import androidx.room.Dao
+import androidx.room.Delete
+import androidx.room.Entity
+import androidx.room.Insert
+import androidx.room.OnConflictStrategy
+import androidx.room.Query
+import kotlinx.coroutines.flow.Flow
 import java.util.UUID
 
+@Entity(tableName = "users")
 data class User (
     val id: UUID,
     val name: String,
+    val avatar_url: String?
 )
+
+@Dao
+interface UserDao {
+    @Query("SELECT * FROM users")
+    fun getAllUsers(): Flow<List<User>>
+
+    @Insert(onConflict = OnConflictStrategy.REPLACE)
+    suspend fun insertUser(user: User)
+
+    @Delete
+    suspend fun deleteUser(user: User)
+}

app/src/main/java/de/miaurizius/shap_planner/network/APIService.kt

@@ -0,0 +1,35 @@
+package de.miaurizius.shap_planner.network
+
+import retrofit2.Response
+import retrofit2.http.Body
+import retrofit2.http.DELETE
+import retrofit2.http.GET
+import retrofit2.http.Header
+import retrofit2.http.POST
+import retrofit2.http.PUT
+import retrofit2.http.Query
+import java.util.UUID
+
+interface APIService {
+    // Account
+    @POST("api/login")
+    suspend fun login(@Body req: LoginRequest): Response<LoginResponse>
+    @POST("api/refresh")
+    suspend fun refresh(@Body req: RefreshRequest): Response<RefreshResponse>
+    @GET("api/ping")
+    suspend fun ping(@Header("Authorization") token: String): Response<Map<String, String>>
+
+    // Expenses
+    @GET("api/expenses")
+    suspend fun expenseGet(@Header("Authorization") token: String): Response<ExpenseResponse>
+    @POST("api/expenses")
+    suspend fun expenseCreate(@Header("Authorization") token: String)
+    @PUT("api/expenses")
+    suspend fun expenseUpdate(@Header("Authorization") token: String)
+    @DELETE("api/expenses")
+    suspend fun expenseDelete(@Header("Authorization") token: String)
+
+    // User
+    @GET("api/userinfo")
+    suspend fun userinfo(@Header("Authorization") token: String, @Query("id") userId: UUID)
+}

app/src/main/java/de/miaurizius/shap_planner/network/ComDataTypes.kt

@@ -0,0 +1,15 @@
+package de.miaurizius.shap_planner.network
+
+import de.miaurizius.shap_planner.entities.Expense
+
+// Login
+data class LoginRequest(val username: String, val password: String)
+data class LoginUser(val id: String, val username: String, val role: String, val avatarUrl: String?)
+data class LoginResponse(val access_token: String, val refresh_token: String, val user: LoginUser, val wgName: String)
+
+// Refresh-Tokens
+data class RefreshRequest(val refresh_token: String)
+data class RefreshResponse(val access_token: String, val refresh_token: String)
+
+// Expenses
+data class ExpenseResponse(val expenses: List<Expense>)

app/src/main/java/de/miaurizius/shap_planner/network/RetrofitProvider.kt

@@ -0,0 +1,28 @@
+package de.miaurizius.shap_planner.network
+
+import okhttp3.OkHttpClient
+import okhttp3.logging.HttpLoggingInterceptor
+import retrofit2.Retrofit
+import retrofit2.converter.gson.GsonConverterFactory
+
+object RetrofitProvider {
+
+    fun create(serverUrl: String): APIService {
+        val base = if (serverUrl.endsWith("/")) "https://$serverUrl" else "https://$serverUrl/"
+
+        val logger = HttpLoggingInterceptor().apply { level = HttpLoggingInterceptor.Level.BASIC }
+
+        val client = OkHttpClient.Builder()
+            .addInterceptor(logger)
+            .build()
+
+        val retrofit = Retrofit.Builder()
+            .baseUrl(base)
+            .client(client)
+            .addConverterFactory(GsonConverterFactory.create())
+            .build()
+
+        return retrofit.create(APIService::class.java)
+    }
+
+}

app/src/main/java/de/miaurizius/shap_planner/network/SessionState.kt

@@ -0,0 +1,8 @@
+package de.miaurizius.shap_planner.network
+
+sealed class SessionState {
+    object Loading : SessionState()
+    object Valid : SessionState()
+    object Invalid : SessionState()
+    data class Error(val message: String) : SessionState()
+}

app/src/main/java/de/miaurizius/shap_planner/room/AppDatabase.kt

@@ -7,7 +7,7 @@ import androidx.room.RoomDatabase
 import de.miaurizius.shap_planner.entities.Account
 import de.miaurizius.shap_planner.entities.AccountDao
 
