From 8dc5d3ed01378602e4396f71f5b487c8820c2916 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Tue, 3 Mar 2026 17:59:35 -0600
Subject: [PATCH 01/47] Added volunteer signup.

---
 db.go                                     | 105 +++++--
 email.go                                  |  55 +++-
 frontend/src/App.svelte                   |  15 +-
 frontend/src/api.js                       |   6 +
 frontend/src/api.test.js                  |  47 +++
 frontend/src/pages/ConfirmEmail.svelte    | 148 ++++++++++
 frontend/src/pages/Settings.svelte        |  67 ++++-
 frontend/src/pages/VolunteerSignup.svelte | 241 ++++++++++++++++
 handle_settings.go                        |  36 ++-
 handle_signup.go                          | 247 ++++++++++++++++
 handle_signup_test.go                     | 333 ++++++++++++++++++++++
 main.go                                   |   7 +
 12 files changed, 1258 insertions(+), 49 deletions(-)
 create mode 100644 frontend/src/pages/ConfirmEmail.svelte
 create mode 100644 frontend/src/pages/VolunteerSignup.svelte
 create mode 100644 handle_signup.go
 create mode 100644 handle_signup_test.go

diff --git a/db.go b/db.go
index ef3a339..bc97c91 100644
--- a/db.go
+++ b/db.go
@@ -135,6 +135,11 @@ func migrateV2(db *sql.DB) error {
 	addColumnIfMissing(db, "attendees", "checked_in_count INTEGER NOT NULL DEFAULT 0")
 	addColumnIfMissing(db, "shifts", "position INTEGER NOT NULL DEFAULT 0")
 	addColumnIfMissing(db, "volunteer_shifts", "deleted_at TEXT")
+	addColumnIfMissing(db, "volunteers", "preferred_name TEXT NOT NULL DEFAULT ''")
+	addColumnIfMissing(db, "volunteers", "ticket_name TEXT NOT NULL DEFAULT ''")
+	addColumnIfMissing(db, "volunteers", "pronouns TEXT NOT NULL DEFAULT ''")
+	addColumnIfMissing(db, "volunteers", "email_confirmed INTEGER NOT NULL DEFAULT 0")
+	addColumnIfMissing(db, "volunteers", "confirmation_token TEXT")
 	// Widen the uniqueness constraint from name-only to (name, ticket_id).
 	db.Exec(`DROP INDEX IF EXISTS idx_attendees_name`)
 	db.Exec(`CREATE UNIQUE INDEX IF NOT EXISTS idx_attendees_name_ticket ON attendees(name, ticket_id) WHERE deleted_at IS NULL`)
@@ -217,19 +222,24 @@ type Department struct {
 }
 
 type Volunteer struct {
-	ID           int     `json:"id"`
-	AttendeeID   *int    `json:"attendee_id,omitempty"`
-	Name         string  `json:"name"`
-	Email        string  `json:"email"`
-	Phone        string  `json:"phone"`
-	DepartmentID *int    `json:"department_id,omitempty"`
-	IsLead       bool    `json:"is_lead"`
-	CheckedIn    bool    `json:"checked_in"`
-	CheckedInAt  *string `json:"checked_in_at,omitempty"`
-	Note         string  `json:"note"`
-	CreatedAt    string  `json:"created_at"`
-	UpdatedAt    string  `json:"updated_at"`
-	DeletedAt    *string `json:"deleted_at,omitempty"`
+	ID                int     `json:"id"`
+	AttendeeID        *int    `json:"attendee_id,omitempty"`
+	Name              string  `json:"name"`
+	PreferredName     string  `json:"preferred_name"`
+	TicketName        string  `json:"ticket_name"`
+	Email             string  `json:"email"`
+	Phone             string  `json:"phone"`
+	Pronouns          string  `json:"pronouns"`
+	DepartmentID      *int    `json:"department_id,omitempty"`
+	IsLead            bool    `json:"is_lead"`
+	CheckedIn         bool    `json:"checked_in"`
+	CheckedInAt       *string `json:"checked_in_at,omitempty"`
+	EmailConfirmed    bool    `json:"email_confirmed"`
+	ConfirmationToken *string `json:"-"`
+	Note              string  `json:"note"`
+	CreatedAt         string  `json:"created_at"`
+	UpdatedAt         string  `json:"updated_at"`
+	DeletedAt         *string `json:"deleted_at,omitempty"`
 }
 
 type Shift struct {
@@ -719,7 +729,7 @@ func queryDepartments(db *sql.DB, q string, args ...any) ([]Department, error) {
 
 // --- Volunteers ---
 
-const volunteerCols = `id, attendee_id, name, email, phone, department_id, is_lead, checked_in, checked_in_at, note, created_at, updated_at, deleted_at`
+const volunteerCols = `id, attendee_id, name, preferred_name, ticket_name, email, phone, pronouns, department_id, is_lead, checked_in, checked_in_at, email_confirmed, confirmation_token, note, created_at, updated_at, deleted_at`
 
 func (app *App) listVolunteers(search string, deptID *int, since string) ([]Volunteer, error) {
 	q := `SELECT ` + volunteerCols + ` FROM volunteers WHERE 1=1`
@@ -763,9 +773,10 @@ func (app *App) getVolunteerByAttendeeID(attendeeID int) (*Volunteer, error) {
 
 func (app *App) createVolunteer(v Volunteer) (*Volunteer, error) {
 	res, err := app.db.Exec(
-		`INSERT INTO volunteers (attendee_id, name, email, phone, department_id, is_lead, note, updated_at)
-		 VALUES (?, ?, ?, ?, ?, ?, ?, ?)`,
-		v.AttendeeID, v.Name, v.Email, v.Phone, v.DepartmentID, boolInt(v.IsLead), v.Note, now(),
+		`INSERT INTO volunteers (attendee_id, name, preferred_name, ticket_name, email, phone, pronouns, department_id, is_lead, email_confirmed, confirmation_token, note, updated_at)
+		 VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+		v.AttendeeID, v.Name, v.PreferredName, v.TicketName, v.Email, v.Phone, v.Pronouns,
+		v.DepartmentID, boolInt(v.IsLead), boolInt(v.EmailConfirmed), v.ConfirmationToken, v.Note, now(),
 	)
 	if err != nil {
 		return nil, err
@@ -776,9 +787,10 @@ func (app *App) createVolunteer(v Volunteer) (*Volunteer, error) {
 
 func (app *App) updateVolunteer(v Volunteer) error {
 	_, err := app.db.Exec(
-		`UPDATE volunteers SET attendee_id=?, name=?, email=?, phone=?, department_id=?, is_lead=?, note=?, updated_at=?
+		`UPDATE volunteers SET attendee_id=?, name=?, preferred_name=?, ticket_name=?, email=?, phone=?, pronouns=?, department_id=?, is_lead=?, note=?, updated_at=?
 		 WHERE id=? AND deleted_at IS NULL`,
-		v.AttendeeID, v.Name, v.Email, v.Phone, v.DepartmentID, boolInt(v.IsLead), v.Note, now(), v.ID,
+		v.AttendeeID, v.Name, v.PreferredName, v.TicketName, v.Email, v.Phone, v.Pronouns,
+		v.DepartmentID, boolInt(v.IsLead), v.Note, now(), v.ID,
 	)
 	return err
 }
@@ -822,10 +834,13 @@ func queryVolunteers(db *sql.DB, q string, args ...any) ([]Volunteer, error) {
 	for rows.Next() {
 		var v Volunteer
 		var attendeeID, deptID sql.NullInt64
-		var isLead, checkedIn int
+		var isLead, checkedIn, emailConfirmed int
+		var confirmationToken sql.NullString
 		if err := rows.Scan(
-			&v.ID, &attendeeID, &v.Name, &v.Email, &v.Phone, &deptID,
-			&isLead, &checkedIn, &v.CheckedInAt, &v.Note,
+			&v.ID, &attendeeID, &v.Name, &v.PreferredName, &v.TicketName,
+			&v.Email, &v.Phone, &v.Pronouns, &deptID,
+			&isLead, &checkedIn, &v.CheckedInAt,
+			&emailConfirmed, &confirmationToken, &v.Note,
 			&v.CreatedAt, &v.UpdatedAt, &v.DeletedAt,
 		); err != nil {
 			return nil, err
@@ -838,13 +853,59 @@ func queryVolunteers(db *sql.DB, q string, args ...any) ([]Volunteer, error) {
 			id := int(deptID.Int64)
 			v.DepartmentID = &id
 		}
+		if confirmationToken.Valid {
+			v.ConfirmationToken = &confirmationToken.String
+		}
 		v.IsLead = isLead == 1
 		v.CheckedIn = checkedIn == 1
+		v.EmailConfirmed = emailConfirmed == 1
 		result = append(result, v)
 	}
 	return result, rows.Err()
 }
 
+func (app *App) getVolunteerByEmail(email string) (*Volunteer, error) {
+	rows, err := queryVolunteers(app.db,
+		`SELECT `+volunteerCols+` FROM volunteers WHERE LOWER(email) = LOWER(?) AND deleted_at IS NULL LIMIT 1`, email)
+	if err != nil || len(rows) == 0 {
+		return nil, err
+	}
+	return &rows[0], nil
+}
+
+func (app *App) getVolunteerByConfirmationToken(token string) (*Volunteer, error) {
+	rows, err := queryVolunteers(app.db,
+		`SELECT `+volunteerCols+` FROM volunteers WHERE confirmation_token = ? AND deleted_at IS NULL LIMIT 1`, token)
+	if err != nil || len(rows) == 0 {
+		return nil, err
+	}
+	return &rows[0], nil
+}
+
+func (app *App) confirmVolunteerEmail(id int) error {
+	_, err := app.db.Exec(
+		`UPDATE volunteers SET email_confirmed = 1, confirmation_token = NULL, updated_at = ? WHERE id = ?`,
+		now(), id)
+	return err
+}
+
+func (app *App) listConfirmedVolunteersWithoutKioskToken() ([]Volunteer, error) {
+	return queryVolunteers(app.db, `
+		SELECT `+volunteerCols+`
+		FROM volunteers
+		WHERE email_confirmed = 1 AND deleted_at IS NULL
+		  AND attendee_id IS NOT NULL
+		  AND (SELECT a.volunteer_token FROM attendees a WHERE a.id = volunteers.attendee_id) IS NULL`)
+}
+
+func generateConfirmationToken() (string, error) {
+	b := make([]byte, 16)
+	if _, err := rand.Read(b); err != nil {
+		return "", fmt.Errorf("read random: %w", err)
+	}
+	return fmt.Sprintf("%x", b), nil
+}
+
 // --- Shifts ---
 
 func (app *App) listShifts(deptID *int, day, since string) ([]Shift, error) {
diff --git a/email.go b/email.go
index 05c94f0..8d1d463 100644
--- a/email.go
+++ b/email.go
@@ -106,6 +106,22 @@ func sendEmail(cfg SMTPConfig, to, subject, body string) error {
 	return smtp.SendMail(addr, auth, cfg.From, []string{to}, []byte(msg))
 }
 
+func (app *App) resolveBaseURL() string {
+	baseURL := app.baseURL
+	if baseURL == "" {
+		app.db.QueryRow(`SELECT value FROM config WHERE key = 'base_url'`).Scan(&baseURL)
+	}
+	return strings.TrimRight(baseURL, "/")
+}
+
+func (app *App) eventName() string {
+	event, _ := app.getEvent()
+	if event != nil && event.Name != "" {
+		return event.Name
+	}
+	return "the event"
+}
+
 // sendTokenEmail sends a volunteer token link to the attendee's email address.
 func (app *App) sendTokenEmail(a Attendee) error {
 	if a.Email == "" {
@@ -116,20 +132,8 @@ func (app *App) sendTokenEmail(a Attendee) error {
 	}
 
 	cfg := app.loadSMTPConfig()
-
-	baseURL := app.baseURL
-	if baseURL == "" {
-		app.db.QueryRow(`SELECT value FROM config WHERE key = 'base_url'`).Scan(&baseURL)
-	}
-	baseURL = strings.TrimRight(baseURL, "/")
-
-	event, _ := app.getEvent()
-	eventName := "the event"
-	if event != nil && event.Name != "" {
-		eventName = event.Name
-	}
-
-	link := fmt.Sprintf("%s/#/v/%s", baseURL, *a.VolunteerToken)
+	eventName := app.eventName()
+	link := fmt.Sprintf("%s/#/v/%s", app.resolveBaseURL(), *a.VolunteerToken)
 	subject := fmt.Sprintf("Your volunteer link for %s", eventName)
 	body := fmt.Sprintf(
 		"Hi %s,\n\nThank you for volunteering at %s!\n\nYour volunteer token: %s\nYour signup link: %s\n\nUse this link to sign up for available shifts in your department.\n\nSee you there!\n",
@@ -138,3 +142,26 @@ func (app *App) sendTokenEmail(a Attendee) error {
 
 	return sendEmail(cfg, a.Email, subject, body)
 }
+
+func (app *App) sendConfirmationEmail(to, name, confirmToken string) error {
+	cfg := app.loadSMTPConfig()
+	eventName := app.eventName()
+	link := fmt.Sprintf("%s/#/confirm/%s", app.resolveBaseURL(), confirmToken)
+	subject := fmt.Sprintf("Please confirm your email for %s", eventName)
+	body := fmt.Sprintf(
+		"Hi %s,\n\nThank you for signing up to volunteer at %s!\n\nPlease confirm your email address by visiting:\n%s\n\nIf you did not sign up, you can safely ignore this email.\n",
+		name, eventName, link,
+	)
+	return sendEmail(cfg, to, subject, body)
+}
+
+func (app *App) sendShiftSignupEmail(to, name, kioskLink string) error {
+	cfg := app.loadSMTPConfig()
+	eventName := app.eventName()
+	subject := fmt.Sprintf("Shift signups are open for %s!", eventName)
+	body := fmt.Sprintf(
+		"Hi %s,\n\nShift signups are now open for %s!\n\nUse this link to sign up for available shifts:\n%s\n\nSee you there!\n",
+		name, eventName, kioskLink,
+	)
+	return sendEmail(cfg, to, subject, body)
+}
diff --git a/frontend/src/App.svelte b/frontend/src/App.svelte
index 52ed392..179cc2c 100644
--- a/frontend/src/App.svelte
+++ b/frontend/src/App.svelte
@@ -11,6 +11,8 @@
   import Users from './pages/Users.svelte'
   import Import from './pages/Import.svelte'
   import Kiosk from './pages/Kiosk.svelte'
+  import VolunteerSignup from './pages/VolunteerSignup.svelte'
+  import ConfirmEmail from './pages/ConfirmEmail.svelte'
   import GateUI from './pages/GateUI.svelte'
   import ScheduleBoard from './pages/ScheduleBoard.svelte'
   import Settings from './pages/Settings.svelte'
@@ -25,8 +27,11 @@
   let updateAvailable = $state(false)
   let mobileNavOpen = $state(false)
 
-  // Check if this is a kiosk token URL before doing anything else
+  // Check if this is a public page (no auth needed)
   const kioskToken = $derived(window.location.hash.match(/^#\/v\/([A-Z0-9]+)/i)?.[1] ?? '')
+  const isVolunteerSignup = $derived(window.location.hash.startsWith('#/volunteer-signup'))
+  const isConfirmEmail = $derived(window.location.hash.startsWith('#/confirm/'))
+  const isPublicPage = $derived(!!kioskToken || isVolunteerSignup || isConfirmEmail)
 
   async function checkVersion() {
     try {
@@ -39,8 +44,8 @@
   onMount(async () => {
     checkVersion()
 
-    // Kiosk pages don't need auth
-    if (kioskToken) {
+    // Public pages don't need auth
+    if (isPublicPage) {
       loading = false
       return
     }
@@ -87,6 +92,10 @@
   <!-- checking session -->
 {:else if kioskToken}
   <Kiosk />
+{:else if isVolunteerSignup}
+  <VolunteerSignup />
+{:else if isConfirmEmail}
+  <ConfirmEmail />
 {:else if !session}
   <Login onlogin={onLogin} />
 {:else if role === 'gate'}
diff --git a/frontend/src/api.js b/frontend/src/api.js
index c6f6e11..d7ea497 100644
--- a/frontend/src/api.js
+++ b/frontend/src/api.js
@@ -109,6 +109,12 @@ export const api = {
     get: () => apiJSON('/api/settings'),
     update: (data) => apiJSON('/api/settings', { method: 'PUT', body: JSON.stringify(data) }),
     testEmail: (to) => apiJSON('/api/settings/test-email', { method: 'POST', body: JSON.stringify({ to }) }),
+    toggleShiftSignups: (open) => apiJSON('/api/settings/shift-signups', { method: 'POST', body: JSON.stringify({ open }) }),
+  },
+  signup: {
+    config: () => kioskFetch('/api/public/signup-config'),
+    submit: (data) => kioskFetch('/api/public/signup', { method: 'POST', body: JSON.stringify(data) }),
+    confirm: (token) => kioskFetch('/api/public/confirm', { method: 'POST', body: JSON.stringify({ token }) }),
   },
   import: async (formData) => {
     const res = await apiFetch('/api/import', { method: 'POST', body: formData })
diff --git a/frontend/src/api.test.js b/frontend/src/api.test.js
index 25e0dd9..f6527f5 100644
--- a/frontend/src/api.test.js
+++ b/frontend/src/api.test.js
@@ -96,3 +96,50 @@ describe('api methods', () => {
     expect(f.mock.calls[0][0]).toBe('/api/sync/pull')
   })
 })
+
+describe('signup methods', () => {
+  it('signup.config fetches config without auth', async () => {
+    const f = mockFetch({ departments: [], volunteer_note_label: 'Note' })
+    await api.signup.config()
+    const [url, opts] = f.mock.calls[0]
+    expect(url).toBe('/api/public/signup-config')
+    expect(opts.headers['Authorization']).toBeUndefined()
+  })
+
+  it('signup.submit posts form data without auth', async () => {
+    const f = mockFetch({ ok: true })
+    await api.signup.submit({ preferred_name: 'Titania', email: 'titania@example.com' })
+    const [url, opts] = f.mock.calls[0]
+    expect(url).toBe('/api/public/signup')
+    expect(opts.method).toBe('POST')
+    expect(JSON.parse(opts.body)).toEqual({ preferred_name: 'Titania', email: 'titania@example.com' })
+    expect(opts.headers['Authorization']).toBeUndefined()
+  })
+
+  it('signup.confirm posts token without auth', async () => {
+    const f = mockFetch({ status: 'confirmed' })
+    await api.signup.confirm('abc123')
+    const [url, opts] = f.mock.calls[0]
+    expect(url).toBe('/api/public/confirm')
+    expect(opts.method).toBe('POST')
+    expect(JSON.parse(opts.body)).toEqual({ token: 'abc123' })
+    expect(opts.headers['Authorization']).toBeUndefined()
+  })
+
+  it('signup.submit throws on 400', async () => {
+    mockFetch({ error: 'preferred name and email are required' }, 400)
+    await expect(api.signup.submit({})).rejects.toThrow('preferred name and email are required')
+  })
+})
+
+describe('settings shift signups', () => {
+  it('toggleShiftSignups posts open flag', async () => {
+    await saveSession('tok', { id: 1 })
+    const f = mockFetch({ shift_signups_open: true })
+    await api.settings.toggleShiftSignups(true)
+    const [url, opts] = f.mock.calls[0]
+    expect(url).toBe('/api/settings/shift-signups')
+    expect(opts.method).toBe('POST')
+    expect(JSON.parse(opts.body)).toEqual({ open: true })
+  })
+})
diff --git a/frontend/src/pages/ConfirmEmail.svelte b/frontend/src/pages/ConfirmEmail.svelte
new file mode 100644
index 0000000..39babea
--- /dev/null
+++ b/frontend/src/pages/ConfirmEmail.svelte
@@ -0,0 +1,148 @@
+<script>
+  import { onMount } from 'svelte'
+  import { api } from '../api.js'
+
+  let status = $state('loading')
+  let kioskLink = $state('')
+  let error = $state('')
+
+  onMount(async () => {
+    const match = window.location.hash.match(/^#\/confirm\/(.+)/)
+    const token = match?.[1] ?? ''
+    if (!token) {
+      status = 'invalid'
+      return
+    }
+    try {
+      const result = await api.signup.confirm(token)
+      status = result.status ?? 'invalid'
+      if (result.kiosk_link) kioskLink = result.kiosk_link
+    } catch (err) {
+      error = err.message
+      status = 'error'
+    }
+  })
+</script>
+
+<div class="kiosk">
+  <div class="kiosk-header">
+    <div class="kiosk-brand">Turn<span>pike</span> &nbsp;<span class="kiosk-role">Email Confirmation</span></div>
+  </div>
+
+  <div class="kiosk-body">
+    {#if status === 'loading'}
+      <div class="kiosk-center">Confirming...</div>
+    {:else if status === 'confirmed'}
+      <div class="kiosk-card" style="text-align:center">
+        <div class="confirm-icon">&#10003;</div>
+        <h2 style="font-size:1.2rem;font-weight:700;margin-bottom:0.5rem">Email Confirmed</h2>
+        <p style="color:var(--c-muted);line-height:1.6;margin:0">
+          Your email address has been verified. Thank you for signing up!
+        </p>
+        {#if kioskLink}
+          <div class="kiosk-link-box">
+            <p style="color:var(--c-text);font-weight:600;margin-bottom:0.5rem">Shift signups are open!</p>
+            <a href={kioskLink} class="kbtn kbtn-primary">Choose Your Shifts</a>
+          </div>
+        {/if}
+      </div>
+    {:else if status === 'already_confirmed'}
+      <div class="kiosk-card" style="text-align:center">
+        <h2 style="font-size:1.2rem;font-weight:700;margin-bottom:0.5rem">Already Confirmed</h2>
+        <p style="color:var(--c-muted);line-height:1.6;margin:0">
+          This email address was already confirmed. No further action needed.
+        </p>
+      </div>
+    {:else if status === 'error'}
+      <div class="kiosk-error">{error}</div>
+    {:else}
+      <div class="kiosk-card" style="text-align:center">
+        <h2 style="font-size:1.2rem;font-weight:700;margin-bottom:0.5rem">Invalid Link</h2>
+        <p style="color:var(--c-muted);line-height:1.6;margin:0">
+          This confirmation link is not valid or has already been used.
+        </p>
+      </div>
+    {/if}
+  </div>
+</div>
+
+<style>
+  .kiosk {
+    min-height: 100vh;
+    background: var(--c-bg);
+    color: var(--c-text);
+    font-family: var(--font);
+    display: flex;
+    flex-direction: column;
+  }
+  .kiosk-header {
+    background: var(--c-surface);
+    border-bottom: 1px solid var(--c-border);
+    padding: 1rem 1.5rem;
+    display: flex;
+    align-items: center;
+  }
+  .kiosk-brand {
+    font-size: 1.1rem;
+    font-weight: 700;
+    letter-spacing: -0.02em;
+    color: var(--c-text);
+  }
+  .kiosk-brand span:first-of-type { color: var(--c-accent); }
+  .kiosk-role {
+    font-size: 0.8rem;
+    font-weight: 400;
+    color: var(--c-muted);
+    letter-spacing: 0;
+  }
+  .kiosk-body {
+    max-width: 540px;
+    margin: 0 auto;
+    padding: 1.5rem 1rem;
+    width: 100%;
+  }
+  .kiosk-center { display: flex; align-items: center; justify-content: center; padding: 2rem 0; }
+  .kiosk-card {
+    background: var(--c-surface);
+    border: 1px solid var(--c-border);
+    border-radius: 10px;
+    padding: 2rem 1.5rem;
+  }
+  .kiosk-error {
+    background: rgba(239,68,68,0.12);
+    border: 1px solid rgba(239,68,68,0.3);
+    color: #fca5a5;
+    padding: 1rem;
+    border-radius: 8px;
+    text-align: center;
+    line-height: 1.7;
+  }
+  .confirm-icon {
+    width: 48px;
+    height: 48px;
+    border-radius: 50%;
+    background: rgba(34,197,94,0.15);
+    color: #4ade80;
+    font-size: 1.5rem;
+    display: flex;
+    align-items: center;
+    justify-content: center;
+    margin: 0 auto 1rem;
+  }
+  .kiosk-link-box {
+    margin-top: 1.5rem;
+    padding-top: 1rem;
+    border-top: 1px solid var(--c-border);
+  }
+  .kbtn {
+    display: inline-flex; align-items: center; justify-content: center;
+    padding: 0.55rem 1.25rem; border-radius: 6px;
+    border: 1px solid transparent;
+    font-size: 0.875rem; font-weight: 500; cursor: pointer;
+    font-family: var(--font);
+    text-decoration: none;
+    transition: background 150ms;
+  }
+  .kbtn-primary { background: var(--c-accent); color: #fff; }
+  .kbtn-primary:hover { background: var(--c-accent-h); }
+</style>
diff --git a/frontend/src/pages/Settings.svelte b/frontend/src/pages/Settings.svelte
index 060aefd..28193e4 100644
--- a/frontend/src/pages/Settings.svelte
+++ b/frontend/src/pages/Settings.svelte
@@ -16,6 +16,10 @@
   let smtpFromName = $state('')
   let baseURL = $state('')
   let testEmail = $state('')
+  let noteLabel = $state('Additional note')
+  let noteRequired = $state(false)
+  let shiftSignupsOpen = $state(false)
+  let togglingSignups = $state(false)
 
   onMount(async () => {
     try {
@@ -27,6 +31,9 @@
       smtpFrom = s.smtp_from ?? ''
       smtpFromName = s.smtp_from_name ?? ''
       baseURL = s.base_url ?? ''
+      noteLabel = s.volunteer_note_label ?? 'Additional note'
+      noteRequired = s.volunteer_note_required ?? false
+      shiftSignupsOpen = s.shift_signups_open ?? false
     } catch (err) {
       error = err.message
     } finally {
@@ -48,6 +55,8 @@
         smtp_from: smtpFrom,
         smtp_from_name: smtpFromName,
         base_url: baseURL,
+        volunteer_note_label: noteLabel,
+        volunteer_note_required: noteRequired,
       })
       smtpPassword = ''
       success = 'Settings saved.'
@@ -58,6 +67,23 @@
     }
   }
 
+  async function toggleSignups() {
+    const opening = !shiftSignupsOpen
+    if (opening && !confirm('This will email all confirmed volunteers their shift signup links. Continue?')) return
+    togglingSignups = true
+    error = ''
+    success = ''
+    try {
+      const result = await api.settings.toggleShiftSignups(opening)
+      shiftSignupsOpen = result.shift_signups_open
+      success = opening ? 'Shift signups opened. Emails are being sent.' : 'Shift signups closed.'
+    } catch (err) {
+      error = err.message
+    } finally {
+      togglingSignups = false
+    }
+  }
+
   async function sendTest() {
     if (!testEmail) return
     testing = true
@@ -135,7 +161,7 @@
     </form>
 
     <!-- Test email -->
-    <div class="card">
+    <div class="card" style="margin-bottom:1.5rem">
       <h2 style="font-size:0.95rem;font-weight:700;margin-bottom:1rem">Test Email</h2>
       <div style="display:flex;gap:0.5rem;align-items:flex-end">
         <div class="form-group" style="flex:1;margin-bottom:0">
@@ -147,5 +173,44 @@
         </button>
       </div>
     </div>
+
+    <!-- Volunteer Signup -->
+    <div class="card" style="margin-bottom:1.5rem">
+      <h2 style="font-size:0.95rem;font-weight:700;margin-bottom:1rem">Volunteer Signup</h2>
+      <div class="form-group">
+        <label for="s-note-label">Note Field Label</label>
+        <input id="s-note-label" bind:value={noteLabel} placeholder="Additional note" />
+      </div>
+      <label style="display:flex;align-items:center;gap:0.5rem;font-size:0.875rem;cursor:pointer">
+        <input type="checkbox" bind:checked={noteRequired} />
+        Note field is required
+      </label>
+      <p class="text-muted" style="font-size:0.78rem;margin-top:0.75rem">
+        Signup form: <a href="/#/volunteer-signup" target="_blank" style="color:var(--c-accent)">/#/volunteer-signup</a>
+      </p>
+    </div>
+
+    <!-- Shift Signups -->
+    <div class="card">
+      <h2 style="font-size:0.95rem;font-weight:700;margin-bottom:1rem">Shift Signups</h2>
+      <div style="display:flex;align-items:center;gap:1rem">
+        <span style="font-size:0.875rem">
+          Status: <strong>{shiftSignupsOpen ? 'Open' : 'Closed'}</strong>
+        </span>
+        <button class="btn {shiftSignupsOpen ? 'btn-ghost' : 'btn-primary'}"
+          onclick={toggleSignups} disabled={togglingSignups}>
+          {#if togglingSignups}
+            Working…
+          {:else}
+            {shiftSignupsOpen ? 'Close Signups' : 'Open Signups'}
+          {/if}
+        </button>
+      </div>
+      {#if !shiftSignupsOpen}
+        <p class="text-muted" style="font-size:0.78rem;margin-top:0.75rem">
+          Opening signups will email all confirmed volunteers their shift signup links.
+        </p>
+      {/if}
+    </div>
   {/if}
 </div>
diff --git a/frontend/src/pages/VolunteerSignup.svelte b/frontend/src/pages/VolunteerSignup.svelte
new file mode 100644
index 0000000..8681265
--- /dev/null
+++ b/frontend/src/pages/VolunteerSignup.svelte
@@ -0,0 +1,241 @@
+<script>
+  import { onMount } from 'svelte'
+  import { api } from '../api.js'
+
+  let loading = $state(true)
+  let submitting = $state(false)
+  let error = $state('')
+  let submitted = $state(false)
+
+  let config = $state(null)
+  let preferredName = $state('')
+  let ticketName = $state('')
+  let email = $state('')
+  let pronouns = $state('')
+  let phone = $state('')
+  let departmentId = $state('')
+  let note = $state('')
+
+  onMount(async () => {
+    try {
+      config = await api.signup.config()
+    } catch (err) {
+      error = err.message
+    } finally {
+      loading = false
+    }
+  })
+
+  async function submit(e) {
+    e.preventDefault()
+    submitting = true
+    error = ''
+    try {
+      const data = {
+        preferred_name: preferredName.trim(),
+        email: email.trim(),
+      }
+      if (ticketName.trim()) data.ticket_name = ticketName.trim()
+      if (pronouns.trim()) data.pronouns = pronouns.trim()
+      if (phone.trim()) data.phone = phone.trim()
+      if (departmentId) data.department_id = Number(departmentId)
+      if (note.trim()) data.note = note.trim()
+      await api.signup.submit(data)
+      submitted = true
+    } catch (err) {
+      error = err.message
+    } finally {
+      submitting = false
+    }
+  }
+</script>
+
+<div class="kiosk">
+  <div class="kiosk-header">
+    <div class="kiosk-brand">Turn<span>pike</span> &nbsp;<span class="kiosk-role">Volunteer Signup</span></div>
+  </div>
+
+  <div class="kiosk-body">
+    {#if loading}
+      <div class="kiosk-center">Loading...</div>
+    {:else if submitted}
+      <div class="kiosk-card" style="text-align:center">
+        <h2 style="font-size:1.3rem;font-weight:700;margin-bottom:0.75rem">Thank you!</h2>
+        <p style="color:var(--c-muted);line-height:1.6;margin:0">
+          We've sent a confirmation email to <strong style="color:var(--c-text)">{email}</strong>.
+          Please check your inbox and click the link to confirm your signup.
+        </p>
+      </div>
+    {:else}
+      {#if config?.event_name && config.event_name !== 'the event'}
+        <h2 class="signup-event-name">{config.event_name}</h2>
+      {/if}
+
+      {#if error}
+        <div class="kiosk-alert">{error}</div>
+      {/if}
+
+      <form onsubmit={submit}>
+        <div class="kiosk-card">
+          <div class="signup-field">
+            <label for="s-name">Preferred Name <span class="req">*</span></label>
+            <input id="s-name" bind:value={preferredName} required placeholder="What should we call you?" />
+          </div>
+
+          <div class="signup-field">
+            <label for="s-ticket">Ticket Name</label>
+            <input id="s-ticket" bind:value={ticketName} placeholder="Name on your ticket (if different)" />
+          </div>
+
+          <div class="signup-field">
+            <label for="s-email">Email <span class="req">*</span></label>
+            <input id="s-email" type="email" bind:value={email} required placeholder="you@example.com" />
+          </div>
+
+          <div class="signup-row">
+            <div class="signup-field">
+              <label for="s-pronouns">Pronouns</label>
+              <input id="s-pronouns" bind:value={pronouns} placeholder="e.g. she/her" />
+            </div>
+            <div class="signup-field">
+              <label for="s-phone">Phone</label>
+              <input id="s-phone" type="tel" bind:value={phone} placeholder="Optional" />
+            </div>
+          </div>
+
+          {#if config?.departments?.length > 0}
+            <div class="signup-field">
+              <label for="s-dept">Department Preference</label>
+              <select id="s-dept" bind:value={departmentId}>
+                <option value="">No preference</option>
+                {#each config.departments as dept}
+                  <option value={dept.id}>{dept.name}</option>
+                {/each}
+              </select>
+            </div>
+          {/if}
+
+          <div class="signup-field">
+            <label for="s-note">
+              {config?.volunteer_note_label ?? 'Additional note'}
+              {#if config?.volunteer_note_required}<span class="req">*</span>{/if}
+            </label>
+            <textarea id="s-note" bind:value={note} rows="3"
+              required={config?.volunteer_note_required}
+              placeholder=""></textarea>
+          </div>
+
+          <button type="submit" class="kbtn kbtn-primary" style="width:100%;margin-top:0.5rem" disabled={submitting}>
+            {submitting ? 'Submitting...' : 'Sign Up'}
+          </button>
+        </div>
+      </form>
+    {/if}
+  </div>
+</div>
+
+<style>
+  .kiosk {
+    min-height: 100vh;
+    background: var(--c-bg);
+    color: var(--c-text);
+    font-family: var(--font);
+    display: flex;
+    flex-direction: column;
+  }
+  .kiosk-header {
+    background: var(--c-surface);
+    border-bottom: 1px solid var(--c-border);
+    padding: 1rem 1.5rem;
+    display: flex;
+    align-items: center;
+  }
+  .kiosk-brand {
+    font-size: 1.1rem;
+    font-weight: 700;
+    letter-spacing: -0.02em;
+    color: var(--c-text);
+  }
+  .kiosk-brand span:first-of-type { color: var(--c-accent); }
+  .kiosk-role {
+    font-size: 0.8rem;
+    font-weight: 400;
+    color: var(--c-muted);
+    letter-spacing: 0;
+  }
+  .kiosk-body {
+    max-width: 540px;
+    margin: 0 auto;
+    padding: 1.5rem 1rem;
+    width: 100%;
+  }
+  .kiosk-center { display: flex; align-items: center; justify-content: center; }
+  .kiosk-alert {
+    background: rgba(239,68,68,0.1);
+    border: 1px solid rgba(239,68,68,0.25);
+    color: #fca5a5;
+    padding: 0.75rem 1rem;
+    border-radius: 6px;
+    margin-bottom: 1rem;
+    font-size: 0.875rem;
+  }
+  .kiosk-card {
+    background: var(--c-surface);
+    border: 1px solid var(--c-border);
+    border-radius: 10px;
+    padding: 1.25rem;
+  }
+  .signup-event-name {
+    font-size: 1.15rem;
+    font-weight: 700;
+    text-align: center;
+    margin-bottom: 1rem;
+    color: var(--c-text);
+  }
+  .signup-field {
+    margin-bottom: 1rem;
+  }
+  .signup-field label {
+    display: block;
+    font-size: 0.8rem;
+    font-weight: 600;
+    color: var(--c-muted);
+    margin-bottom: 0.3rem;
+  }
+  .signup-field input,
+  .signup-field select,
+  .signup-field textarea {
+    width: 100%;
+    padding: 0.55rem 0.75rem;
+    border: 1px solid var(--c-border);
+    border-radius: 6px;
+    background: var(--c-bg);
+    color: var(--c-text);
+    font-family: var(--font);
+    font-size: 0.875rem;
+    box-sizing: border-box;
+  }
+  .signup-field input:focus,
+  .signup-field select:focus,
+  .signup-field textarea:focus {
+    outline: none;
+    border-color: var(--c-accent);
+  }
+  .signup-row {
+    display: grid;
+    grid-template-columns: 1fr 1fr;
+    gap: 1rem;
+  }
+  .req { color: var(--c-accent); }
+  .kbtn {
+    display: inline-flex; align-items: center; justify-content: center;
+    padding: 0.55rem 1rem; border-radius: 6px;
+    border: 1px solid transparent;
+    font-size: 0.875rem; font-weight: 500; cursor: pointer;
+    font-family: var(--font);
+    transition: background 150ms;
+  }
+  .kbtn:disabled { opacity: 0.5; cursor: not-allowed; }
+  .kbtn-primary { background: var(--c-accent); color: #fff; }
+  .kbtn-primary:hover:not(:disabled) { background: var(--c-accent-h); }
+</style>
diff --git a/handle_settings.go b/handle_settings.go
index bf19d13..27420fa 100644
--- a/handle_settings.go
+++ b/handle_settings.go
@@ -19,14 +19,25 @@ func (app *App) handleGetSettings(w http.ResponseWriter, r *http.Request) {
 		pass = "***"
 	}
 
+	var noteLabel, noteRequired, signupsOpen string
+	app.db.QueryRow(`SELECT value FROM config WHERE key = 'volunteer_note_label'`).Scan(&noteLabel)
+	app.db.QueryRow(`SELECT value FROM config WHERE key = 'volunteer_note_required'`).Scan(&noteRequired)
+	app.db.QueryRow(`SELECT value FROM config WHERE key = 'shift_signups_open'`).Scan(&signupsOpen)
+	if noteLabel == "" {
+		noteLabel = "Additional note"
+	}
+
 	writeJSON(w, map[string]any{
-		"smtp_host":      cfg.Host,
-		"smtp_port":      cfg.Port,
-		"smtp_user":      cfg.User,
-		"smtp_password":  pass,
-		"smtp_from":      cfg.From,
-		"smtp_from_name": cfg.FromName,
-		"base_url":       baseURL,
+		"smtp_host":              cfg.Host,
+		"smtp_port":              cfg.Port,
+		"smtp_user":              cfg.User,
+		"smtp_password":          pass,
+		"smtp_from":              cfg.From,
+		"smtp_from_name":         cfg.FromName,
+		"base_url":               baseURL,
+		"volunteer_note_label":   noteLabel,
+		"volunteer_note_required": noteRequired == "true",
+		"shift_signups_open":     signupsOpen == "true",
 	})
 }
 
@@ -37,7 +48,8 @@ func (app *App) handleUpdateSettings(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	keys := []string{"smtp_host", "smtp_port", "smtp_user", "smtp_password", "smtp_from", "smtp_from_name", "base_url"}
+	keys := []string{"smtp_host", "smtp_port", "smtp_user", "smtp_password", "smtp_from", "smtp_from_name", "base_url",
+		"volunteer_note_label", "volunteer_note_required"}
 	for _, k := range keys {
 		v, ok := body[k]
 		if !ok {
@@ -47,11 +59,17 @@ func (app *App) handleUpdateSettings(w http.ResponseWriter, r *http.Request) {
 		switch vv := v.(type) {
 		case string:
 			if k == "smtp_password" && vv == "" {
-				continue // don't erase the stored password with an empty value
+				continue
 			}
 			val = vv
 		case float64:
 			val = strconv.Itoa(int(vv))
+		case bool:
+			if vv {
+				val = "true"
+			} else {
+				val = "false"
+			}
 		default:
 			continue
 		}
diff --git a/handle_signup.go b/handle_signup.go
new file mode 100644
index 0000000..62ab6c2
--- /dev/null
+++ b/handle_signup.go
@@ -0,0 +1,247 @@
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"log"
+	"net/http"
+	"strings"
+)
+
+func (app *App) handlePublicSignupConfig(w http.ResponseWriter, r *http.Request) {
+	var noteLabel, noteRequired string
+	app.db.QueryRow(`SELECT value FROM config WHERE key = 'volunteer_note_label'`).Scan(&noteLabel)
+	app.db.QueryRow(`SELECT value FROM config WHERE key = 'volunteer_note_required'`).Scan(&noteRequired)
+	if noteLabel == "" {
+		noteLabel = "Additional note"
+	}
+
+	depts, _ := app.listDepartments("")
+	deptList := []map[string]any{}
+	for _, d := range depts {
+		deptList = append(deptList, map[string]any{"id": d.ID, "name": d.Name, "color": d.Color})
+	}
+
+	eventName := app.eventName()
+
+	writeJSON(w, map[string]any{
+		"event_name":             eventName,
+		"departments":            deptList,
+		"volunteer_note_label":   noteLabel,
+		"volunteer_note_required": noteRequired == "true",
+	})
+}
+
+func (app *App) handlePublicSignup(w http.ResponseWriter, r *http.Request) {
+	var body struct {
+		PreferredName string `json:"preferred_name"`
+		TicketName    string `json:"ticket_name"`
+		Email         string `json:"email"`
+		Pronouns      string `json:"pronouns"`
+		Phone         string `json:"phone"`
+		DepartmentID  *int   `json:"department_id"`
+		Note          string `json:"note"`
+	}
+	if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
+		writeError(w, "invalid request", http.StatusBadRequest)
+		return
+	}
+
+	body.PreferredName = strings.TrimSpace(body.PreferredName)
+	body.Email = strings.TrimSpace(body.Email)
+	if body.PreferredName == "" || body.Email == "" {
+		writeError(w, "preferred name and email are required", http.StatusBadRequest)
+		return
+	}
+
+	var noteRequired string
+	app.db.QueryRow(`SELECT value FROM config WHERE key = 'volunteer_note_required'`).Scan(&noteRequired)
+	if noteRequired == "true" && strings.TrimSpace(body.Note) == "" {
+		writeError(w, "note field is required", http.StatusBadRequest)
+		return
+	}
+
+	// Don't reveal whether email is already registered
+	existing, _ := app.getVolunteerByEmail(body.Email)
+	if existing != nil {
+		writeJSON(w, map[string]any{"ok": true})
+		return
+	}
+
+	// Auto-match attendee by email or create new
+	var attendeeID *int
+	attendees, _ := app.listAttendees("", "", "")
+	for _, a := range attendees {
+		if strings.EqualFold(a.Email, body.Email) {
+			id := a.ID
+			attendeeID = &id
+			break
+		}
+	}
+
+	if attendeeID == nil {
+		name := body.PreferredName
+		if body.TicketName != "" {
+			name = body.TicketName
+		}
+		newAttendee, err := app.createAttendee(Attendee{
+			Name:  name,
+			Email: body.Email,
+			Phone: body.Phone,
+		})
+		if err != nil {
+			writeError(w, "internal error", http.StatusInternalServerError)
+			return
+		}
+		attendeeID = &newAttendee.ID
+	}
+
+	confirmToken, err := generateConfirmationToken()
+	if err != nil {
+		writeError(w, "internal error", http.StatusInternalServerError)
+		return
+	}
+
+	vol := Volunteer{
+		AttendeeID:        attendeeID,
+		Name:              body.PreferredName,
+		PreferredName:     body.PreferredName,
+		TicketName:        body.TicketName,
+		Email:             body.Email,
+		Phone:             body.Phone,
+		Pronouns:          body.Pronouns,
+		DepartmentID:      body.DepartmentID,
+		Note:              body.Note,
+		ConfirmationToken: &confirmToken,
+	}
+
+	if _, err := app.createVolunteer(vol); err != nil {
+		writeError(w, "internal error", http.StatusInternalServerError)
+		return
+	}
+
+	go func() {
+		if err := app.sendConfirmationEmail(body.Email, body.PreferredName, confirmToken); err != nil {
+			log.Printf("confirmation email to %s failed: %v", body.Email, err)
+		}
+	}()
+
+	writeJSON(w, map[string]any{"ok": true})
+}
+
+func (app *App) handleConfirmEmail(w http.ResponseWriter, r *http.Request) {
+	var body struct {
+		Token string `json:"token"`
+	}
+	if err := json.NewDecoder(r.Body).Decode(&body); err != nil || body.Token == "" {
+		writeError(w, "invalid request", http.StatusBadRequest)
+		return
+	}
+
+	vol, err := app.getVolunteerByConfirmationToken(body.Token)
+	if err != nil || vol == nil {
+		writeJSON(w, map[string]any{"status": "invalid"})
+		return
+	}
+
+	if vol.EmailConfirmed {
+		writeJSON(w, map[string]any{"status": "already_confirmed"})
+		return
+	}
+
+	if err := app.confirmVolunteerEmail(vol.ID); err != nil {
+		writeError(w, "internal error", http.StatusInternalServerError)
+		return
+	}
+
+	response := map[string]any{"status": "confirmed"}
+
+	var signupsOpen string
+	app.db.QueryRow(`SELECT value FROM config WHERE key = 'shift_signups_open'`).Scan(&signupsOpen)
+
+	if signupsOpen == "true" && vol.AttendeeID != nil {
+		a, _ := app.getAttendee(*vol.AttendeeID)
+		if a != nil && a.VolunteerToken == nil {
+			t, err := app.generateUniqueToken()
+			if err == nil {
+				app.db.Exec(`UPDATE attendees SET volunteer_token=?, updated_at=? WHERE id=?`, t, now(), a.ID)
+				a.VolunteerToken = &t
+			}
+		}
+		if a != nil && a.VolunteerToken != nil {
+			kioskLink := fmt.Sprintf("%s/#/v/%s", app.resolveBaseURL(), *a.VolunteerToken)
+			response["kiosk_link"] = kioskLink
+			go func() {
+				if err := app.sendShiftSignupEmail(vol.Email, vol.PreferredName, kioskLink); err != nil {
+					log.Printf("shift signup email to %s failed: %v", vol.Email, err)
+				}
+			}()
+		}
+	}
+
+	writeJSON(w, response)
+}
+
+func (app *App) handleToggleShiftSignups(w http.ResponseWriter, r *http.Request) {
+	var body struct {
+		Open bool `json:"open"`
+	}
+	if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
+		writeError(w, "invalid request", http.StatusBadRequest)
+		return
+	}
+	val := "false"
+	if body.Open {
+		val = "true"
+	}
+	app.db.Exec(`INSERT OR REPLACE INTO config (key, value) VALUES ('shift_signups_open', ?)`, val)
+
+	if body.Open {
+		go app.openShiftSignups()
+	}
+	writeJSON(w, map[string]any{"shift_signups_open": body.Open})
+}
+
+func (app *App) openShiftSignups() {
+	// Generate kiosk tokens for confirmed volunteers whose attendees lack one
+	vols, _ := app.listConfirmedVolunteersWithoutKioskToken()
+	for _, v := range vols {
+		if v.AttendeeID == nil {
+			continue
+		}
+		t, err := app.generateUniqueToken()
+		if err != nil {
+			continue
+		}
+		app.db.Exec(`UPDATE attendees SET volunteer_token=?, updated_at=? WHERE id=?`, t, now(), *v.AttendeeID)
+	}
+
+	// Email all confirmed volunteers with kiosk links
+	confirmed, _ := queryVolunteers(app.db, `
+		SELECT `+volunteerCols+`
+		FROM volunteers
+		WHERE email_confirmed = 1 AND deleted_at IS NULL AND attendee_id IS NOT NULL`)
+	baseURL := app.resolveBaseURL()
+	sent := 0
+
+	for _, v := range confirmed {
+		if v.AttendeeID == nil || v.Email == "" {
+			continue
+		}
+		a, _ := app.getAttendee(*v.AttendeeID)
+		if a == nil || a.VolunteerToken == nil {
+			continue
+		}
+		kioskLink := fmt.Sprintf("%s/#/v/%s", baseURL, *a.VolunteerToken)
+		name := v.PreferredName
+		if name == "" {
+			name = v.Name
+		}
+		if err := app.sendShiftSignupEmail(v.Email, name, kioskLink); err == nil {
+			sent++
+		} else {
+			log.Printf("shift signup email to %s failed: %v", v.Email, err)
+		}
+	}
+	log.Printf("Shift signups opened: sent %d emails", sent)
+}
diff --git a/handle_signup_test.go b/handle_signup_test.go
new file mode 100644
index 0000000..a59da69
--- /dev/null
+++ b/handle_signup_test.go
@@ -0,0 +1,333 @@
+package main
+
+import (
+	"net/http/httptest"
+	"testing"
+)
+
+func TestPublicSignupConfig(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+
+	app.createDepartment(Department{Name: "Setup", Color: "#ff0000"})
+	app.createDepartment(Department{Name: "Teardown", Color: "#00ff00"})
+	app.db.Exec(`INSERT OR REPLACE INTO config (key, value) VALUES ('volunteer_note_label', 'Who sent you?')`)
+	app.db.Exec(`INSERT OR REPLACE INTO config (key, value) VALUES ('volunteer_note_required', 'true')`)
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testRequest("GET", "/api/public/signup-config", nil))
+	if w.Code != 200 {
+		t.Fatalf("expected 200, got %d", w.Code)
+	}
+	result := parseJSON(t, w)
+	depts, ok := result["departments"].([]any)
+	if !ok || len(depts) != 2 {
+		t.Fatalf("expected 2 departments, got %v", result["departments"])
+	}
+	if result["volunteer_note_label"] != "Who sent you?" {
+		t.Errorf("expected 'Who sent you?', got %v", result["volunteer_note_label"])
+	}
+	if result["volunteer_note_required"] != true {
+		t.Errorf("expected note required true, got %v", result["volunteer_note_required"])
+	}
+}
+
+func TestPublicSignup(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+	app.createDepartment(Department{Name: "Setup", Color: "#ff0000"})
+
+	w := httptest.NewRecorder()
+	deptID := 1
+	mux.ServeHTTP(w, testRequest("POST", "/api/public/signup", map[string]any{
+		"preferred_name": "Titania",
+		"email":          "titania@example.com",
+		"pronouns":       "she/they",
+		"department_id":  deptID,
+	}))
+	if w.Code != 200 {
+		t.Fatalf("expected 200, got %d: %s", w.Code, w.Body.String())
+	}
+	result := parseJSON(t, w)
+	if result["ok"] != true {
+		t.Fatalf("expected ok true, got %v", result)
+	}
+
+	// Volunteer should exist
+	vol, err := app.getVolunteerByEmail("titania@example.com")
+	if err != nil || vol == nil {
+		t.Fatal("volunteer not created")
+	}
+	if vol.PreferredName != "Titania" {
+		t.Errorf("preferred_name = %q, want Titania", vol.PreferredName)
+	}
+	if vol.Pronouns != "she/they" {
+		t.Errorf("pronouns = %q, want she/they", vol.Pronouns)
+	}
+	if vol.ConfirmationToken == nil || *vol.ConfirmationToken == "" {
+		t.Error("expected confirmation token to be set")
+	}
+	if vol.EmailConfirmed {
+		t.Error("should not be confirmed yet")
+	}
+
+	// Attendee should be auto-created and linked
+	if vol.AttendeeID == nil {
+		t.Fatal("expected attendee to be linked")
+	}
+	a, _ := app.getAttendee(*vol.AttendeeID)
+	if a == nil {
+		t.Fatal("linked attendee not found")
+	}
+	if a.Email != "titania@example.com" {
+		t.Errorf("attendee email = %q, want titania@example.com", a.Email)
+	}
+}
+
+func TestPublicSignupAutoMatchAttendee(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+
+	// Pre-existing attendee
+	existing, _ := app.createAttendee(Attendee{Name: "Titania Fairweather", Email: "titania@example.com"})
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testRequest("POST", "/api/public/signup", map[string]any{
+		"preferred_name": "Titania",
+		"ticket_name":    "Titania Fairweather",
+		"email":          "titania@example.com",
+	}))
+	if w.Code != 200 {
+		t.Fatalf("expected 200, got %d", w.Code)
+	}
+
+	vol, _ := app.getVolunteerByEmail("titania@example.com")
+	if vol == nil {
+		t.Fatal("volunteer not created")
+	}
+	if vol.AttendeeID == nil || *vol.AttendeeID != existing.ID {
+		t.Errorf("expected volunteer linked to existing attendee %d, got %v", existing.ID, vol.AttendeeID)
+	}
+}
+
+func TestPublicSignupDuplicateEmail(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+
+	// First signup
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testRequest("POST", "/api/public/signup", map[string]any{
+		"preferred_name": "Titania",
+		"email":          "titania@example.com",
+	}))
+	if w.Code != 200 {
+		t.Fatalf("first signup: expected 200, got %d", w.Code)
+	}
+
+	// Second signup with same email — should silently succeed
+	w = httptest.NewRecorder()
+	mux.ServeHTTP(w, testRequest("POST", "/api/public/signup", map[string]any{
+		"preferred_name": "Puck",
+		"email":          "titania@example.com",
+	}))
+	if w.Code != 200 {
+		t.Fatalf("duplicate signup: expected 200, got %d", w.Code)
+	}
+	result := parseJSON(t, w)
+	if result["ok"] != true {
+		t.Fatalf("expected ok true for duplicate, got %v", result)
+	}
+
+	// Should still be only one volunteer
+	vols, _ := app.listVolunteers("", nil, "")
+	if len(vols) != 1 {
+		t.Errorf("expected 1 volunteer, got %d", len(vols))
+	}
+}
+
+func TestPublicSignupMissingFields(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+
+	tests := []struct {
+		name string
+		body map[string]any
+	}{
+		{"no name", map[string]any{"email": "a@b.com"}},
+		{"no email", map[string]any{"preferred_name": "Titania"}},
+		{"empty both", map[string]any{}},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			w := httptest.NewRecorder()
+			mux.ServeHTTP(w, testRequest("POST", "/api/public/signup", tt.body))
+			if w.Code != 400 {
+				t.Errorf("expected 400, got %d", w.Code)
+			}
+		})
+	}
+}
+
+func TestPublicSignupNoteRequired(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+	app.db.Exec(`INSERT OR REPLACE INTO config (key, value) VALUES ('volunteer_note_required', 'true')`)
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testRequest("POST", "/api/public/signup", map[string]any{
+		"preferred_name": "Titania",
+		"email":          "titania@example.com",
+		"note":           "",
+	}))
+	if w.Code != 400 {
+		t.Fatalf("expected 400 when note required but empty, got %d", w.Code)
+	}
+
+	// With note provided
+	w = httptest.NewRecorder()
+	mux.ServeHTTP(w, testRequest("POST", "/api/public/signup", map[string]any{
+		"preferred_name": "Titania",
+		"email":          "titania@example.com",
+		"note":           "A friend sent me",
+	}))
+	if w.Code != 200 {
+		t.Fatalf("expected 200 with note, got %d: %s", w.Code, w.Body.String())
+	}
+}
+
+func TestConfirmEmail(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+
+	token := "abc123def456"
+	app.createVolunteer(Volunteer{
+		Name:              "Titania",
+		PreferredName:     "Titania",
+		Email:             "titania@example.com",
+		ConfirmationToken: &token,
+	})
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testRequest("POST", "/api/public/confirm", map[string]any{"token": token}))
+	if w.Code != 200 {
+		t.Fatalf("expected 200, got %d", w.Code)
+	}
+	result := parseJSON(t, w)
+	if result["status"] != "confirmed" {
+		t.Errorf("expected confirmed, got %v", result["status"])
+	}
+
+	// Verify volunteer is confirmed
+	vol, _ := app.getVolunteerByEmail("titania@example.com")
+	if vol == nil || !vol.EmailConfirmed {
+		t.Error("volunteer should be email confirmed")
+	}
+	if vol.ConfirmationToken != nil {
+		t.Error("confirmation token should be cleared after confirmation")
+	}
+}
+
+func TestConfirmEmailInvalid(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testRequest("POST", "/api/public/confirm", map[string]any{"token": "nonexistent"}))
+	if w.Code != 200 {
+		t.Fatalf("expected 200, got %d", w.Code)
+	}
+	result := parseJSON(t, w)
+	if result["status"] != "invalid" {
+		t.Errorf("expected invalid, got %v", result["status"])
+	}
+}
+
+func TestConfirmEmailAlreadyConfirmed(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+
+	token := "abc123def456"
+	app.createVolunteer(Volunteer{
+		Name:              "Titania",
+		PreferredName:     "Titania",
+		Email:             "titania@example.com",
+		ConfirmationToken: &token,
+	})
+
+	// Confirm first time
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testRequest("POST", "/api/public/confirm", map[string]any{"token": token}))
+	if parseJSON(t, w)["status"] != "confirmed" {
+		t.Fatal("first confirm should succeed")
+	}
+
+	// Second confirm with same token should be invalid (token cleared)
+	w = httptest.NewRecorder()
+	mux.ServeHTTP(w, testRequest("POST", "/api/public/confirm", map[string]any{"token": token}))
+	result := parseJSON(t, w)
+	if result["status"] != "invalid" {
+		t.Errorf("expected invalid after token cleared, got %v", result["status"])
+	}
+}
+
+func TestConfirmEmailWithSignupsOpen(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+
+	app.db.Exec(`INSERT OR REPLACE INTO config (key, value) VALUES ('shift_signups_open', 'true')`)
+	app.baseURL = "https://example.com"
+
+	attendee, _ := app.createAttendee(Attendee{Name: "Titania", Email: "titania@example.com"})
+	token := "abc123def456"
+	app.createVolunteer(Volunteer{
+		Name:              "Titania",
+		PreferredName:     "Titania",
+		Email:             "titania@example.com",
+		AttendeeID:        &attendee.ID,
+		ConfirmationToken: &token,
+	})
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testRequest("POST", "/api/public/confirm", map[string]any{"token": token}))
+	if w.Code != 200 {
+		t.Fatalf("expected 200, got %d", w.Code)
+	}
+	result := parseJSON(t, w)
+	if result["status"] != "confirmed" {
+		t.Fatalf("expected confirmed, got %v", result["status"])
+	}
+	kioskLink, ok := result["kiosk_link"].(string)
+	if !ok || kioskLink == "" {
+		t.Error("expected kiosk_link when signups are open")
+	}
+
+	// Attendee should now have a kiosk token
+	a, _ := app.getAttendee(attendee.ID)
+	if a.VolunteerToken == nil {
+		t.Error("attendee should have kiosk token after confirm with signups open")
+	}
+}
+
+func TestToggleShiftSignups(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+	admin := testAdminUser(t, app)
+	tok := testToken(t, app, admin)
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testAuthRequest("POST", "/api/settings/shift-signups", map[string]any{"open": true}, tok))
+	if w.Code != 200 {
+		t.Fatalf("expected 200, got %d: %s", w.Code, w.Body.String())
+	}
+	result := parseJSON(t, w)
+	if result["shift_signups_open"] != true {
+		t.Errorf("expected shift_signups_open true, got %v", result)
+	}
+
+	// Check config stored
+	var val string
+	app.db.QueryRow(`SELECT value FROM config WHERE key = 'shift_signups_open'`).Scan(&val)
+	if val != "true" {
+		t.Errorf("config not stored, got %q", val)
+	}
+}
diff --git a/main.go b/main.go
index aca8086..fa05ac6 100644
--- a/main.go
+++ b/main.go
@@ -151,6 +151,13 @@ func (app *App) registerRoutes(mux *http.ServeMux) {
 		writeJSON(w, map[string]string{"build": buildID})
 	})
 
+	mux.HandleFunc("POST /api/settings/shift-signups", auth(app.handleToggleShiftSignups, "admin", "volunteer_lead"))
+
+	// Public endpoints — no JWT required.
+	mux.HandleFunc("GET /api/public/signup-config", app.handlePublicSignupConfig)
+	mux.HandleFunc("POST /api/public/signup", app.handlePublicSignup)
+	mux.HandleFunc("POST /api/public/confirm", app.handleConfirmEmail)
+
 	// Kiosk — authenticated by volunteer token, no JWT required.
 	mux.HandleFunc("GET /api/v/{token}", app.handleKioskGet)
 	mux.HandleFunc("POST /api/v/{token}/shifts/{id}", app.handleKioskClaim)

From 4bba0ed3a079bfdd73f5dddfc07b503697230136 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Tue, 3 Mar 2026 19:55:35 -0600
Subject: [PATCH 02/47] Switched to path routing. Added data management.

---
 README.md                              |  3 +-
 docs/USAGE.md                          | 30 +++++++++++
 email.go                               |  4 +-
 frontend/src/App.svelte                | 26 ++++++----
 frontend/src/api.js                    |  7 ++-
 frontend/src/components/Nav.svelte     | 48 ++++++++---------
 frontend/src/pages/ConfirmEmail.svelte |  2 +-
 frontend/src/pages/Kiosk.svelte        |  3 +-
 frontend/src/pages/Settings.svelte     | 41 ++++++++++++++-
 handle_settings.go                     | 55 ++++++++++++++++++++
 handle_settings_test.go                | 72 ++++++++++++++++++++++++++
 handle_signup.go                       |  4 +-
 handle_tokens.go                       |  2 +-
 main.go                                |  5 ++
 14 files changed, 256 insertions(+), 46 deletions(-)

diff --git a/README.md b/README.md
index b526fbe..cd596c4 100644
--- a/README.md
+++ b/README.md
@@ -8,6 +8,7 @@ Turnpike handles gate check-in, volunteer scheduling, and department coordinatio
 
 - **Attendee management** — CSV import (CrowdWork/Zeffy auto-detected), party-size tracking, search, check-in
 - **Volunteer scheduling** — departments, shifts with capacity, conflict detection, drag-and-drop reordering
+- **Public volunteer signup** — self-registration form with email confirmation, auto-attendee linking
 - **Volunteer kiosk** — token-authenticated self-service shift signup, no login required
 - **Gate check-in** — full-screen UI with QR scanner, party check-in ("2/3 checked in"), volunteer dual check-in
 - **Schedule board** — department leads and coordinators manage shift assignments with conflict awareness
@@ -90,7 +91,7 @@ The Vite dev server runs on `:5173` and proxies `/api` requests to the Go server
 
 ## Documentation
 
-- [Usage Guide](docs/USAGE.md) — event setup, attendee import, volunteer kiosk, gate check-in, schedule board
+- [Usage Guide](docs/USAGE.md) — event setup, attendee import, volunteer signup, volunteer kiosk, gate check-in, schedule board
 - [Installation Guide](docs/INSTALLATION.md) — building, deploying, systemd, Docker, NixOS, reverse proxy, backup
 
 ## License
diff --git a/docs/USAGE.md b/docs/USAGE.md
index 80b25f0..8e0d174 100644
--- a/docs/USAGE.md
+++ b/docs/USAGE.md
@@ -65,6 +65,36 @@ The import result shows `inserted` (new records), `grouped` (merged into existin
 
 Re-importing the same CSV is safe — existing records are skipped, not duplicated.
 
+## Volunteer Signup
+
+Turnpike provides a public signup form for volunteers at `/#/volunteer-signup`. No login is required.
+
+### Signup flow
+
+1. Volunteer visits the signup form and fills in: preferred name (required), ticket name, email (required), pronouns, phone, department preference, and an optional note.
+2. Turnpike creates a volunteer record and auto-links it to an existing attendee by email match, or creates a new attendee record.
+3. A confirmation email is sent with a unique link (`/#/confirm/{token}`).
+4. The volunteer clicks the link to confirm their email.
+5. If shift signups are already open, the confirmation page includes a link to the kiosk for shift selection.
+
+Duplicate signups with the same email silently succeed — no error is shown and no duplicate is created. This prevents email enumeration.
+
+### Configuring the signup form
+
+In **Settings**, the "Volunteer Signup" card controls:
+
+- **Note field label** — customize the label shown on the form (default: "Additional note")
+- **Note field required** — when checked, volunteers must fill in the note to submit
+
+### Opening shift signups
+
+In **Settings**, the "Shift Signups" card has an open/close toggle:
+
+- **Opening** signups generates kiosk tokens for all confirmed volunteers and emails them their shift signup links. A confirmation dialog warns before sending.
+- **Closing** signups prevents new kiosk links from being issued on confirmation, but existing links continue to work.
+
+If a volunteer confirms their email while signups are already open, they receive their kiosk link immediately in the confirmation response and via email.
+
 ## Managing Volunteers
 
 Under **Volunteers**, you can:
diff --git a/email.go b/email.go
index 8d1d463..0a1c65d 100644
--- a/email.go
+++ b/email.go
@@ -133,7 +133,7 @@ func (app *App) sendTokenEmail(a Attendee) error {
 
 	cfg := app.loadSMTPConfig()
 	eventName := app.eventName()
-	link := fmt.Sprintf("%s/#/v/%s", app.resolveBaseURL(), *a.VolunteerToken)
+	link := fmt.Sprintf("%s/v/%s", app.resolveBaseURL(), *a.VolunteerToken)
 	subject := fmt.Sprintf("Your volunteer link for %s", eventName)
 	body := fmt.Sprintf(
 		"Hi %s,\n\nThank you for volunteering at %s!\n\nYour volunteer token: %s\nYour signup link: %s\n\nUse this link to sign up for available shifts in your department.\n\nSee you there!\n",
@@ -146,7 +146,7 @@ func (app *App) sendTokenEmail(a Attendee) error {
 func (app *App) sendConfirmationEmail(to, name, confirmToken string) error {
 	cfg := app.loadSMTPConfig()
 	eventName := app.eventName()
-	link := fmt.Sprintf("%s/#/confirm/%s", app.resolveBaseURL(), confirmToken)
+	link := fmt.Sprintf("%s/confirm/%s", app.resolveBaseURL(), confirmToken)
 	subject := fmt.Sprintf("Please confirm your email for %s", eventName)
 	body := fmt.Sprintf(
 		"Hi %s,\n\nThank you for signing up to volunteer at %s!\n\nPlease confirm your email address by visiting:\n%s\n\nIf you did not sign up, you can safely ignore this email.\n",
diff --git a/frontend/src/App.svelte b/frontend/src/App.svelte
index 179cc2c..e9c0638 100644
--- a/frontend/src/App.svelte
+++ b/frontend/src/App.svelte
@@ -23,16 +23,22 @@
 
   let session = $state(null)
   let loading = $state(true)
-  let route = $state(window.location.hash || '#/')
+  let route = $state(window.location.pathname)
   let updateAvailable = $state(false)
   let mobileNavOpen = $state(false)
 
   // Check if this is a public page (no auth needed)
-  const kioskToken = $derived(window.location.hash.match(/^#\/v\/([A-Z0-9]+)/i)?.[1] ?? '')
-  const isVolunteerSignup = $derived(window.location.hash.startsWith('#/volunteer-signup'))
-  const isConfirmEmail = $derived(window.location.hash.startsWith('#/confirm/'))
+  const kioskToken = $derived(route.match(/^\/v\/([A-Z0-9]+)/i)?.[1] ?? '')
+  const isVolunteerSignup = $derived(route.startsWith('/volunteer-signup'))
+  const isConfirmEmail = $derived(route.startsWith('/confirm/'))
   const isPublicPage = $derived(!!kioskToken || isVolunteerSignup || isConfirmEmail)
 
+  function navigate(path) {
+    history.pushState(null, '', path)
+    route = path
+    mobileNavOpen = false
+  }
+
   async function checkVersion() {
     try {
       const res = await fetch('/api/version')
@@ -56,8 +62,8 @@
       startSSE()
       startSyncLoop()
     }
-    window.addEventListener('hashchange', () => {
-      route = window.location.hash || '#/'
+    window.addEventListener('popstate', () => {
+      route = window.location.pathname
       mobileNavOpen = false
     })
 
@@ -67,17 +73,17 @@
 
   function onLogin(s) {
     session = s
-    window.location.hash = '#/'
+    navigate('/')
     syncPull().then(() => { startSSE(); startSyncLoop() })
   }
 
   async function onLogout() {
     await clearSession()
     session = null
-    window.location.hash = '#/login'
+    navigate('/login')
   }
 
-  const path = $derived(route.replace(/^#/, '') || '/')
+  const path = $derived(route || '/')
   const role = $derived(session?.user?.role ?? '')
 </script>
 
@@ -107,7 +113,7 @@
     {#if mobileNavOpen}
       <div class="nav-overlay" onclick={() => mobileNavOpen = false} onkeydown={() => {}}></div>
     {/if}
-    <Nav {session} {onLogout} active={path} open={mobileNavOpen} />
+    <Nav {session} {onLogout} {navigate} active={path} open={mobileNavOpen} />
     <div class="main">
       <header class="mobile-header">
         <button class="hamburger" onclick={() => mobileNavOpen = !mobileNavOpen} aria-label="Menu">
diff --git a/frontend/src/api.js b/frontend/src/api.js
index d7ea497..e288308 100644
--- a/frontend/src/api.js
+++ b/frontend/src/api.js
@@ -18,7 +18,7 @@ export async function apiFetch(path, options = {}) {
   const res = await fetch(path, { ...options, headers })
   if (res.status === 401) {
     await db.session.clear()
-    window.location.hash = '#/login'
+    window.location.pathname = '/login'
     throw new Error('unauthorized')
   }
   return res
@@ -110,6 +110,11 @@ export const api = {
     update: (data) => apiJSON('/api/settings', { method: 'PUT', body: JSON.stringify(data) }),
     testEmail: (to) => apiJSON('/api/settings/test-email', { method: 'POST', body: JSON.stringify({ to }) }),
     toggleShiftSignups: (open) => apiJSON('/api/settings/shift-signups', { method: 'POST', body: JSON.stringify({ open }) }),
+    resetAttendees: () => apiJSON('/api/settings/reset-attendees', { method: 'POST' }),
+    resetVolunteers: () => apiJSON('/api/settings/reset-volunteers', { method: 'POST' }),
+    resetShifts: () => apiJSON('/api/settings/reset-shifts', { method: 'POST' }),
+    resetDepartments: () => apiJSON('/api/settings/reset-departments', { method: 'POST' }),
+    resetVolunteerShifts: () => apiJSON('/api/settings/reset-volunteer-shifts', { method: 'POST' }),
   },
   signup: {
     config: () => kioskFetch('/api/public/signup-config'),
diff --git a/frontend/src/components/Nav.svelte b/frontend/src/components/Nav.svelte
index 46384d2..a0257c8 100644
--- a/frontend/src/components/Nav.svelte
+++ b/frontend/src/components/Nav.svelte
@@ -1,7 +1,7 @@
 <script>
   import { LayoutDashboard, ClipboardCheck, Heart, Hexagon, Clock, CalendarDays, Upload, Users, Settings, LogOut } from 'lucide-svelte'
 
-  let { session, active, onLogout, open = false } = $props()
+  let { session, active, onLogout, navigate, open = false } = $props()
 
   const role = $derived(session?.user?.role ?? '')
 
@@ -9,45 +9,45 @@
 
   const links = $derived.by(() => {
     if (role === 'ticketing') return [
-      { href: '#/attendees', label: 'Attendees', icon: ClipboardCheck },
-      { href: '#/import', label: 'Import', icon: Upload },
+      { href: '/attendees', label: 'Attendees', icon: ClipboardCheck },
+      { href: '/import', label: 'Import', icon: Upload },
     ]
     if (role === 'volunteer_lead') return [
-      { href: '#/', label: 'Schedule', icon: CalendarDays },
-      { href: '#/volunteers', label: 'Volunteers', icon: Heart },
-      { href: '#/departments', label: 'Departments', icon: Hexagon },
+      { href: '/', label: 'Schedule', icon: CalendarDays },
+      { href: '/volunteers', label: 'Volunteers', icon: Heart },
+      { href: '/departments', label: 'Departments', icon: Hexagon },
     ]
     if (role === 'coordinator') return [
-      { href: '#/', label: 'Dashboard', icon: LayoutDashboard },
-      { href: '#/schedule', label: 'Schedule', icon: CalendarDays },
-      { href: '#/volunteers', label: 'Volunteers', icon: Heart },
-      { href: '#/departments', label: 'Departments', icon: Hexagon },
-      { href: '#/shifts', label: 'Shifts', icon: Clock },
+      { href: '/', label: 'Dashboard', icon: LayoutDashboard },
+      { href: '/schedule', label: 'Schedule', icon: CalendarDays },
+      { href: '/volunteers', label: 'Volunteers', icon: Heart },
+      { href: '/departments', label: 'Departments', icon: Hexagon },
+      { href: '/shifts', label: 'Shifts', icon: Clock },
     ]
     return [
-      { href: '#/', label: 'Dashboard', icon: LayoutDashboard },
-      { href: '#/attendees', label: 'Attendees', icon: ClipboardCheck },
-      { href: '#/volunteers', label: 'Volunteers', icon: Heart },
-      { href: '#/departments', label: 'Departments', icon: Hexagon },
-      { href: '#/shifts', label: 'Shifts', icon: Clock },
-      { href: '#/schedule', label: 'Schedule', icon: CalendarDays },
-      { href: '#/import', label: 'Import', icon: Upload },
-      { href: '#/users', label: 'Users', icon: Users },
-      { href: '#/settings', label: 'Settings', icon: Settings },
+      { href: '/', label: 'Dashboard', icon: LayoutDashboard },
+      { href: '/attendees', label: 'Attendees', icon: ClipboardCheck },
+      { href: '/volunteers', label: 'Volunteers', icon: Heart },
+      { href: '/departments', label: 'Departments', icon: Hexagon },
+      { href: '/shifts', label: 'Shifts', icon: Clock },
+      { href: '/schedule', label: 'Schedule', icon: CalendarDays },
+      { href: '/import', label: 'Import', icon: Upload },
+      { href: '/users', label: 'Users', icon: Users },
+      { href: '/settings', label: 'Settings', icon: Settings },
     ]
   })
 
   function isActive(href) {
-    const p = href.replace(/^#/, '')
-    if (p === '/') return active === '/' || active === ''
-    return active.startsWith(p)
+    if (href === '/') return active === '/' || active === ''
+    return active.startsWith(href)
   }
 </script>
 
 <nav class="sidebar" class:open>
   <div class="sidebar-brand">Turn<span>pike</span></div>
   {#each links as link}
-    <a href={link.href} class="nav-link" class:active={isActive(link.href)}>
+    <a href={link.href} class="nav-link" class:active={isActive(link.href)}
+      onclick={(e) => { e.preventDefault(); navigate(link.href) }}>
       <link.icon {...iconProps} />
       {link.label}
     </a>
diff --git a/frontend/src/pages/ConfirmEmail.svelte b/frontend/src/pages/ConfirmEmail.svelte
index 39babea..256dce5 100644
--- a/frontend/src/pages/ConfirmEmail.svelte
+++ b/frontend/src/pages/ConfirmEmail.svelte
@@ -7,7 +7,7 @@
   let error = $state('')
 
   onMount(async () => {
-    const match = window.location.hash.match(/^#\/confirm\/(.+)/)
+    const match = window.location.pathname.match(/^\/confirm\/(.+)/)
     const token = match?.[1] ?? ''
     if (!token) {
       status = 'invalid'
diff --git a/frontend/src/pages/Kiosk.svelte b/frontend/src/pages/Kiosk.svelte
index 3f6aa27..983e039 100644
--- a/frontend/src/pages/Kiosk.svelte
+++ b/frontend/src/pages/Kiosk.svelte
@@ -2,8 +2,7 @@
   import { onMount } from 'svelte'
   import { api } from '../api.js'
 
-  // Token comes from the URL hash: /#/v/TOKEN
-  const token = $derived(window.location.hash.match(/^#\/v\/([A-Z0-9]+)/i)?.[1] ?? '')
+  const token = $derived(window.location.pathname.match(/^\/v\/([A-Z0-9]+)/i)?.[1] ?? '')
 
   let state = $state(null)      // { volunteer, shifts, available }
   let loading = $state(true)
diff --git a/frontend/src/pages/Settings.svelte b/frontend/src/pages/Settings.svelte
index 28193e4..72d6b5b 100644
--- a/frontend/src/pages/Settings.svelte
+++ b/frontend/src/pages/Settings.svelte
@@ -84,6 +84,18 @@
     }
   }
 
+  async function resetModel(label, fn) {
+    if (!confirm(`PERMANENTLY DELETE all ${label}? This cannot be undone.`)) return
+    error = ''
+    success = ''
+    try {
+      const result = await fn()
+      success = `Deleted ${result.deleted} ${label}.`
+    } catch (err) {
+      error = err.message
+    }
+  }
+
   async function sendTest() {
     if (!testEmail) return
     testing = true
@@ -186,12 +198,12 @@
         Note field is required
       </label>
       <p class="text-muted" style="font-size:0.78rem;margin-top:0.75rem">
-        Signup form: <a href="/#/volunteer-signup" target="_blank" style="color:var(--c-accent)">/#/volunteer-signup</a>
+        Signup form: <a href="/volunteer-signup" target="_blank" style="color:var(--c-accent)">/volunteer-signup</a>
       </p>
     </div>
 
     <!-- Shift Signups -->
-    <div class="card">
+    <div class="card" style="margin-bottom:1.5rem">
       <h2 style="font-size:0.95rem;font-weight:700;margin-bottom:1rem">Shift Signups</h2>
       <div style="display:flex;align-items:center;gap:1rem">
         <span style="font-size:0.875rem">
@@ -212,5 +224,30 @@
         </p>
       {/if}
     </div>
+
+    <!-- Data Management -->
+    <div class="card">
+      <h2 style="font-size:0.95rem;font-weight:700;margin-bottom:0.5rem">Data Management</h2>
+      <p class="text-muted" style="font-size:0.78rem;margin-bottom:1rem">
+        Permanently delete all records of a given type. This cannot be undone.
+      </p>
+      <div style="display:flex;flex-wrap:wrap;gap:0.5rem">
+        <button class="btn btn-danger" onclick={() => resetModel('attendees', api.settings.resetAttendees)}>
+          Delete All Attendees
+        </button>
+        <button class="btn btn-danger" onclick={() => resetModel('volunteers', api.settings.resetVolunteers)}>
+          Delete All Volunteers
+        </button>
+        <button class="btn btn-danger" onclick={() => resetModel('shifts', api.settings.resetShifts)}>
+          Delete All Shifts
+        </button>
+        <button class="btn btn-danger" onclick={() => resetModel('departments', api.settings.resetDepartments)}>
+          Delete All Departments
+        </button>
+        <button class="btn btn-danger" onclick={() => resetModel('volunteer shift assignments', api.settings.resetVolunteerShifts)}>
+          Delete All Shift Assignments
+        </button>
+      </div>
+    </div>
   {/if}
 </div>
diff --git a/handle_settings.go b/handle_settings.go
index 27420fa..2c39223 100644
--- a/handle_settings.go
+++ b/handle_settings.go
@@ -79,6 +79,61 @@ func (app *App) handleUpdateSettings(w http.ResponseWriter, r *http.Request) {
 	app.handleGetSettings(w, r)
 }
 
+func (app *App) handleResetAttendees(w http.ResponseWriter, r *http.Request) {
+	result, err := app.db.Exec(`DELETE FROM attendees`)
+	if err != nil {
+		writeError(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	n, _ := result.RowsAffected()
+
+	writeJSON(w, map[string]any{"deleted": n})
+}
+
+func (app *App) handleResetVolunteers(w http.ResponseWriter, r *http.Request) {
+	result, err := app.db.Exec(`DELETE FROM volunteers`)
+	if err != nil {
+		writeError(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	n, _ := result.RowsAffected()
+
+	writeJSON(w, map[string]any{"deleted": n})
+}
+
+func (app *App) handleResetShifts(w http.ResponseWriter, r *http.Request) {
+	result, err := app.db.Exec(`DELETE FROM shifts`)
+	if err != nil {
+		writeError(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	n, _ := result.RowsAffected()
+
+	writeJSON(w, map[string]any{"deleted": n})
+}
+
+func (app *App) handleResetDepartments(w http.ResponseWriter, r *http.Request) {
+	result, err := app.db.Exec(`DELETE FROM departments`)
+	if err != nil {
+		writeError(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	n, _ := result.RowsAffected()
+
+	writeJSON(w, map[string]any{"deleted": n})
+}
+
+func (app *App) handleResetVolunteerShifts(w http.ResponseWriter, r *http.Request) {
+	result, err := app.db.Exec(`DELETE FROM volunteer_shifts`)
+	if err != nil {
+		writeError(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	n, _ := result.RowsAffected()
+
+	writeJSON(w, map[string]any{"deleted": n})
+}
+
 func (app *App) handleTestEmail(w http.ResponseWriter, r *http.Request) {
 	var body struct {
 		To string `json:"to"`
diff --git a/handle_settings_test.go b/handle_settings_test.go
index 28db093..736696c 100644
--- a/handle_settings_test.go
+++ b/handle_settings_test.go
@@ -55,6 +55,78 @@ func TestUpdateSettings(t *testing.T) {
 	}
 }
 
+func TestResetAttendees(t *testing.T) {
+	app := testApp(t)
+	admin := testAdminUser(t, app)
+	token := testToken(t, app, admin)
+	mux := testMux(app)
+
+	app.createAttendee(Attendee{Name: "Titania", Email: "titania@example.com"})
+	app.createAttendee(Attendee{Name: "Oberon", Email: "oberon@example.com"})
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testAuthRequest("POST", "/api/settings/reset-attendees", nil, token))
+
+	if w.Code != 200 {
+		t.Fatalf("status = %d: %s", w.Code, w.Body.String())
+	}
+	result := parseJSON(t, w)
+	if result["deleted"] != float64(2) {
+		t.Fatalf("deleted = %v, want 2", result["deleted"])
+	}
+
+	attendees, _ := app.listAttendees("", "", "")
+	if len(attendees) != 0 {
+		t.Fatalf("attendees remaining = %d, want 0", len(attendees))
+	}
+}
+
+func TestResetAttendeesRequiresAdmin(t *testing.T) {
+	app := testApp(t)
+	gate := testUserWithRole(t, app, "gate1", "gate", []int{})
+	token := testToken(t, app, gate)
+	mux := testMux(app)
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testAuthRequest("POST", "/api/settings/reset-attendees", nil, token))
+
+	if w.Code != 403 {
+		t.Fatalf("status = %d, want 403", w.Code)
+	}
+}
+
+func TestResetDepartmentsCascadesShifts(t *testing.T) {
+	app := testApp(t)
+	admin := testAdminUser(t, app)
+	token := testToken(t, app, admin)
+	mux := testMux(app)
+
+	dept, _ := app.createDepartment(Department{Name: "Rangers"})
+	app.createShift(Shift{DepartmentID: dept.ID, Day: "2026-03-01", StartTime: "09:00", EndTime: "12:00", Capacity: 5})
+
+	shifts, _ := app.listShifts(nil, "", "")
+	if len(shifts) != 1 {
+		t.Fatalf("shifts before reset = %d, want 1", len(shifts))
+	}
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testAuthRequest("POST", "/api/settings/reset-departments", nil, token))
+
+	if w.Code != 200 {
+		t.Fatalf("status = %d: %s", w.Code, w.Body.String())
+	}
+
+	depts, _ := app.listDepartments("")
+	if len(depts) != 0 {
+		t.Fatalf("departments remaining = %d, want 0", len(depts))
+	}
+
+	shifts, _ = app.listShifts(nil, "", "")
+	if len(shifts) != 0 {
+		t.Fatalf("shifts should cascade-delete, remaining = %d", len(shifts))
+	}
+}
+
 func TestSettingsNonAdminRejected(t *testing.T) {
 	app := testApp(t)
 	gate := testUserWithRole(t, app, "gateuser", "gate", []int{})
diff --git a/handle_signup.go b/handle_signup.go
index 62ab6c2..2f8eb46 100644
--- a/handle_signup.go
+++ b/handle_signup.go
@@ -169,7 +169,7 @@ func (app *App) handleConfirmEmail(w http.ResponseWriter, r *http.Request) {
 			}
 		}
 		if a != nil && a.VolunteerToken != nil {
-			kioskLink := fmt.Sprintf("%s/#/v/%s", app.resolveBaseURL(), *a.VolunteerToken)
+			kioskLink := fmt.Sprintf("%s/v/%s", app.resolveBaseURL(), *a.VolunteerToken)
 			response["kiosk_link"] = kioskLink
 			go func() {
 				if err := app.sendShiftSignupEmail(vol.Email, vol.PreferredName, kioskLink); err != nil {
@@ -232,7 +232,7 @@ func (app *App) openShiftSignups() {
 		if a == nil || a.VolunteerToken == nil {
 			continue
 		}
-		kioskLink := fmt.Sprintf("%s/#/v/%s", baseURL, *a.VolunteerToken)
+		kioskLink := fmt.Sprintf("%s/v/%s", baseURL, *a.VolunteerToken)
 		name := v.PreferredName
 		if name == "" {
 			name = v.Name
diff --git a/handle_tokens.go b/handle_tokens.go
index f2c0bf9..480d03d 100644
--- a/handle_tokens.go
+++ b/handle_tokens.go
@@ -45,7 +45,7 @@ func (app *App) handleExportTokenLinks(w http.ResponseWriter, r *http.Request) {
 		if parts := strings.Fields(a.Name); len(parts) > 0 {
 			firstName = parts[0]
 		}
-		link := fmt.Sprintf("%s/#/v/%s", baseURL, *a.VolunteerToken)
+		link := fmt.Sprintf("%s/v/%s", baseURL, *a.VolunteerToken)
 		wr.Write([]string{a.Email, firstName, *a.VolunteerToken, link})
 	}
 	wr.Flush()
diff --git a/main.go b/main.go
index fa05ac6..77e09c4 100644
--- a/main.go
+++ b/main.go
@@ -141,6 +141,11 @@ func (app *App) registerRoutes(mux *http.ServeMux) {
 	mux.HandleFunc("GET /api/settings", auth(app.handleGetSettings, "admin"))
 	mux.HandleFunc("PUT /api/settings", auth(app.handleUpdateSettings, "admin"))
 	mux.HandleFunc("POST /api/settings/test-email", auth(app.handleTestEmail, "admin"))
+	mux.HandleFunc("POST /api/settings/reset-attendees", auth(app.handleResetAttendees, "admin"))
+	mux.HandleFunc("POST /api/settings/reset-volunteers", auth(app.handleResetVolunteers, "admin"))
+	mux.HandleFunc("POST /api/settings/reset-shifts", auth(app.handleResetShifts, "admin"))
+	mux.HandleFunc("POST /api/settings/reset-departments", auth(app.handleResetDepartments, "admin"))
+	mux.HandleFunc("POST /api/settings/reset-volunteer-shifts", auth(app.handleResetVolunteerShifts, "admin"))
 
 	mux.HandleFunc("POST /api/import", auth(app.handleImport, "admin", "ticketing"))
 

From f30b84aa3af56de8c09ee274983a1a9d6d5fe039 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Tue, 3 Mar 2026 20:14:56 -0600
Subject: [PATCH 03/47] Switched to soft-deletion for client-sync event
 handling.

---
 handle_settings.go | 25 +++++++++++++++----------
 1 file changed, 15 insertions(+), 10 deletions(-)

diff --git a/handle_settings.go b/handle_settings.go
index 2c39223..9021368 100644
--- a/handle_settings.go
+++ b/handle_settings.go
@@ -80,57 +80,62 @@ func (app *App) handleUpdateSettings(w http.ResponseWriter, r *http.Request) {
 }
 
 func (app *App) handleResetAttendees(w http.ResponseWriter, r *http.Request) {
-	result, err := app.db.Exec(`DELETE FROM attendees`)
+	ts := now()
+	result, err := app.db.Exec(`UPDATE attendees SET deleted_at=?, updated_at=? WHERE deleted_at IS NULL`, ts, ts)
 	if err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	n, _ := result.RowsAffected()
-
 	writeJSON(w, map[string]any{"deleted": n})
 }
 
 func (app *App) handleResetVolunteers(w http.ResponseWriter, r *http.Request) {
-	result, err := app.db.Exec(`DELETE FROM volunteers`)
+	ts := now()
+	result, err := app.db.Exec(`UPDATE volunteers SET deleted_at=?, updated_at=? WHERE deleted_at IS NULL`, ts, ts)
 	if err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	n, _ := result.RowsAffected()
-
 	writeJSON(w, map[string]any{"deleted": n})
 }
 
 func (app *App) handleResetShifts(w http.ResponseWriter, r *http.Request) {
-	result, err := app.db.Exec(`DELETE FROM shifts`)
+	ts := now()
+	result, err := app.db.Exec(`UPDATE shifts SET deleted_at=?, updated_at=? WHERE deleted_at IS NULL`, ts, ts)
 	if err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	n, _ := result.RowsAffected()
-
+	// Also soft-delete orphaned volunteer_shifts
+	app.db.Exec(`UPDATE volunteer_shifts SET deleted_at=?, updated_at=? WHERE deleted_at IS NULL AND shift_id IN (SELECT id FROM shifts WHERE deleted_at IS NOT NULL)`, ts, ts)
 	writeJSON(w, map[string]any{"deleted": n})
 }
 
 func (app *App) handleResetDepartments(w http.ResponseWriter, r *http.Request) {
-	result, err := app.db.Exec(`DELETE FROM departments`)
+	ts := now()
+	// Soft-delete shifts in these departments first (so sync picks them up)
+	app.db.Exec(`UPDATE volunteer_shifts SET deleted_at=?, updated_at=? WHERE deleted_at IS NULL AND shift_id IN (SELECT id FROM shifts WHERE department_id IN (SELECT id FROM departments WHERE deleted_at IS NULL))`, ts, ts)
+	app.db.Exec(`UPDATE shifts SET deleted_at=?, updated_at=? WHERE deleted_at IS NULL AND department_id IN (SELECT id FROM departments WHERE deleted_at IS NULL)`, ts, ts)
+	result, err := app.db.Exec(`UPDATE departments SET deleted_at=?, updated_at=? WHERE deleted_at IS NULL`, ts, ts)
 	if err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	n, _ := result.RowsAffected()
-
 	writeJSON(w, map[string]any{"deleted": n})
 }
 
 func (app *App) handleResetVolunteerShifts(w http.ResponseWriter, r *http.Request) {
-	result, err := app.db.Exec(`DELETE FROM volunteer_shifts`)
+	ts := now()
+	result, err := app.db.Exec(`UPDATE volunteer_shifts SET deleted_at=?, updated_at=? WHERE deleted_at IS NULL`, ts, ts)
 	if err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	n, _ := result.RowsAffected()
-
 	writeJSON(w, map[string]any{"deleted": n})
 }
 

From 0df93e1886e9ffc4402456d2f6943868ae41f937 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Tue, 3 Mar 2026 20:51:26 -0600
Subject: [PATCH 04/47] Combined Schedule and Shifts views.