-@Database(entities = [Account::class], version = 1)
+@Database(entities = [Account::class], version = 4)
 abstract class AppDatabase : RoomDatabase() {
     abstract fun accountDao(): AccountDao
     companion object {
@@ -20,7 +20,7 @@ abstract class AppDatabase : RoomDatabase() {
                     context.applicationContext,
                     AppDatabase::class.java,
                     "shap_planner_database"
-                ).build()
+                ).fallbackToDestructiveMigration(true).build()
                 INSTANCE = instance
                 instance
             }

app/src/main/java/de/miaurizius/shap_planner/ui/AppContent.kt

@@ -0,0 +1,61 @@
+package de.miaurizius.shap_planner.ui
+
+import androidx.compose.runtime.Composable
+import de.miaurizius.shap_planner.entities.Account
+import de.miaurizius.shap_planner.entities.Expense
+import de.miaurizius.shap_planner.network.SessionState
+import de.miaurizius.shap_planner.ui.screens.AccountSelectionScreen
+import de.miaurizius.shap_planner.ui.screens.DashboardScreen
+import de.miaurizius.shap_planner.ui.screens.LoginScreen
+import de.miaurizius.shap_planner.viewmodels.MainViewModel
+
+@Composable
+fun AppContent(
+    // Login
+    accountList: List<Account>,
+    selectedAccount: Account?,
+    showLoginForNewAccount: Boolean,
+    onLogin: (String, String, String) -> Unit,
+
+    // Expenses
+    expenses: List<Expense>,
+    onExpenseClick: (Expense) -> Unit,
+
+    // Account
+    onSelectAccount: (Account) -> Unit,
+    onLogoutAccount: () -> Unit,
+    onAddAccountClick: () -> Unit,
+    onDeleteAccount: () -> Unit,
+
+    // Session
+    sessionState: SessionState,
+    onValidateSession: () -> Unit,
+    onSessionInvalid: () -> Unit,
+
+    //Important
+    viewModel: MainViewModel
+) {
+    when {
+        showLoginForNewAccount -> LoginScreen(onLogin)
+        accountList.isEmpty() -> LoginScreen(onLogin)
+        selectedAccount != null -> DashboardScreen(
+            // Data and regarding Methods
+            account = selectedAccount,
+            expenses = expenses,
+            onExpenseClick = onExpenseClick,
+
+            // Default Methods
+            mainViewModel = viewModel,
+            onBack = onLogoutAccount,
+            onDelete = onDeleteAccount,
+            sessionState = sessionState,
+            onValidate = onValidateSession,
+            onSessionInvalid = onSessionInvalid
+        )
+        else -> AccountSelectionScreen(
+            accounts = accountList,
+            onAccountClick = onSelectAccount,
+            onAddAccountClick = onAddAccountClick
+        )
+    }
+}

app/src/main/java/de/miaurizius/shap_planner/ui/screens/AccountSelectionScreen.kt