---
 README.md                               |   8 +-
 docs/USAGE.md                           |  20 ++-
 frontend/src/App.svelte                 |   3 -
 frontend/src/components/Nav.svelte      |   4 +-
 frontend/src/pages/ScheduleBoard.svelte | 111 +++++++++++-
 frontend/src/pages/Shifts.svelte        | 221 ------------------------
 6 files changed, 123 insertions(+), 244 deletions(-)
 delete mode 100644 frontend/src/pages/Shifts.svelte

diff --git a/README.md b/README.md
index cd596c4..88b09ef 100644
--- a/README.md
+++ b/README.md
@@ -7,11 +7,11 @@ Turnpike handles gate check-in, volunteer scheduling, and department coordinatio
 ## Features
 
 - **Attendee management** — CSV import (CrowdWork/Zeffy auto-detected), party-size tracking, search, check-in
-- **Volunteer scheduling** — departments, shifts with capacity, conflict detection, drag-and-drop reordering
+- **Volunteer scheduling** — departments, shifts with capacity, conflict detection, reordering
 - **Public volunteer signup** — self-registration form with email confirmation, auto-attendee linking
 - **Volunteer kiosk** — token-authenticated self-service shift signup, no login required
 - **Gate check-in** — full-screen UI with QR scanner, party check-in ("2/3 checked in"), volunteer dual check-in
-- **Schedule board** — department leads and coordinators manage shift assignments with conflict awareness
+- **Schedule** — create shifts, assign volunteers, manage assignments with conflict awareness
 - **Role-based access** — admin, coordinator, volunteer lead (department-scoped), gate
 - **Offline-first PWA** — installs on phones/tablets, full offline check-in with background sync
 - **Real-time** — check-ins and changes broadcast live via SSE
@@ -61,7 +61,7 @@ See [docs/INSTALLATION.md](docs/INSTALLATION.md) for systemd, Docker, NixOS, and
 | Role | Access |
 |------|--------|
 | `admin` | Full access: attendee import, user management, SMTP settings, all departments and shifts |
-| `coordinator` | All departments: volunteers, shifts, schedule board. No user management or settings |
+| `coordinator` | All departments: volunteers, shifts, schedule. No user management or settings |
 | `volunteer_lead` | Own department only: volunteers and shifts scoped to assigned department |
 | `gate` | Full-screen check-in UI with QR scanner. No access to other pages |
 
@@ -91,7 +91,7 @@ The Vite dev server runs on `:5173` and proxies `/api` requests to the Go server
 
 ## Documentation
 
-- [Usage Guide](docs/USAGE.md) — event setup, attendee import, volunteer signup, volunteer kiosk, gate check-in, schedule board
+- [Usage Guide](docs/USAGE.md) — event setup, attendee import, volunteer signup, volunteer kiosk, gate check-in, schedule
 - [Installation Guide](docs/INSTALLATION.md) — building, deploying, systemd, Docker, NixOS, reverse proxy, backup
 
 ## License
diff --git a/docs/USAGE.md b/docs/USAGE.md
index 8e0d174..de4e765 100644
--- a/docs/USAGE.md
+++ b/docs/USAGE.md
@@ -13,8 +13,8 @@ After logging in, create accounts for your team under **Users**. Each user gets
 | Role | What they see | What they can do |
 |------|--------------|------------------|
 | **admin** | All pages + Settings | Everything: attendee import, user management, SMTP config, departments, shifts, volunteers |
-| **coordinator** | Dashboard, Schedule Board, Volunteers, Departments, Shifts | Manage volunteers, departments, and shifts across all departments. Cannot manage users or settings |
-| **volunteer_lead** | Schedule Board, Volunteers, Departments | Manage volunteers and shifts within their assigned department only |
+| **coordinator** | Dashboard, Schedule, Volunteers, Departments | Manage volunteers, departments, and shifts across all departments. Cannot manage users or settings |
+| **volunteer_lead** | Schedule, Volunteers, Departments | Manage volunteers and shifts within their assigned department only |
 | **gate** | Full-screen Gate UI | Check in attendees (search + QR scan). No access to other pages |
 
 Ticketing and ops staff should use the **admin** role. The `ticketing` role exists in the codebase but is effectively unused — admin covers all ticketing functions.
@@ -26,7 +26,7 @@ Volunteer leads are scoped to a single department. When creating a volunteer_lea
 1. **Configure your event** — go to the Dashboard and set the event name and dates.
 2. **Create departments** — under Departments, add each department your event needs (e.g., Gate, Greeters, Rangers, Build, LNT).
 3. **Import attendees** — see next section.
-4. **Create shifts** — under Shifts, create shifts for each department with day, start/end time, and capacity.
+4. **Create shifts** — under Schedule, create shifts for each department with day, start/end time, and capacity.
 
 ## Importing Attendees
 
@@ -108,7 +108,7 @@ Volunteers are separate from attendees. A person can be both an attendee (ticket
 
 ## Shift Scheduling
 
-Under **Shifts**, create shifts for each department:
+Under **Schedule**, create shifts for each department:
 
 - **Day** — the date of the shift
 - **Start/end time** — HH:MM format
@@ -116,11 +116,11 @@ Under **Shifts**, create shifts for each department:
 
 ### Assigning volunteers
 
-From the Shifts page or the Schedule Board, assign volunteers to shifts. Turnpike checks for conflicts — if a volunteer already has a shift on the same day with overlapping times, you'll see a warning and can choose to force the assignment.
+From the Schedule page, assign volunteers to shifts. Turnpike checks for conflicts — if a volunteer already has a shift on the same day with overlapping times, you'll see a warning and can choose to force the assignment.
 
 ### Reordering
 
-Shifts can be reordered within a department to reflect priority or sequence. The Schedule Board supports drag-and-drop reordering.
+Shifts can be reordered within a department to reflect priority or sequence using the up/down buttons on each shift card.
 
 ## Volunteer Kiosk
 
@@ -162,9 +162,9 @@ Users with the **gate** role see a dedicated full-screen UI:
 
 Gate devices should install Turnpike as a PWA (Add to Home Screen) for the best experience. Check-ins are stored locally and sync when connectivity is available.
 
-## Schedule Board
+## Schedule
 
-The Schedule Board is the primary UI for coordinators and volunteer leads. It shows:
+The Schedule page is the primary UI for managing shifts and volunteer assignments. It shows:
 
 - Shifts grouped by department and day
 - Each shift card shows: name, time, capacity (used/total), assigned volunteers
@@ -173,10 +173,12 @@ The Schedule Board is the primary UI for coordinators and volunteer leads. It sh
 **Coordinators and admins** see all departments. **Volunteer leads** see only their assigned department.
 
 Actions available:
+- Create new shifts (+ Add shift button)
+- Edit shift details inline
+- Delete shifts
 - Assign volunteers to shifts from a dropdown
 - Remove volunteer assignments
 - Reorder shifts within a department
-- Edit shift details inline
 
 ## SMTP Configuration
 
diff --git a/frontend/src/App.svelte b/frontend/src/App.svelte
index e9c0638..0fed314 100644
--- a/frontend/src/App.svelte
+++ b/frontend/src/App.svelte
@@ -7,7 +7,6 @@
   import Attendees from './pages/Attendees.svelte'
   import Volunteers from './pages/Volunteers.svelte'
   import Departments from './pages/Departments.svelte'
-  import Shifts from './pages/Shifts.svelte'
   import Users from './pages/Users.svelte'
   import Import from './pages/Import.svelte'
   import Kiosk from './pages/Kiosk.svelte'
@@ -133,8 +132,6 @@
         <Volunteers {session} />
       {:else if path.startsWith('/departments')}
         <Departments {session} />
-      {:else if path.startsWith('/shifts')}
-        <Shifts {session} />
       {:else if path.startsWith('/schedule')}
         <ScheduleBoard {session} />
       {:else if path.startsWith('/users')}
diff --git a/frontend/src/components/Nav.svelte b/frontend/src/components/Nav.svelte
index a0257c8..cef8d7c 100644
--- a/frontend/src/components/Nav.svelte
+++ b/frontend/src/components/Nav.svelte
@@ -1,5 +1,5 @@
 <script>
-  import { LayoutDashboard, ClipboardCheck, Heart, Hexagon, Clock, CalendarDays, Upload, Users, Settings, LogOut } from 'lucide-svelte'
+  import { LayoutDashboard, ClipboardCheck, Heart, Hexagon, CalendarDays, Upload, Users, Settings, LogOut } from 'lucide-svelte'
 
   let { session, active, onLogout, navigate, open = false } = $props()
 
@@ -22,14 +22,12 @@
       { href: '/schedule', label: 'Schedule', icon: CalendarDays },
       { href: '/volunteers', label: 'Volunteers', icon: Heart },
       { href: '/departments', label: 'Departments', icon: Hexagon },
-      { href: '/shifts', label: 'Shifts', icon: Clock },
     ]
     return [
       { href: '/', label: 'Dashboard', icon: LayoutDashboard },
       { href: '/attendees', label: 'Attendees', icon: ClipboardCheck },
       { href: '/volunteers', label: 'Volunteers', icon: Heart },
       { href: '/departments', label: 'Departments', icon: Hexagon },
-      { href: '/shifts', label: 'Shifts', icon: Clock },
       { href: '/schedule', label: 'Schedule', icon: CalendarDays },
       { href: '/import', label: 'Import', icon: Upload },
       { href: '/users', label: 'Users', icon: Users },
diff --git a/frontend/src/pages/ScheduleBoard.svelte b/frontend/src/pages/ScheduleBoard.svelte
index 679469e..8e2efd3 100644
--- a/frontend/src/pages/ScheduleBoard.svelte
+++ b/frontend/src/pages/ScheduleBoard.svelte
@@ -10,12 +10,23 @@
   let editShift = $state({})
   let saving = $state(false)
 
+  // Add shift form
+  let showAdd = $state(false)
+  let adding = $state(false)
+  let newDeptID = $state('')
+  let newName = $state('')
+  let newDay = $state('')
+  let newStart = $state('')
+  let newEnd = $state('')
+  let newCapacity = $state(0)
+
   // For volunteer assignment dropdown
   let assigningShiftID = $state(null)
   let assignVolID = $state(0)
   let assigning = $state(false)
 
   const role = $derived(session?.user?.role ?? '')
+  const canManage = $derived(['admin', 'coordinator', 'volunteer_lead'].includes(role))
   const myDeptIDs = $derived(session?.user?.department_ids ?? [])
 
   const allDepts = liveQuery(() =>
@@ -194,6 +205,48 @@
     }
   }
 
+  async function addShift(e) {
+    e.preventDefault()
+    if (!newDeptID) return
+    adding = true
+    error = ''
+    try {
+      const s = await api.shifts.create({
+        department_id: parseInt(newDeptID),
+        name: newName,
+        day: newDay,
+        start_time: newStart,
+        end_time: newEnd,
+        capacity: parseInt(newCapacity) || 0,
+      })
+      await db.shifts.put(s)
+      showAdd = false
+      newName = newDay = newStart = newEnd = ''
+      newDeptID = ''
+      newCapacity = 0
+    } catch (err) {
+      error = err.message
+    } finally {
+      adding = false
+    }
+  }
+
+  async function deleteShift(s) {
+    if (!confirm(`Delete shift "${s.name}"?`)) return
+    try {
+      await api.shifts.delete(s.id)
+      await db.shifts.delete(s.id)
+    } catch (err) {
+      error = err.message
+    }
+  }
+
+  function formatDay(d) {
+    if (!d) return ''
+    const dt = new Date(d + 'T00:00:00')
+    return dt.toLocaleDateString(undefined, { weekday: 'short', month: 'short', day: 'numeric' })
+  }
+
   function fmt(t) {
     if (!t) return ''
     const [h, m] = t.split(':').map(Number)
@@ -204,17 +257,66 @@
 
 <div class="page">
   <div class="page-header">
-    <h1 class="page-title">Schedule Board</h1>
+    <h1 class="page-title">Schedule</h1>
+    {#if canManage}
+      <div class="actions">
+        <button class="btn btn-primary btn-sm" onclick={() => showAdd = !showAdd}>+ Add shift</button>
+      </div>
+    {/if}
   </div>
 
   {#if error}
     <div class="alert alert-error">{error}</div>
   {/if}
 
-  {#if ($allShifts ?? []).length === 0}
+  {#if showAdd && canManage}
+    <div class="card" style="margin-bottom:1.5rem">
+      <form onsubmit={addShift}>
+        <div style="display:grid;grid-template-columns:1fr 1fr;gap:1rem">
+          <div class="form-group">
+            <label for="s-dept">Department *</label>
+            <select id="s-dept" bind:value={newDeptID} required>
+              <option value="">Select department…</option>
+              {#each visibleDepts as d}
+                <option value={String(d.id)}>{d.name}</option>
+              {/each}
+            </select>
+          </div>
+          <div class="form-group">
+            <label for="s-name">Shift name *</label>
+            <input id="s-name" bind:value={newName} required placeholder="e.g. Gate Morning" />
+          </div>
+          <div class="form-group">
+            <label for="s-day">Day *</label>
+            <input id="s-day" type="date" bind:value={newDay} required />
+          </div>
+          <div class="form-group">
+            <label for="s-cap">Capacity <span class="text-muted">(0 = unlimited)</span></label>
+            <input id="s-cap" type="number" min="0" bind:value={newCapacity} />
+          </div>
+          <div class="form-group">
+            <label for="s-start">Start time *</label>
+            <input id="s-start" type="time" bind:value={newStart} required />
+          </div>
+          <div class="form-group">
+            <label for="s-end">End time *</label>
+            <input id="s-end" type="time" bind:value={newEnd} required />
+          </div>
+        </div>
+        <div class="actions">
+          <button type="submit" class="btn btn-primary" disabled={adding}>
+            {adding ? 'Adding…' : 'Add shift'}
+          </button>
+          <button type="button" class="btn btn-ghost" onclick={() => showAdd = false}>Cancel</button>
+        </div>
+      </form>
+    </div>
+  {/if}
+
+  {#if ($allShifts ?? []).length === 0 && !showAdd}
     <div class="empty">
       <strong>No shifts yet</strong>
-      <p>Create shifts in the Shifts page first.</p>
+      <p>Add shifts to schedule your volunteers.</p>
     </div>
   {:else}
     {#each board as { dept, days }}
@@ -226,7 +328,7 @@
           </div>
 
           {#each days as [day, rows]}
-            <div class="board-day-label">{day}</div>
+            <div class="board-day-label">{formatDay(day)}</div>
 
             {#each rows as { shift, assigned, hasConflict }, i}
               <div class="board-shift {hasConflict ? 'board-shift-conflict' : ''}">
@@ -285,6 +387,7 @@
                         onclick={() => reorder(shift.id, -1, rows)}>↑</button>
                       <button class="btn btn-ghost btn-sm" title="Move down"
                         onclick={() => reorder(shift.id, 1, rows)}>↓</button>
+                      <button class="btn btn-danger btn-sm" onclick={() => deleteShift(shift)}>Delete</button>
                     </div>
                   </div>
 
diff --git a/frontend/src/pages/Shifts.svelte b/frontend/src/pages/Shifts.svelte
deleted file mode 100644
index e912491..0000000
--- a/frontend/src/pages/Shifts.svelte
+++ /dev/null
@@ -1,221 +0,0 @@
-<script>
-  import { liveQuery } from 'dexie'
-  import { db } from '../db.js'
-  import { api } from '../api.js'
-
-  let { session } = $props()
-
-  let error = $state('')
-  let showAdd = $state(false)
-  let adding = $state(false)
-  let newDeptID = $state('')
-  let newName = $state('')
-  let newDay = $state('')
-  let newStart = $state('')
-  let newEnd = $state('')
-  let newCapacity = $state(0)
-
-  const role = $derived(session?.user?.role ?? '')
-  const canManage = $derived(['admin', 'coordinator', 'volunteer_lead'].includes(role))
-
-  const allShifts = liveQuery(() =>
-    db.shifts.filter(s => !s.deleted_at).toArray()
-  )
-  const allDepts = liveQuery(() =>
-    db.departments.filter(d => !d.deleted_at).toArray()
-      .then(arr => arr.sort((a, b) => a.name.localeCompare(b.name)))
-  )
-
-  // Group shifts by department, then by day
-  const grouped = $derived.by(() => {
-    const shifts = $allShifts ?? []
-    const depts = $allDepts ?? []
-
-    const byDept = {}
-    for (const s of shifts) {
-      if (!byDept[s.department_id]) byDept[s.department_id] = {}
-      if (!byDept[s.department_id][s.day]) byDept[s.department_id][s.day] = []
-      byDept[s.department_id][s.day].push(s)
-    }
-
-    return depts
-      .filter(d => byDept[d.id])
-      .map(d => ({
-        dept: d,
-        days: Object.entries(byDept[d.id] || {})
-          .sort(([a], [b]) => a.localeCompare(b))
-          .map(([day, dayShifts]) => ({
-            day,
-            shifts: [...dayShifts].sort((a, b) => a.start_time.localeCompare(b.start_time)),
-          })),
-      }))
-  })
-
-  // Shifts not yet in any department group (e.g. orphaned)
-  const ungrouped = $derived.by(() => {
-    const shifts = $allShifts ?? []
-    const deptIDs = new Set(($allDepts ?? []).map(d => d.id))
-    return shifts.filter(s => !deptIDs.has(s.department_id))
-  })
-
-  async function addShift(e) {
-    e.preventDefault()
-    if (!newDeptID) return
-    adding = true
-    error = ''
-    try {
-      const s = await api.shifts.create({
-        department_id: parseInt(newDeptID),
-        name: newName,
-        day: newDay,
-        start_time: newStart,
-        end_time: newEnd,
-        capacity: parseInt(newCapacity) || 0,
-      })
-      await db.shifts.put(s)
-      showAdd = false
-      newName = newDay = newStart = newEnd = ''
-      newDeptID = ''
-      newCapacity = 0
-    } catch (err) {
-      error = err.message
-    } finally {
-      adding = false
-    }
-  }
-
-  async function deleteShift(s) {
-    if (!confirm(`Delete shift "${s.name}"?`)) return
-    try {
-      await api.shifts.delete(s.id)
-      await db.shifts.delete(s.id)
-    } catch (err) {
-      error = err.message
-    }
-  }
-
-  function formatTime(t) {
-    if (!t) return ''
-    // t is HH:MM, format nicely
-    const [h, m] = t.split(':').map(Number)
-    const ampm = h >= 12 ? 'pm' : 'am'
-    return `${h % 12 || 12}:${String(m).padStart(2, '0')}${ampm}`
-  }
-
-  function formatDay(d) {
-    if (!d) return ''
-    const dt = new Date(d + 'T00:00:00')
-    return dt.toLocaleDateString(undefined, { weekday: 'short', month: 'short', day: 'numeric' })
-  }
-</script>
-
-<div class="page">
-  <div class="page-header">
-    <h1 class="page-title">Shifts</h1>
-    {#if canManage}
-      <div class="actions">
-        <button class="btn btn-primary btn-sm" onclick={() => showAdd = !showAdd}>+ Add shift</button>
-      </div>
-    {/if}
-  </div>
-
-  {#if error}
-    <div class="alert alert-error">{error}</div>
-  {/if}
-
-  {#if showAdd && canManage}
-    <div class="card" style="margin-bottom:1.5rem">
-      <form onsubmit={addShift}>
-        <div style="display:grid;grid-template-columns:1fr 1fr;gap:1rem">
-          <div class="form-group">
-            <label for="s-dept">Department *</label>
-            <select id="s-dept" bind:value={newDeptID} required>
-              <option value="">Select department…</option>
-              {#each $allDepts ?? [] as d}
-                <option value={String(d.id)}>{d.name}</option>
-              {/each}
-            </select>
-          </div>
-          <div class="form-group">
-            <label for="s-name">Shift name *</label>
-            <input id="s-name" bind:value={newName} required placeholder="e.g. Gate Morning" />
-          </div>
-          <div class="form-group">
-            <label for="s-day">Day *</label>
-            <input id="s-day" type="date" bind:value={newDay} required />
-          </div>
-          <div class="form-group">
-            <label for="s-cap">Capacity <span class="text-muted">(0 = unlimited)</span></label>
-            <input id="s-cap" type="number" min="0" bind:value={newCapacity} />
-          </div>
-          <div class="form-group">
-            <label for="s-start">Start time *</label>
-            <input id="s-start" type="time" bind:value={newStart} required />
-          </div>
-          <div class="form-group">
-            <label for="s-end">End time *</label>
-            <input id="s-end" type="time" bind:value={newEnd} required />
-          </div>
-        </div>
-        <div class="actions">
-          <button type="submit" class="btn btn-primary" disabled={adding}>
-            {adding ? 'Adding…' : 'Add shift'}
-          </button>
-          <button type="button" class="btn btn-ghost" onclick={() => showAdd = false}>Cancel</button>
-        </div>
-      </form>
-    </div>
-  {/if}
-
-  {#if ($allShifts ?? []).length === 0}
-    <div class="empty">
-      <strong>No shifts yet</strong>
-      <p>Add shifts to schedule your volunteers.</p>
-    </div>
-  {:else}
-    {#each grouped as { dept, days }}
-      <div style="margin-bottom:2rem">
-        <div style="display:flex;align-items:center;gap:0.5rem;margin-bottom:0.75rem">
-          <span class="dept-dot" style="background:{dept.color}"></span>
-          <strong style="font-size:1rem">{dept.name}</strong>
-        </div>
-        {#each days as { day, shifts }}
-          <div style="margin-bottom:1rem">
-            <div class="text-muted" style="font-size:0.78rem;text-transform:uppercase;letter-spacing:0.06em;margin-bottom:0.4rem;padding-left:1rem">
-              {formatDay(day)}
-            </div>
-            <div class="table-wrap">
-              <table>
-                <tbody>
-                  {#each shifts as s (s.id)}
-                    <tr>
-                      <td><strong>{s.name}</strong></td>
-                      <td class="text-muted">{formatTime(s.start_time)} – {formatTime(s.end_time)}</td>
-                      <td class="text-muted">
-                        {#if s.capacity}
-                          Capacity: {s.capacity}
-                        {:else}
-                          Unlimited
-                        {/if}
-                      </td>
-                      {#if canManage}
-                        <td style="text-align:right">
-                          <button class="btn btn-danger btn-sm" onclick={() => deleteShift(s)}>Delete</button>
-                        </td>
-                      {/if}
-                    </tr>
-                  {/each}
-                </tbody>
-              </table>
-            </div>
-          </div>
-        {/each}
-      </div>
-    {/each}
-    {#if ungrouped.length > 0}
-      <div class="text-muted" style="font-size:0.85rem">
-        {ungrouped.length} shift(s) with unknown departments
-      </div>
-    {/if}
-  {/if}
-</div>

From cd8e1e3b3bc2ae5d87d0f90cf1d8a78b062b36ad Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Wed, 4 Mar 2026 10:53:42 -0600
Subject: [PATCH 05/47] Established Participants and Tickets model. Migrated
 concepts.

---
 db.go                                  | 523 +++++++++++++++++++++++--
 email.go                               |  29 +-
 frontend/src/App.svelte                |   3 +
 frontend/src/api.js                    |  16 +
 frontend/src/components/Nav.svelte     |   4 +-
 frontend/src/db.js                     |  14 +
 frontend/src/db.test.js                |   2 +-
 frontend/src/pages/GateUI.svelte       |  78 +++-
 frontend/src/pages/Participants.svelte | 305 ++++++++++++++
 frontend/src/sync.js                   |  15 +-
 handle_attendees.go                    |  12 +-
 handle_import.go                       |  62 +--
 handle_import_test.go                  |  21 +-
 handle_kiosk.go                        |  29 +-
 handle_kiosk_test.go                   |  11 +-
 handle_participants.go                 | 157 ++++++++
 handle_settings.go                     |  11 +
 handle_signup.go                       | 128 +++---
 handle_signup_test.go                  |  45 ++-
 handle_sync.go                         |  10 +
 handle_tokens.go                       |  45 ++-
 main.go                                |  16 +
 22 files changed, 1345 insertions(+), 191 deletions(-)
 create mode 100644 frontend/src/pages/Participants.svelte
 create mode 100644 handle_participants.go

diff --git a/db.go b/db.go
index bc97c91..3dba412 100644
--- a/db.go
+++ b/db.go
@@ -121,6 +121,40 @@ func migrate(db *sql.DB) error {
 		updated_at   TEXT NOT NULL DEFAULT (datetime('now')),
 		PRIMARY KEY (volunteer_id, shift_id)
 	);
+
+	CREATE TABLE IF NOT EXISTS participants (
+		id             INTEGER PRIMARY KEY AUTOINCREMENT,
+		email          TEXT NOT NULL DEFAULT '',
+		preferred_name TEXT NOT NULL DEFAULT '',
+		phone          TEXT NOT NULL DEFAULT '',
+		pronouns       TEXT NOT NULL DEFAULT '',
+		note           TEXT NOT NULL DEFAULT '',
+		created_at     TEXT NOT NULL DEFAULT (datetime('now')),
+		updated_at     TEXT NOT NULL DEFAULT (datetime('now')),
+		deleted_at     TEXT
+	);
+
+	CREATE UNIQUE INDEX IF NOT EXISTS idx_participants_email
+		ON participants(email) WHERE deleted_at IS NULL AND email != '';
+
+	CREATE TABLE IF NOT EXISTS tickets (
+		id             INTEGER PRIMARY KEY AUTOINCREMENT,
+		participant_id INTEGER REFERENCES participants(id) ON DELETE SET NULL,
+		name           TEXT NOT NULL DEFAULT '',
+		ticket_type    TEXT NOT NULL DEFAULT '',
+		source         TEXT NOT NULL DEFAULT 'manual',
+		external_id    TEXT NOT NULL DEFAULT '',
+		order_id       TEXT NOT NULL DEFAULT '',
+		code           TEXT UNIQUE,
+		checked_in_at  TEXT,
+		checked_in_by  INTEGER REFERENCES users(id),
+		created_at     TEXT NOT NULL DEFAULT (datetime('now')),
+		updated_at     TEXT NOT NULL DEFAULT (datetime('now')),
+		deleted_at     TEXT
+	);
+
+	CREATE UNIQUE INDEX IF NOT EXISTS idx_tickets_source_external
+		ON tickets(source, external_id) WHERE external_id != '' AND deleted_at IS NULL;
 	`)
 	if err != nil {
 		return err
@@ -143,6 +177,89 @@ func migrateV2(db *sql.DB) error {
 	// Widen the uniqueness constraint from name-only to (name, ticket_id).
 	db.Exec(`DROP INDEX IF EXISTS idx_attendees_name`)
 	db.Exec(`CREATE UNIQUE INDEX IF NOT EXISTS idx_attendees_name_ticket ON attendees(name, ticket_id) WHERE deleted_at IS NULL`)
+	return migrateV3(db)
+}
+
+// migrateV3 populates participants + tickets from attendees/volunteers,
+// and links volunteers to participants via participant_id.
+func migrateV3(db *sql.DB) error {
+	addColumnIfMissing(db, "volunteers", "participant_id INTEGER REFERENCES participants(id)")
+
+	// Seed participants from volunteers first (better name data: preferred_name).
+	db.Exec(`
+		INSERT OR IGNORE INTO participants (email, preferred_name, phone, pronouns, created_at, updated_at)
+		SELECT
+			LOWER(email),
+			CASE WHEN preferred_name != '' THEN preferred_name ELSE name END,
+			phone,
+			pronouns,
+			created_at,
+			created_at
+		FROM volunteers
+		WHERE email != '' AND deleted_at IS NULL`)
+
+	// Fill in from attendees for emails not yet in participants.
+	db.Exec(`
+		INSERT OR IGNORE INTO participants (email, preferred_name, phone, created_at, updated_at)
+		SELECT LOWER(email), name, phone, created_at, created_at
+		FROM attendees
+		WHERE email != '' AND deleted_at IS NULL`)
+
+	// Attendees with no email: create a placeholder participant so tickets aren't orphaned.
+	rows, _ := db.Query(`SELECT id, name, created_at FROM attendees WHERE email = '' AND deleted_at IS NULL`)
+	if rows != nil {
+		type stub struct {
+			id, name, createdAt string
+		}
+		var stubs []stub
+		for rows.Next() {
+			var s stub
+			rows.Scan(&s.id, &s.name, &s.createdAt)
+			stubs = append(stubs, s)
+		}
+		rows.Close()
+		for _, s := range stubs {
+			placeholder := fmt.Sprintf("ticket-%s@unknown", s.id)
+			db.Exec(`INSERT OR IGNORE INTO participants (email, preferred_name, created_at, updated_at) VALUES (?, ?, ?, ?)`,
+				placeholder, s.name, s.createdAt, s.createdAt)
+		}
+	}
+
+	// Link volunteers to participants via email.
+	db.Exec(`
+		UPDATE volunteers SET participant_id = (
+			SELECT p.id FROM participants p WHERE LOWER(p.email) = LOWER(volunteers.email)
+		)
+		WHERE participant_id IS NULL AND email != ''`)
+
+	// Seed tickets from attendees (1 ticket per attendee row).
+	db.Exec(`
+		INSERT OR IGNORE INTO tickets (participant_id, name, ticket_type, source, external_id, order_id, code, checked_in_at, checked_in_by, created_at, updated_at, deleted_at)
+		SELECT
+			p.id,
+			a.name,
+			a.ticket_type,
+			CASE WHEN a.ticket_id != '' THEN 'crowdwork' ELSE 'manual' END,
+			a.ticket_id,
+			a.ticket_id,
+			a.volunteer_token,
+			a.checked_in_at,
+			a.checked_in_by,
+			a.created_at,
+			a.updated_at,
+			a.deleted_at
+		FROM attendees a
+		JOIN participants p ON LOWER(p.email) = LOWER(a.email) OR p.email = 'ticket-' || a.id || '@unknown'`)
+
+	// Volunteers whose participant has no ticket: create a stub ticket so they can get a kiosk code.
+	db.Exec(`
+		INSERT OR IGNORE INTO tickets (participant_id, source, created_at, updated_at)
+		SELECT DISTINCT v.participant_id, 'manual', v.created_at, v.created_at
+		FROM volunteers v
+		WHERE v.participant_id IS NOT NULL
+		  AND v.deleted_at IS NULL
+		  AND NOT EXISTS (SELECT 1 FROM tickets t WHERE t.participant_id = v.participant_id AND t.deleted_at IS NULL)`)
+
 	return nil
 }
 
@@ -223,7 +340,8 @@ type Department struct {
 
 type Volunteer struct {
 	ID                int     `json:"id"`
-	AttendeeID        *int    `json:"attendee_id,omitempty"`
+	ParticipantID     *int    `json:"participant_id,omitempty"`
+	AttendeeID        *int    `json:"attendee_id,omitempty"` // deprecated; kept for migration compat
 	Name              string  `json:"name"`
 	PreferredName     string  `json:"preferred_name"`
 	TicketName        string  `json:"ticket_name"`
@@ -242,6 +360,34 @@ type Volunteer struct {
 	DeletedAt         *string `json:"deleted_at,omitempty"`
 }
 
+type Participant struct {
+	ID            int     `json:"id"`
+	Email         string  `json:"email"`
+	PreferredName string  `json:"preferred_name"`
+	Phone         string  `json:"phone"`
+	Pronouns      string  `json:"pronouns"`
+	Note          string  `json:"note"`
+	CreatedAt     string  `json:"created_at"`
+	UpdatedAt     string  `json:"updated_at"`
+	DeletedAt     *string `json:"deleted_at,omitempty"`
+}
+
+type Ticket struct {
+	ID            int     `json:"id"`
+	ParticipantID *int    `json:"participant_id,omitempty"`
+	Name          string  `json:"name"`
+	TicketType    string  `json:"ticket_type"`
+	Source        string  `json:"source"`
+	ExternalID    string  `json:"external_id"`
+	OrderID       string  `json:"order_id"`
+	Code          *string `json:"code,omitempty"`
+	CheckedInAt   *string `json:"checked_in_at,omitempty"`
+	CheckedInBy   *int    `json:"checked_in_by,omitempty"`
+	CreatedAt     string  `json:"created_at"`
+	UpdatedAt     string  `json:"updated_at"`
+	DeletedAt     *string `json:"deleted_at,omitempty"`
+}
+
 type Shift struct {
 	ID           int     `json:"id"`
 	DepartmentID int     `json:"department_id"`
@@ -444,7 +590,7 @@ func (app *App) generateUniqueToken() (string, error) {
 			return "", err
 		}
 		var count int
-		if err := app.db.QueryRow(`SELECT COUNT(*) FROM attendees WHERE volunteer_token = ?`, t).Scan(&count); err != nil {
+		if err := app.db.QueryRow(`SELECT COUNT(*) FROM tickets WHERE code = ?`, t).Scan(&count); err != nil {
 			return "", fmt.Errorf("check token uniqueness: %w", err)
 		}
 		if count == 0 {
@@ -454,19 +600,10 @@ func (app *App) generateUniqueToken() (string, error) {
 	return "", fmt.Errorf("failed to generate unique token")
 }
 
-func (app *App) getAttendeeByToken(token string) (*Attendee, error) {
-	rows, err := queryAttendees(app.db,
-		`SELECT `+attendeeCols+` FROM attendees WHERE volunteer_token = ? AND deleted_at IS NULL`, token)
-	if err != nil || len(rows) == 0 {
-		return nil, err
-	}
-	return &rows[0], nil
-}
-
-// generateTokensForAll creates tokens for every attendee that doesn't have one yet.
-func (app *App) generateTokensForAll() (int, error) {
+// generateCodesForAll generates codes for every ticket that doesn't have one yet.
+func (app *App) generateCodesForAll() (int, error) {
 	rows, err := app.db.Query(
-		`SELECT id FROM attendees WHERE volunteer_token IS NULL AND deleted_at IS NULL`,
+		`SELECT id FROM tickets WHERE code IS NULL AND deleted_at IS NULL`,
 	)
 	if err != nil {
 		return 0, err
@@ -476,7 +613,7 @@ func (app *App) generateTokensForAll() (int, error) {
 	for rows.Next() {
 		var id int
 		if err := rows.Scan(&id); err != nil {
-			return 0, fmt.Errorf("scan attendee id: %w", err)
+			return 0, fmt.Errorf("scan ticket id: %w", err)
 		}
 		ids = append(ids, id)
 	}
@@ -487,14 +624,13 @@ func (app *App) generateTokensForAll() (int, error) {
 		if err != nil {
 			continue
 		}
-		app.db.Exec(`UPDATE attendees SET volunteer_token=?, updated_at=? WHERE id=?`, t, now(), id)
+		app.db.Exec(`UPDATE tickets SET code=?, updated_at=? WHERE id=?`, t, now(), id)
 		count++
 	}
 	return count, nil
 }
 
-// incrementPartySize bumps party_size for an existing attendee matched by name+ticket_id.
-// Used during import to handle duplicate ticket rows from the same order.
+// incrementPartySize is kept for backward compatibility with existing tests.
 func (app *App) incrementPartySize(name, ticketID string) (bool, error) {
 	res, err := app.db.Exec(
 		`UPDATE attendees SET party_size = party_size + 1, updated_at = ?
@@ -662,6 +798,274 @@ func (app *App) attendeeCounts() (total, checkedIn int, err error) {
 	return
 }
 
+// --- Participants ---
+
+const participantCols = `id, email, preferred_name, phone, pronouns, note, created_at, updated_at, deleted_at`
+
+func (app *App) listParticipants(search, since string) ([]Participant, error) {
+	var q string
+	var args []any
+	if since != "" {
+		q = `SELECT ` + participantCols + ` FROM participants WHERE updated_at > ? ORDER BY preferred_name, email`
+		args = append(args, since)
+	} else {
+		q = `SELECT ` + participantCols + ` FROM participants WHERE deleted_at IS NULL`
+		if search != "" {
+			q += ` AND (preferred_name LIKE ? OR email LIKE ?)`
+			s := "%" + search + "%"
+			args = append(args, s, s)
+		}
+		q += ` ORDER BY preferred_name, email`
+	}
+	return queryParticipants(app.db, q, args...)
+}
+
+func (app *App) getParticipant(id int) (*Participant, error) {
+	rows, err := queryParticipants(app.db,
+		`SELECT `+participantCols+` FROM participants WHERE id = ?`, id)
+	if err != nil || len(rows) == 0 {
+		return nil, err
+	}
+	return &rows[0], nil
+}
+
+func (app *App) getParticipantByEmail(email string) (*Participant, error) {
+	rows, err := queryParticipants(app.db,
+		`SELECT `+participantCols+` FROM participants WHERE LOWER(email) = LOWER(?) AND deleted_at IS NULL LIMIT 1`, email)
+	if err != nil || len(rows) == 0 {
+		return nil, err
+	}
+	return &rows[0], nil
+}
+
+func (app *App) createParticipant(p Participant) (*Participant, error) {
+	res, err := app.db.Exec(
+		`INSERT INTO participants (email, preferred_name, phone, pronouns, note, updated_at) VALUES (?, ?, ?, ?, ?, ?)`,
+		strings.ToLower(p.Email), p.PreferredName, p.Phone, p.Pronouns, p.Note, now(),
+	)
+	if err != nil {
+		return nil, err
+	}
+	id, _ := res.LastInsertId()
+	return app.getParticipant(int(id))
+}
+
+func (app *App) updateParticipant(p Participant) error {
+	_, err := app.db.Exec(
+		`UPDATE participants SET email=?, preferred_name=?, phone=?, pronouns=?, note=?, updated_at=?
+		 WHERE id=? AND deleted_at IS NULL`,
+		strings.ToLower(p.Email), p.PreferredName, p.Phone, p.Pronouns, p.Note, now(), p.ID,
+	)
+	return err
+}
+
+func (app *App) deleteParticipant(id int) error {
+	_, err := app.db.Exec(
+		`UPDATE participants SET deleted_at=?, updated_at=? WHERE id=?`, now(), now(), id,
+	)
+	return err
+}
+
+// mergeParticipants reassigns all tickets and volunteers from other → canonical, then soft-deletes other.
+func (app *App) mergeParticipants(canonicalID, otherID int) error {
+	ts := now()
+	if _, err := app.db.Exec(
+		`UPDATE tickets SET participant_id=?, updated_at=? WHERE participant_id=? AND deleted_at IS NULL`,
+		canonicalID, ts, otherID,
+	); err != nil {
+		return err
+	}
+	if _, err := app.db.Exec(
+		`UPDATE volunteers SET participant_id=?, updated_at=? WHERE participant_id=? AND deleted_at IS NULL`,
+		canonicalID, ts, otherID,
+	); err != nil {
+		return err
+	}
+	_, err := app.db.Exec(
+		`UPDATE participants SET deleted_at=?, updated_at=? WHERE id=?`, ts, ts, otherID,
+	)
+	return err
+}
+
+func queryParticipants(db *sql.DB, q string, args ...any) ([]Participant, error) {
+	rows, err := db.Query(q, args...)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+	var result []Participant
+	for rows.Next() {
+		var p Participant
+		if err := rows.Scan(
+			&p.ID, &p.Email, &p.PreferredName, &p.Phone, &p.Pronouns, &p.Note,
+			&p.CreatedAt, &p.UpdatedAt, &p.DeletedAt,
+		); err != nil {
+			return nil, err
+		}
+		result = append(result, p)
+	}
+	return result, rows.Err()
+}
+
+// upsertParticipant finds a participant by email or creates one.
+// Returns the participant and whether it was newly created.
+func (app *App) upsertParticipant(email, name string) (*Participant, bool, error) {
+	p, err := app.getParticipantByEmail(email)
+	if err != nil {
+		return nil, false, err
+	}
+	if p != nil {
+		return p, false, nil
+	}
+	created, err := app.createParticipant(Participant{
+		Email:         email,
+		PreferredName: name,
+	})
+	return created, true, err
+}
+
+// --- Tickets ---
+
+const ticketCols = `id, participant_id, name, ticket_type, source, external_id, order_id, code, checked_in_at, checked_in_by, created_at, updated_at, deleted_at`
+
+func (app *App) listTickets(participantID *int, since string) ([]Ticket, error) {
+	q := `SELECT ` + ticketCols + ` FROM tickets WHERE 1=1`
+	var args []any
+	if since != "" {
+		q += ` AND updated_at > ?`
+		args = append(args, since)
+	} else {
+		q += ` AND deleted_at IS NULL`
+	}
+	if participantID != nil {
+		q += ` AND participant_id = ?`
+		args = append(args, *participantID)
+	}
+	q += ` ORDER BY created_at`
+	return queryTickets(app.db, q, args...)
+}
+
+func (app *App) getTicket(id int) (*Ticket, error) {
+	rows, err := queryTickets(app.db,
+		`SELECT `+ticketCols+` FROM tickets WHERE id = ?`, id)
+	if err != nil || len(rows) == 0 {
+		return nil, err
+	}
+	return &rows[0], nil
+}
+
+func (app *App) getTicketByCode(code string) (*Ticket, error) {
+	rows, err := queryTickets(app.db,
+		`SELECT `+ticketCols+` FROM tickets WHERE code = ? AND deleted_at IS NULL`, code)
+	if err != nil || len(rows) == 0 {
+		return nil, err
+	}
+	return &rows[0], nil
+}
+
+func (app *App) createTicket(t Ticket) (*Ticket, error) {
+	res, err := app.db.Exec(
+		`INSERT INTO tickets (participant_id, name, ticket_type, source, external_id, order_id, code, updated_at)
+		 VALUES (?, ?, ?, ?, ?, ?, ?, ?)`,
+		t.ParticipantID, t.Name, t.TicketType, t.Source, t.ExternalID, t.OrderID, t.Code, now(),
+	)
+	if err != nil {
+		return nil, err
+	}
+	id, _ := res.LastInsertId()
+	return app.getTicket(int(id))
+}
+
+func (app *App) checkInTicket(id, userID int) (*Ticket, error) {
+	t := now()
+	_, err := app.db.Exec(`
+		UPDATE tickets SET
+			checked_in_at = CASE WHEN checked_in_at IS NULL THEN ? ELSE checked_in_at END,
+			checked_in_by = CASE WHEN checked_in_at IS NULL THEN ? ELSE checked_in_by END,
+			updated_at    = ?
+		WHERE id = ? AND deleted_at IS NULL`,
+		t, userID, t, id,
+	)
+	if err != nil {
+		return nil, err
+	}
+	return app.getTicket(id)
+}
+
+func (app *App) deleteTicket(id int) error {
+	_, err := app.db.Exec(
+		`UPDATE tickets SET deleted_at=?, updated_at=? WHERE id=?`, now(), now(), id,
+	)
+	return err
+}
+
+func (app *App) ticketsSince(since string) ([]Ticket, error) {
+	return queryTickets(app.db,
+		`SELECT `+ticketCols+` FROM tickets WHERE updated_at > ? ORDER BY updated_at ASC`, since)
+}
+
+func (app *App) participantsSince(since string) ([]Participant, error) {
+	return queryParticipants(app.db,
+		`SELECT `+participantCols+` FROM participants WHERE updated_at > ? ORDER BY updated_at ASC`, since)
+}
+
+func queryTickets(db *sql.DB, q string, args ...any) ([]Ticket, error) {
+	rows, err := db.Query(q, args...)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+	var result []Ticket
+	for rows.Next() {
+		var t Ticket
+		var participantID, checkedInBy sql.NullInt64
+		var code sql.NullString
+		if err := rows.Scan(
+			&t.ID, &participantID, &t.Name, &t.TicketType, &t.Source, &t.ExternalID, &t.OrderID,
+			&code, &t.CheckedInAt, &checkedInBy, &t.CreatedAt, &t.UpdatedAt, &t.DeletedAt,
+		); err != nil {
+			return nil, err
+		}
+		if participantID.Valid {
+			id := int(participantID.Int64)
+			t.ParticipantID = &id
+		}
+		if checkedInBy.Valid {
+			id := int(checkedInBy.Int64)
+			t.CheckedInBy = &id
+		}
+		if code.Valid && code.String != "" {
+			t.Code = &code.String
+		}
+		result = append(result, t)
+	}
+	return result, rows.Err()
+}
+
+// ticketCounts returns total and checked-in ticket counts for participants page.
+func (app *App) ticketCounts() (total, checkedIn int, err error) {
+	app.db.QueryRow(`SELECT COUNT(*) FROM tickets WHERE deleted_at IS NULL`).Scan(&total)
+	app.db.QueryRow(`SELECT COUNT(*) FROM tickets WHERE checked_in_at IS NOT NULL AND deleted_at IS NULL`).Scan(&checkedIn)
+	return
+}
+
+func (app *App) ticketTypes() ([]string, error) {
+	rows, err := app.db.Query(
+		`SELECT DISTINCT ticket_type FROM tickets WHERE ticket_type != '' AND deleted_at IS NULL ORDER BY ticket_type`,
+	)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+	var types []string
+	for rows.Next() {
+		var t string
+		rows.Scan(&t)
+		types = append(types, t)
+	}
+	return types, rows.Err()
+}
+
 // --- Departments ---
 
 func (app *App) listDepartments(since string) ([]Department, error) {
@@ -729,33 +1133,49 @@ func queryDepartments(db *sql.DB, q string, args ...any) ([]Department, error) {
 