@@ -0,0 +1,69 @@
+package de.miaurizius.shap_planner.ui.screens
+
+import androidx.compose.foundation.background
+import androidx.compose.foundation.clickable
+import androidx.compose.foundation.layout.Arrangement
+import androidx.compose.foundation.layout.Box
+import androidx.compose.foundation.layout.Column
+import androidx.compose.foundation.layout.Row
+import androidx.compose.foundation.layout.Spacer
+import androidx.compose.foundation.layout.fillMaxSize
+import androidx.compose.foundation.layout.fillMaxWidth
+import androidx.compose.foundation.layout.height
+import androidx.compose.foundation.layout.navigationBarsPadding
+import androidx.compose.foundation.layout.padding
+import androidx.compose.foundation.layout.size
+import androidx.compose.foundation.layout.statusBarsPadding
+import androidx.compose.foundation.layout.width
+import androidx.compose.foundation.lazy.LazyColumn
+import androidx.compose.foundation.lazy.items
+import androidx.compose.foundation.shape.CircleShape
+import androidx.compose.material3.Button
+import androidx.compose.material3.Card
+import androidx.compose.material3.MaterialTheme
+import androidx.compose.material3.Text
+import androidx.compose.runtime.Composable
+import androidx.compose.ui.Alignment
+import androidx.compose.ui.Modifier
+import androidx.compose.ui.graphics.Color
+import androidx.compose.ui.text.font.FontWeight
+import androidx.compose.ui.unit.dp
+import de.miaurizius.shap_planner.entities.Account
+
+@Composable
+fun AccountSelectionScreen(accounts: List<Account>, onAccountClick: (Account) -> Unit, onAddAccountClick: () -> Unit) {
+    LazyColumn(
+        modifier = Modifier
+            .fillMaxSize()
+            .padding(16.dp)
+            .statusBarsPadding()
+            .navigationBarsPadding(),
+        verticalArrangement = Arrangement.spacedBy(12.dp)
+    ) {
+        item {
+            Text("Wähle einen Account", style = MaterialTheme.typography.headlineSmall)
+        }
+
+        items(accounts) { account ->
+            Card(modifier = Modifier.fillMaxWidth().clickable{ onAccountClick(account) }) {
+                Row(modifier = Modifier.padding(16.dp), verticalAlignment = Alignment.CenterVertically) {
+                    Box(modifier = Modifier.size(40.dp).background(Color.Gray, shape = CircleShape))
+                    Spacer(modifier = Modifier.width(16.dp))
+                    Column {
+                        Text(text = account.name, fontWeight = FontWeight.Bold)
+                        Text(text = account.wgName, style = MaterialTheme.typography.bodyMedium)
+                    }
+                }
+            }
+        }
+        item {
+            Spacer(modifier = Modifier.height(8.dp))
+            Button(
+                onClick = onAddAccountClick,
+                modifier = Modifier.fillMaxWidth()
+            ) {
+                Text("Anderen Account hinzufügen")
+            }
+        }
+    }
+}