 // --- Volunteers ---
 
+// volunteerSelect / volunteerFrom are used together for all volunteer queries.
+// Personal fields (name, email, phone, pronouns) come from the joined participant when available,
+// falling back to the volunteer's own columns for legacy rows.
+const volunteerSelect = `v.id, v.participant_id, v.attendee_id,
+	COALESCE(NULLIF(p.preferred_name,''), NULLIF(v.preferred_name,''), v.name),
+	COALESCE(NULLIF(p.preferred_name,''), NULLIF(v.preferred_name,''), v.name),
+	v.ticket_name,
+	COALESCE(NULLIF(p.email,''), v.email),
+	COALESCE(NULLIF(p.phone,''), v.phone),
+	COALESCE(NULLIF(p.pronouns,''), v.pronouns),
+	v.department_id, v.is_lead, v.checked_in, v.checked_in_at,
+	v.email_confirmed, v.confirmation_token, v.note,
+	v.created_at, v.updated_at, v.deleted_at`
+const volunteerFrom = `FROM volunteers v LEFT JOIN participants p ON p.id = v.participant_id`
+
+// volunteerCols is kept for backward-compat references that expect unqualified column names.
 const volunteerCols = `id, attendee_id, name, preferred_name, ticket_name, email, phone, pronouns, department_id, is_lead, checked_in, checked_in_at, email_confirmed, confirmation_token, note, created_at, updated_at, deleted_at`
 
 func (app *App) listVolunteers(search string, deptID *int, since string) ([]Volunteer, error) {
-	q := `SELECT ` + volunteerCols + ` FROM volunteers WHERE 1=1`
+	q := `SELECT ` + volunteerSelect + ` ` + volunteerFrom + ` WHERE 1=1`
 	var args []any
 	if since != "" {
-		q += ` AND updated_at > ?`
+		q += ` AND v.updated_at > ?`
 		args = append(args, since)
 	} else {
-		q += ` AND deleted_at IS NULL`
+		q += ` AND v.deleted_at IS NULL`
 	}
 	if search != "" {
-		q += ` AND (name LIKE ? OR email LIKE ?)`
+		q += ` AND (v.name LIKE ? OR v.email LIKE ? OR p.preferred_name LIKE ? OR p.email LIKE ?)`
 		s := "%" + search + "%"
-		args = append(args, s, s)
+		args = append(args, s, s, s, s)
 	}
 	if deptID != nil {
-		q += ` AND department_id = ?`
+		q += ` AND v.department_id = ?`
 		args = append(args, *deptID)
 	}
-	q += ` ORDER BY name`
+	q += ` ORDER BY COALESCE(NULLIF(p.preferred_name,''), v.name)`
 	return queryVolunteers(app.db, q, args...)
 }
 
 func (app *App) getVolunteer(id int) (*Volunteer, error) {
 	rows, err := queryVolunteers(app.db,
-		`SELECT `+volunteerCols+` FROM volunteers WHERE id = ?`, id)
+		`SELECT `+volunteerSelect+` `+volunteerFrom+` WHERE v.id = ?`, id)
 	if err != nil || len(rows) == 0 {
 		return nil, err
 	}
@@ -764,7 +1184,16 @@ func (app *App) getVolunteer(id int) (*Volunteer, error) {
 
 func (app *App) getVolunteerByAttendeeID(attendeeID int) (*Volunteer, error) {
 	rows, err := queryVolunteers(app.db,
-		`SELECT `+volunteerCols+` FROM volunteers WHERE attendee_id = ? AND deleted_at IS NULL LIMIT 1`, attendeeID)
+		`SELECT `+volunteerSelect+` `+volunteerFrom+` WHERE v.attendee_id = ? AND v.deleted_at IS NULL LIMIT 1`, attendeeID)
+	if err != nil || len(rows) == 0 {
+		return nil, err
+	}
+	return &rows[0], nil
+}
+
+func (app *App) getVolunteerByParticipantID(participantID int) (*Volunteer, error) {
+	rows, err := queryVolunteers(app.db,
+		`SELECT `+volunteerSelect+` `+volunteerFrom+` WHERE v.participant_id = ? AND v.deleted_at IS NULL LIMIT 1`, participantID)
 	if err != nil || len(rows) == 0 {
 		return nil, err
 	}
@@ -773,9 +1202,9 @@ func (app *App) getVolunteerByAttendeeID(attendeeID int) (*Volunteer, error) {
 
 func (app *App) createVolunteer(v Volunteer) (*Volunteer, error) {
 	res, err := app.db.Exec(
-		`INSERT INTO volunteers (attendee_id, name, preferred_name, ticket_name, email, phone, pronouns, department_id, is_lead, email_confirmed, confirmation_token, note, updated_at)
-		 VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
-		v.AttendeeID, v.Name, v.PreferredName, v.TicketName, v.Email, v.Phone, v.Pronouns,
+		`INSERT INTO volunteers (participant_id, attendee_id, name, preferred_name, ticket_name, email, phone, pronouns, department_id, is_lead, email_confirmed, confirmation_token, note, updated_at)
+		 VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+		v.ParticipantID, v.AttendeeID, v.Name, v.PreferredName, v.TicketName, v.Email, v.Phone, v.Pronouns,
 		v.DepartmentID, boolInt(v.IsLead), boolInt(v.EmailConfirmed), v.ConfirmationToken, v.Note, now(),
 	)
 	if err != nil {
@@ -787,9 +1216,9 @@ func (app *App) createVolunteer(v Volunteer) (*Volunteer, error) {
 
 func (app *App) updateVolunteer(v Volunteer) error {
 	_, err := app.db.Exec(
-		`UPDATE volunteers SET attendee_id=?, name=?, preferred_name=?, ticket_name=?, email=?, phone=?, pronouns=?, department_id=?, is_lead=?, note=?, updated_at=?
+		`UPDATE volunteers SET participant_id=?, attendee_id=?, name=?, preferred_name=?, ticket_name=?, email=?, phone=?, pronouns=?, department_id=?, is_lead=?, note=?, updated_at=?
 		 WHERE id=? AND deleted_at IS NULL`,
-		v.AttendeeID, v.Name, v.PreferredName, v.TicketName, v.Email, v.Phone, v.Pronouns,
+		v.ParticipantID, v.AttendeeID, v.Name, v.PreferredName, v.TicketName, v.Email, v.Phone, v.Pronouns,
 		v.DepartmentID, boolInt(v.IsLead), v.Note, now(), v.ID,
 	)
 	return err
@@ -833,11 +1262,11 @@ func queryVolunteers(db *sql.DB, q string, args ...any) ([]Volunteer, error) {
 	var result []Volunteer
 	for rows.Next() {
 		var v Volunteer
-		var attendeeID, deptID sql.NullInt64
+		var participantID, attendeeID, deptID sql.NullInt64
 		var isLead, checkedIn, emailConfirmed int
 		var confirmationToken sql.NullString
 		if err := rows.Scan(
-			&v.ID, &attendeeID, &v.Name, &v.PreferredName, &v.TicketName,
+			&v.ID, &participantID, &attendeeID, &v.Name, &v.PreferredName, &v.TicketName,
 			&v.Email, &v.Phone, &v.Pronouns, &deptID,
 			&isLead, &checkedIn, &v.CheckedInAt,
 			&emailConfirmed, &confirmationToken, &v.Note,
@@ -845,6 +1274,10 @@ func queryVolunteers(db *sql.DB, q string, args ...any) ([]Volunteer, error) {
 		); err != nil {
 			return nil, err
 		}
+		if participantID.Valid {
+			id := int(participantID.Int64)
+			v.ParticipantID = &id
+		}
 		if attendeeID.Valid {
 			id := int(attendeeID.Int64)
 			v.AttendeeID = &id
@@ -866,7 +1299,7 @@ func queryVolunteers(db *sql.DB, q string, args ...any) ([]Volunteer, error) {
 
 func (app *App) getVolunteerByEmail(email string) (*Volunteer, error) {
 	rows, err := queryVolunteers(app.db,
-		`SELECT `+volunteerCols+` FROM volunteers WHERE LOWER(email) = LOWER(?) AND deleted_at IS NULL LIMIT 1`, email)
+		`SELECT `+volunteerSelect+` `+volunteerFrom+` WHERE LOWER(v.email) = LOWER(?) AND v.deleted_at IS NULL LIMIT 1`, email)
 	if err != nil || len(rows) == 0 {
 		return nil, err
 	}
@@ -875,7 +1308,7 @@ func (app *App) getVolunteerByEmail(email string) (*Volunteer, error) {
 
 func (app *App) getVolunteerByConfirmationToken(token string) (*Volunteer, error) {
 	rows, err := queryVolunteers(app.db,
-		`SELECT `+volunteerCols+` FROM volunteers WHERE confirmation_token = ? AND deleted_at IS NULL LIMIT 1`, token)
+		`SELECT `+volunteerSelect+` `+volunteerFrom+` WHERE v.confirmation_token = ? AND v.deleted_at IS NULL LIMIT 1`, token)
 	if err != nil || len(rows) == 0 {
 		return nil, err
 	}
@@ -889,13 +1322,19 @@ func (app *App) confirmVolunteerEmail(id int) error {
 	return err
 }
 
-func (app *App) listConfirmedVolunteersWithoutKioskToken() ([]Volunteer, error) {
+// listConfirmedVolunteersNeedingCode returns confirmed volunteers whose participant
+// has no ticket with a code yet.
+func (app *App) listConfirmedVolunteersNeedingCode() ([]Volunteer, error) {
 	return queryVolunteers(app.db, `
-		SELECT `+volunteerCols+`
-		FROM volunteers
-		WHERE email_confirmed = 1 AND deleted_at IS NULL
-		  AND attendee_id IS NOT NULL
-		  AND (SELECT a.volunteer_token FROM attendees a WHERE a.id = volunteers.attendee_id) IS NULL`)
+		SELECT `+volunteerSelect+` `+volunteerFrom+`
+		WHERE v.email_confirmed = 1 AND v.deleted_at IS NULL
+		  AND v.participant_id IS NOT NULL
+		  AND NOT EXISTS (
+		    SELECT 1 FROM tickets t
+		    WHERE t.participant_id = v.participant_id
+		      AND t.code IS NOT NULL
+		      AND t.deleted_at IS NULL
+		  )`)
 }
 
 func generateConfirmationToken() (string, error) {
diff --git a/email.go b/email.go
index 0a1c65d..41a7a55 100644
--- a/email.go
+++ b/email.go
@@ -122,25 +122,36 @@ func (app *App) eventName() string {
 	return "the event"
 }
 
-// sendTokenEmail sends a volunteer token link to the attendee's email address.
-func (app *App) sendTokenEmail(a Attendee) error {
-	if a.Email == "" {
-		return fmt.Errorf("attendee has no email address")
+// sendTicketTokenEmail sends a volunteer token link for a ticket to its participant's email.
+func (app *App) sendTicketTokenEmail(tk Ticket) error {
+	if tk.Code == nil || *tk.Code == "" {
+		return fmt.Errorf("ticket has no code")
 	}
-	if a.VolunteerToken == nil || *a.VolunteerToken == "" {
-		return fmt.Errorf("attendee has no volunteer token")
+	if tk.ParticipantID == nil {
+		return fmt.Errorf("ticket has no participant")
+	}
+	p, err := app.getParticipant(*tk.ParticipantID)
+	if err != nil || p == nil {
+		return fmt.Errorf("participant not found")
+	}
+	if p.Email == "" {
+		return fmt.Errorf("participant has no email address")
 	}
 
 	cfg := app.loadSMTPConfig()
 	eventName := app.eventName()
-	link := fmt.Sprintf("%s/v/%s", app.resolveBaseURL(), *a.VolunteerToken)
+	link := fmt.Sprintf("%s/v/%s", app.resolveBaseURL(), *tk.Code)
+	name := p.PreferredName
+	if name == "" {
+		name = tk.Name
+	}
 	subject := fmt.Sprintf("Your volunteer link for %s", eventName)
 	body := fmt.Sprintf(
 		"Hi %s,\n\nThank you for volunteering at %s!\n\nYour volunteer token: %s\nYour signup link: %s\n\nUse this link to sign up for available shifts in your department.\n\nSee you there!\n",
-		a.Name, eventName, *a.VolunteerToken, link,
+		name, eventName, *tk.Code, link,
 	)
 
-	return sendEmail(cfg, a.Email, subject, body)
+	return sendEmail(cfg, p.Email, subject, body)
 }
 
 func (app *App) sendConfirmationEmail(to, name, confirmToken string) error {
diff --git a/frontend/src/App.svelte b/frontend/src/App.svelte
index 0fed314..ba26931 100644
--- a/frontend/src/App.svelte
+++ b/frontend/src/App.svelte
@@ -5,6 +5,7 @@
   import Login from './pages/Login.svelte'
   import Dashboard from './pages/Dashboard.svelte'
   import Attendees from './pages/Attendees.svelte'
+  import Participants from './pages/Participants.svelte'
   import Volunteers from './pages/Volunteers.svelte'
   import Departments from './pages/Departments.svelte'
   import Users from './pages/Users.svelte'
@@ -128,6 +129,8 @@
         {/if}
       {:else if path.startsWith('/attendees')}
         <Attendees {session} />
+      {:else if path.startsWith('/participants')}
+        <Participants {session} />
       {:else if path.startsWith('/volunteers')}
         <Volunteers {session} />
       {:else if path.startsWith('/departments')}
diff --git a/frontend/src/api.js b/frontend/src/api.js
index e288308..bf6fd0a 100644
--- a/frontend/src/api.js
+++ b/frontend/src/api.js
@@ -56,6 +56,21 @@ export const api = {
     get: () => apiJSON('/api/event'),
     update: (data) => apiJSON('/api/event', { method: 'PUT', body: JSON.stringify(data) }),
   },
+  participants: {
+    list: (params = {}) => apiJSON('/api/participants?' + new URLSearchParams(params)),
+    get: (id) => apiJSON(`/api/participants/${id}`),
+    create: (data) => apiJSON('/api/participants', { method: 'POST', body: JSON.stringify(data) }),
+    update: (id, data) => apiJSON(`/api/participants/${id}`, { method: 'PUT', body: JSON.stringify(data) }),
+    delete: (id) => apiFetch(`/api/participants/${id}`, { method: 'DELETE' }),
+    merge: (id, otherId) => apiJSON(`/api/participants/${id}/merge/${otherId}`, { method: 'POST' }),
+  },
+  tickets: {
+    list: () => apiJSON('/api/tickets'),
+    checkIn: (id) => apiJSON(`/api/tickets/${id}/checkin`, { method: 'POST' }),
+    generateCodes: () => apiJSON('/api/tickets/generate-codes', { method: 'POST' }),
+    emailCode: (id) => apiJSON(`/api/tickets/${id}/email-code`, { method: 'POST' }),
+    emailAllCodes: () => apiJSON('/api/tickets/email-codes', { method: 'POST' }),
+  },
   attendees: {
     list: (params = {}) => apiJSON('/api/attendees?' + new URLSearchParams(params)),
     get: (id) => apiJSON(`/api/attendees/${id}`),
@@ -111,6 +126,7 @@ export const api = {
     testEmail: (to) => apiJSON('/api/settings/test-email', { method: 'POST', body: JSON.stringify({ to }) }),
     toggleShiftSignups: (open) => apiJSON('/api/settings/shift-signups', { method: 'POST', body: JSON.stringify({ open }) }),
     resetAttendees: () => apiJSON('/api/settings/reset-attendees', { method: 'POST' }),
+    resetTickets: () => apiJSON('/api/settings/reset-tickets', { method: 'POST' }),
     resetVolunteers: () => apiJSON('/api/settings/reset-volunteers', { method: 'POST' }),
     resetShifts: () => apiJSON('/api/settings/reset-shifts', { method: 'POST' }),
     resetDepartments: () => apiJSON('/api/settings/reset-departments', { method: 'POST' }),
diff --git a/frontend/src/components/Nav.svelte b/frontend/src/components/Nav.svelte
index cef8d7c..d7ccc63 100644
--- a/frontend/src/components/Nav.svelte
+++ b/frontend/src/components/Nav.svelte
@@ -1,5 +1,5 @@
 <script>
-  import { LayoutDashboard, ClipboardCheck, Heart, Hexagon, CalendarDays, Upload, Users, Settings, LogOut } from 'lucide-svelte'
+  import { LayoutDashboard, ClipboardCheck, Heart, Hexagon, CalendarDays, Upload, Users, Settings, LogOut, Ticket } from 'lucide-svelte'
 
   let { session, active, onLogout, navigate, open = false } = $props()
 
@@ -9,6 +9,7 @@
 
   const links = $derived.by(() => {
     if (role === 'ticketing') return [
+      { href: '/participants', label: 'Participants', icon: Ticket },
       { href: '/attendees', label: 'Attendees', icon: ClipboardCheck },
       { href: '/import', label: 'Import', icon: Upload },
     ]
@@ -25,6 +26,7 @@
     ]
     return [
       { href: '/', label: 'Dashboard', icon: LayoutDashboard },
+      { href: '/participants', label: 'Participants', icon: Ticket },
       { href: '/attendees', label: 'Attendees', icon: ClipboardCheck },
       { href: '/volunteers', label: 'Volunteers', icon: Heart },
       { href: '/departments', label: 'Departments', icon: Hexagon },
diff --git a/frontend/src/db.js b/frontend/src/db.js
index 258c76c..6f45ba8 100644
--- a/frontend/src/db.js
+++ b/frontend/src/db.js
@@ -26,6 +26,20 @@ db.version(2).stores({
   outbox: '++id, table, op, synced_at',
 })
 
+db.version(3).stores({
+  session: 'id, token, user',
+  meta: 'key',
+  event: 'id',
+  attendees: 'id, name, ticket_type, checked_in, volunteer_token, deleted_at',
+  participants: 'id, email, preferred_name, updated_at, deleted_at',
+  tickets: 'id, participant_id, code, source, checked_in_at, updated_at, deleted_at',
+  departments: 'id, name, deleted_at',
+  volunteers: 'id, name, department_id, checked_in, attendee_id, participant_id, deleted_at',
+  shifts: 'id, department_id, day, position, deleted_at',
+  volunteer_shifts: '[volunteer_id+shift_id], volunteer_id, shift_id',
+  outbox: '++id, table, op, synced_at',
+})
+
 export async function getLastSync() {
   const m = await db.meta.get('last_sync')
   return m?.value ?? ''
diff --git a/frontend/src/db.test.js b/frontend/src/db.test.js
index 36d3c5e..38fc57d 100644
--- a/frontend/src/db.test.js
+++ b/frontend/src/db.test.js
@@ -10,7 +10,7 @@ describe('db schema', () => {
     const names = db.tables.map(t => t.name).sort()
     expect(names).toEqual([
       'attendees', 'departments', 'event', 'meta',
-      'outbox', 'session', 'shifts', 'volunteer_shifts', 'volunteers',
+      'outbox', 'participants', 'session', 'shifts', 'tickets', 'volunteer_shifts', 'volunteers',
     ])
   })
 })
diff --git a/frontend/src/pages/GateUI.svelte b/frontend/src/pages/GateUI.svelte
index f3ea8a9..ab0a658 100644
--- a/frontend/src/pages/GateUI.svelte
+++ b/frontend/src/pages/GateUI.svelte
@@ -20,6 +20,14 @@
     db.attendees.filter(a => !a.deleted_at).toArray()
   )
 
+  const tickets = liveQuery(() =>
+    db.tickets.filter(t => !t.deleted_at).toArray()
+  )
+
+  const participants = liveQuery(() =>
+    db.participants.filter(p => !p.deleted_at).toArray()
+  )
+
   const recentCheckIns = liveQuery(() =>
     db.attendees
       .filter(a => a.checked_in && !a.deleted_at)
@@ -31,6 +39,28 @@
       )
   )
 
+  const recentTicketCheckIns = liveQuery(() =>
+    db.tickets
+      .filter(t => t.checked_in_at && !t.deleted_at)
+      .toArray()
+      .then(arr => arr
+        .sort((a, b) => b.checked_in_at.localeCompare(a.checked_in_at))
+        .slice(0, 10)
+      )
+  )
+
+  // Ticket matched by code (exact) or attendee matched by search
+  const matchedTicket = $derived.by(() => {
+    const s = search.trim()
+    if (!s || s.length < 2) return null
+    const sl = s.toLowerCase()
+    // Exact code match (QR scan)
+    const byCode = ($tickets ?? []).find(t => t.code?.toLowerCase() === sl)
+    if (byCode) return byCode
+    // Exact external_id match
+    return ($tickets ?? []).find(t => t.external_id?.toLowerCase() === sl) ?? null
+  })
+
   const filtered = $derived.by(() => {
     const s = search.trim().toLowerCase()
     if (!s || s.length < 2) return []
@@ -46,6 +76,11 @@
     return filtered.find(a => a.ticket_id?.toLowerCase() === s) ?? null
   })
 
+  function participantFor(ticket) {
+    if (!ticket?.participant_id) return null
+    return ($participants ?? []).find(p => p.id === ticket.participant_id) ?? null
+  }
+
   onMount(() => {
     qrSupported = 'BarcodeDetector' in window
   })
@@ -96,6 +131,19 @@
     } catch {}
   }
 
+  async function checkInTicket(ticket) {
+    error = ''
+    try {
+      const result = await api.tickets.checkIn(ticket.id)
+      if (result.ticket) {
+        await db.tickets.put(result.ticket)
+        search = ''
+      }
+    } catch (err) {
+      error = err.message
+    }
+  }
+
   async function checkIn(attendee, count = 1) {
     error = ''
     try {
@@ -172,6 +220,32 @@
       <div class="gate-msg gate-msg-error">{error}</div>
     {/if}
 
+    <!-- Matched ticket card (ticket code scan) -->
+    {#if matchedTicket && !selected}
+      {@const p = participantFor(matchedTicket)}
+      <div class="gate-match">
+        <div class="gate-match-name">{matchedTicket.name || p?.preferred_name || '(unknown)'}</div>
+        {#if matchedTicket.ticket_type}
+          <div class="gate-match-sub">{matchedTicket.ticket_type}</div>
+        {/if}
+        {#if matchedTicket.external_id}
+          <div class="gate-match-sub text-muted">#{matchedTicket.external_id}</div>
+        {/if}
+        {#if p?.email}
+          <div class="gate-match-sub text-muted">{p.email}</div>
+        {/if}
+        <div class="gate-match-actions">
+          {#if !matchedTicket.checked_in_at}
+            <button class="gbtn gbtn-success" onclick={() => checkInTicket(matchedTicket)}>
+              ✓ Check in
+            </button>
+          {:else}
+            <span class="gate-done">✓ Checked in {fmt(matchedTicket.checked_in_at)}</span>
+          {/if}
+        </div>
+      </div>
+    {/if}
+
     <!-- Matched attendee card -->
     {#if selected}
       {@const rem = remaining(selected)}
@@ -226,8 +300,8 @@
           </button>
         {/each}
       </div>
-    {:else if search.trim().length >= 2 && filtered.length === 0}
-      <div class="gate-msg gate-msg-warn">No matching attendees found.</div>
+    {:else if search.trim().length >= 2 && filtered.length === 0 && !matchedTicket}
+      <div class="gate-msg gate-msg-warn">No matching attendees or tickets found.</div>
     {/if}
 
     <!-- Recent check-ins -->
diff --git a/frontend/src/pages/Participants.svelte b/frontend/src/pages/Participants.svelte
new file mode 100644
index 0000000..b567039
--- /dev/null
+++ b/frontend/src/pages/Participants.svelte
@@ -0,0 +1,305 @@
+<script>
+  import { liveQuery } from 'dexie'
+  import { db } from '../db.js'
+  import { api } from '../api.js'
+
+  let { session } = $props()
+
+  let search = $state('')
+  let error = $state('')
+  let success = $state('')
+  let generating = $state(false)
+  let emailing = $state(false)
+  let mergeMode = $state(false)
+  let mergeSource = $state(null)   // participant being merged away
+  let mergeTarget = $state(null)   // participant to keep
+  let expandedId = $state(null)
+  let expandedTickets = $state([])
+
+  const role = $derived(session?.user?.role ?? '')
+  const canManage = $derived(['admin', 'ticketing'].includes(role))
+
+  const allParticipants = liveQuery(() => db.participants.toArray())
+  const allTickets = liveQuery(() => db.tickets.toArray())
+
+  const filtered = $derived.by(() => {
+    const list = $allParticipants ?? []
+    const s = search.toLowerCase().trim()
+    return list
+      .filter(p => {
+        if (!s) return true
+        return p.preferred_name?.toLowerCase().includes(s) ||
+               p.email?.toLowerCase().includes(s)
+      })
+      .sort((a, b) => (a.preferred_name || a.email).localeCompare(b.preferred_name || b.email))
+  })
+
+  function ticketsFor(participantId) {
+    return ($allTickets ?? []).filter(t => t.participant_id === participantId)
+  }
+
+  function checkedInCount(participantId) {
+    return ticketsFor(participantId).filter(t => t.checked_in_at).length
+  }
+
+  async function toggleExpand(id) {
+    if (expandedId === id) {
+      expandedId = null
+      expandedTickets = []
+      return
+    }
+    expandedId = id
+    expandedTickets = ticketsFor(id)
+  }
+
+  async function generateCodes() {
+    generating = true
+    error = ''
+    success = ''
+    try {
+      const result = await api.tickets.generateCodes()
+      success = `Generated ${result.generated} code${result.generated !== 1 ? 's' : ''}.`
+    } catch (err) {
+      error = err.message
+    } finally {
+      generating = false
+    }
+  }
+
+  async function emailAll() {
+    if (!confirm('Send code emails to all participants with a ticket code and email?')) return
+    emailing = true
+    error = ''
+    success = ''
+    try {
+      const result = await api.tickets.emailAllCodes()
+      success = `Sent ${result.sent} email${result.sent !== 1 ? 's' : ''}${result.skipped ? `, skipped ${result.skipped}` : ''}.`
+      if (result.errors?.length) error = result.errors.join('; ')
+    } catch (err) {
+      error = err.message
+    } finally {
+      emailing = false
+    }
+  }
+
+  function startMerge(p) {
+    mergeMode = true
+    mergeSource = p
+    mergeTarget = null
+    error = ''
+  }
+
+  function cancelMerge() {
+    mergeMode = false
+    mergeSource = null
+    mergeTarget = null
+  }
+
+  async function confirmMerge() {
+    if (!mergeSource || !mergeTarget) return
+    error = ''
+    try {
+      const result = await api.participants.merge(mergeTarget.id, mergeSource.id)
+      success = `Merged "${mergeSource.preferred_name || mergeSource.email}" into "${mergeTarget.preferred_name || mergeTarget.email}".`
+      if (result.participant) await db.participants.put(result.participant)
+      if (result.tickets?.length) await db.tickets.bulkPut(result.tickets)
+      await db.participants.delete(mergeSource.id)
+      cancelMerge()
+    } catch (err) {
+      error = err.message
+    }
+  }
+
+  function fmtTime(ts) {
+    if (!ts) return ''
+    return new Date(ts).toLocaleTimeString([], { hour: '2-digit', minute: '2-digit' })
+  }
+</script>
+
+<div class="page">
+  <div class="page-header">
+    <h1 class="page-title">Participants</h1>
+    <div class="actions">
+      {#if canManage}
+        <a href="/api/participants/export" class="btn btn-ghost btn-sm">Export CSV</a>
+        <button class="btn btn-ghost btn-sm" onclick={generateCodes} disabled={generating}>
+          {generating ? '…' : '⚿ Generate Codes'}
+        </button>
+        <a href="/api/tickets/export-links" class="btn btn-ghost btn-sm">Export Links</a>
+        <button class="btn btn-ghost btn-sm" onclick={emailAll} disabled={emailing}>
+          {emailing ? '…' : '✉ Email All'}
+        </button>
+      {/if}
+    </div>
+  </div>
+
+  {#if mergeMode && mergeSource}
+    <div class="card" style="margin-bottom:1.5rem;border-color:var(--c-accent)">
+      <div style="margin-bottom:0.75rem">
+        <strong>Merge:</strong> "{mergeSource.preferred_name || mergeSource.email}" will be merged into the participant you select below.
+        All their tickets and volunteer records will move to the target.
+      </div>
+      {#if mergeTarget}
+        <div style="margin-bottom:0.75rem">
+          <strong>Target:</strong> {mergeTarget.preferred_name || mergeTarget.email} ({mergeTarget.email})
+        </div>
+        <div class="actions">
+          <button class="btn btn-primary" onclick={confirmMerge}>Confirm merge</button>
+          <button class="btn btn-ghost" onclick={cancelMerge}>Cancel</button>
+        </div>
+      {:else}
+        <div class="text-muted" style="font-size:0.875rem">Click a participant row below to select as merge target.</div>
+        <div class="actions" style="margin-top:0.5rem">
+          <button class="btn btn-ghost" onclick={cancelMerge}>Cancel</button>
+        </div>
+      {/if}
+    </div>
+  {/if}
+
+  {#if error}
+    <div class="alert alert-error">{error}</div>
+  {/if}
+  {#if success}
+    <div class="alert alert-success">{success}</div>
+  {/if}
+
+  <div class="search-bar">
+    <input placeholder="Search name or email…" bind:value={search} />
+    <span class="text-muted" style="font-size:0.85rem;white-space:nowrap">
+      {filtered.length} shown
+    </span>
+  </div>
+
+  {#if ($allParticipants ?? []).length === 0}
+    <div class="empty">
+      <strong>No participants yet</strong>
+      <p>Import a CSV or wait for volunteer signups.</p>
+    </div>
+  {:else}
+    <div class="table-wrap">
+      <table>
+        <thead>
+          <tr>
+            <th>Name</th>
+            <th>Email</th>
+            <th>Tickets</th>
+            <th>Status</th>
+            {#if canManage}<th></th>{/if}
+          </tr>
+        </thead>
+        <tbody>
+          {#each filtered as p (p.id)}
+            {@const pts = ticketsFor(p.id)}
+            {@const ci = checkedInCount(p.id)}
+            {@const isExpanded = expandedId === p.id}
+            {@const isMergeTarget = mergeMode && mergeSource?.id !== p.id}
+            <tr
+              class:merge-target={isMergeTarget}
+              onclick={mergeMode && mergeSource?.id !== p.id ? () => { mergeTarget = p } : null}
+              style={mergeMode && mergeSource?.id !== p.id ? 'cursor:pointer' : ''}
+            >
+              <td>
+                <strong>{p.preferred_name || '—'}</strong>
+                {#if p.pronouns}
+                  <span class="text-muted" style="font-size:0.78rem"> · {p.pronouns}</span>
+                {/if}
+                {#if p.note}
+                  <div class="text-muted" style="font-size:0.78rem">{p.note}</div>
+                {/if}
+              </td>
+              <td class="text-muted">{p.email || '—'}</td>
+              <td>
+                {#if pts.length > 0}
+                  <button class="btn btn-ghost btn-sm" onclick={(e) => { e.stopPropagation(); toggleExpand(p.id) }}>
+                    {pts.length} ticket{pts.length !== 1 ? 's' : ''}
+                    {isExpanded ? '▲' : '▼'}
+                  </button>
+                {:else}
+                  <span class="text-muted">—</span>
+                {/if}
+              </td>
+              <td>
+                {#if pts.length > 0}
+                  <span class="badge {ci === pts.length ? 'badge-checked' : ci > 0 ? 'badge-partial' : 'badge-unchecked'}">
+                    {ci}/{pts.length} in
+                  </span>
+                {:else}
+                  <span class="badge badge-unchecked">No ticket</span>
+                {/if}
+              </td>
+              {#if canManage}
+                <td>
+                  {#if !mergeMode}
+                    <button class="btn btn-ghost btn-sm" onclick={(e) => { e.stopPropagation(); startMerge(p) }}
+                      title="Merge this participant into another">⇄</button>
+                  {/if}
+                </td>
+              {/if}
+            </tr>
+            {#if isExpanded && pts.length > 0}
+              <tr class="ticket-rows">
+                <td colspan="5">
+                  <div class="ticket-list">
+                    {#each pts as tk (tk.id)}
+                      <div class="ticket-row">
+                        <div>
+                          <strong>{tk.name || '(unnamed)'}</strong>
+                          {#if tk.ticket_type}
+                            <span class="text-muted"> · {tk.ticket_type}</span>
+                          {/if}
+                          {#if tk.external_id}
+                            <span class="text-muted" style="font-size:0.78rem"> · #{tk.external_id}</span>
+                          {/if}
+                          {#if tk.code}
+                            <div style="font-size:0.75rem;margin-top:0.15rem">
+                              <code style="color:var(--c-accent-h)">{tk.code}</code>
+                              {#if p.email && canManage}
+                                <button class="btn btn-ghost btn-sm" style="padding:0.1rem 0.4rem;margin-left:0.25rem"
+                                  onclick={() => api.tickets.emailCode(tk.id).then(() => success = 'Email sent.').catch(e => error = e.message)}>✉</button>
+                              {/if}
+                            </div>
+                          {/if}
+                        </div>
+                        <div style="text-align:right">
+                          {#if tk.checked_in_at}
+                            <span class="badge badge-checked">In {fmtTime(tk.checked_in_at)}</span>
+                          {:else}
+                            <span class="badge badge-unchecked">Pending</span>
+                          {/if}
+                          <div class="text-muted" style="font-size:0.75rem">{tk.source}</div>
+                        </div>
+                      </div>
+                    {/each}
+                  </div>
+                </td>
+              </tr>
+            {/if}
+          {/each}
+        </tbody>
+      </table>
+    </div>
+  {/if}
+</div>
+
+<style>
+  .merge-target:hover { background: rgba(var(--c-accent-rgb, 99,102,241), 0.08); }
+  .ticket-rows td { padding: 0; background: var(--c-bg); }
+  .ticket-list { padding: 0.5rem 1rem 0.75rem; display: flex; flex-direction: column; gap: 0.4rem; }
+  .ticket-row {
+    display: flex;
+    justify-content: space-between;
+    align-items: flex-start;
+    padding: 0.4rem 0.6rem;
+    border-radius: 6px;
+    background: var(--c-surface);
+    font-size: 0.875rem;
+  }
+  .badge-partial {
+    background: rgba(245,158,11,0.15);
+    color: var(--c-warn);
+    padding: 0.15rem 0.5rem;
+    border-radius: 99px;
+    font-size: 0.75rem;
+    font-weight: 600;
+  }
+</style>
diff --git a/frontend/src/sync.js b/frontend/src/sync.js
index 05b16c0..e8f2d1a 100644
--- a/frontend/src/sync.js
+++ b/frontend/src/sync.js
@@ -12,7 +12,7 @@ export async function syncPull() {
     const data = await api.sync.pull(since)
 
     await db.transaction('rw',
-      [db.event, db.attendees, db.departments, db.volunteers, db.shifts, db.volunteer_shifts],
+      [db.event, db.attendees, db.participants, db.tickets, db.departments, db.volunteers, db.shifts, db.volunteer_shifts],
       async () => {
         if (data.event) {
           await db.event.put(data.event)
@@ -23,6 +23,16 @@ export async function syncPull() {
           const deleted = data.attendees.filter(a => a.deleted_at).map(a => a.id)
           if (deleted.length) await db.attendees.bulkDelete(deleted)
         }
+        if (data.participants?.length) {
+          await db.participants.bulkPut(data.participants)
+          const deleted = data.participants.filter(p => p.deleted_at).map(p => p.id)
+          if (deleted.length) await db.participants.bulkDelete(deleted)
+        }
+        if (data.tickets?.length) {
+          await db.tickets.bulkPut(data.tickets)
+          const deleted = data.tickets.filter(t => t.deleted_at).map(t => t.id)
+          if (deleted.length) await db.tickets.bulkDelete(deleted)
+        }
         if (data.departments?.length) {
           await db.departments.bulkPut(data.departments)
           const deleted = data.departments.filter(d => d.deleted_at).map(d => d.id)
@@ -75,6 +85,9 @@ export function startSSE(onEvent) {
             if (payload.data?.type === 'attendee' && payload.data?.attendee) {
               await db.attendees.put(payload.data.attendee)
             }
+            if (payload.data?.type === 'ticket' && payload.data?.ticket) {
+              await db.tickets.put(payload.data.ticket)
+            }
             if (payload.data?.type === 'volunteer' && payload.data?.volunteer) {
               await db.volunteers.put(payload.data.volunteer)
             }
diff --git a/handle_attendees.go b/handle_attendees.go
index 5e732ba..0ee5628 100644
--- a/handle_attendees.go
+++ b/handle_attendees.go
@@ -125,7 +125,17 @@ func (app *App) handleCheckInAttendee(w http.ResponseWriter, r *http.Request) {
 	result := map[string]any{"attendee": a}
 
 	if body.AlsoVolunteer {
-		v, _ := app.getVolunteerByAttendeeID(id)
+		// Try to find volunteer via participant_id first (new model), fall back to attendee_id (legacy).
+		var v *Volunteer
+		if a != nil {
+			p, _ := app.getParticipantByEmail(a.Email)
+			if p != nil {
+				v, _ = app.getVolunteerByParticipantID(p.ID)
+			}
+		}
+		if v == nil {
+			v, _ = app.getVolunteerByAttendeeID(id)
+		}
 		if v != nil {
 			if !v.CheckedIn {
 				if v2, err := app.checkInVolunteer(v.ID, claims.UserID); err == nil {
diff --git a/handle_import.go b/handle_import.go
index 359d8f9..7870e7a 100644
--- a/handle_import.go
+++ b/handle_import.go
@@ -10,7 +10,6 @@ import (
 
 type ImportResult struct {
 	Inserted int      `json:"inserted"`
-	Grouped  int      `json:"grouped"`
 	Skipped  int      `json:"skipped"`
 	Errors   []string `json:"errors"`
 }
@@ -57,12 +56,14 @@ func (app *App) importCSV(r io.Reader) (ImportResult, error) {
 	}
 
 	var (
-		nameIdx, emailIdx, ticketIDIdx, ticketTypeIdx, noteIdx int
-		hasEmail, hasTicketID, hasTicketType, hasNote          bool
+		nameIdx, emailIdx, ticketIDIdx, ticketTypeIdx int
+		hasEmail, hasTicketID, hasTicketType          bool
+		isCrowdWork                                   bool
 	)
 
 	if idx, ok := colIndex["patron name"]; ok {
 		// CrowdWork / ticketing platform format
+		isCrowdWork = true
 		nameIdx = idx
 		if idx, ok := colIndex["patron email"]; ok {
 			emailIdx, hasEmail = idx, true
@@ -85,9 +86,6 @@ func (app *App) importCSV(r io.Reader) (ImportResult, error) {
 		if idx, ok := colIndex["ticket_type"]; ok {
 			ticketTypeIdx, hasTicketType = idx, true
 		}
-		if idx, ok := colIndex["note"]; ok {
-			noteIdx, hasNote = idx, true
-		}
 	} else {
 		return ImportResult{}, fmt.Errorf("CSV must have a 'name' or 'patron name' column")
 	}
@@ -111,33 +109,49 @@ func (app *App) importCSV(r io.Reader) (ImportResult, error) {
 			continue
 		}
 
-		a := Attendee{Name: name}
+		email := ""
 		if hasEmail {
-			a.Email = strings.TrimSpace(csvGet(record, emailIdx))
+			email = strings.TrimSpace(csvGet(record, emailIdx))
 		}
+		externalID := ""
 		if hasTicketID {
-			a.TicketID = strings.TrimSpace(csvGet(record, ticketIDIdx))
+			externalID = strings.TrimSpace(csvGet(record, ticketIDIdx))
 		}
+		ticketType := ""
 		if hasTicketType {
-			a.TicketType = strings.TrimSpace(csvGet(record, ticketTypeIdx))
-		}
-		if hasNote {
-			a.Note = strings.TrimSpace(csvGet(record, noteIdx))
+			ticketType = strings.TrimSpace(csvGet(record, ticketTypeIdx))
 		}
 
-		_, err = app.createAttendee(a)
+		source := "manual"
+		orderID := ""
+		if isCrowdWork {
+			source = "crowdwork"
+			orderID = externalID
+		}
+
+		// Find or create participant when email is present.
+		var participantID *int
+		if email != "" {
+			p, _, err := app.upsertParticipant(email, name)
+			if err != nil {
+				result.Errors = append(result.Errors, fmt.Sprintf("line %d (%s): participant: %v", lineNum, name, err))
+				continue
+			}
+			if p != nil {
+				participantID = &p.ID
+			}
+		}
+
+		_, err = app.createTicket(Ticket{
+			ParticipantID: participantID,
+			Name:          name,
+			TicketType:    ticketType,
+			Source:        source,
+			ExternalID:    externalID,
+			OrderID:       orderID,
+		})
 		if err != nil {
 			if strings.Contains(err.Error(), "UNIQUE constraint failed") {
-				// CrowdWork exports one row per ticket under the purchaser's name.
-				// If we have a ticket_id and the same (name, ticket_id) already exists,
-				// increment party_size instead of skipping.
-				if hasTicketID && a.TicketID != "" {
-					merged, mergeErr := app.incrementPartySize(a.Name, a.TicketID)
-					if mergeErr == nil && merged {
-						result.Grouped++
-						continue
-					}
-				}
 				result.Skipped++
 			} else {
 				result.Errors = append(result.Errors, fmt.Sprintf("line %d (%s): %v", lineNum, name, err))
diff --git a/handle_import_test.go b/handle_import_test.go
index a062c53..2397ca2 100644
--- a/handle_import_test.go
+++ b/handle_import_test.go
@@ -61,13 +61,13 @@ func TestImportGenericFormat(t *testing.T) {
 	}
 }
 
-func TestImportPartySizeDedup(t *testing.T) {
+func TestImportDedup(t *testing.T) {
 	app := testApp(t)
 	admin := testAdminUser(t, app)
 	token := testToken(t, app, admin)
 	mux := testMux(app)
 
-	// 3 rows same name+order = 1 record, party_size=3
+	// 3 rows with same order number: first inserts, remaining 2 skip (same external_id)
 	csv := "Patron Name,Patron Email,Order Number,Tier Name\nTitania,titania@test.com,ORD-1,GA\nTitania,titania@test.com,ORD-1,GA\nTitania,titania@test.com,ORD-1,GA\n"
 	w := postCSV(t, mux, token, csv)
 
@@ -75,16 +75,16 @@ func TestImportPartySizeDedup(t *testing.T) {
 	if result["inserted"] != float64(1) {
 		t.Errorf("inserted = %v, want 1", result["inserted"])
 	}
-	if result["grouped"] != float64(2) {
-		t.Errorf("grouped = %v, want 2", result["grouped"])
+	if result["skipped"] != float64(2) {
+		t.Errorf("skipped = %v, want 2", result["skipped"])
 	}
 
-	attendees, _ := app.listAttendees("", "", "")
-	if len(attendees) != 1 {
-		t.Fatalf("attendee count = %d, want 1", len(attendees))
+	tickets, _ := app.listTickets(nil, "")
+	if len(tickets) != 1 {
+		t.Fatalf("ticket count = %d, want 1", len(tickets))
 	}
-	if attendees[0].PartySize != 3 {
-		t.Errorf("party_size = %d, want 3", attendees[0].PartySize)
+	if tickets[0].Source != "crowdwork" {
+		t.Errorf("source = %q, want crowdwork", tickets[0].Source)
 	}
 }
 
@@ -94,7 +94,8 @@ func TestImportReimportSkips(t *testing.T) {
 	token := testToken(t, app, admin)
 	mux := testMux(app)
 
-	csv := "name\nTitania\nOberon\n"
+	// Use ticket_ids so re-import dedup works via UNIQUE(source, external_id)
+	csv := "name,email,ticket_id\nTitania,titania@test.com,T001\nOberon,oberon@test.com,T002\n"
 	postCSV(t, mux, token, csv)
 
 	// Re-import same data
diff --git a/handle_kiosk.go b/handle_kiosk.go
index c782afb..646db43 100644
--- a/handle_kiosk.go
+++ b/handle_kiosk.go
@@ -7,17 +7,20 @@ import (
 )
 
 // handleKioskGet returns the volunteer's profile, current shift assignments, and
-// available open shifts in their department. Authenticated by volunteer token only —
+// available open shifts in their department. Authenticated by ticket code only —
 // no JWT required.
 func (app *App) handleKioskGet(w http.ResponseWriter, r *http.Request) {
 	token := r.PathValue("token")
-	a, err := app.getAttendeeByToken(token)
-	if err != nil || a == nil {
+	t, err := app.getTicketByCode(token)
+	if err != nil || t == nil {
 		writeError(w, "not found", http.StatusNotFound)
 		return
 	}
 
-	v, _ := app.getVolunteerByAttendeeID(a.ID)
+	var v *Volunteer
+	if t.ParticipantID != nil {
+		v, _ = app.getVolunteerByParticipantID(*t.ParticipantID)
+	}
 	if v == nil {
 		writeError(w, "no volunteer record linked to this token", http.StatusNotFound)
 		return
@@ -53,12 +56,15 @@ func (app *App) handleKioskClaim(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	a, err := app.getAttendeeByToken(token)
-	if err != nil || a == nil {
+	t, err := app.getTicketByCode(token)
+	if err != nil || t == nil {
 		writeError(w, "not found", http.StatusNotFound)
 		return
 	}
-	v, _ := app.getVolunteerByAttendeeID(a.ID)
+	var v *Volunteer
+	if t.ParticipantID != nil {
+		v, _ = app.getVolunteerByParticipantID(*t.ParticipantID)
+	}
 	if v == nil {
 		writeError(w, "no volunteer linked to this token", http.StatusNotFound)
 		return
@@ -110,12 +116,15 @@ func (app *App) handleKioskUnclaim(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	a, err := app.getAttendeeByToken(token)
-	if err != nil || a == nil {
+	t, err := app.getTicketByCode(token)
+	if err != nil || t == nil {
 		writeError(w, "not found", http.StatusNotFound)
 		return
 	}
-	v, _ := app.getVolunteerByAttendeeID(a.ID)
+	var v *Volunteer
+	if t.ParticipantID != nil {
+		v, _ = app.getVolunteerByParticipantID(*t.ParticipantID)
+	}
 	if v == nil {
 		writeError(w, "no volunteer linked to this token", http.StatusNotFound)
 		return
diff --git a/handle_kiosk_test.go b/handle_kiosk_test.go
index 0eb252b..1e3c682 100644
--- a/handle_kiosk_test.go
+++ b/handle_kiosk_test.go
@@ -14,13 +14,14 @@ func setupKiosk(t *testing.T) (*App, *http.ServeMux, string) {
 	dept, _ := app.createDepartment(Department{Name: "Gate"})
 	deptID := dept.ID
 
-	// Create attendee with token
-	a, _ := app.createAttendee(Attendee{Name: "Titania", Email: "titania@test.com"})
+	// Create participant + ticket with code
+	p, _ := app.createParticipant(Participant{Email: "titania@test.com", PreferredName: "Titania"})
 	token, _ := app.generateUniqueToken()
-	app.db.Exec(`UPDATE attendees SET volunteer_token = ? WHERE id = ?`, token, a.ID)
+	tk, _ := app.createTicket(Ticket{ParticipantID: &p.ID, Name: "Titania", Source: "manual", Code: &token})
+	_ = tk
 
-	// Create linked volunteer
-	app.createVolunteer(Volunteer{Name: "Titania", AttendeeID: &a.ID, DepartmentID: &deptID})
+	// Create linked volunteer via participant_id
+	app.createVolunteer(Volunteer{Name: "Titania", ParticipantID: &p.ID, DepartmentID: &deptID})
 
 	// Create shifts
 	app.createShift(Shift{DepartmentID: deptID, Name: "Morning", Day: "2026-03-15", StartTime: "08:00", EndTime: "12:00", Capacity: 2})
diff --git a/handle_participants.go b/handle_participants.go
new file mode 100644
index 0000000..3a5b290
--- /dev/null
+++ b/handle_participants.go
@@ -0,0 +1,157 @@
+package main
+
+import (
+	"encoding/csv"
+	"encoding/json"
+	"net/http"
+	"strconv"
+)
+
+func (app *App) handleListParticipants(w http.ResponseWriter, r *http.Request) {
+	search := r.URL.Query().Get("search")
+	participants, err := app.listParticipants(search, "")
+	if err != nil {
+		writeError(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	total, checkedIn, _ := app.ticketCounts()
+	types, _ := app.ticketTypes()
+	writeJSON(w, map[string]any{
+		"participants": participants,
+		"total":        total,
+		"checked_in":   checkedIn,
+		"ticket_types": types,
+	})
+}
+
+func (app *App) handleGetParticipant(w http.ResponseWriter, r *http.Request) {
+	id, err := strconv.Atoi(r.PathValue("id"))
+	if err != nil {
+		writeError(w, "invalid id", http.StatusBadRequest)
+		return
+	}
+	p, err := app.getParticipant(id)
+	if err != nil || p == nil {
+		writeError(w, "not found", http.StatusNotFound)
+		return
+	}
+	tickets, _ := app.listTickets(&id, "")
+	writeJSON(w, map[string]any{"participant": p, "tickets": tickets})
+}
+
+func (app *App) handleCreateParticipant(w http.ResponseWriter, r *http.Request) {
+	var p Participant
+	if err := json.NewDecoder(r.Body).Decode(&p); err != nil {
+		writeError(w, "invalid request", http.StatusBadRequest)
+		return
+	}
+	if p.PreferredName == "" && p.Email == "" {
+		writeError(w, "name or email is required", http.StatusBadRequest)
+		return
+	}
+	created, err := app.createParticipant(p)
+	if err != nil {
+		writeError(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	w.WriteHeader(http.StatusCreated)
+	writeJSON(w, created)
+}
+
+func (app *App) handleUpdateParticipant(w http.ResponseWriter, r *http.Request) {
+	id, err := strconv.Atoi(r.PathValue("id"))
+	if err != nil {
+		writeError(w, "invalid id", http.StatusBadRequest)
+		return
+	}
+	var p Participant
+	if err := json.NewDecoder(r.Body).Decode(&p); err != nil {
+		writeError(w, "invalid request", http.StatusBadRequest)
+		return
+	}
+	p.ID = id
+	if err := app.updateParticipant(p); err != nil {
+		writeError(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	updated, _ := app.getParticipant(id)
+	writeJSON(w, updated)
+}
+
+func (app *App) handleDeleteParticipant(w http.ResponseWriter, r *http.Request) {
+	id, err := strconv.Atoi(r.PathValue("id"))
+	if err != nil {
+		writeError(w, "invalid id", http.StatusBadRequest)
+		return
+	}
+	if err := app.deleteParticipant(id); err != nil {
+		writeError(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	w.WriteHeader(http.StatusNoContent)
+}
+
+// handleMergeParticipants reassigns all tickets and volunteers from otherID to
+// canonicalID, then soft-deletes the other participant.
+func (app *App) handleMergeParticipants(w http.ResponseWriter, r *http.Request) {
+	id, err := strconv.Atoi(r.PathValue("id"))
+	if err != nil {
+		writeError(w, "invalid id", http.StatusBadRequest)
+		return
+	}
+	otherID, err := strconv.Atoi(r.PathValue("other_id"))
+	if err != nil {
+		writeError(w, "invalid other_id", http.StatusBadRequest)
+		return
+	}
+	if err := app.mergeParticipants(id, otherID); err != nil {
+		writeError(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	p, _ := app.getParticipant(id)
+	tickets, _ := app.listTickets(&id, "")
+	writeJSON(w, map[string]any{"participant": p, "tickets": tickets})
+}
+
+func (app *App) handleExportParticipants(w http.ResponseWriter, r *http.Request) {
+	participants, err := app.listParticipants("", "")
+	if err != nil {
+		writeError(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	w.Header().Set("Content-Type", "text/csv")
+	w.Header().Set("Content-Disposition", `attachment; filename="participants.csv"`)
+	wr := csv.NewWriter(w)
+	wr.Write([]string{"id", "email", "preferred_name", "phone", "pronouns", "note"})
+	for _, p := range participants {
+		wr.Write([]string{
+			strconv.Itoa(p.ID), p.Email, p.PreferredName, p.Phone, p.Pronouns, p.Note,
+		})
+	}
+	wr.Flush()
+}
+
+func (app *App) handleListTickets(w http.ResponseWriter, r *http.Request) {
+	tickets, err := app.listTickets(nil, "")
+	if err != nil {
+		writeError(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	writeJSON(w, map[string]any{"tickets": tickets})
+}
+
+func (app *App) handleCheckInTicket(w http.ResponseWriter, r *http.Request) {
+	id, err := strconv.Atoi(r.PathValue("id"))
+	if err != nil {
+		writeError(w, "invalid id", http.StatusBadRequest)
+		return
+	}
+	claims := claimsFromContext(r)
+	tk, err := app.checkInTicket(id, claims.UserID)
+	if err != nil {
+		writeError(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	app.broker.publish("checkin", map[string]any{"type": "ticket", "ticket": tk})
+	writeJSON(w, map[string]any{"ticket": tk})
+}
diff --git a/handle_settings.go b/handle_settings.go
index 9021368..f812134 100644
--- a/handle_settings.go
+++ b/handle_settings.go
@@ -90,6 +90,17 @@ func (app *App) handleResetAttendees(w http.ResponseWriter, r *http.Request) {
 	writeJSON(w, map[string]any{"deleted": n})
 }
 
+func (app *App) handleResetTickets(w http.ResponseWriter, r *http.Request) {
+	ts := now()
+	result, err := app.db.Exec(`UPDATE tickets SET deleted_at=?, updated_at=? WHERE deleted_at IS NULL`, ts, ts)
+	if err != nil {
+		writeError(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	n, _ := result.RowsAffected()
+	writeJSON(w, map[string]any{"deleted": n})
+}
+
 func (app *App) handleResetVolunteers(w http.ResponseWriter, r *http.Request) {
 	ts := now()
 	result, err := app.db.Exec(`UPDATE volunteers SET deleted_at=?, updated_at=? WHERE deleted_at IS NULL`, ts, ts)
diff --git a/handle_signup.go b/handle_signup.go
index 2f8eb46..31c796b 100644
--- a/handle_signup.go
+++ b/handle_signup.go
@@ -68,32 +68,23 @@ func (app *App) handlePublicSignup(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	// Auto-match attendee by email or create new
-	var attendeeID *int
-	attendees, _ := app.listAttendees("", "", "")
-	for _, a := range attendees {
-		if strings.EqualFold(a.Email, body.Email) {
-			id := a.ID
-			attendeeID = &id
-			break
-		}
+	// Find or create participant by email.
+	name := body.PreferredName
+	if body.TicketName != "" {
+		name = body.TicketName
 	}
-
-	if attendeeID == nil {
-		name := body.PreferredName
-		if body.TicketName != "" {
-			name = body.TicketName
-		}
-		newAttendee, err := app.createAttendee(Attendee{
-			Name:  name,
-			Email: body.Email,
-			Phone: body.Phone,
-		})
-		if err != nil {
-			writeError(w, "internal error", http.StatusInternalServerError)
-			return
-		}
-		attendeeID = &newAttendee.ID
+	participant, _, err := app.upsertParticipant(body.Email, name)
+	if err != nil {
+		writeError(w, "internal error", http.StatusInternalServerError)
+		return
+	}
+	// Update participant's personal details if they signed up with more info.
+	if body.Phone != "" || body.Pronouns != "" {
+		app.db.Exec(`UPDATE participants SET
+			phone    = CASE WHEN phone = '' THEN ? ELSE phone END,
+			pronouns = CASE WHEN pronouns = '' THEN ? ELSE pronouns END,
+			updated_at = ?
+			WHERE id = ?`, body.Phone, body.Pronouns, now(), participant.ID)
 	}
 
 	confirmToken, err := generateConfirmationToken()
@@ -103,7 +94,7 @@ func (app *App) handlePublicSignup(w http.ResponseWriter, r *http.Request) {
 	}
 
 	vol := Volunteer{
-		AttendeeID:        attendeeID,
+		ParticipantID:     &participant.ID,
 		Name:              body.PreferredName,
 		PreferredName:     body.PreferredName,
 		TicketName:        body.TicketName,
@@ -159,17 +150,39 @@ func (app *App) handleConfirmEmail(w http.ResponseWriter, r *http.Request) {
 	var signupsOpen string
 	app.db.QueryRow(`SELECT value FROM config WHERE key = 'shift_signups_open'`).Scan(&signupsOpen)
 
-	if signupsOpen == "true" && vol.AttendeeID != nil {
-		a, _ := app.getAttendee(*vol.AttendeeID)
-		if a != nil && a.VolunteerToken == nil {
-			t, err := app.generateUniqueToken()
-			if err == nil {
-				app.db.Exec(`UPDATE attendees SET volunteer_token=?, updated_at=? WHERE id=?`, t, now(), a.ID)
-				a.VolunteerToken = &t
+	if signupsOpen == "true" && vol.ParticipantID != nil {
+		// Find a ticket with a code, or create/assign one.
+		tickets, _ := app.listTickets(vol.ParticipantID, "")
+		var code *string
+		for _, tk := range tickets {
+			if tk.Code != nil {
+				code = tk.Code
+				break
 			}
 		}
-		if a != nil && a.VolunteerToken != nil {
-			kioskLink := fmt.Sprintf("%s/v/%s", app.resolveBaseURL(), *a.VolunteerToken)
+		if code == nil {
+			// No coded ticket — find any ticket or create a stub, then generate code.
+			var ticketID int
+			if len(tickets) > 0 {
+				ticketID = tickets[0].ID
+			} else {
+				stub, err := app.createTicket(Ticket{
+					ParticipantID: vol.ParticipantID,
+					Source:        "manual",
+				})
+				if err == nil {
+					ticketID = stub.ID
+				}
+			}
+			if ticketID > 0 {
+				if t, err := app.generateUniqueToken(); err == nil {
+					app.db.Exec(`UPDATE tickets SET code=?, updated_at=? WHERE id=?`, t, now(), ticketID)
+					code = &t
+				}
+			}
+		}
+		if code != nil {
+			kioskLink := fmt.Sprintf("%s/v/%s", app.resolveBaseURL(), *code)
 			response["kiosk_link"] = kioskLink
 			go func() {
 				if err := app.sendShiftSignupEmail(vol.Email, vol.PreferredName, kioskLink); err != nil {
@@ -203,36 +216,57 @@ func (app *App) handleToggleShiftSignups(w http.ResponseWriter, r *http.Request)
 }
 
 func (app *App) openShiftSignups() {
-	// Generate kiosk tokens for confirmed volunteers whose attendees lack one
-	vols, _ := app.listConfirmedVolunteersWithoutKioskToken()
+	// Generate codes for tickets belonging to confirmed volunteers that have no code yet.
+	vols, _ := app.listConfirmedVolunteersNeedingCode()
 	for _, v := range vols {
-		if v.AttendeeID == nil {
+		if v.ParticipantID == nil {
 			continue
 		}
+		// Find any ticket for this participant, or create a stub one.
+		tickets, _ := app.listTickets(v.ParticipantID, "")
+		var ticketID int
+		if len(tickets) > 0 {
+			ticketID = tickets[0].ID
+		} else {
+			stub, err := app.createTicket(Ticket{
+				ParticipantID: v.ParticipantID,
+				Source:        "manual",
+			})
+			if err != nil {
+				continue
+			}
+			ticketID = stub.ID
+		}
 		t, err := app.generateUniqueToken()
 		if err != nil {
 			continue
 		}
-		app.db.Exec(`UPDATE attendees SET volunteer_token=?, updated_at=? WHERE id=?`, t, now(), *v.AttendeeID)
+		app.db.Exec(`UPDATE tickets SET code=?, updated_at=? WHERE id=?`, t, now(), ticketID)
 	}
 
-	// Email all confirmed volunteers with kiosk links
+	// Email all confirmed volunteers that now have a ticket with a code.
 	confirmed, _ := queryVolunteers(app.db, `
-		SELECT `+volunteerCols+`
-		FROM volunteers
-		WHERE email_confirmed = 1 AND deleted_at IS NULL AND attendee_id IS NOT NULL`)
+		SELECT `+volunteerSelect+` `+volunteerFrom+`
+		WHERE v.email_confirmed = 1 AND v.deleted_at IS NULL AND v.participant_id IS NOT NULL`)
 	baseURL := app.resolveBaseURL()
 	sent := 0
 
 	for _, v := range confirmed {
-		if v.AttendeeID == nil || v.Email == "" {
+		if v.ParticipantID == nil || v.Email == "" {
 			continue
 		}
-		a, _ := app.getAttendee(*v.AttendeeID)
-		if a == nil || a.VolunteerToken == nil {
+		tickets, _ := app.listTickets(v.ParticipantID, "")
+		var code *string
+		for _, tk := range tickets {
+			if tk.Code != nil {
+				code = tk.Code
+				break
+			}
+		}
+		if code == nil {
 			continue
 		}
-		kioskLink := fmt.Sprintf("%s/v/%s", baseURL, *a.VolunteerToken)
+		kioskLink := fmt.Sprintf("%s/v/%s", baseURL, *code)
 		name := v.PreferredName
 		if name == "" {
 			name = v.Name
diff --git a/handle_signup_test.go b/handle_signup_test.go
index a59da69..a9bdab0 100644
--- a/handle_signup_test.go
+++ b/handle_signup_test.go
@@ -71,25 +71,25 @@ func TestPublicSignup(t *testing.T) {
 		t.Error("should not be confirmed yet")
 	}
 
-	// Attendee should be auto-created and linked
-	if vol.AttendeeID == nil {
-		t.Fatal("expected attendee to be linked")
+	// Participant should be auto-created and linked
+	if vol.ParticipantID == nil {
+		t.Fatal("expected participant to be linked")
 	}
-	a, _ := app.getAttendee(*vol.AttendeeID)
-	if a == nil {
-		t.Fatal("linked attendee not found")
+	p, _ := app.getParticipant(*vol.ParticipantID)
+	if p == nil {
+		t.Fatal("linked participant not found")
 	}
-	if a.Email != "titania@example.com" {
-		t.Errorf("attendee email = %q, want titania@example.com", a.Email)
+	if p.Email != "titania@example.com" {
+		t.Errorf("participant email = %q, want titania@example.com", p.Email)
 	}
 }
 
-func TestPublicSignupAutoMatchAttendee(t *testing.T) {
+func TestPublicSignupAutoMatchParticipant(t *testing.T) {
 	app := testApp(t)
 	mux := testMux(app)
 
-	// Pre-existing attendee
-	existing, _ := app.createAttendee(Attendee{Name: "Titania Fairweather", Email: "titania@example.com"})
+	// Pre-existing participant
+	existing, _ := app.createParticipant(Participant{PreferredName: "Titania Fairweather", Email: "titania@example.com"})
 
 	w := httptest.NewRecorder()
 	mux.ServeHTTP(w, testRequest("POST", "/api/public/signup", map[string]any{
@@ -105,8 +105,8 @@ func TestPublicSignupAutoMatchAttendee(t *testing.T) {
 	if vol == nil {
 		t.Fatal("volunteer not created")
 	}
-	if vol.AttendeeID == nil || *vol.AttendeeID != existing.ID {
-		t.Errorf("expected volunteer linked to existing attendee %d, got %v", existing.ID, vol.AttendeeID)
+	if vol.ParticipantID == nil || *vol.ParticipantID != existing.ID {
+		t.Errorf("expected volunteer linked to existing participant %d, got %v", existing.ID, vol.ParticipantID)
 	}
 }
 
@@ -277,13 +277,13 @@ func TestConfirmEmailWithSignupsOpen(t *testing.T) {
 	app.db.Exec(`INSERT OR REPLACE INTO config (key, value) VALUES ('shift_signups_open', 'true')`)
 	app.baseURL = "https://example.com"
 
-	attendee, _ := app.createAttendee(Attendee{Name: "Titania", Email: "titania@example.com"})
+	participant, _ := app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@example.com"})
 	token := "abc123def456"
 	app.createVolunteer(Volunteer{
 		Name:              "Titania",
 		PreferredName:     "Titania",
 		Email:             "titania@example.com",
-		AttendeeID:        &attendee.ID,
+		ParticipantID:     &participant.ID,
 		ConfirmationToken: &token,
 	})
 
@@ -301,10 +301,17 @@ func TestConfirmEmailWithSignupsOpen(t *testing.T) {
 		t.Error("expected kiosk_link when signups are open")
 	}
 
-	// Attendee should now have a kiosk token
-	a, _ := app.getAttendee(attendee.ID)
-	if a.VolunteerToken == nil {
-		t.Error("attendee should have kiosk token after confirm with signups open")
+	// Ticket for participant should now have a code
+	tickets, _ := app.listTickets(&participant.ID, "")
+	hasCode := false
+	for _, tk := range tickets {
+		if tk.Code != nil && *tk.Code != "" {
+			hasCode = true
+			break
+		}
+	}
+	if !hasCode {
+		t.Error("participant should have a ticket with code after confirm with signups open")
 	}
 }
 
diff --git a/handle_sync.go b/handle_sync.go
index 78725c5..a11d414 100644
--- a/handle_sync.go
+++ b/handle_sync.go
@@ -13,6 +13,8 @@ func (app *App) handleSyncPull(w http.ResponseWriter, r *http.Request) {
 
 	event, _ := app.getEvent()
 	attendees, _ := app.attendeesSince(since)
+	participants, _ := app.listParticipants("", since)
+	tickets, _ := app.listTickets(nil, since)
 	departments, _ := app.listDepartments(since)
 	volunteers, _ := app.listVolunteers("", nil, since)
 	shifts, _ := app.listShifts(nil, "", since)
@@ -21,6 +23,12 @@ func (app *App) handleSyncPull(w http.ResponseWriter, r *http.Request) {
 	if attendees == nil {
 		attendees = []Attendee{}
 	}
+	if participants == nil {
+		participants = []Participant{}
+	}
+	if tickets == nil {
+		tickets = []Ticket{}
+	}
 	if departments == nil {
 		departments = []Department{}
 	}
@@ -38,6 +46,8 @@ func (app *App) handleSyncPull(w http.ResponseWriter, r *http.Request) {
 		"server_time":      time.Now().UTC().Format("2006-01-02T15:04:05Z"),
 		"event":            event,
 		"attendees":        attendees,
+		"participants":     participants,
+		"tickets":          tickets,
 		"departments":      departments,
 		"volunteers":       volunteers,
 		"shifts":           shifts,
diff --git a/handle_tokens.go b/handle_tokens.go
index 480d03d..63e19a6 100644
--- a/handle_tokens.go
+++ b/handle_tokens.go
@@ -8,9 +8,9 @@ import (
 	"strings"
 )
 
-// handleGenerateTokens creates volunteer_token values for all attendees that don't have one.
+// handleGenerateTokens creates codes for all tickets that don't have one.
 func (app *App) handleGenerateTokens(w http.ResponseWriter, r *http.Request) {
-	count, err := app.generateTokensForAll()
+	count, err := app.generateCodesForAll()
 	if err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
@@ -21,7 +21,7 @@ func (app *App) handleGenerateTokens(w http.ResponseWriter, r *http.Request) {
 // handleExportTokenLinks streams a CSV download with token signup links,
 // compatible with MailChimp / Zeffy bulk-send workflows.
 func (app *App) handleExportTokenLinks(w http.ResponseWriter, r *http.Request) {
-	attendees, err := app.listAttendees("", "", "")
+	tickets, err := app.listTickets(nil, "")
 	if err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
@@ -37,55 +37,62 @@ func (app *App) handleExportTokenLinks(w http.ResponseWriter, r *http.Request) {
 	w.Header().Set("Content-Disposition", `attachment; filename="volunteer-tokens.csv"`)
 	wr := csv.NewWriter(w)
 	wr.Write([]string{"Email Address", "First Name", "Token", "Signup Link"})
-	for _, a := range attendees {
-		if a.VolunteerToken == nil {
+	for _, tk := range tickets {
+		if tk.Code == nil || tk.ParticipantID == nil {
 			continue
 		}
-		firstName := a.Name
-		if parts := strings.Fields(a.Name); len(parts) > 0 {
+		p, _ := app.getParticipant(*tk.ParticipantID)
+		if p == nil || p.Email == "" {
+			continue
+		}
+		firstName := p.PreferredName
+		if firstName == "" {
+			firstName = tk.Name
+		}
+		if parts := strings.Fields(firstName); len(parts) > 0 {
 			firstName = parts[0]
 		}
-		link := fmt.Sprintf("%s/v/%s", baseURL, *a.VolunteerToken)
-		wr.Write([]string{a.Email, firstName, *a.VolunteerToken, link})
+		link := fmt.Sprintf("%s/v/%s", baseURL, *tk.Code)
+		wr.Write([]string{p.Email, firstName, *tk.Code, link})
 	}
 	wr.Flush()
 }
 
-// handleEmailToken sends a token email to a single attendee.
+// handleEmailToken sends a token email to a single ticket's participant.
 func (app *App) handleEmailToken(w http.ResponseWriter, r *http.Request) {
 	id, err := strconv.Atoi(r.PathValue("id"))
 	if err != nil {
 		writeError(w, "invalid id", http.StatusBadRequest)
 		return
 	}
-	a, err := app.getAttendee(id)
-	if err != nil || a == nil {
+	tk, err := app.getTicket(id)
+	if err != nil || tk == nil {
 		writeError(w, "not found", http.StatusNotFound)
 		return
 	}
-	if err := app.sendTokenEmail(*a); err != nil {
+	if err := app.sendTicketTokenEmail(*tk); err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	writeJSON(w, map[string]any{"ok": true})
 }
 
-// handleEmailAllTokens bulk-sends token emails to all attendees that have both a token and email.
+// handleEmailAllTokens bulk-sends token emails to all tickets that have a code and participant email.
 func (app *App) handleEmailAllTokens(w http.ResponseWriter, r *http.Request) {
-	attendees, err := app.listAttendees("", "", "")
+	tickets, err := app.listTickets(nil, "")
 	if err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	var sent, skipped int
 	var errors []string
-	for _, a := range attendees {
-		if a.Email == "" || a.VolunteerToken == nil {
+	for _, tk := range tickets {
+		if tk.Code == nil || tk.ParticipantID == nil {
 			skipped++
 			continue
 		}
-		if err := app.sendTokenEmail(a); err != nil {
-			errors = append(errors, fmt.Sprintf("%s: %v", a.Name, err))
+		if err := app.sendTicketTokenEmail(tk); err != nil {
+			errors = append(errors, fmt.Sprintf("ticket %d: %v", tk.ID, err))
 			skipped++
 		} else {
 			sent++
diff --git a/main.go b/main.go
index 77e09c4..22551b6 100644
--- a/main.go
+++ b/main.go
@@ -111,6 +111,21 @@ func (app *App) registerRoutes(mux *http.ServeMux) {
 	mux.HandleFunc("POST /api/attendees/{id}/checkin", auth(app.handleCheckInAttendee, "admin", "ticketing", "gate"))
 	mux.HandleFunc("POST /api/attendees/{id}/email-token", auth(app.handleEmailToken, "admin", "ticketing"))
 
+	mux.HandleFunc("GET /api/participants", auth(app.handleListParticipants, "admin", "ticketing", "gate"))
+	mux.HandleFunc("POST /api/participants", auth(app.handleCreateParticipant, "admin", "ticketing"))
+	mux.HandleFunc("GET /api/participants/export", auth(app.handleExportParticipants, "admin", "ticketing"))
+	mux.HandleFunc("GET /api/participants/{id}", auth(app.handleGetParticipant, "admin", "ticketing", "gate"))
+	mux.HandleFunc("PUT /api/participants/{id}", auth(app.handleUpdateParticipant, "admin", "ticketing"))
+	mux.HandleFunc("DELETE /api/participants/{id}", auth(app.handleDeleteParticipant, "admin", "ticketing"))
+	mux.HandleFunc("POST /api/participants/{id}/merge/{other_id}", auth(app.handleMergeParticipants, "admin", "ticketing"))
+
+	mux.HandleFunc("GET /api/tickets", auth(app.handleListTickets, "admin", "ticketing", "gate"))
+	mux.HandleFunc("POST /api/tickets/{id}/checkin", auth(app.handleCheckInTicket, "admin", "ticketing", "gate"))
+	mux.HandleFunc("POST /api/tickets/generate-codes", auth(app.handleGenerateTokens, "admin", "ticketing"))
+	mux.HandleFunc("GET /api/tickets/export-links", auth(app.handleExportTokenLinks, "admin", "ticketing"))
+	mux.HandleFunc("POST /api/tickets/email-codes", auth(app.handleEmailAllTokens, "admin", "ticketing"))
+	mux.HandleFunc("POST /api/tickets/{id}/email-code", auth(app.handleEmailToken, "admin", "ticketing"))
+
 	mux.HandleFunc("GET /api/departments", auth(app.handleListDepartments))
 	mux.HandleFunc("POST /api/departments", auth(app.handleCreateDepartment, "admin", "coordinator"))
 	mux.HandleFunc("PUT /api/departments/{id}", auth(app.handleUpdateDepartment, "admin", "coordinator"))
@@ -142,6 +157,7 @@ func (app *App) registerRoutes(mux *http.ServeMux) {
 	mux.HandleFunc("PUT /api/settings", auth(app.handleUpdateSettings, "admin"))
 	mux.HandleFunc("POST /api/settings/test-email", auth(app.handleTestEmail, "admin"))
 	mux.HandleFunc("POST /api/settings/reset-attendees", auth(app.handleResetAttendees, "admin"))
+	mux.HandleFunc("POST /api/settings/reset-tickets", auth(app.handleResetTickets, "admin"))
 	mux.HandleFunc("POST /api/settings/reset-volunteers", auth(app.handleResetVolunteers, "admin"))
 	mux.HandleFunc("POST /api/settings/reset-shifts", auth(app.handleResetShifts, "admin"))
 	mux.HandleFunc("POST /api/settings/reset-departments", auth(app.handleResetDepartments, "admin"))

From d30ee18e770f9a3ffad55cabd3406bf7f53cf310 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Wed, 4 Mar 2026 12:00:36 -0600
Subject: [PATCH 06/47] Renamed and updated roles and privileges.

---
 auth_test.go                            |  2 +-
 db.go                                   | 42 ++++++++++++-
 frontend/src/App.svelte                 |  7 +--
 frontend/src/components/Nav.svelte      | 12 +---
 frontend/src/pages/Departments.svelte   |  4 +-
 frontend/src/pages/ScheduleBoard.svelte |  4 +-
 frontend/src/pages/Users.svelte         |  2 +-
 frontend/src/pages/Volunteers.svelte    |  2 +-
 handle_attendees_test.go                |  4 +-
 handle_settings_test.go                 |  4 +-
 handle_shifts.go                        |  6 +-
 handle_volunteers.go                    | 15 ++++-
 main.go                                 | 80 ++++++++++++-------------
 13 files changed, 112 insertions(+), 72 deletions(-)

diff --git a/auth_test.go b/auth_test.go
index 1a16571..f611bc1 100644
--- a/auth_test.go
+++ b/auth_test.go
@@ -95,7 +95,7 @@ func TestAuthMiddlewareRoleEnforcement(t *testing.T) {
 	mux := testMux(app)
 
 	// Create a gate user — should not be able to access /api/users (admin only)
-	gate := testUserWithRole(t, app, "gateuser", "gate", []int{})
+	gate := testUserWithRole(t, app, "gateuser", "gatekeeper", []int{})
 	token := testToken(t, app, gate)
 
 	req := testAuthRequest("GET", "/api/users", nil, token)
diff --git a/db.go b/db.go
index 3dba412..d93807d 100644
--- a/db.go
+++ b/db.go
@@ -44,7 +44,7 @@ func migrate(db *sql.DB) error {
 		id            INTEGER PRIMARY KEY AUTOINCREMENT,
 		username      TEXT NOT NULL UNIQUE,
 		password_hash TEXT NOT NULL,
-		role          TEXT NOT NULL CHECK(role IN ('admin','coordinator','gate','ticketing','volunteer_lead')),
+		role          TEXT NOT NULL CHECK(role IN ('admin','ticketing','staffing','colead','gatekeeper')),
 		created_at    TEXT NOT NULL DEFAULT (datetime('now'))
 	);
 
@@ -260,6 +260,46 @@ func migrateV3(db *sql.DB) error {
 		  AND v.deleted_at IS NULL
 		  AND NOT EXISTS (SELECT 1 FROM tickets t WHERE t.participant_id = v.participant_id AND t.deleted_at IS NULL)`)
 
+	return migrateV4(db)
+}
+
+// migrateV4 renames roles: volunteer_lead→colead, coordinator→staffing, gate→gatekeeper.
+func migrateV4(db *sql.DB) error {
+	var count int
+	if err := db.QueryRow(`SELECT COUNT(*) FROM users WHERE role IN ('volunteer_lead','coordinator','gate')`).Scan(&count); err != nil || count == 0 {
+		return nil
+	}
+	if _, err := db.Exec(`PRAGMA foreign_keys = OFF`); err != nil {
+		return err
+	}
+	stmts := []string{
+		`CREATE TABLE users_v4 (
+			id            INTEGER PRIMARY KEY AUTOINCREMENT,
+			username      TEXT NOT NULL UNIQUE,
+			password_hash TEXT NOT NULL,
+			role          TEXT NOT NULL CHECK(role IN ('admin','ticketing','staffing','colead','gatekeeper')),
+			created_at    TEXT NOT NULL DEFAULT (datetime('now'))
+		)`,
+		`INSERT INTO users_v4 (id, username, password_hash, role, created_at)
+		 SELECT id, username, password_hash,
+			CASE role
+				WHEN 'volunteer_lead' THEN 'colead'
+				WHEN 'coordinator'    THEN 'staffing'
+				WHEN 'gate'           THEN 'gatekeeper'
+				ELSE role
+			END,
+			created_at
+		 FROM users`,
+		`DROP TABLE users`,
+		`ALTER TABLE users_v4 RENAME TO users`,
+		`PRAGMA foreign_keys = ON`,
+	}
+	for _, s := range stmts {
+		if _, err := db.Exec(s); err != nil {
+			db.Exec(`PRAGMA foreign_keys = ON`)
+			return fmt.Errorf("migrateV4: %w", err)
+		}
+	}
 	return nil
 }
 
diff --git a/frontend/src/App.svelte b/frontend/src/App.svelte
index ba26931..7f28a8a 100644
--- a/frontend/src/App.svelte
+++ b/frontend/src/App.svelte
@@ -4,7 +4,6 @@
   import { syncPull, startSSE, startSyncLoop } from './sync.js'
   import Login from './pages/Login.svelte'
   import Dashboard from './pages/Dashboard.svelte'
-  import Attendees from './pages/Attendees.svelte'
   import Participants from './pages/Participants.svelte'
   import Volunteers from './pages/Volunteers.svelte'
   import Departments from './pages/Departments.svelte'
@@ -104,7 +103,7 @@
   <ConfirmEmail />
 {:else if !session}
   <Login onlogin={onLogin} />
-{:else if role === 'gate'}
+{:else if role === 'gatekeeper'}
   <!-- Gate users get the full-screen GateUI instead of the standard layout -->
   <GateUI {session} {onLogout} />
 {:else}
@@ -122,13 +121,11 @@
         <span class="mobile-brand">Turn<span class="accent">pike</span></span>
       </header>
       {#if path === '/' || path === ''}
-        {#if role === 'volunteer_lead'}
+        {#if role === 'colead'}
           <ScheduleBoard {session} />
         {:else}
           <Dashboard {session} />
         {/if}
-      {:else if path.startsWith('/attendees')}
-        <Attendees {session} />
       {:else if path.startsWith('/participants')}
         <Participants {session} />
       {:else if path.startsWith('/volunteers')}
diff --git a/frontend/src/components/Nav.svelte b/frontend/src/components/Nav.svelte
index d7ccc63..545e171 100644
--- a/frontend/src/components/Nav.svelte
+++ b/frontend/src/components/Nav.svelte
@@ -1,5 +1,5 @@
 <script>
-  import { LayoutDashboard, ClipboardCheck, Heart, Hexagon, CalendarDays, Upload, Users, Settings, LogOut, Ticket } from 'lucide-svelte'
+  import { LayoutDashboard, Heart, Hexagon, CalendarDays, Upload, Users, Settings, LogOut, Ticket } from 'lucide-svelte'
 
   let { session, active, onLogout, navigate, open = false } = $props()
 
@@ -8,17 +8,12 @@
   const iconProps = { size: 18, strokeWidth: 1.75 }
 
   const links = $derived.by(() => {
-    if (role === 'ticketing') return [
-      { href: '/participants', label: 'Participants', icon: Ticket },
-      { href: '/attendees', label: 'Attendees', icon: ClipboardCheck },
-      { href: '/import', label: 'Import', icon: Upload },
-    ]
-    if (role === 'volunteer_lead') return [
+    if (role === 'colead') return [
       { href: '/', label: 'Schedule', icon: CalendarDays },
       { href: '/volunteers', label: 'Volunteers', icon: Heart },
       { href: '/departments', label: 'Departments', icon: Hexagon },
     ]
-    if (role === 'coordinator') return [
+    if (role === 'staffing') return [
       { href: '/', label: 'Dashboard', icon: LayoutDashboard },
       { href: '/schedule', label: 'Schedule', icon: CalendarDays },
       { href: '/volunteers', label: 'Volunteers', icon: Heart },
@@ -27,7 +22,6 @@
     return [
       { href: '/', label: 'Dashboard', icon: LayoutDashboard },
       { href: '/participants', label: 'Participants', icon: Ticket },
-      { href: '/attendees', label: 'Attendees', icon: ClipboardCheck },
       { href: '/volunteers', label: 'Volunteers', icon: Heart },
       { href: '/departments', label: 'Departments', icon: Hexagon },
       { href: '/schedule', label: 'Schedule', icon: CalendarDays },
diff --git a/frontend/src/pages/Departments.svelte b/frontend/src/pages/Departments.svelte
index 81408d8..b50fde4 100644
--- a/frontend/src/pages/Departments.svelte
+++ b/frontend/src/pages/Departments.svelte
@@ -19,8 +19,8 @@
   let saving = $state(false)
 
   const role = $derived(session?.user?.role ?? '')
-  const canCreate = $derived(['admin', 'coordinator'].includes(role))
-  const canDelete = $derived(role === 'admin')
+  const canCreate = $derived(['admin', 'ticketing', 'staffing'].includes(role))
+  const canDelete = $derived(['admin', 'ticketing'].includes(role))
 
   const allDepts = liveQuery(() =>
     db.departments.filter(d => !d.deleted_at).toArray()
diff --git a/frontend/src/pages/ScheduleBoard.svelte b/frontend/src/pages/ScheduleBoard.svelte
index 8e2efd3..5d9d265 100644
--- a/frontend/src/pages/ScheduleBoard.svelte
+++ b/frontend/src/pages/ScheduleBoard.svelte
@@ -26,7 +26,7 @@
   let assigning = $state(false)
 
   const role = $derived(session?.user?.role ?? '')
-  const canManage = $derived(['admin', 'coordinator', 'volunteer_lead'].includes(role))
+  const canManage = $derived(['admin', 'ticketing', 'staffing', 'colead'].includes(role))
   const myDeptIDs = $derived(session?.user?.department_ids ?? [])
 
   const allDepts = liveQuery(() =>
@@ -54,7 +54,7 @@
   // Departments visible to this user
   const visibleDepts = $derived.by(() => {
     const depts = $allDepts ?? []
-    if (role === 'volunteer_lead') return depts.filter(d => myDeptIDs.includes(d.id))
+    if (role === 'colead') return depts.filter(d => myDeptIDs.includes(d.id))
     return depts
   })
 
diff --git a/frontend/src/pages/Users.svelte b/frontend/src/pages/Users.svelte
index f141db1..237617b 100644
--- a/frontend/src/pages/Users.svelte
+++ b/frontend/src/pages/Users.svelte
@@ -28,7 +28,7 @@
       .then(arr => arr.sort((a, b) => a.name.localeCompare(b.name)))
   )
 
-  const roles = ['admin', 'coordinator', 'ticketing', 'gate', 'volunteer_lead']
+  const roles = ['admin', 'ticketing', 'staffing', 'colead', 'gatekeeper']
 
   const me = $derived(session?.user?.id)
 
diff --git a/frontend/src/pages/Volunteers.svelte b/frontend/src/pages/Volunteers.svelte
index 2614272..98a0a01 100644
--- a/frontend/src/pages/Volunteers.svelte
+++ b/frontend/src/pages/Volunteers.svelte
@@ -20,7 +20,7 @@
   let newNote = $state('')
 
   const role = $derived(session?.user?.role ?? '')
-  const canManage = $derived(['admin', 'coordinator', 'volunteer_lead'].includes(role))
+  const canManage = $derived(['admin', 'ticketing', 'staffing', 'colead'].includes(role))
 
   const allVolunteers = liveQuery(() =>
     db.volunteers.filter(v => !v.deleted_at).toArray()
diff --git a/handle_attendees_test.go b/handle_attendees_test.go
index 827a4b2..ff2a196 100644
--- a/handle_attendees_test.go
+++ b/handle_attendees_test.go
@@ -78,7 +78,7 @@ func TestCheckInAttendeeHandler(t *testing.T) {
 
 func TestGateRoleCanCheckIn(t *testing.T) {
 	app := testApp(t)
-	gate := testUserWithRole(t, app, "gateuser", "gate", []int{})
+	gate := testUserWithRole(t, app, "gateuser", "gatekeeper", []int{})
 	token := testToken(t, app, gate)
 	mux := testMux(app)
 
@@ -94,7 +94,7 @@ func TestGateRoleCanCheckIn(t *testing.T) {
 
 func TestGateRoleCannotDelete(t *testing.T) {
 	app := testApp(t)
-	gate := testUserWithRole(t, app, "gateuser", "gate", []int{})
+	gate := testUserWithRole(t, app, "gateuser", "gatekeeper", []int{})
 	token := testToken(t, app, gate)
 	mux := testMux(app)
 
diff --git a/handle_settings_test.go b/handle_settings_test.go
index 736696c..c588c88 100644
--- a/handle_settings_test.go
+++ b/handle_settings_test.go
@@ -83,7 +83,7 @@ func TestResetAttendees(t *testing.T) {
 
 func TestResetAttendeesRequiresAdmin(t *testing.T) {
 	app := testApp(t)
-	gate := testUserWithRole(t, app, "gate1", "gate", []int{})
+	gate := testUserWithRole(t, app, "gate1", "gatekeeper", []int{})
 	token := testToken(t, app, gate)
 	mux := testMux(app)
 
@@ -129,7 +129,7 @@ func TestResetDepartmentsCascadesShifts(t *testing.T) {
 
 func TestSettingsNonAdminRejected(t *testing.T) {
 	app := testApp(t)
-	gate := testUserWithRole(t, app, "gateuser", "gate", []int{})
+	gate := testUserWithRole(t, app, "gateuser", "gatekeeper", []int{})
 	token := testToken(t, app, gate)
 	mux := testMux(app)
 
diff --git a/handle_shifts.go b/handle_shifts.go
index 460ed91..a0ceb41 100644
--- a/handle_shifts.go
+++ b/handle_shifts.go
@@ -17,7 +17,7 @@ func (app *App) handleListShifts(w http.ResponseWriter, r *http.Request) {
 	}
 
 	claims := claimsFromContext(r)
-	if claims.Role == "volunteer_lead" && deptID == nil && len(claims.DeptIDs) > 0 {
+	if claims.Role == "colead" && deptID == nil && len(claims.DeptIDs) > 0 {
 		deptID = &claims.DeptIDs[0]
 	}
 