app/src/main/java/de/miaurizius/shap_planner/ui/screens/DashboardScreen.kt

@@ -0,0 +1,143 @@
+package de.miaurizius.shap_planner.ui.screens
+
+import androidx.activity.compose.BackHandler
+import androidx.compose.foundation.background
+import androidx.compose.foundation.clickable
+import androidx.compose.foundation.layout.Arrangement
+import androidx.compose.foundation.layout.Box
+import androidx.compose.foundation.layout.Column
+import androidx.compose.foundation.layout.PaddingValues
+import androidx.compose.foundation.layout.Row
+import androidx.compose.foundation.layout.Spacer
+import androidx.compose.foundation.layout.fillMaxSize
+import androidx.compose.foundation.layout.fillMaxWidth
+import androidx.compose.foundation.layout.height
+import androidx.compose.foundation.layout.navigationBarsPadding
+import androidx.compose.foundation.layout.padding
+import androidx.compose.foundation.layout.statusBarsPadding
+import androidx.compose.foundation.lazy.LazyColumn
+import androidx.compose.foundation.lazy.items
+import androidx.compose.material3.Button
+import androidx.compose.material3.CircularProgressIndicator
+import androidx.compose.material3.MaterialTheme
+import androidx.compose.material3.Surface
+import androidx.compose.material3.Text
+import androidx.compose.runtime.Composable
+import androidx.compose.runtime.LaunchedEffect
+import androidx.compose.ui.Alignment
+import androidx.compose.ui.Modifier
+import androidx.compose.ui.graphics.Color
+import androidx.compose.ui.text.font.FontWeight
+import androidx.compose.ui.unit.dp
+import de.miaurizius.shap_planner.entities.Account
+import de.miaurizius.shap_planner.entities.Expense
+import de.miaurizius.shap_planner.network.SessionState
+import de.miaurizius.shap_planner.viewmodels.MainViewModel
+
+@Composable
+fun DashboardScreen(
+    // Data and regarding Methods
+    account: Account,
+    expenses: List<Expense>,
+    onExpenseClick: (Expense) -> Unit,
+
+    // Default Methods
+    mainViewModel: MainViewModel,
+    onBack: () -> Unit,
+    onDelete: () -> Unit,
+    sessionState: SessionState,
+    onValidate: () -> Unit,
+    onSessionInvalid: () -> Unit) {
+
+    LaunchedEffect(Unit) { onValidate() }
+    mainViewModel.loadExpenses(account)
+    when (sessionState) {
+        SessionState.Loading -> {
+            Box(Modifier.fillMaxSize(), contentAlignment = Alignment.Center) {
+                CircularProgressIndicator()
+            }
+        }
+
+        SessionState.Valid -> {
+            BackHandler {
+                onBack()
+            }
+            Column(
+                modifier = Modifier
+                    .fillMaxSize()
+                    .padding(16.dp)
+                    .statusBarsPadding()
+                    .navigationBarsPadding()
+            ) {
+                // Header
+                Row(
+                    modifier = Modifier.fillMaxWidth(),
+                    horizontalArrangement = Arrangement.SpaceBetween,
+                    verticalAlignment = Alignment.CenterVertically
+                ) {
+                    Column {
+                        Text(
+                            text = "Hallo, ${account.name}!",
+                            style = MaterialTheme.typography.headlineMedium
+                        )
+                        Text(
+                            text = "WG: ${account.wgName}",
+                            style = MaterialTheme.typography.bodyLarge,
+                            color = Color.Gray
+                        )
+                    }
+                    Button(onClick = onBack) {
+                        Text("Wechseln")
+                    }
+                }
+
+                Spacer(modifier = Modifier.height(5.dp))
+
+                Button(onClick = onDelete) {
+                    Text("Löschen")
+                }
+
+                Spacer(modifier = Modifier.height(10.dp))
+
+                Text("WG-Kosten", style = MaterialTheme.typography.titleLarge)
+                Spacer(modifier = Modifier.height(8.dp))
+
+                LazyColumn(
+                    modifier = Modifier
+                        .fillMaxSize()
+                        .background(MaterialTheme.colorScheme.surfaceVariant, shape = MaterialTheme.shapes.medium),
+                    contentPadding = PaddingValues(8.dp),
+                    verticalArrangement = Arrangement.spacedBy(8.dp)
+                ) {
+                    items(expenses) { expense ->
+                        ExpenseItem(expense = expense, onClick = { onExpenseClick(expense) })
+                    }
+                }
+            }
+        }
+
+        SessionState.Invalid -> {
+            LaunchedEffect(Unit) {
+                onSessionInvalid()
+            }
+        }
+
+        is SessionState.Error -> {
+            Text("Server error")
+        }
+    }
+}
+
+@Composable
+fun ExpenseItem(expense: Expense, onClick: () -> Unit) {
+    Surface(modifier = Modifier
+        .fillMaxWidth()
+        .clickable{onClick()},
+        shape = MaterialTheme.shapes.small,
+        color = MaterialTheme.colorScheme.surface) {
+        Row(modifier = Modifier.padding(16.dp), horizontalArrangement = Arrangement.SpaceBetween) {
+            Text(text = expense.title, style = MaterialTheme.typography.bodyLarge)
+            Text(text = expense.amount.toString()+"€", style = MaterialTheme.typography.bodyLarge, fontWeight = FontWeight.Bold)
+        }
+    }
+}