@@ -40,7 +40,7 @@ func (app *App) handleCreateShift(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	claims := claimsFromContext(r)
-	if claims.Role == "volunteer_lead" && !inSlice(s.DepartmentID, claims.DeptIDs) {
+	if claims.Role == "colead" && !inSlice(s.DepartmentID, claims.DeptIDs) {
 		writeError(w, "forbidden: outside your department", http.StatusForbidden)
 		return
 	}
@@ -65,7 +65,7 @@ func (app *App) handleUpdateShift(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	claims := claimsFromContext(r)
-	if claims.Role == "volunteer_lead" {
+	if claims.Role == "colead" {
 		existing, _ := app.getShift(id)
 		if existing == nil || !inSlice(existing.DepartmentID, claims.DeptIDs) {
 			writeError(w, "forbidden: outside your department", http.StatusForbidden)
diff --git a/handle_volunteers.go b/handle_volunteers.go
index 533428e..967ff2e 100644
--- a/handle_volunteers.go
+++ b/handle_volunteers.go
@@ -20,7 +20,7 @@ func (app *App) handleListVolunteers(w http.ResponseWriter, r *http.Request) {
 	}
 
 	claims := claimsFromContext(r)
-	if claims.Role == "volunteer_lead" && deptID == nil && len(claims.DeptIDs) > 0 {
+	if claims.Role == "colead" && deptID == nil && len(claims.DeptIDs) > 0 {
 		deptID = &claims.DeptIDs[0]
 	}
 
@@ -43,12 +43,21 @@ func (app *App) handleCreateVolunteer(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	claims := claimsFromContext(r)
-	if claims.Role == "volunteer_lead" {
+	if claims.Role == "colead" {
 		if v.DepartmentID == nil || !inSlice(*v.DepartmentID, claims.DeptIDs) {
 			writeError(w, "forbidden: outside your department", http.StatusForbidden)
 			return
 		}
 	}
+	if v.Email != "" && v.ParticipantID == nil {
+		p, _ := app.getParticipantByEmail(v.Email)
+		if p == nil {
+			p, _ = app.createParticipant(Participant{PreferredName: v.Name, Email: v.Email})
+		}
+		if p != nil {
+			v.ParticipantID = &p.ID
+		}
+	}
 	created, err := app.createVolunteer(v)
 	if err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
@@ -88,7 +97,7 @@ func (app *App) handleUpdateVolunteer(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	claims := claimsFromContext(r)
-	if claims.Role == "volunteer_lead" {
+	if claims.Role == "colead" {
 		existing, _ := app.getVolunteer(id)
 		if existing == nil || existing.DepartmentID == nil || !inSlice(*existing.DepartmentID, claims.DeptIDs) {
 			writeError(w, "forbidden: outside your department", http.StatusForbidden)
diff --git a/main.go b/main.go
index 22551b6..876e756 100644
--- a/main.go
+++ b/main.go
@@ -97,71 +97,71 @@ func (app *App) registerRoutes(mux *http.ServeMux) {
 	mux.HandleFunc("GET /api/me", auth(app.handleMe))
 
 	mux.HandleFunc("GET /api/event", auth(app.handleGetEvent))
-	mux.HandleFunc("PUT /api/event", auth(app.handleUpdateEvent, "admin"))
+	mux.HandleFunc("PUT /api/event", auth(app.handleUpdateEvent, "admin", "ticketing"))
 
-	mux.HandleFunc("GET /api/attendees", auth(app.handleListAttendees, "admin", "ticketing", "gate"))
+	mux.HandleFunc("GET /api/attendees", auth(app.handleListAttendees, "admin", "ticketing", "gatekeeper"))
 	mux.HandleFunc("POST /api/attendees", auth(app.handleCreateAttendee, "admin", "ticketing"))
 	mux.HandleFunc("GET /api/attendees/export", auth(app.handleExportAttendees, "admin", "ticketing"))
 	mux.HandleFunc("POST /api/attendees/generate-tokens", auth(app.handleGenerateTokens, "admin", "ticketing"))
 	mux.HandleFunc("GET /api/attendees/export-tokens", auth(app.handleExportTokenLinks, "admin", "ticketing"))
 	mux.HandleFunc("POST /api/attendees/email-tokens", auth(app.handleEmailAllTokens, "admin", "ticketing"))
-	mux.HandleFunc("GET /api/attendees/{id}", auth(app.handleGetAttendee, "admin", "ticketing", "gate"))
+	mux.HandleFunc("GET /api/attendees/{id}", auth(app.handleGetAttendee, "admin", "ticketing", "gatekeeper"))
 	mux.HandleFunc("PUT /api/attendees/{id}", auth(app.handleUpdateAttendee, "admin", "ticketing"))
 	mux.HandleFunc("DELETE /api/attendees/{id}", auth(app.handleDeleteAttendee, "admin", "ticketing"))
-	mux.HandleFunc("POST /api/attendees/{id}/checkin", auth(app.handleCheckInAttendee, "admin", "ticketing", "gate"))
+	mux.HandleFunc("POST /api/attendees/{id}/checkin", auth(app.handleCheckInAttendee, "admin", "ticketing", "gatekeeper"))
 	mux.HandleFunc("POST /api/attendees/{id}/email-token", auth(app.handleEmailToken, "admin", "ticketing"))
 
-	mux.HandleFunc("GET /api/participants", auth(app.handleListParticipants, "admin", "ticketing", "gate"))
+	mux.HandleFunc("GET /api/participants", auth(app.handleListParticipants, "admin", "ticketing", "gatekeeper"))
 	mux.HandleFunc("POST /api/participants", auth(app.handleCreateParticipant, "admin", "ticketing"))
 	mux.HandleFunc("GET /api/participants/export", auth(app.handleExportParticipants, "admin", "ticketing"))
-	mux.HandleFunc("GET /api/participants/{id}", auth(app.handleGetParticipant, "admin", "ticketing", "gate"))
+	mux.HandleFunc("GET /api/participants/{id}", auth(app.handleGetParticipant, "admin", "ticketing", "gatekeeper"))
 	mux.HandleFunc("PUT /api/participants/{id}", auth(app.handleUpdateParticipant, "admin", "ticketing"))
 	mux.HandleFunc("DELETE /api/participants/{id}", auth(app.handleDeleteParticipant, "admin", "ticketing"))
 	mux.HandleFunc("POST /api/participants/{id}/merge/{other_id}", auth(app.handleMergeParticipants, "admin", "ticketing"))
 
-	mux.HandleFunc("GET /api/tickets", auth(app.handleListTickets, "admin", "ticketing", "gate"))
-	mux.HandleFunc("POST /api/tickets/{id}/checkin", auth(app.handleCheckInTicket, "admin", "ticketing", "gate"))
+	mux.HandleFunc("GET /api/tickets", auth(app.handleListTickets, "admin", "ticketing", "gatekeeper"))
+	mux.HandleFunc("POST /api/tickets/{id}/checkin", auth(app.handleCheckInTicket, "admin", "ticketing", "gatekeeper"))
 	mux.HandleFunc("POST /api/tickets/generate-codes", auth(app.handleGenerateTokens, "admin", "ticketing"))
 	mux.HandleFunc("GET /api/tickets/export-links", auth(app.handleExportTokenLinks, "admin", "ticketing"))
 	mux.HandleFunc("POST /api/tickets/email-codes", auth(app.handleEmailAllTokens, "admin", "ticketing"))
 	mux.HandleFunc("POST /api/tickets/{id}/email-code", auth(app.handleEmailToken, "admin", "ticketing"))
 
 	mux.HandleFunc("GET /api/departments", auth(app.handleListDepartments))
-	mux.HandleFunc("POST /api/departments", auth(app.handleCreateDepartment, "admin", "coordinator"))
-	mux.HandleFunc("PUT /api/departments/{id}", auth(app.handleUpdateDepartment, "admin", "coordinator"))
-	mux.HandleFunc("DELETE /api/departments/{id}", auth(app.handleDeleteDepartment, "admin"))
+	mux.HandleFunc("POST /api/departments", auth(app.handleCreateDepartment, "admin", "ticketing", "staffing"))
+	mux.HandleFunc("PUT /api/departments/{id}", auth(app.handleUpdateDepartment, "admin", "ticketing", "staffing"))
+	mux.HandleFunc("DELETE /api/departments/{id}", auth(app.handleDeleteDepartment, "admin", "ticketing"))
 
-	mux.HandleFunc("GET /api/volunteers", auth(app.handleListVolunteers, "admin", "coordinator", "volunteer_lead"))
-	mux.HandleFunc("POST /api/volunteers", auth(app.handleCreateVolunteer, "admin", "coordinator", "volunteer_lead"))
-	mux.HandleFunc("GET /api/volunteers/{id}", auth(app.handleGetVolunteer, "admin", "coordinator", "volunteer_lead"))
-	mux.HandleFunc("PUT /api/volunteers/{id}", auth(app.handleUpdateVolunteer, "admin", "coordinator", "volunteer_lead"))
-	mux.HandleFunc("DELETE /api/volunteers/{id}", auth(app.handleDeleteVolunteer, "admin", "coordinator", "volunteer_lead"))
-	mux.HandleFunc("POST /api/volunteers/{id}/checkin", auth(app.handleCheckInVolunteer, "admin", "coordinator", "volunteer_lead"))
-	mux.HandleFunc("POST /api/volunteers/{id}/shifts", auth(app.handleAssignShift, "admin", "coordinator", "volunteer_lead"))
-	mux.HandleFunc("DELETE /api/volunteers/{id}/shifts/{shift_id}", auth(app.handleUnassignShift, "admin", "coordinator", "volunteer_lead"))
+	mux.HandleFunc("GET /api/volunteers", auth(app.handleListVolunteers, "admin", "ticketing", "staffing", "colead"))
+	mux.HandleFunc("POST /api/volunteers", auth(app.handleCreateVolunteer, "admin", "ticketing", "staffing", "colead"))
+	mux.HandleFunc("GET /api/volunteers/{id}", auth(app.handleGetVolunteer, "admin", "ticketing", "staffing", "colead"))
+	mux.HandleFunc("PUT /api/volunteers/{id}", auth(app.handleUpdateVolunteer, "admin", "ticketing", "staffing", "colead"))
+	mux.HandleFunc("DELETE /api/volunteers/{id}", auth(app.handleDeleteVolunteer, "admin", "ticketing", "staffing", "colead"))
+	mux.HandleFunc("POST /api/volunteers/{id}/checkin", auth(app.handleCheckInVolunteer, "admin", "ticketing", "staffing", "colead"))
+	mux.HandleFunc("POST /api/volunteers/{id}/shifts", auth(app.handleAssignShift, "admin", "ticketing", "staffing", "colead"))
+	mux.HandleFunc("DELETE /api/volunteers/{id}/shifts/{shift_id}", auth(app.handleUnassignShift, "admin", "ticketing", "staffing", "colead"))
 
-	mux.HandleFunc("GET /api/shifts", auth(app.handleListShifts, "admin", "coordinator", "volunteer_lead"))
-	mux.HandleFunc("POST /api/shifts", auth(app.handleCreateShift, "admin", "coordinator", "volunteer_lead"))
-	mux.HandleFunc("POST /api/shifts/reorder", auth(app.handleReorderShifts, "admin", "coordinator", "volunteer_lead"))
-	mux.HandleFunc("PUT /api/shifts/{id}", auth(app.handleUpdateShift, "admin", "coordinator", "volunteer_lead"))
-	mux.HandleFunc("DELETE /api/shifts/{id}", auth(app.handleDeleteShift, "admin", "coordinator", "volunteer_lead"))
-	mux.HandleFunc("POST /api/shifts/{id}/volunteers", auth(app.handleAssignShiftVolunteer, "admin", "coordinator", "volunteer_lead"))
-	mux.HandleFunc("DELETE /api/shifts/{id}/volunteers/{volunteer_id}", auth(app.handleUnassignShiftVolunteer, "admin", "coordinator", "volunteer_lead"))
+	mux.HandleFunc("GET /api/shifts", auth(app.handleListShifts, "admin", "ticketing", "staffing", "colead"))
+	mux.HandleFunc("POST /api/shifts", auth(app.handleCreateShift, "admin", "ticketing", "staffing", "colead"))
+	mux.HandleFunc("POST /api/shifts/reorder", auth(app.handleReorderShifts, "admin", "ticketing", "staffing", "colead"))
+	mux.HandleFunc("PUT /api/shifts/{id}", auth(app.handleUpdateShift, "admin", "ticketing", "staffing", "colead"))
+	mux.HandleFunc("DELETE /api/shifts/{id}", auth(app.handleDeleteShift, "admin", "ticketing", "staffing", "colead"))
+	mux.HandleFunc("POST /api/shifts/{id}/volunteers", auth(app.handleAssignShiftVolunteer, "admin", "ticketing", "staffing", "colead"))
+	mux.HandleFunc("DELETE /api/shifts/{id}/volunteers/{volunteer_id}", auth(app.handleUnassignShiftVolunteer, "admin", "ticketing", "staffing", "colead"))
 
-	mux.HandleFunc("GET /api/users", auth(app.handleListUsers, "admin"))
-	mux.HandleFunc("POST /api/users", auth(app.handleCreateUser, "admin"))
-	mux.HandleFunc("PUT /api/users/{id}", auth(app.handleUpdateUser, "admin"))
-	mux.HandleFunc("DELETE /api/users/{id}", auth(app.handleDeleteUser, "admin"))
+	mux.HandleFunc("GET /api/users", auth(app.handleListUsers, "admin", "ticketing"))
+	mux.HandleFunc("POST /api/users", auth(app.handleCreateUser, "admin", "ticketing"))
+	mux.HandleFunc("PUT /api/users/{id}", auth(app.handleUpdateUser, "admin", "ticketing"))
+	mux.HandleFunc("DELETE /api/users/{id}", auth(app.handleDeleteUser, "admin", "ticketing"))
 
-	mux.HandleFunc("GET /api/settings", auth(app.handleGetSettings, "admin"))
-	mux.HandleFunc("PUT /api/settings", auth(app.handleUpdateSettings, "admin"))
-	mux.HandleFunc("POST /api/settings/test-email", auth(app.handleTestEmail, "admin"))
-	mux.HandleFunc("POST /api/settings/reset-attendees", auth(app.handleResetAttendees, "admin"))
-	mux.HandleFunc("POST /api/settings/reset-tickets", auth(app.handleResetTickets, "admin"))
-	mux.HandleFunc("POST /api/settings/reset-volunteers", auth(app.handleResetVolunteers, "admin"))
-	mux.HandleFunc("POST /api/settings/reset-shifts", auth(app.handleResetShifts, "admin"))
-	mux.HandleFunc("POST /api/settings/reset-departments", auth(app.handleResetDepartments, "admin"))
-	mux.HandleFunc("POST /api/settings/reset-volunteer-shifts", auth(app.handleResetVolunteerShifts, "admin"))
+	mux.HandleFunc("GET /api/settings", auth(app.handleGetSettings, "admin", "ticketing"))
+	mux.HandleFunc("PUT /api/settings", auth(app.handleUpdateSettings, "admin", "ticketing"))
+	mux.HandleFunc("POST /api/settings/test-email", auth(app.handleTestEmail, "admin", "ticketing"))
+	mux.HandleFunc("POST /api/settings/reset-attendees", auth(app.handleResetAttendees, "admin", "ticketing"))
+	mux.HandleFunc("POST /api/settings/reset-tickets", auth(app.handleResetTickets, "admin", "ticketing"))
+	mux.HandleFunc("POST /api/settings/reset-volunteers", auth(app.handleResetVolunteers, "admin", "ticketing"))
+	mux.HandleFunc("POST /api/settings/reset-shifts", auth(app.handleResetShifts, "admin", "ticketing"))
+	mux.HandleFunc("POST /api/settings/reset-departments", auth(app.handleResetDepartments, "admin", "ticketing"))
+	mux.HandleFunc("POST /api/settings/reset-volunteer-shifts", auth(app.handleResetVolunteerShifts, "admin", "ticketing"))
 
 	mux.HandleFunc("POST /api/import", auth(app.handleImport, "admin", "ticketing"))
 
@@ -172,7 +172,7 @@ func (app *App) registerRoutes(mux *http.ServeMux) {
 		writeJSON(w, map[string]string{"build": buildID})
 	})
 
-	mux.HandleFunc("POST /api/settings/shift-signups", auth(app.handleToggleShiftSignups, "admin", "volunteer_lead"))
+	mux.HandleFunc("POST /api/settings/shift-signups", auth(app.handleToggleShiftSignups, "admin", "ticketing", "staffing"))
 
 	// Public endpoints — no JWT required.
 	mux.HandleFunc("GET /api/public/signup-config", app.handlePublicSignupConfig)

From 3906b73c61bfe5cec357eb4d140e3c7ad5f73dab Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Wed, 4 Mar 2026 14:19:51 -0600
Subject: [PATCH 07/47] Added ticket and participant creation. Revised Gate
 kiosk.

---
 frontend/src/api.js                    |   1 +
 frontend/src/pages/GateUI.svelte       | 193 ++++++++++---------------
 frontend/src/pages/Participants.svelte | 131 ++++++++++++++++-
 handle_participants.go                 |  22 +++
 main.go                                |   1 +
 5 files changed, 231 insertions(+), 117 deletions(-)

diff --git a/frontend/src/api.js b/frontend/src/api.js
index bf6fd0a..67d491e 100644
--- a/frontend/src/api.js
+++ b/frontend/src/api.js
@@ -66,6 +66,7 @@ export const api = {
   },
   tickets: {
     list: () => apiJSON('/api/tickets'),
+    create: (data) => apiJSON('/api/tickets', { method: 'POST', body: JSON.stringify(data) }),
     checkIn: (id) => apiJSON(`/api/tickets/${id}/checkin`, { method: 'POST' }),
     generateCodes: () => apiJSON('/api/tickets/generate-codes', { method: 'POST' }),
     emailCode: (id) => apiJSON(`/api/tickets/${id}/email-code`, { method: 'POST' }),
diff --git a/frontend/src/pages/GateUI.svelte b/frontend/src/pages/GateUI.svelte
index ab0a658..6c7dc71 100644
--- a/frontend/src/pages/GateUI.svelte
+++ b/frontend/src/pages/GateUI.svelte
@@ -16,10 +16,6 @@
   let detector = $state(null)
   let scanInterval = $state(null)
 
-  const attendees = liveQuery(() =>
-    db.attendees.filter(a => !a.deleted_at).toArray()
-  )
-
   const tickets = liveQuery(() =>
     db.tickets.filter(t => !t.deleted_at).toArray()
   )
@@ -29,19 +25,8 @@
   )
 
   const recentCheckIns = liveQuery(() =>
-    db.attendees
-      .filter(a => a.checked_in && !a.deleted_at)
-      .toArray()
-      .then(arr => arr
-        .filter(a => a.checked_in_at)
-        .sort((a, b) => b.checked_in_at.localeCompare(a.checked_in_at))
-        .slice(0, 10)
-      )
-  )
-
-  const recentTicketCheckIns = liveQuery(() =>
     db.tickets
-      .filter(t => t.checked_in_at && !t.deleted_at)
+      .filter(t => !!t.checked_in_at && !t.deleted_at)
       .toArray()
       .then(arr => arr
         .sort((a, b) => b.checked_in_at.localeCompare(a.checked_in_at))
@@ -49,38 +34,49 @@
       )
   )
 
-  // Ticket matched by code (exact) or attendee matched by search
+  // Exact code/external_id match (QR scan or typed code)
   const matchedTicket = $derived.by(() => {
     const s = search.trim()
     if (!s || s.length < 2) return null
     const sl = s.toLowerCase()
-    // Exact code match (QR scan)
     const byCode = ($tickets ?? []).find(t => t.code?.toLowerCase() === sl)
     if (byCode) return byCode
-    // Exact external_id match
     return ($tickets ?? []).find(t => t.external_id?.toLowerCase() === sl) ?? null
   })
 
-  const filtered = $derived.by(() => {
+  // Name/email search across participants
+  const filteredParticipants = $derived.by(() => {
+    if (matchedTicket) return []
     const s = search.trim().toLowerCase()
     if (!s || s.length < 2) return []
-    return ($attendees ?? [])
-      .filter(a => a.name.toLowerCase().includes(s) || a.ticket_id?.toLowerCase().includes(s) || a.email?.toLowerCase().includes(s))
-      .sort((a, b) => a.name.localeCompare(b.name))
+    return ($participants ?? [])
+      .filter(p =>
+        p.preferred_name?.toLowerCase().includes(s) ||
+        p.email?.toLowerCase().includes(s)
+      )
+      .sort((a, b) => (a.preferred_name || '').localeCompare(b.preferred_name || ''))
       .slice(0, 8)
   })
 
-  const selected = $derived.by(() => {
-    if (filtered.length === 1) return filtered[0]
-    const s = search.trim().toLowerCase()
-    return filtered.find(a => a.ticket_id?.toLowerCase() === s) ?? null
+  // Auto-select when exactly one participant matches
+  const selectedParticipant = $derived.by(() => {
+    if (filteredParticipants.length === 1) return filteredParticipants[0]
+    return null
   })
 
+  function ticketsFor(participantId) {
+    return ($tickets ?? []).filter(t => t.participant_id === participantId && !t.deleted_at)
+  }
+
   function participantFor(ticket) {
     if (!ticket?.participant_id) return null
     return ($participants ?? []).find(p => p.id === ticket.participant_id) ?? null
   }
 
+  function nameFor(ticket) {
+    return ticket.name || participantFor(ticket)?.preferred_name || '(unknown)'
+  }
+
   onMount(() => {
     qrSupported = 'BarcodeDetector' in window
   })
@@ -144,40 +140,6 @@
     }
   }
 
-  async function checkIn(attendee, count = 1) {
-    error = ''
-    try {
-      const result = await api.attendees.checkIn(attendee.id, { count })
-      if (result.attendee) {
-        await db.attendees.put(result.attendee)
-      }
-    } catch (err) {
-      error = err.message
-    }
-  }
-
-  async function checkInWithVolunteer(attendee) {
-    error = ''
-    try {
-      const result = await api.attendees.checkIn(attendee.id, { count: 1, also_volunteer: true })
-      if (result.attendee) await db.attendees.put(result.attendee)
-      if (result.volunteer) await db.volunteers.put(result.volunteer)
-    } catch (err) {
-      error = err.message
-    }
-  }
-
-  function remaining(a) {
-    return (a.party_size ?? 1) - (a.checked_in_count ?? 0)
-  }
-
-  function progressLabel(a) {
-    const ps = a.party_size ?? 1
-    const ci = a.checked_in_count ?? 0
-    if (ps <= 1) return null
-    return `${ci}/${ps} checked in`
-  }
-
   function fmt(ts) {
     if (!ts) return ''
     return new Date(ts).toLocaleTimeString([], { hour: '2-digit', minute: '2-digit' })
@@ -220,11 +182,11 @@
       <div class="gate-msg gate-msg-error">{error}</div>
     {/if}
 
-    <!-- Matched ticket card (ticket code scan) -->
-    {#if matchedTicket && !selected}
+    <!-- Exact code/ID match card -->
+    {#if matchedTicket}
       {@const p = participantFor(matchedTicket)}
       <div class="gate-match">
-        <div class="gate-match-name">{matchedTicket.name || p?.preferred_name || '(unknown)'}</div>
+        <div class="gate-match-name">{nameFor(matchedTicket)}</div>
         {#if matchedTicket.ticket_type}
           <div class="gate-match-sub">{matchedTicket.ticket_type}</div>
         {/if}
@@ -244,76 +206,71 @@
           {/if}
         </div>
       </div>
-    {/if}
 
-    <!-- Matched attendee card -->
-    {#if selected}
-      {@const rem = remaining(selected)}
-      {@const prog = progressLabel(selected)}
+    <!-- Single participant match — show their tickets -->
+    {:else if selectedParticipant}
+      {@const pts = ticketsFor(selectedParticipant.id)}
       <div class="gate-match">
-        <div class="gate-match-name">{selected.name}</div>
-        {#if selected.ticket_type}
-          <div class="gate-match-sub">{selected.ticket_type}</div>
+        <div class="gate-match-name">{selectedParticipant.preferred_name || selectedParticipant.email || '(unknown)'}</div>
+        {#if selectedParticipant.email}
+          <div class="gate-match-sub text-muted">{selectedParticipant.email}</div>
         {/if}
-        {#if selected.ticket_id}
-          <div class="gate-match-sub text-muted">#{selected.ticket_id}</div>
-        {/if}
-        {#if prog}
-          <div class="gate-party">
-            <span class="gate-party-label">{prog}</span>
+        {#if pts.length === 0}
+          <div class="gate-match-sub" style="margin-top:0.5rem;color:var(--c-warn)">No tickets on file</div>
+        {:else}
+          <div style="margin-top:0.75rem;display:flex;flex-direction:column;gap:0.4rem">
+            {#each pts as tk (tk.id)}
+              <div class="gate-ticket-row">
+                <span>
+                  <strong>{tk.name || '(unnamed)'}</strong>
+                  {#if tk.ticket_type}<span class="text-muted"> · {tk.ticket_type}</span>{/if}
+                </span>
+                {#if tk.checked_in_at}
+                  <span class="gate-done" style="font-size:0.8rem">✓ {fmt(tk.checked_in_at)}</span>
+                {:else}
+                  <button class="gbtn gbtn-success" style="padding:0.3rem 0.75rem;font-size:0.8rem"
+                    onclick={() => checkInTicket(tk)}>✓ Check in</button>
+                {/if}
+              </div>
+            {/each}
           </div>
         {/if}
-
-        <div class="gate-match-actions">
-          {#if rem > 0}
-            <button class="gbtn gbtn-success" onclick={() => checkIn(selected, 1)}>
-              ✓ Check in 1
-            </button>
-            {#if rem > 1}
-              <button class="gbtn gbtn-ghost" onclick={() => checkIn(selected, rem)}>
-                Check in all {rem}
-              </button>
-            {/if}
-          {:else}
-            <span class="gate-done">All checked in</span>
-          {/if}
-
-          {#if selected.volunteer_token && !selected.checked_in}
-            <button class="gbtn gbtn-ghost" onclick={() => checkInWithVolunteer(selected)}>
-              + Volunteer
-            </button>
-          {/if}
-        </div>
       </div>
-    {:else if search.trim().length >= 2 && filtered.length > 1}
-      <!-- Multiple results list -->
+
+    <!-- Multiple participant matches -->
+    {:else if search.trim().length >= 2 && filteredParticipants.length > 1}
       <div class="gate-results">
-        {#each filtered as a}
-          <button class="gate-result-row" onclick={() => search = a.ticket_id || a.name}>
+        {#each filteredParticipants as p}
+          {@const pts = ticketsFor(p.id)}
+          {@const ci = pts.filter(t => t.checked_in_at).length}
+          <button class="gate-result-row" onclick={() => search = p.preferred_name || p.email || ''}>
             <span>
-              <strong>{a.name}</strong>
-              {#if a.ticket_type} · {a.ticket_type}{/if}
+              <strong>{p.preferred_name || p.email || '(unknown)'}</strong>
+              {#if p.email && p.preferred_name}
+                <span class="text-muted" style="font-size:0.8rem"> · {p.email}</span>
+              {/if}
             </span>
-            <span class="badge {a.checked_in ? 'badge-checked' : 'badge-unchecked'}">
-              {a.checked_in ? 'In' : 'Pending'}
+            <span class="badge {ci === pts.length && pts.length > 0 ? 'badge-checked' : ci > 0 ? 'badge-partial' : 'badge-unchecked'}">
+              {pts.length > 0 ? `${ci}/${pts.length}` : 'No ticket'}
             </span>
           </button>
         {/each}
       </div>
-    {:else if search.trim().length >= 2 && filtered.length === 0 && !matchedTicket}
-      <div class="gate-msg gate-msg-warn">No matching attendees or tickets found.</div>
+
+    {:else if search.trim().length >= 2}
+      <div class="gate-msg gate-msg-warn">No matching participants or tickets found.</div>
     {/if}
 
     <!-- Recent check-ins -->
     <div class="gate-recent">
       <div class="gate-recent-title">Recent Check-ins</div>
       {#if ($recentCheckIns ?? []).length === 0}
-        <div class="gate-recent-empty">No check-ins yet today.</div>
+        <div class="gate-recent-empty">No check-ins yet.</div>
       {:else}
-        {#each $recentCheckIns ?? [] as a}
+        {#each $recentCheckIns ?? [] as tk}
           <div class="gate-recent-row">
-            <span>{a.name}</span>
-            <span class="text-muted">{fmt(a.checked_in_at)}</span>
+            <span>{nameFor(tk)}</span>
+            <span class="text-muted">{fmt(tk.checked_in_at)}</span>
           </div>
         {/each}
       {/if}
@@ -458,6 +415,16 @@
     align-items: center;
   }
 
+  .gate-ticket-row {
+    display: flex;
+    align-items: center;
+    justify-content: space-between;
+    padding: 0.4rem 0.6rem;
+    background: var(--c-bg);
+    border-radius: 6px;
+    font-size: 0.875rem;
+  }
+
   .gate-results {
     background: var(--c-surface);
     border: 1px solid var(--c-border);
diff --git a/frontend/src/pages/Participants.svelte b/frontend/src/pages/Participants.svelte
index b567039..726851c 100644
--- a/frontend/src/pages/Participants.svelte
+++ b/frontend/src/pages/Participants.svelte
@@ -11,10 +11,25 @@
   let generating = $state(false)
   let emailing = $state(false)
   let mergeMode = $state(false)
-  let mergeSource = $state(null)   // participant being merged away
-  let mergeTarget = $state(null)   // participant to keep
+  let mergeSource = $state(null)
+  let mergeTarget = $state(null)
   let expandedId = $state(null)
-  let expandedTickets = $state([])
+
+  // Add participant form
+  let showAdd = $state(false)
+  let adding = $state(false)
+  let newName = $state('')
+  let newEmail = $state('')
+  let newPhone = $state('')
+  let newPronouns = $state('')
+  let newNote = $state('')
+
+  // Add ticket form (per participant)
+  let addTicketFor = $state(null)   // participant id
+  let addingTicket = $state(false)
+  let newTicketName = $state('')
+  let newTicketType = $state('')
+  let newTicketExtId = $state('')
 
   const role = $derived(session?.user?.role ?? '')
   const canManage = $derived(['admin', 'ticketing'].includes(role))
@@ -114,6 +129,45 @@
     if (!ts) return ''
     return new Date(ts).toLocaleTimeString([], { hour: '2-digit', minute: '2-digit' })
   }
+
+  async function addParticipant(e) {
+    e.preventDefault()
+    adding = true; error = ''
+    try {
+      const p = await api.participants.create({
+        preferred_name: newName, email: newEmail, phone: newPhone,
+        pronouns: newPronouns, note: newNote,
+      })
+      await db.participants.put(p)
+      showAdd = false
+      newName = newEmail = newPhone = newPronouns = newNote = ''
+    } catch (err) {
+      error = err.message
+    } finally {
+      adding = false
+    }
+  }
+
+  async function addTicket(e, participantId) {
+    e.preventDefault()
+    addingTicket = true; error = ''
+    try {
+      const tk = await api.tickets.create({
+        participant_id: participantId,
+        name: newTicketName,
+        ticket_type: newTicketType,
+        external_id: newTicketExtId,
+        source: 'manual',
+      })
+      await db.tickets.put(tk)
+      addTicketFor = null
+      newTicketName = newTicketType = newTicketExtId = ''
+    } catch (err) {
+      error = err.message
+    } finally {
+      addingTicket = false
+    }
+  }
 </script>
 
 <div class="page">
@@ -121,6 +175,7 @@
     <h1 class="page-title">Participants</h1>
     <div class="actions">
       {#if canManage}
+        <button class="btn btn-primary btn-sm" onclick={() => showAdd = !showAdd}>+ Add</button>
         <a href="/api/participants/export" class="btn btn-ghost btn-sm">Export CSV</a>
         <button class="btn btn-ghost btn-sm" onclick={generateCodes} disabled={generating}>
           {generating ? '…' : '⚿ Generate Codes'}
@@ -133,6 +188,41 @@
     </div>
   </div>
 
+  {#if showAdd && canManage}
+    <div class="card" style="margin-bottom:1.5rem">
+      <form onsubmit={addParticipant}>
+        <div style="display:grid;grid-template-columns:1fr 1fr;gap:1rem">
+          <div class="form-group">
+            <label for="p-name">Name</label>
+            <input id="p-name" bind:value={newName} placeholder="Preferred name" />
+          </div>
+          <div class="form-group">
+            <label for="p-email">Email</label>
+            <input id="p-email" type="email" bind:value={newEmail} placeholder="email@example.com" />
+          </div>
+          <div class="form-group">
+            <label for="p-phone">Phone</label>
+            <input id="p-phone" bind:value={newPhone} placeholder="Optional" />
+          </div>
+          <div class="form-group">
+            <label for="p-pronouns">Pronouns</label>
+            <input id="p-pronouns" bind:value={newPronouns} placeholder="Optional" />
+          </div>
+        </div>
+        <div class="form-group">
+          <label for="p-note">Note</label>
+          <input id="p-note" bind:value={newNote} placeholder="Optional note" />
+        </div>
+        <div class="actions">
+          <button type="submit" class="btn btn-primary" disabled={adding || (!newName && !newEmail)}>
+            {adding ? 'Adding…' : 'Add participant'}
+          </button>
+          <button type="button" class="btn btn-ghost" onclick={() => showAdd = false}>Cancel</button>
+        </div>
+      </form>
+    </div>
+  {/if}
+
   {#if mergeMode && mergeSource}
     <div class="card" style="margin-bottom:1.5rem;border-color:var(--c-accent)">
       <div style="margin-bottom:0.75rem">
@@ -236,7 +326,7 @@
                 </td>
               {/if}
             </tr>
-            {#if isExpanded && pts.length > 0}
+            {#if isExpanded}
               <tr class="ticket-rows">
                 <td colspan="5">
                   <div class="ticket-list">
@@ -270,6 +360,24 @@
                         </div>
                       </div>
                     {/each}
+                    {#if canManage}
+                      {#if addTicketFor === p.id}
+                        <form class="ticket-add-form" onsubmit={(e) => addTicket(e, p.id)}>
+                          <input bind:value={newTicketName} placeholder="Name on ticket (optional)" style="flex:2" />
+                          <input bind:value={newTicketType} placeholder="Type (optional)" style="flex:1" />
+                          <input bind:value={newTicketExtId} placeholder="External ID (optional)" style="flex:1" />
+                          <button type="submit" class="btn btn-primary btn-sm" disabled={addingTicket}>
+                            {addingTicket ? '…' : 'Add'}
+                          </button>
+                          <button type="button" class="btn btn-ghost btn-sm" onclick={() => addTicketFor = null}>Cancel</button>
+                        </form>
+                      {:else}
+                        <button class="btn btn-ghost btn-sm" style="align-self:flex-start;margin-top:0.25rem"
+                          onclick={() => { addTicketFor = p.id; newTicketName = newTicketType = newTicketExtId = '' }}>
+                          + Add ticket
+                        </button>
+                      {/if}
+                    {/if}
                   </div>
                 </td>
               </tr>
@@ -294,6 +402,21 @@
     background: var(--c-surface);
     font-size: 0.875rem;
   }
+  .ticket-add-form {
+    display: flex;
+    gap: 0.4rem;
+    align-items: center;
+    flex-wrap: wrap;
+    padding: 0.4rem 0.6rem;
+    background: var(--c-bg);
+    border-radius: 6px;
+    border: 1px dashed var(--c-border);
+  }
+  .ticket-add-form input {
+    min-width: 0;
+    font-size: 0.825rem;
+    padding: 0.3rem 0.5rem;
+  }
   .badge-partial {
     background: rgba(245,158,11,0.15);
     color: var(--c-warn);
diff --git a/handle_participants.go b/handle_participants.go
index 3a5b290..6277824 100644
--- a/handle_participants.go
+++ b/handle_participants.go
@@ -131,6 +131,28 @@ func (app *App) handleExportParticipants(w http.ResponseWriter, r *http.Request)
 	wr.Flush()
 }
 
+func (app *App) handleCreateTicket(w http.ResponseWriter, r *http.Request) {
+	var t Ticket
+	if err := json.NewDecoder(r.Body).Decode(&t); err != nil {
+		writeError(w, "invalid request", http.StatusBadRequest)
+		return
+	}
+	if t.ParticipantID == nil {
+		writeError(w, "participant_id is required", http.StatusBadRequest)
+		return
+	}
+	if t.Source == "" {
+		t.Source = "manual"
+	}
+	created, err := app.createTicket(t)
+	if err != nil {
+		writeError(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	w.WriteHeader(http.StatusCreated)
+	writeJSON(w, created)
+}
+
 func (app *App) handleListTickets(w http.ResponseWriter, r *http.Request) {
 	tickets, err := app.listTickets(nil, "")
 	if err != nil {
diff --git a/main.go b/main.go
index 876e756..ee2db53 100644
--- a/main.go
+++ b/main.go
@@ -120,6 +120,7 @@ func (app *App) registerRoutes(mux *http.ServeMux) {
 	mux.HandleFunc("POST /api/participants/{id}/merge/{other_id}", auth(app.handleMergeParticipants, "admin", "ticketing"))
 
 	mux.HandleFunc("GET /api/tickets", auth(app.handleListTickets, "admin", "ticketing", "gatekeeper"))
+	mux.HandleFunc("POST /api/tickets", auth(app.handleCreateTicket, "admin", "ticketing"))
 	mux.HandleFunc("POST /api/tickets/{id}/checkin", auth(app.handleCheckInTicket, "admin", "ticketing", "gatekeeper"))
 	mux.HandleFunc("POST /api/tickets/generate-codes", auth(app.handleGenerateTokens, "admin", "ticketing"))
 	mux.HandleFunc("GET /api/tickets/export-links", auth(app.handleExportTokenLinks, "admin", "ticketing"))

From 219acb62d6dd96fdbc50d9d2eb9de50b7a0d13c1 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Wed, 4 Mar 2026 14:31:52 -0600
Subject: [PATCH 08/47] Tweaked Participants and Settings pages

---
 frontend/src/app.css                   |  1 +
 frontend/src/pages/Participants.svelte | 90 ++++++++++++++++++++------
 frontend/src/pages/Settings.svelte     |  4 +-
 3 files changed, 75 insertions(+), 20 deletions(-)

diff --git a/frontend/src/app.css b/frontend/src/app.css
index f10e75b..5727e4d 100644
--- a/frontend/src/app.css
+++ b/frontend/src/app.css
@@ -131,6 +131,7 @@ tr:hover td { background: rgba(255,255,255,0.02); }
 }
 .badge-checked   { background: rgba(34,197,94,0.15); color: var(--c-success); }
 .badge-unchecked { background: rgba(122,127,150,0.15); color: var(--c-muted); }
+.badge-partial   { background: rgba(245,158,11,0.15); color: var(--c-warn); }
 .badge-role      { background: rgba(99,102,241,0.15); color: var(--c-accent-h); }
 .badge-lead      { background: rgba(245,158,11,0.15); color: var(--c-warn); }
 
diff --git a/frontend/src/pages/Participants.svelte b/frontend/src/pages/Participants.svelte
index 726851c..0003bf0 100644
--- a/frontend/src/pages/Participants.svelte
+++ b/frontend/src/pages/Participants.svelte
@@ -24,6 +24,15 @@
   let newPronouns = $state('')
   let newNote = $state('')
 
+  // Edit participant
+  let editId = $state(null)
+  let editName = $state('')
+  let editEmail = $state('')
+  let editPhone = $state('')
+  let editPronouns = $state('')
+  let editNote = $state('')
+  let saving = $state(false)
+
   // Add ticket form (per participant)
   let addTicketFor = $state(null)   // participant id
   let addingTicket = $state(false)
@@ -57,14 +66,8 @@
     return ticketsFor(participantId).filter(t => t.checked_in_at).length
   }
 
-  async function toggleExpand(id) {
-    if (expandedId === id) {
-      expandedId = null
-      expandedTickets = []
-      return
-    }
-    expandedId = id
-    expandedTickets = ticketsFor(id)
+  function toggleExpand(id) {
+    expandedId = expandedId === id ? null : id
   }
 
   async function generateCodes() {
@@ -148,6 +151,32 @@
     }
   }
 
+  function startEdit(p) {
+    editId = p.id
+    editName = p.preferred_name
+    editEmail = p.email
+    editPhone = p.phone
+    editPronouns = p.pronouns
+    editNote = p.note
+  }
+
+  async function saveEdit(e) {
+    e.preventDefault()
+    saving = true; error = ''
+    try {
+      const p = await api.participants.update(editId, {
+        preferred_name: editName, email: editEmail, phone: editPhone,
+        pronouns: editPronouns, note: editNote,
+      })
+      await db.participants.put(p)
+      editId = null
+    } catch (err) {
+      error = err.message
+    } finally {
+      saving = false
+    }
+  }
+
   async function addTicket(e, participantId) {
     e.preventDefault()
     addingTicket = true; error = ''
@@ -283,6 +312,26 @@
             {@const ci = checkedInCount(p.id)}
             {@const isExpanded = expandedId === p.id}
             {@const isMergeTarget = mergeMode && mergeSource?.id !== p.id}
+            {@const isEditing = editId === p.id}
+            {#if isEditing}
+              <tr class="edit-row">
+                <td colspan={canManage ? 5 : 4}>
+                  <form class="participant-edit-form" onsubmit={saveEdit}>
+                    <div class="edit-fields">
+                      <input bind:value={editName} placeholder="Preferred name" />
+                      <input type="email" bind:value={editEmail} placeholder="Email" />
+                      <input bind:value={editPhone} placeholder="Phone" />
+                      <input bind:value={editPronouns} placeholder="Pronouns" />
+                      <input bind:value={editNote} placeholder="Note" style="flex:2" />
+                    </div>
+                    <div class="actions" style="margin-top:0.5rem">
+                      <button type="submit" class="btn btn-primary btn-sm" disabled={saving}>{saving ? 'Saving…' : 'Save'}</button>
+                      <button type="button" class="btn btn-ghost btn-sm" onclick={() => editId = null}>Cancel</button>
+                    </div>
+                  </form>
+                </td>
+              </tr>
+            {:else}
             <tr
               class:merge-target={isMergeTarget}
               onclick={mergeMode && mergeSource?.id !== p.id ? () => { mergeTarget = p } : null}
@@ -297,7 +346,12 @@
                   <div class="text-muted" style="font-size:0.78rem">{p.note}</div>
                 {/if}
               </td>
-              <td class="text-muted">{p.email || '—'}</td>
+              <td class="text-muted">
+                {p.email || '—'}
+                {#if p.phone}
+                  <div style="font-size:0.78rem">{p.phone}</div>
+                {/if}
+              </td>
               <td>
                 {#if pts.length > 0}
                   <button class="btn btn-ghost btn-sm" onclick={(e) => { e.stopPropagation(); toggleExpand(p.id) }}>
@@ -320,13 +374,16 @@
               {#if canManage}
                 <td>
                   {#if !mergeMode}
+                    <button class="btn btn-ghost btn-sm" onclick={(e) => { e.stopPropagation(); startEdit(p) }}
+                      title="Edit participant">✎</button>
                     <button class="btn btn-ghost btn-sm" onclick={(e) => { e.stopPropagation(); startMerge(p) }}
                       title="Merge this participant into another">⇄</button>
                   {/if}
                 </td>
               {/if}
             </tr>
-            {#if isExpanded}
+            {/if}
+            {#if isExpanded && !isEditing}
               <tr class="ticket-rows">
                 <td colspan="5">
                   <div class="ticket-list">
@@ -417,12 +474,9 @@
     font-size: 0.825rem;
     padding: 0.3rem 0.5rem;
   }
-  .badge-partial {
-    background: rgba(245,158,11,0.15);
-    color: var(--c-warn);
-    padding: 0.15rem 0.5rem;
-    border-radius: 99px;
-    font-size: 0.75rem;
-    font-weight: 600;
-  }
+  .edit-row td { padding: 0.5rem 1rem; background: var(--c-bg); }
+  .participant-edit-form { display: flex; flex-direction: column; gap: 0.25rem; }
+  .edit-fields { display: flex; gap: 0.4rem; flex-wrap: wrap; }
+  .edit-fields input { flex: 1; min-width: 120px; font-size: 0.825rem; padding: 0.3rem 0.5rem; width: auto; }
+
 </style>
diff --git a/frontend/src/pages/Settings.svelte b/frontend/src/pages/Settings.svelte
index 72d6b5b..5caf2ee 100644
--- a/frontend/src/pages/Settings.svelte
+++ b/frontend/src/pages/Settings.svelte
@@ -232,8 +232,8 @@
         Permanently delete all records of a given type. This cannot be undone.
       </p>
       <div style="display:flex;flex-wrap:wrap;gap:0.5rem">
-        <button class="btn btn-danger" onclick={() => resetModel('attendees', api.settings.resetAttendees)}>
-          Delete All Attendees
+        <button class="btn btn-danger" onclick={() => resetModel('tickets', api.settings.resetTickets)}>
+          Delete All Tickets
         </button>
         <button class="btn btn-danger" onclick={() => resetModel('volunteers', api.settings.resetVolunteers)}>
           Delete All Volunteers

From 64ce97c74d0c4d1954cf764d2f649d438c0db968 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Wed, 4 Mar 2026 14:50:05 -0600
Subject: [PATCH 09/47] Updated Participant search and delete. Filtered import.