app/src/main/java/de/miaurizius/shap_planner/ui/screens/LoginScreen.kt

@@ -0,0 +1,70 @@
+package de.miaurizius.shap_planner.ui.screens
+
+import androidx.activity.compose.BackHandler
+import androidx.compose.foundation.layout.Column
+import androidx.compose.foundation.layout.Spacer
+import androidx.compose.foundation.layout.height
+import androidx.compose.foundation.layout.navigationBarsPadding
+import androidx.compose.foundation.layout.padding
+import androidx.compose.foundation.layout.statusBarsPadding
+import androidx.compose.material3.Button
+import androidx.compose.material3.Text
+import androidx.compose.material3.TextField
+import androidx.compose.runtime.Composable
+import androidx.compose.runtime.getValue
+import androidx.compose.runtime.mutableStateOf
+import androidx.compose.runtime.remember
+import androidx.compose.runtime.setValue
+import androidx.compose.ui.Modifier
+import androidx.compose.ui.unit.dp
+
+@Composable
+fun LoginScreen(onLogin: (String, String, String) -> Unit, onBack: (() -> Unit)? = null) {
+
+    if (onBack != null) {
+        BackHandler {
+            onBack()
+        }
+    }
+
+    var serverUrl by remember { mutableStateOf("") }
+    var username by remember { mutableStateOf("") }
+    var password by remember { mutableStateOf("") }
+
+    Column(modifier = Modifier.padding(16.dp).statusBarsPadding().navigationBarsPadding()) {
+        Text("Bitte anmelden")
+        Spacer(modifier = Modifier.height(8.dp))
+
+        //Home-Server
+        TextField(
+            value = serverUrl,
+            onValueChange = { serverUrl = it },
+            label = { Text("Server-Domain") }
+        )
+        Spacer(modifier = Modifier.height(8.dp))
+
+        //Username
+        TextField(
+            value = username,
+            onValueChange = { username = it },
+            label = { Text("Nutzername") }
+        )
+        Spacer(modifier = Modifier.height(8.dp))
+
+        //Password
+        TextField(
+            value = password,
+            onValueChange = { password = it },
+            label = { Text("Passwort") }
+        )
+        Spacer(modifier = Modifier.height(8.dp))
+
+        Button(onClick = { if(serverUrl.isNotEmpty() && username.isNotEmpty() && password.isNotEmpty()) onLogin(
+            serverUrl,
+            username,
+            password
+        ) }) {
+            Text("Login")
+        }
+    }
+}

app/src/main/java/de/miaurizius/shap_planner/viewmodels/LoginViewModel.kt

@@ -1,19 +1,66 @@
 package de.miaurizius.shap_planner.viewmodels
 
+import android.content.Context
 import androidx.lifecycle.ViewModel
 import androidx.lifecycle.viewModelScope
+import de.miaurizius.shap_planner.TokenStorage
 import de.miaurizius.shap_planner.UserPreferences
+import de.miaurizius.shap_planner.entities.Account
+import de.miaurizius.shap_planner.network.LoginRequest
+import de.miaurizius.shap_planner.network.RetrofitProvider
+import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.flow.SharingStarted
 import kotlinx.coroutines.flow.stateIn
 import kotlinx.coroutines.launch
+import kotlinx.coroutines.withContext
+import java.util.Locale.getDefault
+import java.util.UUID
 
-class LoginViewModel(private val prefs: UserPreferences) : ViewModel() {
+class LoginViewModel(private val prefs: UserPreferences, private val appContext: Context) : ViewModel() {
+
+    private val tokenStorage = TokenStorage(appContext)
 
     val isLoggedIn = prefs.isLoggedInFlow.stateIn(viewModelScope, SharingStarted.Lazily, false)
     val lastUserId = prefs.lastUserLoginFlow.stateIn(viewModelScope, SharingStarted.Lazily, null)
 
-    fun login(userId: String) {
+    fun login(serverUrl: String, username: String, password: String, viewModel: MainViewModel) {
-        viewModelScope.launch { prefs.saveLogin(userId) }
+        viewModelScope.launch {
+            val api = RetrofitProvider.create(serverUrl)
+
+            try {
+                val response = withContext(Dispatchers.IO) {
+                    api.login(LoginRequest(username.lowercase(getDefault()).trim(), password))
+                }
+
+                if(response.isSuccessful) {
+                    val body = response.body() ?: run {
+                        return@launch
+                    }
+
+                    val access = body.access_token
+                    val refresh = body.refresh_token
+
+                    tokenStorage.saveTokens(body.user.id, access, refresh)
+
+                    val account = Account(
+                        id = UUID.fromString(body.user.id),
+                        name = username.trim(),
+                        wgName = body.wgName,
+                        avatarUrl = null,
+                        serverUrl = serverUrl,
+                        role = body.user.role
+                    )
+
+                    viewModel.addAccount(account)
+
+                    prefs.saveLogin(body.user.id)
+                } else {
+                    println("Login failed: ${response.code()} ${response.errorBody()?.toString()}")
+                }
+            } catch(e: Exception) {
+                e.printStackTrace()
+            }
+        }
     }
 
     fun logout() {

app/src/main/java/de/miaurizius/shap_planner/viewmodels/MainViewModel.kt

@@ -5,34 +5,111 @@ import androidx.compose.runtime.mutableStateOf
 import androidx.compose.runtime.setValue
 import androidx.lifecycle.ViewModel
 import androidx.lifecycle.viewModelScope
+import de.miaurizius.shap_planner.TokenStorage
 import de.miaurizius.shap_planner.entities.Account
 import de.miaurizius.shap_planner.entities.AccountDao
+import de.miaurizius.shap_planner.entities.Expense
+import de.miaurizius.shap_planner.network.RefreshRequest
+import de.miaurizius.shap_planner.network.RetrofitProvider
+import de.miaurizius.shap_planner.network.SessionState
+import kotlinx.coroutines.flow.MutableStateFlow
 import kotlinx.coroutines.flow.SharingStarted
 import kotlinx.coroutines.flow.StateFlow
 import kotlinx.coroutines.flow.stateIn
 import kotlinx.coroutines.launch
 import kotlin.collections.emptyList
 
-class MainViewModel(private val accountDao: AccountDao) : ViewModel() {
+class MainViewModel(private val accountDao: AccountDao, private val tokenStorage: TokenStorage) : ViewModel() {
 
-    // Das ist der State, den dein SetContent beobachtet
+    var selectedAccount by mutableStateOf<Account?>(null)
+        private set
     val accounts: StateFlow<List<Account>> = accountDao.getAllAccounts()
         .stateIn(viewModelScope, SharingStarted.WhileSubscribed(5000), emptyList())
+    var sessionState by mutableStateOf<SessionState>(SessionState.Loading)
+        private set
+
+    private val _expenses = MutableStateFlow<List<Expense>>(emptyList())
+    val expenses: StateFlow<List<Expense>> = _expenses
+
+    fun loadExpenses(account: Account) {
+        viewModelScope.launch {
+            try {
+                val api = RetrofitProvider.create(account.serverUrl)
+                val accessToken = tokenStorage.getAccess(account.id.toString())
+
+                val response = api.expenseGet("Bearer $accessToken")
+                if (response.isSuccessful) {
+                    _expenses.value = response.body()?.expenses ?: emptyList()
+                }
+            } catch (e: Exception) {
+                _expenses.value = emptyList()
+            }
+        }
+    }
+
+    fun validateSession(account: Account) {
+        viewModelScope.launch {
+            sessionState = SessionState.Loading
+            val api = RetrofitProvider.create(account.serverUrl)
+
+            val accessToken = tokenStorage.getAccess(account.id.toString())
+            val refreshToken = tokenStorage.getRefresh(account.id.toString())
+
+            if(accessToken == null || refreshToken == null) {
+                sessionState = SessionState.Invalid
+                return@launch
+            }
+
+            val pingResponse = api.ping("Bearer $accessToken")
+
+            if(pingResponse.isSuccessful) {
+                sessionState = SessionState.Valid
+                return@launch
+            }
+
+            if(pingResponse.code() == 401) {
+                val refreshResponse = api.refresh(RefreshRequest(refreshToken))
+
+                if(refreshResponse.isSuccessful) {
+                    val newTokens = refreshResponse.body()!!
+
+                    tokenStorage.saveTokens(
+                        account.id.toString(),
+                        newTokens.access_token,
+                        newTokens.refresh_token
+                    )
+
+                    sessionState = SessionState.Valid
+
+                    // Fetch data
+                    loadExpenses(account)
+                    println("All data fetched")
+
+                    return@launch
+                } else {
+                    sessionState = SessionState.Invalid
+                    return@launch
+                }
+            }
+            sessionState = SessionState.Error("Server error")
+        }
+    }
 
-    // Funktion zum Hinzufügen (z.B. nach Login)
     fun addAccount(account: Account) {
         viewModelScope.launch {
             accountDao.insertAccount(account)
         }
     }
-
+    fun deleteAccount(account: Account) {
-    var selectedAccount by mutableStateOf<Account?>(null)
+        viewModelScope.launch {
-        private set
+            accountDao.deleteAccount(account)
-
+            tokenStorage.clearTokens(account.id.toString())
+            selectedAccount = null
+        }
+    }
     fun selectAccount(account: Account) {
         selectedAccount = account
     }
-
     fun logoutFromAccount() {
         selectedAccount = null
     }

app/src/main/res/xml/network_security_config.xml

@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="utf-8"?>
+<network-security-config>
+    <debug-overrides>
+        <trust-anchors>
+            <certificates src="user" />
+        </trust-anchors>
+    </debug-overrides>
+</network-security-config>