---
 frontend/src/pages/Import.svelte       |  2 +-
 frontend/src/pages/Participants.svelte | 17 ++++++++++++++++-
 frontend/src/pages/Volunteers.svelte   | 20 +++++++++++++-------
 3 files changed, 30 insertions(+), 9 deletions(-)

diff --git a/frontend/src/pages/Import.svelte b/frontend/src/pages/Import.svelte
index a3f9ccc..17bff4d 100644
--- a/frontend/src/pages/Import.svelte
+++ b/frontend/src/pages/Import.svelte
@@ -53,7 +53,7 @@
         <strong style="color:var(--c-text)">Supported formats:</strong><br>
         <strong>CrowdWork / ticketing platform:</strong> columns <code>Patron Name</code>, <code>Patron Email</code>, <code>Tier Name</code>, <code>Order Number</code><br>
         <strong>Generic:</strong> columns <code>name</code>, <code>email</code>, <code>ticket_id</code>, <code>ticket_type</code>, <code>note</code><br>
-        Duplicate names are skipped.
+        Duplicate tickets (same source + external ID) are skipped. Participants are matched or created by email.
       </div>
 
       <button type="submit" class="btn btn-primary" disabled={!file || importing}>
diff --git a/frontend/src/pages/Participants.svelte b/frontend/src/pages/Participants.svelte
index 0003bf0..2495958 100644
--- a/frontend/src/pages/Participants.svelte
+++ b/frontend/src/pages/Participants.svelte
@@ -53,7 +53,8 @@
       .filter(p => {
         if (!s) return true
         return p.preferred_name?.toLowerCase().includes(s) ||
-               p.email?.toLowerCase().includes(s)
+               p.email?.toLowerCase().includes(s) ||
+               p.phone?.toLowerCase().includes(s)
       })
       .sort((a, b) => (a.preferred_name || a.email).localeCompare(b.preferred_name || b.email))
   })
@@ -177,6 +178,18 @@
     }
   }
 
+  async function deleteParticipant(id) {
+    if (!confirm('Permanently delete this participant and all their records?')) return
+    error = ''
+    try {
+      await api.participants.delete(id)
+      await db.participants.delete(id)
+      editId = null
+    } catch (err) {
+      error = err.message
+    }
+  }
+
   async function addTicket(e, participantId) {
     e.preventDefault()
     addingTicket = true; error = ''
@@ -327,6 +340,8 @@
                     <div class="actions" style="margin-top:0.5rem">
                       <button type="submit" class="btn btn-primary btn-sm" disabled={saving}>{saving ? 'Saving…' : 'Save'}</button>
                       <button type="button" class="btn btn-ghost btn-sm" onclick={() => editId = null}>Cancel</button>
+                      <span class="spacer"></span>
+                      <button type="button" class="btn btn-danger btn-sm" onclick={() => deleteParticipant(editId)}>Delete</button>
                     </div>
                   </form>
                 </td>
diff --git a/frontend/src/pages/Volunteers.svelte b/frontend/src/pages/Volunteers.svelte
index 98a0a01..39bc98b 100644
--- a/frontend/src/pages/Volunteers.svelte
+++ b/frontend/src/pages/Volunteers.svelte
@@ -14,7 +14,6 @@
   let adding = $state(false)
   let newName = $state('')
   let newEmail = $state('')
-  let newPhone = $state('')
   let newDeptID = $state('')
   let newIsLead = $state(false)
   let newNote = $state('')
@@ -25,6 +24,7 @@
   const allVolunteers = liveQuery(() =>
     db.volunteers.filter(v => !v.deleted_at).toArray()
   )
+  const allParticipants = liveQuery(() => db.participants.toArray())
   const allDepts = liveQuery(() =>
     db.departments.filter(d => !d.deleted_at).toArray()
       .then(arr => arr.sort((a, b) => a.name.localeCompare(b.name)))
@@ -62,7 +62,6 @@
       const data = {
         name: newName,
         email: newEmail,
-        phone: newPhone,
         is_lead: newIsLead,
         note: newNote,
       }
@@ -70,7 +69,7 @@
       const v = await api.volunteers.create(data)
       await db.volunteers.put(v)
       showAdd = false
-      newName = newEmail = newPhone = newNote = ''
+      newName = newEmail = newNote = ''
       newDeptID = ''
       newIsLead = false
     } catch (err) {
@@ -93,6 +92,10 @@
   function deptFor(id) {
     return ($allDepts ?? []).find(d => d.id === id)
   }
+
+  function participantFor(id) {
+    return ($allParticipants ?? []).find(p => p.id === id) ?? null
+  }
 </script>
 
 <div class="page">
@@ -121,10 +124,6 @@
             <label for="v-email">Email</label>
             <input id="v-email" type="email" bind:value={newEmail} placeholder="email@example.com" />
           </div>
-          <div class="form-group">
-            <label for="v-phone">Phone</label>
-            <input id="v-phone" bind:value={newPhone} placeholder="Optional" />
-          </div>
           <div class="form-group">
             <label for="v-dept">Department</label>
             <select id="v-dept" bind:value={newDeptID}>
@@ -195,12 +194,19 @@
         <tbody>
           {#each filtered as v (v.id)}
             {@const dept = deptFor(v.department_id)}
+            {@const participant = participantFor(v.participant_id)}
             <tr>
               <td>
                 <strong>{v.name}</strong>
                 {#if v.is_lead}
                   <span class="badge badge-lead" style="margin-left:0.4rem">Lead</span>
                 {/if}
+                {#if !v.participant_id}
+                  <span class="badge badge-unchecked" style="margin-left:0.4rem" title="Not linked to a participant — no ticket record">No ticket</span>
+                {/if}
+                {#if v.email}
+                  <div class="text-muted" style="font-size:0.78rem">{v.email}</div>
+                {/if}
                 {#if v.note}
                   <div class="text-muted" style="font-size:0.78rem">{v.note}</div>
                 {/if}

From 260e017f7964ece5f090c65f361ec0b9f4618d16 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Wed, 4 Mar 2026 15:27:03 -0600
Subject: [PATCH 10/47] Cleaned up old Attendees model. Updated tests.

---
 frontend/src/api.js                 |  16 --
 frontend/src/api.test.js            |  14 +-
 frontend/src/db.js                  |   6 +
 frontend/src/db.test.js             |   4 +-
 frontend/src/pages/Attendees.svelte | 274 ----------------------------
 frontend/src/sync.js                |  11 +-
 frontend/src/sync.test.js           |  27 +--
 handle_attendees.go                 | 177 ------------------
 handle_attendees_test.go            |  52 +++---
 handle_settings.go                  |  11 --
 handle_settings_test.go             |  20 +-
 handle_sync.go                      |   5 -
 handle_sync_test.go                 |  44 ++---
 main.go                             |  13 --
 14 files changed, 90 insertions(+), 584 deletions(-)
 delete mode 100644 frontend/src/pages/Attendees.svelte
 delete mode 100644 handle_attendees.go

diff --git a/frontend/src/api.js b/frontend/src/api.js
index 67d491e..b0767e6 100644
--- a/frontend/src/api.js
+++ b/frontend/src/api.js
@@ -72,21 +72,6 @@ export const api = {
     emailCode: (id) => apiJSON(`/api/tickets/${id}/email-code`, { method: 'POST' }),
     emailAllCodes: () => apiJSON('/api/tickets/email-codes', { method: 'POST' }),
   },
-  attendees: {
-    list: (params = {}) => apiJSON('/api/attendees?' + new URLSearchParams(params)),
-    get: (id) => apiJSON(`/api/attendees/${id}`),
-    create: (data) => apiJSON('/api/attendees', { method: 'POST', body: JSON.stringify(data) }),
-    update: (id, data) => apiJSON(`/api/attendees/${id}`, { method: 'PUT', body: JSON.stringify(data) }),
-    delete: (id) => apiFetch(`/api/attendees/${id}`, { method: 'DELETE' }),
-    checkIn: (id, opts = {}) =>
-      apiJSON(`/api/attendees/${id}/checkin`, { method: 'POST', body: JSON.stringify(opts) }),
-    generateTokens: () =>
-      apiJSON('/api/attendees/generate-tokens', { method: 'POST' }),
-    emailToken: (id) =>
-      apiJSON(`/api/attendees/${id}/email-token`, { method: 'POST' }),
-    emailAllTokens: () =>
-      apiJSON('/api/attendees/email-tokens', { method: 'POST' }),
-  },
   volunteers: {
     list: (params = {}) => apiJSON('/api/volunteers?' + new URLSearchParams(params)),
     get: (id) => apiJSON(`/api/volunteers/${id}`),
@@ -126,7 +111,6 @@ export const api = {
     update: (data) => apiJSON('/api/settings', { method: 'PUT', body: JSON.stringify(data) }),
     testEmail: (to) => apiJSON('/api/settings/test-email', { method: 'POST', body: JSON.stringify({ to }) }),
     toggleShiftSignups: (open) => apiJSON('/api/settings/shift-signups', { method: 'POST', body: JSON.stringify({ open }) }),
-    resetAttendees: () => apiJSON('/api/settings/reset-attendees', { method: 'POST' }),
     resetTickets: () => apiJSON('/api/settings/reset-tickets', { method: 'POST' }),
     resetVolunteers: () => apiJSON('/api/settings/reset-volunteers', { method: 'POST' }),
     resetShifts: () => apiJSON('/api/settings/reset-shifts', { method: 'POST' }),
diff --git a/frontend/src/api.test.js b/frontend/src/api.test.js
index f6527f5..974dd32 100644
--- a/frontend/src/api.test.js
+++ b/frontend/src/api.test.js
@@ -71,16 +71,16 @@ describe('api methods', () => {
     expect(JSON.parse(opts.body)).toEqual({ username: 'admin', password: 'pass' })
   })
 
-  it('attendees.list calls correct endpoint', async () => {
-    const f = mockFetch({ attendees: [] })
-    await api.attendees.list({ search: 'test' })
-    expect(f.mock.calls[0][0]).toBe('/api/attendees?search=test')
+  it('participants.list calls correct endpoint', async () => {
+    const f = mockFetch({ participants: [] })
+    await api.participants.list({ search: 'test' })
+    expect(f.mock.calls[0][0]).toBe('/api/participants?search=test')
   })
 
-  it('attendees.delete uses DELETE method', async () => {
+  it('participants.delete uses DELETE method', async () => {
     const f = mockFetch({}, 204)
-    await api.attendees.delete(5)
-    expect(f.mock.calls[0][0]).toBe('/api/attendees/5')
+    await api.participants.delete(5)
+    expect(f.mock.calls[0][0]).toBe('/api/participants/5')
     expect(f.mock.calls[0][1].method).toBe('DELETE')
   })
 
diff --git a/frontend/src/db.js b/frontend/src/db.js
index 6f45ba8..a09f332 100644
--- a/frontend/src/db.js
+++ b/frontend/src/db.js
@@ -40,6 +40,12 @@ db.version(3).stores({
   outbox: '++id, table, op, synced_at',
 })
 
+db.version(4).stores({
+  attendees: null,
+  outbox: null,
+  volunteers: 'id, name, department_id, checked_in, participant_id, deleted_at',
+})
+
 export async function getLastSync() {
   const m = await db.meta.get('last_sync')
   return m?.value ?? ''
diff --git a/frontend/src/db.test.js b/frontend/src/db.test.js
index 38fc57d..282b6fc 100644
--- a/frontend/src/db.test.js
+++ b/frontend/src/db.test.js
@@ -9,8 +9,8 @@ describe('db schema', () => {
   it('has expected tables', () => {
     const names = db.tables.map(t => t.name).sort()
     expect(names).toEqual([
-      'attendees', 'departments', 'event', 'meta',
-      'outbox', 'participants', 'session', 'shifts', 'tickets', 'volunteer_shifts', 'volunteers',
+      'departments', 'event', 'meta',
+      'participants', 'session', 'shifts', 'tickets', 'volunteer_shifts', 'volunteers',
     ])
   })
 })
diff --git a/frontend/src/pages/Attendees.svelte b/frontend/src/pages/Attendees.svelte
deleted file mode 100644
index 72619b8..0000000
--- a/frontend/src/pages/Attendees.svelte
+++ /dev/null
@@ -1,274 +0,0 @@
-<script>
-  import { liveQuery } from 'dexie'
-  import { db } from '../db.js'
-  import { api } from '../api.js'
-  import CheckInButton from '../components/CheckInButton.svelte'
-
-  let { session } = $props()
-
-  let search = $state('')
-  let filterType = $state('')
-  let filterChecked = $state('')
-  let error = $state('')
-  let success = $state('')
-  let showAdd = $state(false)
-  let newName = $state('')
-  let newEmail = $state('')
-  let newPhone = $state('')
-  let newTicketID = $state('')
-  let newTicketType = $state('')
-  let newNote = $state('')
-  let adding = $state(false)
-  let generating = $state(false)
-  let emailing = $state(false)
-
-  const role = $derived(session?.user?.role ?? '')
-  const canManage = $derived(['admin', 'ticketing'].includes(role))
-  const canCheckIn = $derived(['admin', 'ticketing', 'gate'].includes(role))
-
-  const allAttendees = liveQuery(() => db.attendees.toArray())
-  const ticketTypes = liveQuery(() =>
-    db.attendees.orderBy('ticket_type').uniqueKeys()
-  )
-
-  const filtered = $derived.by(() => {
-    const list = $allAttendees ?? []
-    const s = search.toLowerCase()
-    return list
-      .filter(a => {
-        if (filterType && a.ticket_type !== filterType) return false
-        if (filterChecked === 'true' && !a.checked_in) return false
-        if (filterChecked === 'false' && a.checked_in) return false
-        if (s && !a.name.toLowerCase().includes(s) &&
-            !a.email.toLowerCase().includes(s) &&
-            !a.ticket_id.toLowerCase().includes(s)) return false
-        return true
-      })
-      .sort((a, b) => a.name.localeCompare(b.name))
-  })
-
-  async function checkIn(attendee) {
-    try {
-      const result = await api.attendees.checkIn(attendee.id)
-      if (result.attendee) await db.attendees.put(result.attendee)
-    } catch (err) {
-      error = err.message
-    }
-  }
-
-  async function addAttendee(e) {
-    e.preventDefault()
-    adding = true
-    error = ''
-    try {
-      const a = await api.attendees.create({
-        name: newName, email: newEmail, phone: newPhone,
-        ticket_id: newTicketID, ticket_type: newTicketType, note: newNote,
-      })
-      await db.attendees.put(a)
-      showAdd = false
-      newName = newEmail = newPhone = newTicketID = newTicketType = newNote = ''
-    } catch (err) {
-      error = err.message
-    } finally {
-      adding = false
-    }
-  }
-
-  async function generateTokens() {
-    generating = true
-    error = ''
-    success = ''
-    try {
-      const result = await api.attendees.generateTokens()
-      success = `Generated ${result.generated} token${result.generated !== 1 ? 's' : ''}.`
-    } catch (err) {
-      error = err.message
-    } finally {
-      generating = false
-    }
-  }
-
-  async function emailAll() {
-    if (!confirm('Send token emails to all attendees with a token and email address?')) return
-    emailing = true
-    error = ''
-    success = ''
-    try {
-      const result = await api.attendees.emailAllTokens()
-      success = `Sent ${result.sent} email${result.sent !== 1 ? 's' : ''}${result.skipped ? `, skipped ${result.skipped}` : ''}.`
-      if (result.errors?.length) error = result.errors.join('; ')
-    } catch (err) {
-      error = err.message
-    } finally {
-      emailing = false
-    }
-  }
-
-  async function emailToken(attendee) {
-    error = ''
-    success = ''
-    try {
-      await api.attendees.emailToken(attendee.id)
-      success = `Token email sent to ${attendee.name}.`
-    } catch (err) {
-      error = err.message
-    }
-  }
-</script>
-
-<div class="page">
-  <div class="page-header">
-    <h1 class="page-title">Attendees</h1>
-    <div class="actions">
-      {#if canManage}
-        <button class="btn btn-primary btn-sm" onclick={() => showAdd = !showAdd}>+ Add</button>
-        <a href="/api/attendees/export" class="btn btn-ghost btn-sm">Export CSV</a>
-        <button class="btn btn-ghost btn-sm" onclick={generateTokens} disabled={generating}>
-          {generating ? '…' : '⚿ Tokens'}
-        </button>
-        <a href="/api/attendees/export-tokens" class="btn btn-ghost btn-sm">Export Links</a>
-        <button class="btn btn-ghost btn-sm" onclick={emailAll} disabled={emailing}>
-          {emailing ? '…' : '✉ Email All'}
-        </button>
-      {/if}
-    </div>
-  </div>
-
-  {#if error}
-    <div class="alert alert-error">{error}</div>
-  {/if}
-  {#if success}
-    <div class="alert alert-success">{success}</div>
-  {/if}
-
-  {#if showAdd && canManage}
-    <div class="card" style="margin-bottom:1.5rem">
-      <form onsubmit={addAttendee}>
-        <div style="display:grid;grid-template-columns:1fr 1fr;gap:1rem">
-          <div class="form-group">
-            <label for="new-name">Name *</label>
-            <input id="new-name" bind:value={newName} required placeholder="Full name" />
-          </div>
-          <div class="form-group">
-            <label for="new-email">Email</label>
-            <input id="new-email" type="email" bind:value={newEmail} placeholder="email@example.com" />
-          </div>
-          <div class="form-group">
-            <label for="new-ticket-id">Ticket ID</label>
-            <input id="new-ticket-id" bind:value={newTicketID} placeholder="From ticketing system" />
-          </div>
-          <div class="form-group">
-            <label for="new-ticket-type">Ticket type</label>
-            <input id="new-ticket-type" bind:value={newTicketType} placeholder="e.g. General, VIP" />
-          </div>
-        </div>
-        <div class="form-group">
-          <label for="new-note">Note</label>
-          <input id="new-note" bind:value={newNote} placeholder="Optional note" />
-        </div>
-        <div class="actions">
-          <button type="submit" class="btn btn-primary" disabled={adding}>
-            {adding ? 'Adding…' : 'Add attendee'}
-          </button>
-          <button type="button" class="btn btn-ghost" onclick={() => showAdd = false}>Cancel</button>
-        </div>
-      </form>
-    </div>
-  {/if}
-
-  <div class="search-bar">
-    <input placeholder="Search name, email, ticket ID…" bind:value={search} />
-    {#if ($ticketTypes ?? []).length > 0}
-      <select bind:value={filterType} style="width:auto">
-        <option value="">All types</option>
-        {#each $ticketTypes ?? [] as t}
-          <option value={t}>{t}</option>
-        {/each}
-      </select>
-    {/if}
-    <select bind:value={filterChecked} style="width:auto">
-      <option value="">All</option>
-      <option value="false">Not checked in</option>
-      <option value="true">Checked in</option>
-    </select>
-    <span class="text-muted" style="font-size:0.85rem;white-space:nowrap">
-      {filtered.length} shown
-    </span>
-  </div>
-
-  {#if ($allAttendees ?? []).length === 0}
-    <div class="empty">
-      <strong>No attendees yet</strong>
-      <p>Import a CSV or add attendees manually.</p>
-    </div>
-  {:else}
-    <div class="table-wrap">
-      <table>
-        <thead>
-          <tr>
-            <th>Name</th>
-            <th>Ticket type</th>
-            <th>Email</th>
-            <th>Status</th>
-            {#if canCheckIn}<th></th>{/if}
-          </tr>
-        </thead>
-        <tbody>
-          {#each filtered as a (a.id)}
-            <tr>
-              <td>
-                <strong>{a.name}</strong>
-                {#if a.ticket_id}
-                  <span class="text-muted" style="font-size:0.8rem"> · {a.ticket_id}</span>
-                {/if}
-                {#if (a.party_size ?? 1) > 1}
-                  <span class="badge badge-lead" style="margin-left:0.3rem">×{a.party_size}</span>
-                {/if}
-                {#if a.note}
-                  <div class="text-muted" style="font-size:0.78rem">{a.note}</div>
-                {/if}
-              </td>
-              <td class="text-muted">{a.ticket_type || '—'}</td>
-              <td>
-                <div>{a.email || '—'}</div>
-                {#if a.volunteer_token && canManage}
-                  <div style="font-size:0.75rem;margin-top:0.15rem">
-                    <code style="color:var(--c-accent-h)">{a.volunteer_token}</code>
-                    {#if a.email}
-                      <button class="btn btn-ghost btn-sm" style="padding:0.1rem 0.4rem;margin-left:0.25rem"
-                        onclick={() => emailToken(a)}>✉</button>
-                    {/if}
-                  </div>
-                {/if}
-              </td>
-              <td>
-                {#if (a.party_size ?? 1) > 1}
-                  <span class="badge {a.checked_in ? 'badge-checked' : 'badge-unchecked'}">
-                    {a.checked_in_count ?? 0}/{a.party_size} in
-                  </span>
-                {:else}
-                  <span class="badge {a.checked_in ? 'badge-checked' : 'badge-unchecked'}">
-                    {a.checked_in ? 'Checked in' : 'Pending'}
-                  </span>
-                {/if}
-                {#if a.checked_in_at}
-                  <div class="text-muted" style="font-size:0.75rem">
-                    {new Date(a.checked_in_at).toLocaleTimeString()}
-                  </div>
-                {/if}
-              </td>
-              {#if canCheckIn}
-                <td>
-                  {#if (a.checked_in_count ?? 0) < (a.party_size ?? 1)}
-                    <CheckInButton onclick={() => checkIn(a)} />
-                  {/if}
-                </td>
-              {/if}
-            </tr>
-          {/each}
-        </tbody>
-      </table>
-    </div>
-  {/if}
-</div>
diff --git a/frontend/src/sync.js b/frontend/src/sync.js
index e8f2d1a..fa3b641 100644
--- a/frontend/src/sync.js
+++ b/frontend/src/sync.js
@@ -12,17 +12,11 @@ export async function syncPull() {
     const data = await api.sync.pull(since)
 
     await db.transaction('rw',
-      [db.event, db.attendees, db.participants, db.tickets, db.departments, db.volunteers, db.shifts, db.volunteer_shifts],
+      [db.event, db.participants, db.tickets, db.departments, db.volunteers, db.shifts, db.volunteer_shifts],
       async () => {
         if (data.event) {
           await db.event.put(data.event)
         }
-        if (data.attendees?.length) {
-          await db.attendees.bulkPut(data.attendees)
-          // Purge hard-deleted records from Dexie
-          const deleted = data.attendees.filter(a => a.deleted_at).map(a => a.id)
-          if (deleted.length) await db.attendees.bulkDelete(deleted)
-        }
         if (data.participants?.length) {
           await db.participants.bulkPut(data.participants)
           const deleted = data.participants.filter(p => p.deleted_at).map(p => p.id)
@@ -82,9 +76,6 @@ export function startSSE(onEvent) {
         try {
           const payload = JSON.parse(e.data)
           if (payload.event === 'checkin') {
-            if (payload.data?.type === 'attendee' && payload.data?.attendee) {
-              await db.attendees.put(payload.data.attendee)
-            }
             if (payload.data?.type === 'ticket' && payload.data?.ticket) {
               await db.tickets.put(payload.data.ticket)
             }
diff --git a/frontend/src/sync.test.js b/frontend/src/sync.test.js
index 2c8915e..21c213e 100644
--- a/frontend/src/sync.test.js
+++ b/frontend/src/sync.test.js
@@ -18,30 +18,31 @@ function mockFetch(body = {}, status = 200) {
 }
 
 describe('syncPull', () => {
-  it('writes attendees to Dexie', async () => {
+  it('writes participants to Dexie', async () => {
     mockFetch({
       server_time: '2026-03-01T12:00:00Z',
-      attendees: [{ id: 1, name: 'Titania' }],
+      participants: [{ id: 1, preferred_name: 'Titania', email: 'titania@example.com' }],
+      tickets: [],
       departments: [],
       volunteers: [],
       shifts: [],
       volunteer_shifts: [],
     })
-    // Import fresh to reset syncing guard
     const { syncPull } = await import('./sync.js')
     await syncPull()
 
-    const a = await db.attendees.get(1)
-    expect(a.name).toBe('Titania')
+    const p = await db.participants.get(1)
+    expect(p.preferred_name).toBe('Titania')
     expect(await getLastSync()).toBe('2026-03-01T12:00:00Z')
   })
 
-  it('deletes soft-deleted attendees from Dexie', async () => {
-    await db.attendees.put({ id: 1, name: 'Titania' })
+  it('deletes soft-deleted participants from Dexie', async () => {
+    await db.participants.put({ id: 1, preferred_name: 'Titania', email: 'titania@example.com' })
 
     mockFetch({
       server_time: '2026-03-01T13:00:00Z',
-      attendees: [{ id: 1, name: 'Titania', deleted_at: '2026-03-01T12:30:00Z' }],
+      participants: [{ id: 1, preferred_name: 'Titania', deleted_at: '2026-03-01T12:30:00Z' }],
+      tickets: [],
       departments: [],
       volunteers: [],
       shifts: [],
@@ -50,8 +51,8 @@ describe('syncPull', () => {
     const { syncPull } = await import('./sync.js')
     await syncPull()
 
-    const a = await db.attendees.get(1)
-    expect(a).toBeUndefined()
+    const p = await db.participants.get(1)
+    expect(p).toBeUndefined()
   })
 
   it('deletes soft-deleted volunteer_shifts from Dexie', async () => {
@@ -59,7 +60,8 @@ describe('syncPull', () => {
 
     mockFetch({
       server_time: '2026-03-01T13:00:00Z',
-      attendees: [],
+      participants: [],
+      tickets: [],
       departments: [],
       volunteers: [],
       shifts: [],
@@ -75,7 +77,8 @@ describe('syncPull', () => {
   it('sets lastSync timestamp', async () => {
     mockFetch({
       server_time: '2026-03-02T00:00:00Z',
-      attendees: [],
+      participants: [],
+      tickets: [],
       departments: [],
       volunteers: [],
       shifts: [],
diff --git a/handle_attendees.go b/handle_attendees.go
deleted file mode 100644
index 0ee5628..0000000
--- a/handle_attendees.go
+++ /dev/null
@@ -1,177 +0,0 @@
-package main
-
-import (
-	"encoding/csv"
-	"encoding/json"
-	"net/http"
-	"strconv"
-)
-
-func (app *App) handleListAttendees(w http.ResponseWriter, r *http.Request) {
-	q := r.URL.Query()
-	attendees, err := app.listAttendees(q.Get("search"), q.Get("ticket_type"), q.Get("checked_in"))
-	if err != nil {
-		writeError(w, err.Error(), http.StatusInternalServerError)
-		return
-	}
-	types, _ := app.attendeeTicketTypes()
-	total, checkedIn, _ := app.attendeeCounts()
-	writeJSON(w, map[string]any{
-		"attendees":    attendees,
-		"ticket_types": types,
-		"total":        total,
-		"checked_in":   checkedIn,
-	})
-}
-
-func (app *App) handleCreateAttendee(w http.ResponseWriter, r *http.Request) {
-	var a Attendee
-	if err := json.NewDecoder(r.Body).Decode(&a); err != nil {
-		writeError(w, "invalid request", http.StatusBadRequest)
-		return
-	}
-	if a.Name == "" {
-		writeError(w, "name is required", http.StatusBadRequest)
-		return
-	}
-	created, err := app.createAttendee(a)
-	if err != nil {
-		writeError(w, err.Error(), http.StatusInternalServerError)
-		return
-	}
-	w.WriteHeader(http.StatusCreated)
-	writeJSON(w, created)
-}
-
-func (app *App) handleGetAttendee(w http.ResponseWriter, r *http.Request) {
-	id, err := strconv.Atoi(r.PathValue("id"))
-	if err != nil {
-		writeError(w, "invalid id", http.StatusBadRequest)
-		return
-	}
-	a, err := app.getAttendee(id)
-	if err != nil || a == nil {
-		writeError(w, "not found", http.StatusNotFound)
-		return
-	}
-	writeJSON(w, a)
-}
-
-func (app *App) handleUpdateAttendee(w http.ResponseWriter, r *http.Request) {
-	id, err := strconv.Atoi(r.PathValue("id"))
-	if err != nil {
-		writeError(w, "invalid id", http.StatusBadRequest)
-		return
-	}
-	var a Attendee
-	if err := json.NewDecoder(r.Body).Decode(&a); err != nil {
-		writeError(w, "invalid request", http.StatusBadRequest)
-		return
-	}
-	if a.Name == "" {
-		writeError(w, "name is required", http.StatusBadRequest)
-		return
-	}
-	a.ID = id
-	if err := app.updateAttendee(a); err != nil {
-		writeError(w, err.Error(), http.StatusInternalServerError)
-		return
-	}
-	updated, _ := app.getAttendee(id)
-	writeJSON(w, updated)
-}
-
-func (app *App) handleDeleteAttendee(w http.ResponseWriter, r *http.Request) {
-	id, err := strconv.Atoi(r.PathValue("id"))
-	if err != nil {
-		writeError(w, "invalid id", http.StatusBadRequest)
-		return
-	}
-	if err := app.deleteAttendee(id); err != nil {
-		writeError(w, err.Error(), http.StatusInternalServerError)
-		return
-	}
-	w.WriteHeader(http.StatusNoContent)
-}
-
-// handleCheckInAttendee handles POST /api/attendees/:id/checkin.
-// Optional body: {"count": N, "also_volunteer": true}
-// Returns {"attendee": ..., "volunteer": ...} — volunteer is included if also_volunteer=true
-// and the attendee has a linked volunteer record.
-func (app *App) handleCheckInAttendee(w http.ResponseWriter, r *http.Request) {
-	id, err := strconv.Atoi(r.PathValue("id"))
-	if err != nil {
-		writeError(w, "invalid id", http.StatusBadRequest)
-		return
-	}
-
-	var body struct {
-		Count         int  `json:"count"`
-		AlsoVolunteer bool `json:"also_volunteer"`
-	}
-	body.Count = 1
-	json.NewDecoder(r.Body).Decode(&body)
-	if body.Count < 1 {
-		body.Count = 1
-	}
-
-	claims := claimsFromContext(r)
-	a, err := app.checkInAttendee(id, claims.UserID, body.Count)
-	if err != nil {
-		writeError(w, err.Error(), http.StatusInternalServerError)
-		return
-	}
-
-	result := map[string]any{"attendee": a}
-
-	if body.AlsoVolunteer {
-		// Try to find volunteer via participant_id first (new model), fall back to attendee_id (legacy).
-		var v *Volunteer
-		if a != nil {
-			p, _ := app.getParticipantByEmail(a.Email)
-			if p != nil {
-				v, _ = app.getVolunteerByParticipantID(p.ID)
-			}
-		}
-		if v == nil {
-			v, _ = app.getVolunteerByAttendeeID(id)
-		}
-		if v != nil {
-			if !v.CheckedIn {
-				if v2, err := app.checkInVolunteer(v.ID, claims.UserID); err == nil {
-					result["volunteer"] = v2
-					app.broker.publish("checkin", map[string]any{"type": "volunteer", "volunteer": v2})
-				}
-			} else {
-				result["volunteer"] = v
-			}
-		}
-	}
-
-	app.broker.publish("checkin", map[string]any{"type": "attendee", "attendee": a})
-	writeJSON(w, result)
-}
-
-func (app *App) handleExportAttendees(w http.ResponseWriter, r *http.Request) {
-	attendees, err := app.listAttendees("", "", "")
-	if err != nil {
-		writeError(w, err.Error(), http.StatusInternalServerError)
-		return
-	}
-	w.Header().Set("Content-Type", "text/csv")
-	w.Header().Set("Content-Disposition", `attachment; filename="attendees.csv"`)
-	wr := csv.NewWriter(w)
-	wr.Write([]string{"name", "email", "phone", "ticket_id", "ticket_type", "party_size", "checked_in_count", "note", "checked_in"})
-	for _, a := range attendees {
-		ci := "no"
-		if a.CheckedIn {
-			ci = "yes"
-		}
-		wr.Write([]string{
-			a.Name, a.Email, a.Phone, a.TicketID, a.TicketType,
-			strconv.Itoa(a.PartySize), strconv.Itoa(a.CheckedInCount),
-			a.Note, ci,
-		})
-	}
-	wr.Flush()
-}
diff --git a/handle_attendees_test.go b/handle_attendees_test.go
index ff2a196..c5e6adb 100644
--- a/handle_attendees_test.go
+++ b/handle_attendees_test.go
@@ -6,14 +6,14 @@ import (
 	"testing"
 )
 
-func TestAttendeesListCreateDelete(t *testing.T) {
+func TestParticipantsListCreateDelete(t *testing.T) {
 	app := testApp(t)
 	admin := testAdminUser(t, app)
 	token := testToken(t, app, admin)
 	mux := testMux(app)
 
 	// Create
-	req := testAuthRequest("POST", "/api/attendees", map[string]string{"name": "Titania"}, token)
+	req := testAuthRequest("POST", "/api/participants", map[string]string{"preferred_name": "Titania", "email": "titania@example.com"}, token)
 	w := httptest.NewRecorder()
 	mux.ServeHTTP(w, req)
 	if w.Code != http.StatusCreated {
@@ -23,20 +23,20 @@ func TestAttendeesListCreateDelete(t *testing.T) {
 	id := created["id"].(float64)
 
 	// List
-	req = testAuthRequest("GET", "/api/attendees", nil, token)
+	req = testAuthRequest("GET", "/api/participants", nil, token)
 	w = httptest.NewRecorder()
 	mux.ServeHTTP(w, req)
 	if w.Code != http.StatusOK {
 		t.Fatalf("list: status = %d", w.Code)
 	}
 	list := parseJSON(t, w)
-	attendees := list["attendees"].([]any)
-	if len(attendees) != 1 {
-		t.Errorf("list: got %d, want 1", len(attendees))
+	participants := list["participants"].([]any)
+	if len(participants) != 1 {
+		t.Errorf("list: got %d, want 1", len(participants))
 	}
 
 	// Delete
-	req = testAuthRequest("DELETE", "/api/attendees/"+itoa(int(id)), nil, token)
+	req = testAuthRequest("DELETE", "/api/participants/"+itoa(int(id)), nil, token)
 	w = httptest.NewRecorder()
 	mux.ServeHTTP(w, req)
 	if w.Code != http.StatusNoContent {
@@ -44,66 +44,66 @@ func TestAttendeesListCreateDelete(t *testing.T) {
 	}
 
 	// List again — should be empty
-	req = testAuthRequest("GET", "/api/attendees", nil, token)
+	req = testAuthRequest("GET", "/api/participants", nil, token)
 	w = httptest.NewRecorder()
 	mux.ServeHTTP(w, req)
 	list = parseJSON(t, w)
-	if a2, ok := list["attendees"].([]any); ok && len(a2) != 0 {
-		t.Errorf("after delete: got %d, want 0", len(a2))
+	if ps, ok := list["participants"].([]any); ok && len(ps) != 0 {
+		t.Errorf("after delete: got %d, want 0", len(ps))
 	}
 }
 
-func TestCheckInAttendeeHandler(t *testing.T) {
+func TestCheckInTicketHandler(t *testing.T) {
 	app := testApp(t)
 	admin := testAdminUser(t, app)
 	token := testToken(t, app, admin)
 	mux := testMux(app)
 
-	app.createAttendee(Attendee{Name: "Oberon"})
-	app.db.Exec(`UPDATE attendees SET party_size = 3 WHERE id = 1`)
+	p, _ := app.createParticipant(Participant{PreferredName: "Oberon", Email: "oberon@example.com"})
+	tk, _ := app.createTicket(Ticket{ParticipantID: &p.ID, Name: "Oberon", Source: "manual"})
 
-	// Check in 1
-	req := testAuthRequest("POST", "/api/attendees/1/checkin", map[string]int{"count": 1}, token)
+	req := testAuthRequest("POST", "/api/tickets/"+itoa(tk.ID)+"/checkin", nil, token)
 	w := httptest.NewRecorder()
 	mux.ServeHTTP(w, req)
 	if w.Code != http.StatusOK {
 		t.Fatalf("checkin: status = %d\nbody: %s", w.Code, w.Body.String())
 	}
 	result := parseJSON(t, w)
-	attendee := result["attendee"].(map[string]any)
-	if attendee["checked_in_count"] != float64(1) {
-		t.Errorf("checked_in_count = %v, want 1", attendee["checked_in_count"])
+	ticket := result["ticket"].(map[string]any)
+	if ticket["checked_in_at"] == nil {
+		t.Error("checked_in_at should be set after check-in")
 	}
 }
 
-func TestGateRoleCanCheckIn(t *testing.T) {
+func TestGatekeeperRoleCanCheckIn(t *testing.T) {
 	app := testApp(t)
 	gate := testUserWithRole(t, app, "gateuser", "gatekeeper", []int{})
 	token := testToken(t, app, gate)
 	mux := testMux(app)
 
-	app.createAttendee(Attendee{Name: "Puck"})
+	p, _ := app.createParticipant(Participant{PreferredName: "Puck", Email: "puck@example.com"})
+	tk, _ := app.createTicket(Ticket{ParticipantID: &p.ID, Name: "Puck", Source: "manual"})
 
-	req := testAuthRequest("POST", "/api/attendees/1/checkin", nil, token)
+	req := testAuthRequest("POST", "/api/tickets/"+itoa(tk.ID)+"/checkin", nil, token)
 	w := httptest.NewRecorder()
 	mux.ServeHTTP(w, req)
 	if w.Code != http.StatusOK {
-		t.Errorf("gate checkin: status = %d", w.Code)
+		t.Errorf("gatekeeper checkin: status = %d", w.Code)
 	}
 }
 
-func TestGateRoleCannotDelete(t *testing.T) {
+func TestGatekeeperRoleCannotDelete(t *testing.T) {
 	app := testApp(t)
 	gate := testUserWithRole(t, app, "gateuser", "gatekeeper", []int{})
 	token := testToken(t, app, gate)
 	mux := testMux(app)
 
-	app.createAttendee(Attendee{Name: "Puck"})
+	p, _ := app.createParticipant(Participant{PreferredName: "Puck", Email: "puck@example.com"})
 
-	req := testAuthRequest("DELETE", "/api/attendees/1", nil, token)
+	req := testAuthRequest("DELETE", "/api/participants/"+itoa(p.ID), nil, token)
 	w := httptest.NewRecorder()
 	mux.ServeHTTP(w, req)
 	if w.Code != http.StatusForbidden {
-		t.Errorf("gate delete: status = %d, want 403", w.Code)
+		t.Errorf("gatekeeper delete: status = %d, want 403", w.Code)
 	}
 }
diff --git a/handle_settings.go b/handle_settings.go
index f812134..d4ed01c 100644
--- a/handle_settings.go
+++ b/handle_settings.go
@@ -79,17 +79,6 @@ func (app *App) handleUpdateSettings(w http.ResponseWriter, r *http.Request) {
 	app.handleGetSettings(w, r)
 }
 
-func (app *App) handleResetAttendees(w http.ResponseWriter, r *http.Request) {
-	ts := now()
-	result, err := app.db.Exec(`UPDATE attendees SET deleted_at=?, updated_at=? WHERE deleted_at IS NULL`, ts, ts)
-	if err != nil {
-		writeError(w, err.Error(), http.StatusInternalServerError)
-		return
-	}
-	n, _ := result.RowsAffected()
-	writeJSON(w, map[string]any{"deleted": n})
-}
-
 func (app *App) handleResetTickets(w http.ResponseWriter, r *http.Request) {
 	ts := now()
 	result, err := app.db.Exec(`UPDATE tickets SET deleted_at=?, updated_at=? WHERE deleted_at IS NULL`, ts, ts)
diff --git a/handle_settings_test.go b/handle_settings_test.go
index c588c88..cbc53fb 100644
--- a/handle_settings_test.go
+++ b/handle_settings_test.go
@@ -55,17 +55,19 @@ func TestUpdateSettings(t *testing.T) {
 	}
 }
 
-func TestResetAttendees(t *testing.T) {
+func TestResetTickets(t *testing.T) {
 	app := testApp(t)
 	admin := testAdminUser(t, app)
 	token := testToken(t, app, admin)
 	mux := testMux(app)
 
-	app.createAttendee(Attendee{Name: "Titania", Email: "titania@example.com"})
-	app.createAttendee(Attendee{Name: "Oberon", Email: "oberon@example.com"})
+	p1, _ := app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@example.com"})
+	p2, _ := app.createParticipant(Participant{PreferredName: "Oberon", Email: "oberon@example.com"})
+	app.createTicket(Ticket{ParticipantID: &p1.ID, Name: "Titania", Source: "manual"})
+	app.createTicket(Ticket{ParticipantID: &p2.ID, Name: "Oberon", Source: "manual"})
 
 	w := httptest.NewRecorder()
-	mux.ServeHTTP(w, testAuthRequest("POST", "/api/settings/reset-attendees", nil, token))
+	mux.ServeHTTP(w, testAuthRequest("POST", "/api/settings/reset-tickets", nil, token))
 
 	if w.Code != 200 {
 		t.Fatalf("status = %d: %s", w.Code, w.Body.String())
@@ -75,20 +77,20 @@ func TestResetAttendees(t *testing.T) {
 		t.Fatalf("deleted = %v, want 2", result["deleted"])
 	}
 
-	attendees, _ := app.listAttendees("", "", "")
-	if len(attendees) != 0 {
-		t.Fatalf("attendees remaining = %d, want 0", len(attendees))
+	tickets, _ := app.listTickets(nil, "")
+	if len(tickets) != 0 {
+		t.Fatalf("tickets remaining = %d, want 0", len(tickets))
 	}
 }
 
-func TestResetAttendeesRequiresAdmin(t *testing.T) {
+func TestResetTicketsRequiresAdmin(t *testing.T) {
 	app := testApp(t)
 	gate := testUserWithRole(t, app, "gate1", "gatekeeper", []int{})
 	token := testToken(t, app, gate)
 	mux := testMux(app)
 
 	w := httptest.NewRecorder()
-	mux.ServeHTTP(w, testAuthRequest("POST", "/api/settings/reset-attendees", nil, token))
+	mux.ServeHTTP(w, testAuthRequest("POST", "/api/settings/reset-tickets", nil, token))
 
 	if w.Code != 403 {
 		t.Fatalf("status = %d, want 403", w.Code)
diff --git a/handle_sync.go b/handle_sync.go
index a11d414..f2171ce 100644
--- a/handle_sync.go
+++ b/handle_sync.go
@@ -12,7 +12,6 @@ func (app *App) handleSyncPull(w http.ResponseWriter, r *http.Request) {
 	since := r.URL.Query().Get("since")
 
 	event, _ := app.getEvent()
-	attendees, _ := app.attendeesSince(since)
 	participants, _ := app.listParticipants("", since)
 	tickets, _ := app.listTickets(nil, since)
 	departments, _ := app.listDepartments(since)
@@ -20,9 +19,6 @@ func (app *App) handleSyncPull(w http.ResponseWriter, r *http.Request) {
 	shifts, _ := app.listShifts(nil, "", since)
 	volunteerShifts, _ := app.listVolunteerShifts(since)
 
-	if attendees == nil {
-		attendees = []Attendee{}
-	}
 	if participants == nil {
 		participants = []Participant{}
 	}
@@ -45,7 +41,6 @@ func (app *App) handleSyncPull(w http.ResponseWriter, r *http.Request) {
 	writeJSON(w, map[string]any{
 		"server_time":      time.Now().UTC().Format("2006-01-02T15:04:05Z"),
 		"event":            event,
-		"attendees":        attendees,
 		"participants":     participants,
 		"tickets":          tickets,
 		"departments":      departments,
diff --git a/handle_sync_test.go b/handle_sync_test.go
index c5d759a..e4aa2af 100644
--- a/handle_sync_test.go
+++ b/handle_sync_test.go
@@ -13,7 +13,7 @@ func TestSyncPullFull(t *testing.T) {
 	token := testToken(t, app, admin)
 	mux := testMux(app)
 
-	app.createAttendee(Attendee{Name: "Titania"})
+	app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@example.com"})
 	dept, _ := app.createDepartment(Department{Name: "Gate"})
 	deptID := dept.ID
 	app.createVolunteer(Volunteer{Name: "Titania", DepartmentID: &deptID})
@@ -31,9 +31,9 @@ func TestSyncPullFull(t *testing.T) {
 	if result["server_time"] == nil {
 		t.Error("missing server_time")
 	}
-	attendees := result["attendees"].([]any)
-	if len(attendees) != 1 {
-		t.Errorf("attendees = %d, want 1", len(attendees))
+	participants := result["participants"].([]any)
+	if len(participants) != 1 {
+		t.Errorf("participants = %d, want 1", len(participants))
 	}
 	depts := result["departments"].([]any)
 	if len(depts) != 1 {
@@ -47,29 +47,29 @@ func TestSyncPullIncremental(t *testing.T) {
 	token := testToken(t, app, admin)
 	mux := testMux(app)
 
-	app.createAttendee(Attendee{Name: "Titania"})
+	p1, _ := app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@example.com"})
 	// Backdate Titania so she falls before the "since" cutoff
-	app.db.Exec(`UPDATE attendees SET updated_at = '2026-01-01T00:00:00Z' WHERE name = 'Titania'`)
+	app.db.Exec(`UPDATE participants SET updated_at = '2026-01-01T00:00:00Z' WHERE id = ?`, p1.ID)
 
 	since := "2026-01-01T12:00:00Z"
 
 	// Oberon created with default updated_at (now), which is after our since
-	app.createAttendee(Attendee{Name: "Oberon"})
+	app.createParticipant(Participant{PreferredName: "Oberon", Email: "oberon@example.com"})
 
 	req := testAuthRequest("GET", "/api/sync/pull?since="+since, nil, token)
 	w := httptest.NewRecorder()
 	mux.ServeHTTP(w, req)
 
 	result := parseJSON(t, w)
-	attendees := result["attendees"].([]any)
+	participants := result["participants"].([]any)
 	// Should only include Oberon (created after `since`)
-	if len(attendees) != 1 {
-		t.Errorf("incremental: got %d attendees, want 1", len(attendees))
+	if len(participants) != 1 {
+		t.Errorf("incremental: got %d participants, want 1", len(participants))
 	}
-	if len(attendees) == 1 {
-		a := attendees[0].(map[string]any)
-		if a["name"] != "Oberon" {
-			t.Errorf("name = %v, want Oberon", a["name"])
+	if len(participants) == 1 {
+		p := participants[0].(map[string]any)
+		if p["preferred_name"] != "Oberon" {
+			t.Errorf("preferred_name = %v, want Oberon", p["preferred_name"])
 		}
 	}
 }
@@ -80,31 +80,31 @@ func TestSyncPullIncludesSoftDeleted(t *testing.T) {
 	token := testToken(t, app, admin)
 	mux := testMux(app)
 
-	a, _ := app.createAttendee(Attendee{Name: "Titania"})
+	p, _ := app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@example.com"})
 	// Backdate Titania's creation so the since cutoff is between creation and deletion
-	app.db.Exec(`UPDATE attendees SET updated_at = '2026-01-01T00:00:00Z' WHERE id = ?`, a.ID)
+	app.db.Exec(`UPDATE participants SET updated_at = '2026-01-01T00:00:00Z' WHERE id = ?`, p.ID)
 
 	since := "2026-01-01T12:00:00Z"
 
 	// Delete updates updated_at to now(), which is after our since
-	app.deleteAttendee(a.ID)
+	app.deleteParticipant(p.ID)
 
 	req := testAuthRequest("GET", "/api/sync/pull?since="+since, nil, token)
 	w := httptest.NewRecorder()
 	mux.ServeHTTP(w, req)
 
 	var result struct {
-		Attendees []struct {
+		Participants []struct {
 			ID        int     `json:"id"`
 			DeletedAt *string `json:"deleted_at"`
-		} `json:"attendees"`
+		} `json:"participants"`
 	}
 	json.Unmarshal(w.Body.Bytes(), &result)
 
-	if len(result.Attendees) != 1 {
-		t.Fatalf("got %d attendees, want 1", len(result.Attendees))
+	if len(result.Participants) != 1 {
+		t.Fatalf("got %d participants, want 1", len(result.Participants))
 	}
-	if result.Attendees[0].DeletedAt == nil {
+	if result.Participants[0].DeletedAt == nil {
 		t.Error("deleted_at should be set for soft-deleted record")
 	}
 }
diff --git a/main.go b/main.go
index ee2db53..2eedcd0 100644
--- a/main.go
+++ b/main.go
@@ -99,18 +99,6 @@ func (app *App) registerRoutes(mux *http.ServeMux) {
 	mux.HandleFunc("GET /api/event", auth(app.handleGetEvent))
 	mux.HandleFunc("PUT /api/event", auth(app.handleUpdateEvent, "admin", "ticketing"))
 
-	mux.HandleFunc("GET /api/attendees", auth(app.handleListAttendees, "admin", "ticketing", "gatekeeper"))
-	mux.HandleFunc("POST /api/attendees", auth(app.handleCreateAttendee, "admin", "ticketing"))
-	mux.HandleFunc("GET /api/attendees/export", auth(app.handleExportAttendees, "admin", "ticketing"))
-	mux.HandleFunc("POST /api/attendees/generate-tokens", auth(app.handleGenerateTokens, "admin", "ticketing"))
-	mux.HandleFunc("GET /api/attendees/export-tokens", auth(app.handleExportTokenLinks, "admin", "ticketing"))
-	mux.HandleFunc("POST /api/attendees/email-tokens", auth(app.handleEmailAllTokens, "admin", "ticketing"))
-	mux.HandleFunc("GET /api/attendees/{id}", auth(app.handleGetAttendee, "admin", "ticketing", "gatekeeper"))
-	mux.HandleFunc("PUT /api/attendees/{id}", auth(app.handleUpdateAttendee, "admin", "ticketing"))
-	mux.HandleFunc("DELETE /api/attendees/{id}", auth(app.handleDeleteAttendee, "admin", "ticketing"))
-	mux.HandleFunc("POST /api/attendees/{id}/checkin", auth(app.handleCheckInAttendee, "admin", "ticketing", "gatekeeper"))
-	mux.HandleFunc("POST /api/attendees/{id}/email-token", auth(app.handleEmailToken, "admin", "ticketing"))
-
 	mux.HandleFunc("GET /api/participants", auth(app.handleListParticipants, "admin", "ticketing", "gatekeeper"))
 	mux.HandleFunc("POST /api/participants", auth(app.handleCreateParticipant, "admin", "ticketing"))
 	mux.HandleFunc("GET /api/participants/export", auth(app.handleExportParticipants, "admin", "ticketing"))
@@ -157,7 +145,6 @@ func (app *App) registerRoutes(mux *http.ServeMux) {
 	mux.HandleFunc("GET /api/settings", auth(app.handleGetSettings, "admin", "ticketing"))
 	mux.HandleFunc("PUT /api/settings", auth(app.handleUpdateSettings, "admin", "ticketing"))
 	mux.HandleFunc("POST /api/settings/test-email", auth(app.handleTestEmail, "admin", "ticketing"))
-	mux.HandleFunc("POST /api/settings/reset-attendees", auth(app.handleResetAttendees, "admin", "ticketing"))
 	mux.HandleFunc("POST /api/settings/reset-tickets", auth(app.handleResetTickets, "admin", "ticketing"))
 	mux.HandleFunc("POST /api/settings/reset-volunteers", auth(app.handleResetVolunteers, "admin", "ticketing"))
 	mux.HandleFunc("POST /api/settings/reset-shifts", auth(app.handleResetShifts, "admin", "ticketing"))

From e7b25ea0c6044103b4f0b0c178f3cd7a996e4832 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Wed, 4 Mar 2026 20:52:12 -0600
Subject: [PATCH 11/47] Updated Dashboard and clarified default states.

---
 frontend/src/pages/Dashboard.svelte     | 177 ++++++++++++++++++++----
 frontend/src/pages/Departments.svelte   |   2 +-
 frontend/src/pages/ScheduleBoard.svelte |   4 +-
 frontend/src/pages/Users.svelte         |  14 +-
 frontend/src/pages/Volunteers.svelte    |  10 +-
 5 files changed, 172 insertions(+), 35 deletions(-)

diff --git a/frontend/src/pages/Dashboard.svelte b/frontend/src/pages/Dashboard.svelte
index c1ae495..9a69d10 100644
--- a/frontend/src/pages/Dashboard.svelte
+++ b/frontend/src/pages/Dashboard.svelte
@@ -4,13 +4,54 @@
 
   let { session } = $props()
 
-  const attendees = liveQuery(() => db.attendees.toArray())
-  const event = liveQuery(() => db.event.get(1))
+  const role = $derived(session?.user?.role ?? '')
+  const myDeptIDs = $derived(session?.user?.department_ids ?? [])
+  const isTicketing = $derived(['admin', 'ticketing'].includes(role))
+  const isStaffing = $derived(['admin', 'ticketing', 'staffing'].includes(role))
+  const isColead = $derived(role === 'colead')
 
-  const total = $derived(($attendees ?? []).length)
-  const checkedIn = $derived(($attendees ?? []).filter(a => a.checked_in).length)
-  const remaining = $derived(total - checkedIn)
-  const pct = $derived(total > 0 ? Math.round((checkedIn / total) * 100) : 0)
+  const event = liveQuery(() => db.event.get(1))
+  const allTickets = liveQuery(() => db.tickets.toArray())
+  const allVolunteers = liveQuery(() => db.volunteers.filter(v => !v.deleted_at).toArray())
+  const allShifts = liveQuery(() => db.shifts.filter(s => !s.deleted_at).toArray())
+  const allDepts = liveQuery(() => db.departments.filter(d => !d.deleted_at).toArray())
+  const allVS = liveQuery(() => db.volunteer_shifts.toArray())
+
+  // Ticket stats
+  const tickets = $derived($allTickets ?? [])
+  const ticketTotal = $derived(tickets.length)
+  const ticketCheckedIn = $derived(tickets.filter(t => t.checked_in_at).length)
+  const ticketRemaining = $derived(ticketTotal - ticketCheckedIn)
+  const ticketPct = $derived(ticketTotal > 0 ? Math.round((ticketCheckedIn / ticketTotal) * 100) : 0)
+
+  // Volunteer stats (scoped for colead)
+  const volunteers = $derived.by(() => {
+    const vols = $allVolunteers ?? []
+    if (isColead) return vols.filter(v => myDeptIDs.includes(v.department_id))
+    return vols
+  })
+  const volTotal = $derived(volunteers.length)
+  const volCheckedIn = $derived(volunteers.filter(v => v.checked_in).length)
+  const volLeads = $derived(volunteers.filter(v => v.is_lead).length)
+
+  // Shift stats (scoped for colead)
+  const shifts = $derived.by(() => {
+    const all = $allShifts ?? []
+    if (isColead) return all.filter(s => myDeptIDs.includes(s.department_id))
+    return all
+  })
+  const shiftTotal = $derived(shifts.length)
+  const shiftsFilled = $derived.by(() => {
+    const vs = $allVS ?? []
+    return shifts.filter(s => vs.some(a => a.shift_id === s.id)).length
+  })
+  const shiftFillPct = $derived(shiftTotal > 0 ? Math.round((shiftsFilled / shiftTotal) * 100) : 0)
+
+  // Department names for colead header
+  const myDeptNames = $derived.by(() => {
+    const depts = $allDepts ?? []
+    return myDeptIDs.map(id => depts.find(d => d.id === id)?.name).filter(Boolean)
+  })
 </script>
 
 <div class="page">
@@ -28,35 +69,113 @@
     </p>
   {/if}
 
-  <div class="stats">
-    <div class="stat">
-      <div class="stat-label">Total</div>
-      <div class="stat-value">{total}</div>
-    </div>
-    <div class="stat">
-      <div class="stat-label">Checked in</div>
-      <div class="stat-value" style="color:var(--c-success)">{checkedIn}</div>
-    </div>
-    <div class="stat">
-      <div class="stat-label">Remaining</div>
-      <div class="stat-value">{remaining}</div>
-    </div>
-    <div class="stat">
-      <div class="stat-label">Progress</div>
-      <div class="stat-value">{pct}%</div>
-    </div>
-  </div>
+  {#if isColead && myDeptNames.length > 0}
+    <p style="margin-bottom:1.5rem;font-size:0.9rem">
+      Your department{myDeptNames.length > 1 ? 's' : ''}:
+      <strong>{myDeptNames.join(', ')}</strong>
+    </p>
+  {/if}
 
-  {#if total > 0}
-    <div class="card" style="margin-bottom:1rem">
-      <div style="height:8px;background:var(--c-border);border-radius:99px;overflow:hidden">
-        <div style="height:100%;width:{pct}%;background:var(--c-success);border-radius:99px;transition:width 0.4s ease"></div>
+  <!-- Ticket check-in (admin/ticketing) -->
+  {#if isTicketing}
+    <h2 class="dash-section">Ticket Check-in</h2>
+    <div class="stats">
+      <div class="stat">
+        <div class="stat-label">Total tickets</div>
+        <div class="stat-value">{ticketTotal}</div>
+      </div>
+      <div class="stat">
+        <div class="stat-label">Checked in</div>
+        <div class="stat-value" style="color:var(--c-success)">{ticketCheckedIn}</div>
+      </div>
+      <div class="stat">
+        <div class="stat-label">Remaining</div>
+        <div class="stat-value">{ticketRemaining}</div>
+      </div>
+      <div class="stat">
+        <div class="stat-label">Progress</div>
+        <div class="stat-value">{ticketPct}%</div>
+      </div>
+    </div>
+
+    {#if ticketTotal > 0}
+      <div style="height:8px;background:var(--c-border);border-radius:99px;overflow:hidden;margin-bottom:2rem">
+        <div style="height:100%;width:{ticketPct}%;background:var(--c-success);border-radius:99px;transition:width 0.4s ease"></div>
+      </div>
+    {/if}
+  {/if}
+
+  <!-- Volunteer stats (admin/ticketing/staffing/colead) -->
+  {#if isStaffing || isColead}
+    <h2 class="dash-section">{isColead ? 'My Volunteers' : 'Volunteers'}</h2>
+    <div class="stats">
+      <div class="stat">
+        <div class="stat-label">Total</div>
+        <div class="stat-value">{volTotal}</div>
+      </div>
+      <div class="stat">
+        <div class="stat-label">Checked in</div>
+        <div class="stat-value" style="color:var(--c-success)">{volCheckedIn}</div>
+      </div>
+      <div class="stat">
+        <div class="stat-label">Leads</div>
+        <div class="stat-value">{volLeads}</div>
       </div>
     </div>
   {/if}
 
-  <p class="text-muted" style="font-size:0.85rem">
+  <!-- Shift coverage (admin/ticketing/staffing/colead) -->
+  {#if isStaffing || isColead}
+    <h2 class="dash-section">{isColead ? 'My Shifts' : 'Shift Coverage'}</h2>
+    <div class="stats">
+      <div class="stat">
+        <div class="stat-label">Total shifts</div>
+        <div class="stat-value">{shiftTotal}</div>
+      </div>
+      <div class="stat">
+        <div class="stat-label">With volunteers</div>
+        <div class="stat-value">{shiftsFilled}</div>
+      </div>
+      <div class="stat">
+        <div class="stat-label">Fill rate</div>
+        <div class="stat-value">{shiftFillPct}%</div>
+      </div>
+    </div>
+  {/if}
+
+  <!-- Quick actions -->
+  {#if isTicketing}
+    <div class="dash-actions">
+      <a href="/import" class="btn btn-ghost btn-sm">Import CSV</a>
+      <a href="/participants" class="btn btn-ghost btn-sm">Manage Participants</a>
+      <a href="/settings" class="btn btn-ghost btn-sm">Settings</a>
+    </div>
+  {:else if isStaffing || isColead}
+    <div class="dash-actions">
+      <a href="/schedule" class="btn btn-ghost btn-sm">View Schedule</a>
+      <a href="/volunteers" class="btn btn-ghost btn-sm">Manage Volunteers</a>
+    </div>
+  {/if}
+
+  <p class="text-muted" style="font-size:0.85rem;margin-top:2rem">
     Welcome, <strong style="color:var(--c-text)">{session?.user?.username}</strong>
     · <span class="badge badge-role">{session?.user?.role}</span>
   </p>
 </div>
+
+<style>
+  .dash-section {
+    font-size: 0.82rem;
+    font-weight: 600;
+    text-transform: uppercase;
+    letter-spacing: 0.06em;
+    color: var(--c-muted);
+    margin-bottom: 0.75rem;
+  }
+  .dash-actions {
+    display: flex;
+    gap: 0.5rem;
+    flex-wrap: wrap;
+    margin-top: 0.5rem;
+  }
+</style>
diff --git a/frontend/src/pages/Departments.svelte b/frontend/src/pages/Departments.svelte
index b50fde4..b7fd627 100644
--- a/frontend/src/pages/Departments.svelte
+++ b/frontend/src/pages/Departments.svelte
@@ -127,7 +127,7 @@
   {#if ($allDepts ?? []).length === 0}
     <div class="empty">
       <strong>No departments yet</strong>
-      <p>Add departments to organize your volunteer teams.</p>
+      <p>Create departments to organize shifts and volunteer teams. Coleads are assigned to specific departments.</p>
     </div>
   {:else}
     <div class="table-wrap">
diff --git a/frontend/src/pages/ScheduleBoard.svelte b/frontend/src/pages/ScheduleBoard.svelte
index 5d9d265..2d0b555 100644
--- a/frontend/src/pages/ScheduleBoard.svelte
+++ b/frontend/src/pages/ScheduleBoard.svelte
@@ -315,8 +315,8 @@
 
   {#if ($allShifts ?? []).length === 0 && !showAdd}
     <div class="empty">
-      <strong>No shifts yet</strong>
-      <p>Add shifts to schedule your volunteers.</p>
+      <strong>No shifts scheduled yet</strong>
+      <p>Create departments first, then add shifts here. Volunteers can self-select shifts via the kiosk.</p>
     </div>
   {:else}
     {#each board as { dept, days }}
diff --git a/frontend/src/pages/Users.svelte b/frontend/src/pages/Users.svelte
index 237617b..c683fb9 100644
--- a/frontend/src/pages/Users.svelte
+++ b/frontend/src/pages/Users.svelte
@@ -117,7 +117,7 @@
   }
 
   function roleLabel(r) {
-    return { admin: 'Admin', coordinator: 'Coordinator', ticketing: 'Ticketing', gate: 'Gate', volunteer_lead: 'Vol. Lead' }[r] || r
+    return { admin: 'Admin', ticketing: 'Ticketing', staffing: 'Staffing', colead: 'Colead', gatekeeper: 'Gatekeeper' }[r] || r
   }
 </script>
 
@@ -129,6 +129,15 @@
     </div>
   </div>
 
+  <p class="text-muted" style="font-size:0.82rem;margin-bottom:1.5rem;line-height:1.6">
+    <strong style="color:var(--c-text)">Roles:</strong>
+    admin — full access ·
+    ticketing — participants, tickets, import ·
+    staffing — volunteers, shifts, departments ·
+    colead — manage assigned departments only ·
+    gatekeeper — check-in only
+  </p>
+
   {#if loadError}
     <div class="alert alert-error">{loadError}</div>
   {/if}
@@ -187,7 +196,8 @@
     <div class="text-muted" style="padding:2rem 0">Loading…</div>
   {:else if users.length === 0}
     <div class="empty">
-      <strong>No users yet</strong>
+      <strong>No additional users</strong>
+      <p>The admin account was created at setup. Add users above to delegate access.</p>
     </div>
   {:else}
     <div class="table-wrap">
diff --git a/frontend/src/pages/Volunteers.svelte b/frontend/src/pages/Volunteers.svelte
index 39bc98b..e5df71a 100644
--- a/frontend/src/pages/Volunteers.svelte
+++ b/frontend/src/pages/Volunteers.svelte
@@ -20,6 +20,14 @@
 
   const role = $derived(session?.user?.role ?? '')
   const canManage = $derived(['admin', 'ticketing', 'staffing', 'colead'].includes(role))
+  const myDeptIDs = $derived(session?.user?.department_ids ?? [])
+
+  // Auto-filter coleads to their department on mount
+  $effect(() => {
+    if (role === 'colead' && myDeptIDs.length > 0 && !filterDept) {
+      filterDept = String(myDeptIDs[0])
+    }
+  })
 
   const allVolunteers = liveQuery(() =>
     db.volunteers.filter(v => !v.deleted_at).toArray()
@@ -177,7 +185,7 @@
   {#if ($allVolunteers ?? []).length === 0}
     <div class="empty">
       <strong>No volunteers yet</strong>
-      <p>Add volunteers manually.</p>
+      <p>Add volunteers manually above, or enable public signup in Settings.</p>
     </div>
   {:else}
     <div class="table-wrap">

From ecfbfcd53ec0d96c0c077d0409e6b25ea27c9cb6 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Wed, 4 Mar 2026 21:06:00 -0600
Subject: [PATCH 12/47] Used preferred name in volunteer signup.

---
 handle_signup.go      |  16 ++++---
 handle_signup_test.go | 102 ++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 113 insertions(+), 5 deletions(-)

diff --git a/handle_signup.go b/handle_signup.go
index 31c796b..2373e9c 100644
--- a/handle_signup.go
+++ b/handle_signup.go
@@ -69,11 +69,7 @@ func (app *App) handlePublicSignup(w http.ResponseWriter, r *http.Request) {
 	}
 
 	// Find or create participant by email.
-	name := body.PreferredName
-	if body.TicketName != "" {
-		name = body.TicketName
-	}
-	participant, _, err := app.upsertParticipant(body.Email, name)
+	participant, _, err := app.upsertParticipant(body.Email, body.PreferredName)
 	if err != nil {
 		writeError(w, "internal error", http.StatusInternalServerError)
 		return
@@ -166,8 +162,13 @@ func (app *App) handleConfirmEmail(w http.ResponseWriter, r *http.Request) {
 			if len(tickets) > 0 {
 				ticketID = tickets[0].ID
 			} else {
+				tkName := vol.TicketName
+				if tkName == "" {
+					tkName = vol.PreferredName
+				}
 				stub, err := app.createTicket(Ticket{
 					ParticipantID: vol.ParticipantID,
+					Name:          tkName,
 					Source:        "manual",
 				})
 				if err == nil {
@@ -228,8 +229,13 @@ func (app *App) openShiftSignups() {
 		if len(tickets) > 0 {
 			ticketID = tickets[0].ID
 		} else {
+			tkName := v.TicketName
+			if tkName == "" {
+				tkName = v.PreferredName
+			}
 			stub, err := app.createTicket(Ticket{
 				ParticipantID: v.ParticipantID,
+				Name:          tkName,
 				Source:        "manual",
 			})
 			if err != nil {
diff --git a/handle_signup_test.go b/handle_signup_test.go
index a9bdab0..86bcfe5 100644
--- a/handle_signup_test.go
+++ b/handle_signup_test.go
@@ -315,6 +315,108 @@ func TestConfirmEmailWithSignupsOpen(t *testing.T) {
 	}
 }
 
+func TestPublicSignupTicketNameDoesNotOverwritePreferredName(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testRequest("POST", "/api/public/signup", map[string]any{
+		"preferred_name": "Titania",
+		"ticket_name":    "Titania Fairweather",
+		"email":          "titania@example.com",
+	}))
+	if w.Code != 200 {
+		t.Fatalf("expected 200, got %d: %s", w.Code, w.Body.String())
+	}
+
+	vol, _ := app.getVolunteerByEmail("titania@example.com")
+	if vol == nil || vol.ParticipantID == nil {
+		t.Fatal("volunteer/participant not created")
+	}
+	p, _ := app.getParticipant(*vol.ParticipantID)
+	if p == nil {
+		t.Fatal("participant not found")
+	}
+	if p.PreferredName != "Titania" {
+		t.Errorf("participant preferred_name = %q, want %q (not ticket_name)", p.PreferredName, "Titania")
+	}
+	if vol.TicketName != "Titania Fairweather" {
+		t.Errorf("vol.TicketName = %q, want %q", vol.TicketName, "Titania Fairweather")
+	}
+}
+
+func TestConfirmEmailStubTicketHasName(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+
+	app.db.Exec(`INSERT OR REPLACE INTO config (key, value) VALUES ('shift_signups_open', 'true')`)
+	app.baseURL = "https://example.com"
+
+	// Volunteer with a ticket_name but no pre-existing ticket
+	participant, _ := app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@example.com"})
+	token := "abc123def456"
+	app.createVolunteer(Volunteer{
+		Name:              "Titania",
+		PreferredName:     "Titania",
+		TicketName:        "Titania Fairweather",
+		Email:             "titania@example.com",
+		ParticipantID:     &participant.ID,
+		ConfirmationToken: &token,
+	})
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testRequest("POST", "/api/public/confirm", map[string]any{"token": token}))
+	if w.Code != 200 {
+		t.Fatalf("expected 200, got %d", w.Code)
+	}
+	result := parseJSON(t, w)
+	if result["status"] != "confirmed" {
+		t.Fatalf("expected confirmed, got %v", result["status"])
+	}
+
+	// Stub ticket should have been created with TicketName as its name
+	tickets, _ := app.listTickets(&participant.ID, "")
+	if len(tickets) == 0 {
+		t.Fatal("expected stub ticket to be created")
+	}
+	if tickets[0].Name != "Titania Fairweather" {
+		t.Errorf("stub ticket name = %q, want %q", tickets[0].Name, "Titania Fairweather")
+	}
+}
+
+func TestConfirmEmailStubTicketFallsBackToPreferredName(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+
+	app.db.Exec(`INSERT OR REPLACE INTO config (key, value) VALUES ('shift_signups_open', 'true')`)
+	app.baseURL = "https://example.com"
+
+	// Volunteer with no ticket_name — stub should use preferred_name
+	participant, _ := app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@example.com"})
+	token := "abc123def456"
+	app.createVolunteer(Volunteer{
+		Name:              "Titania",
+		PreferredName:     "Titania",
+		Email:             "titania@example.com",
+		ParticipantID:     &participant.ID,
+		ConfirmationToken: &token,
+	})
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testRequest("POST", "/api/public/confirm", map[string]any{"token": token}))
+	if w.Code != 200 {
+		t.Fatalf("expected 200, got %d", w.Code)
+	}
+
+	tickets, _ := app.listTickets(&participant.ID, "")
+	if len(tickets) == 0 {
+		t.Fatal("expected stub ticket to be created")
+	}
+	if tickets[0].Name != "Titania" {
+		t.Errorf("stub ticket name = %q, want %q (preferred_name fallback)", tickets[0].Name, "Titania")
+	}
+}
+
 func TestToggleShiftSignups(t *testing.T) {
 	app := testApp(t)
 	mux := testMux(app)

From 940cf29d04ee67b53c663026b467bb33a982a3c8 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Wed, 4 Mar 2026 22:25:31 -0600
Subject: [PATCH 13/47] Added ability to set colead.

---
 frontend/src/pages/Volunteers.svelte | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/frontend/src/pages/Volunteers.svelte b/frontend/src/pages/Volunteers.svelte
index e5df71a..1bf13c4 100644
--- a/frontend/src/pages/Volunteers.svelte
+++ b/frontend/src/pages/Volunteers.svelte
@@ -87,6 +87,15 @@
     }
   }
 
+  async function toggleLead(v) {
+    try {
+      const updated = await api.volunteers.update(v.id, { ...v, is_lead: !v.is_lead })
+      await db.volunteers.put(updated)
+    } catch (err) {
+      error = err.message
+    }
+  }
+
   async function deleteVolunteer(v) {
     if (!confirm(`Delete volunteer "${v.name}"?`)) return
     try {
@@ -243,6 +252,10 @@
               </td>
               {#if canManage}
                 <td>
+                  <button class="btn btn-ghost btn-sm" onclick={() => toggleLead(v)}
+                    title={v.is_lead ? 'Remove lead' : 'Mark as lead'}>
+                    {v.is_lead ? 'Unlead' : 'Lead'}
+                  </button>
                   <button class="btn btn-danger btn-sm" onclick={() => deleteVolunteer(v)}>Delete</button>
                 </td>
               {/if}

From 6eb72c50918cba2616e2d69eefb930da3c2c4abc Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Wed, 4 Mar 2026 22:32:10 -0600
Subject: [PATCH 14/47] Clarified Co-Lead badging.

---
 frontend/src/pages/Kiosk.svelte         |  2 +-
 frontend/src/pages/ScheduleBoard.svelte | 11 +++++++++++
 frontend/src/pages/Volunteers.svelte    |  6 +++---
 3 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/frontend/src/pages/Kiosk.svelte b/frontend/src/pages/Kiosk.svelte
index 983e039..c9eb58a 100644
--- a/frontend/src/pages/Kiosk.svelte
+++ b/frontend/src/pages/Kiosk.svelte
@@ -149,7 +149,7 @@
         <div class="kiosk-vol-name">{state.volunteer.name}</div>
         <div class="kiosk-vol-meta">
           {state.volunteer.email || ''}
-          {state.volunteer.is_lead ? ' · Department Lead' : ''}
+          {state.volunteer.is_lead ? ' · Co-Lead' : ''}
         </div>
         <div class="kiosk-token">Token: <code>{token}</code></div>
       </div>
diff --git a/frontend/src/pages/ScheduleBoard.svelte b/frontend/src/pages/ScheduleBoard.svelte
index 2d0b555..65391e0 100644
--- a/frontend/src/pages/ScheduleBoard.svelte
+++ b/frontend/src/pages/ScheduleBoard.svelte
@@ -397,6 +397,9 @@
                       {#each assigned as { vs, volunteer }}
                         <div class="board-vol-chip">
                           {volunteer.name}
+                          {#if volunteer.is_lead}
+                            <span class="chip-lead">Co-Lead</span>
+                          {/if}
                           {#if checkConflict(volunteer.id, shift.id, $allVolunteerShifts ?? [], $allShifts ?? [])}
                             <span title="Scheduling conflict" style="color:var(--c-warn)">⚠</span>
                           {/if}
@@ -514,6 +517,14 @@
     font-size: 0.78rem;
     font-weight: 500;
   }
+  .chip-lead {
+    font-size: 0.68rem;
+    font-weight: 600;
+    background: rgba(245,158,11,0.2);
+    color: var(--c-warn);
+    padding: 0.05rem 0.3rem;
+    border-radius: 99px;
+  }
   .board-vol-remove {
     background: none;
     border: none;
diff --git a/frontend/src/pages/Volunteers.svelte b/frontend/src/pages/Volunteers.svelte
index 1bf13c4..e028389 100644
--- a/frontend/src/pages/Volunteers.svelte
+++ b/frontend/src/pages/Volunteers.svelte
@@ -216,7 +216,7 @@
               <td>
                 <strong>{v.name}</strong>
                 {#if v.is_lead}
-                  <span class="badge badge-lead" style="margin-left:0.4rem">Lead</span>
+                  <span class="badge badge-lead" style="margin-left:0.4rem">Co-Lead</span>
                 {/if}
                 {#if !v.participant_id}
                   <span class="badge badge-unchecked" style="margin-left:0.4rem" title="Not linked to a participant — no ticket record">No ticket</span>
@@ -253,8 +253,8 @@
               {#if canManage}
                 <td>
                   <button class="btn btn-ghost btn-sm" onclick={() => toggleLead(v)}
-                    title={v.is_lead ? 'Remove lead' : 'Mark as lead'}>
-                    {v.is_lead ? 'Unlead' : 'Lead'}
+                    title={v.is_lead ? 'Remove co-lead' : 'Mark as co-lead'}>
+                    {v.is_lead ? '− Co-Lead' : '+ Co-Lead'}
                   </button>
                   <button class="btn btn-danger btn-sm" onclick={() => deleteVolunteer(v)}>Delete</button>
                 </td>

From a60ef7d25b4397a08dbb1a084a652bfd2e70c4c9 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Wed, 4 Mar 2026 23:02:35 -0600
Subject: [PATCH 15/47] Updated docs.

---
 README.md            | 25 ++++++-------
 docs/INSTALLATION.md | 22 +++++++-----
 docs/USAGE.md        | 86 +++++++++++++++++++++-----------------------
 3 files changed, 66 insertions(+), 67 deletions(-)

diff --git a/README.md b/README.md
index 88b09ef..80a43e5 100644
--- a/README.md
+++ b/README.md
@@ -1,21 +1,21 @@
 # Turnpike
 
-Self-hosted event attendee and volunteer management. One instance, one event.
+Self-hosted event ticketing and volunteer management. One instance, one event.
 
 Turnpike handles gate check-in, volunteer scheduling, and department coordination for events ranging from a single evening to a multi-day festival. It works offline — gate volunteers can check people in without a network connection and sync when connectivity returns.
 
 ## Features
 
-- **Attendee management** — CSV import (CrowdWork/Zeffy auto-detected), party-size tracking, search, check-in
+- **Participant & ticket management** — CSV import (CrowdWork/Zeffy auto-detected), search, check-in
 - **Volunteer scheduling** — departments, shifts with capacity, conflict detection, reordering
-- **Public volunteer signup** — self-registration form with email confirmation, auto-attendee linking
-- **Volunteer kiosk** — token-authenticated self-service shift signup, no login required
-- **Gate check-in** — full-screen UI with QR scanner, party check-in ("2/3 checked in"), volunteer dual check-in
+- **Public volunteer signup** — self-registration form with email confirmation, auto-participant linking
+- **Volunteer kiosk** — code-authenticated self-service shift signup, no login required
+- **Gate check-in** — full-screen UI with QR scanner, volunteer dual check-in
 - **Schedule** — create shifts, assign volunteers, manage assignments with conflict awareness
-- **Role-based access** — admin, coordinator, volunteer lead (department-scoped), gate
+- **Role-based access** — admin, ticketing, staffing, colead (department-scoped), gatekeeper
 - **Offline-first PWA** — installs on phones/tablets, full offline check-in with background sync
 - **Real-time** — check-ins and changes broadcast live via SSE
-- **SMTP email** — send volunteer token links directly or export CSV for bulk email platforms
+- **SMTP email** — volunteer confirmation emails, kiosk link distribution when shift signups open
 - **Single binary** — Go backend embeds the frontend; no runtime dependencies
 
 ## Tech Stack
@@ -60,10 +60,11 @@ See [docs/INSTALLATION.md](docs/INSTALLATION.md) for systemd, Docker, NixOS, and
 
 | Role | Access |
 |------|--------|
-| `admin` | Full access: attendee import, user management, SMTP settings, all departments and shifts |
-| `coordinator` | All departments: volunteers, shifts, schedule. No user management or settings |
-| `volunteer_lead` | Own department only: volunteers and shifts scoped to assigned department |
-| `gate` | Full-screen check-in UI with QR scanner. No access to other pages |
+| `admin` | Full access: participant import, user management, SMTP settings, all departments and shifts |
+| `ticketing` | Participants, tickets, import. No user management |
+| `staffing` | All departments: volunteers, shifts, schedule. No user management or settings |
+| `colead` | Own department only: volunteers and shifts scoped to assigned department(s) |
+| `gatekeeper` | Full-screen check-in UI with QR scanner. No access to other pages |
 
 See [docs/USAGE.md](docs/USAGE.md) for detailed workflow documentation.
 
@@ -91,7 +92,7 @@ The Vite dev server runs on `:5173` and proxies `/api` requests to the Go server
 
 ## Documentation
 
-- [Usage Guide](docs/USAGE.md) — event setup, attendee import, volunteer signup, volunteer kiosk, gate check-in, schedule
+- [Usage Guide](docs/USAGE.md) — event setup, participant import, volunteer signup, volunteer kiosk, gate check-in, schedule
 - [Installation Guide](docs/INSTALLATION.md) — building, deploying, systemd, Docker, NixOS, reverse proxy, backup
 
 ## License
diff --git a/docs/INSTALLATION.md b/docs/INSTALLATION.md
index 1f9a967..9bc0dbc 100644
--- a/docs/INSTALLATION.md
+++ b/docs/INSTALLATION.md
@@ -105,23 +105,27 @@ docker run -p 8180:8180 \
 
 ## NixOS
 
-Turnpike builds with `buildGoModule` using the pure-Go SQLite driver (no CGO):
+Turnpike builds with `buildGoModule` + `buildNpmPackage` (pure-Go SQLite, no CGO). The frontend is built separately and copied into the Go build:
 
 ```nix
+frontendDist = pkgs.buildNpmPackage {
+  pname = "turnpike-frontend";
+  src = "${src}/frontend";
+  npmDepsHash = "sha256-...";
+  buildPhase = "npm run build";
+  installPhase = "cp -r dist $out";
+};
+
 turnpike = pkgs.buildGoModule {
   pname = "turnpike";
-  version = "0.1.0";
-  src = ./path/to/turnpike;  # must include vendor/ and frontend/dist/
-  vendorHash = null;
+  src = fetchgit { url = "..."; rev = "v2.0.0"; hash = "sha256-..."; };
+  vendorHash = "sha256-...";
   env.CGO_ENABLED = 0;
+  preBuild = "cp -r ${frontendDist} frontend/dist";
 };
 ```
 
-The source directory must contain:
-- Go source files and `vendor/` (run `go mod vendor`)
-- Pre-built frontend at `frontend/dist/` (run `cd frontend && npm run build`)
-
-A complete NixOS module example with `DynamicUser`, `StateDirectory`, and agenix secrets is in the project's `homelab/turnpike.nix`.
+A complete NixOS module with `DynamicUser`, `StateDirectory`, and secrets is in the project's `homelab/turnpike.nix`.
 
 ## Reverse Proxy
 
diff --git a/docs/USAGE.md b/docs/USAGE.md
index de4e765..11684d4 100644
--- a/docs/USAGE.md
+++ b/docs/USAGE.md
@@ -12,23 +12,22 @@ After logging in, create accounts for your team under **Users**. Each user gets
 
 | Role | What they see | What they can do |
 |------|--------------|------------------|
-| **admin** | All pages + Settings | Everything: attendee import, user management, SMTP config, departments, shifts, volunteers |
-| **coordinator** | Dashboard, Schedule, Volunteers, Departments | Manage volunteers, departments, and shifts across all departments. Cannot manage users or settings |
-| **volunteer_lead** | Schedule, Volunteers, Departments | Manage volunteers and shifts within their assigned department only |
-| **gate** | Full-screen Gate UI | Check in attendees (search + QR scan). No access to other pages |
+| **admin** | All pages + Settings | Everything: participant import, user management, SMTP config, departments, shifts, volunteers |
+| **ticketing** | Participants, Tickets, Import | Manage participants and tickets, run CSV imports |
+| **staffing** | Dashboard, Schedule, Volunteers, Departments | Manage volunteers, departments, and shifts across all departments. No user management or settings |
+| **colead** | Dashboard, Schedule, Volunteers | Manage volunteers and shifts within their assigned department(s) only |
+| **gatekeeper** | Full-screen Gate UI | Check in ticket holders (search + QR scan). No access to other pages |
 
-Ticketing and ops staff should use the **admin** role. The `ticketing` role exists in the codebase but is effectively unused — admin covers all ticketing functions.
-
-Volunteer leads are scoped to a single department. When creating a volunteer_lead user, assign their department.
+Coleads are scoped to one or more departments. When creating a colead user, assign their department(s).
 
 ## Event Setup
 
-1. **Configure your event** — go to the Dashboard and set the event name and dates.
+1. **Configure your event** — set the event name, venue, dates, and timezone via the API (`PUT /api/event`). These appear on the Dashboard.
 2. **Create departments** — under Departments, add each department your event needs (e.g., Gate, Greeters, Rangers, Build, LNT).
-3. **Import attendees** — see next section.
+3. **Import participants** — see next section.
 4. **Create shifts** — under Schedule, create shifts for each department with day, start/end time, and capacity.
 
-## Importing Attendees
+## Importing Participants
 
 Go to **Import** and upload a CSV file. Turnpike auto-detects two formats:
 
@@ -36,7 +35,7 @@ Go to **Import** and upload a CSV file. Turnpike auto-detects two formats:
 
 | Column | Maps to |
 |--------|---------|
-| `Patron Name` | Name |
+| `Patron Name` | Ticket name |
 | `Patron Email` | Email |
 | `Order Number` | Ticket ID |
 | `Tier Name` | Ticket type |
@@ -45,7 +44,7 @@ Go to **Import** and upload a CSV file. Turnpike auto-detects two formats:
 
 | Column | Maps to |
 |--------|---------|
-| `name` (required) | Name |
+| `name` (required) | Ticket name |
 | `email` | Email |
 | `ticket_id` | Ticket ID |
 | `ticket_type` | Ticket type |
@@ -53,27 +52,21 @@ Go to **Import** and upload a CSV file. Turnpike auto-detects two formats:
 
 Column matching is case-insensitive. Extra columns are ignored. BOM-encoded files (Windows Excel exports) are handled automatically.
 
-### Party-size dedup
+### Participants and tickets
 
-CrowdWork exports one row per ticket, even when the same person bought multiple tickets in one order. Turnpike handles this automatically:
+Each row in the CSV creates one **ticket**. Participants are deduplicated by email — multiple tickets with the same email address are linked to a single participant record. The import result shows `inserted` (new tickets) and `skipped` (exact duplicates).
 
-- First row for "Titania Fairweather" (order 1234) creates a record with `party_size=1`
-- Subsequent rows with the same name + order number increment `party_size` (no duplicate record)
-- Result: one attendee record, `party_size=3` if three tickets were purchased
-
-The import result shows `inserted` (new records), `grouped` (merged into existing party), and `skipped` (exact duplicates).
-
-Re-importing the same CSV is safe — existing records are skipped, not duplicated.
+Re-importing the same CSV is safe — exact duplicates are skipped, not duplicated.
 
 ## Volunteer Signup
 
-Turnpike provides a public signup form for volunteers at `/#/volunteer-signup`. No login is required.
+Turnpike provides a public signup form for volunteers at `/volunteer-signup`. No login is required.
 
 ### Signup flow
 
 1. Volunteer visits the signup form and fills in: preferred name (required), ticket name, email (required), pronouns, phone, department preference, and an optional note.
-2. Turnpike creates a volunteer record and auto-links it to an existing attendee by email match, or creates a new attendee record.
-3. A confirmation email is sent with a unique link (`/#/confirm/{token}`).
+2. Turnpike creates a volunteer record and auto-links it to an existing participant by email match, or creates a new participant record.
+3. A confirmation email is sent with a unique link (`/confirm/{token}`).
 4. The volunteer clicks the link to confirm their email.
 5. If shift signups are already open, the confirmation page includes a link to the kiosk for shift selection.
 
@@ -90,7 +83,7 @@ In **Settings**, the "Volunteer Signup" card controls:
 
 In **Settings**, the "Shift Signups" card has an open/close toggle:
 
-- **Opening** signups generates kiosk tokens for all confirmed volunteers and emails them their shift signup links. A confirmation dialog warns before sending.
+- **Opening** signups generates kiosk codes for all confirmed volunteers and emails them their shift signup links. A confirmation dialog warns before sending.
 - **Closing** signups prevents new kiosk links from being issued on confirmation, but existing links continue to work.
 
 If a volunteer confirms their email while signups are already open, they receive their kiosk link immediately in the confirmation response and via email.
@@ -100,11 +93,11 @@ If a volunteer confirms their email while signups are already open, they receive
 Under **Volunteers**, you can:
 
 - Create volunteers manually (name, email, department)
-- Link a volunteer to an existing attendee record (for dual check-in at the gate)
 - Assign volunteers to departments
+- Mark volunteers as co-leads
 - Check in volunteers
 
-Volunteers are separate from attendees. A person can be both an attendee (ticket holder) and a volunteer (shift worker). Linking them enables the gate team to check in both records simultaneously.
+Volunteers are separate from participants. A person can be both a ticket holder and a volunteer. When a volunteer signs up via the public form, they are automatically linked to their participant record by email.
 
 ## Shift Scheduling
 
@@ -128,15 +121,17 @@ The kiosk lets volunteers self-select shifts without logging in.
 
 ### Setup
 
-1. **Generate tokens** — on the Attendees page, click "Generate Tokens." This creates a unique 8-character code for every attendee that doesn't have one.
-2. **Distribute tokens** — two options:
-   - **Export CSV** — downloads a file with columns `Email Address`, `First Name`, `Token`, `Signup Link`. Import this into MailChimp, Zeffy, or any email platform.
-   - **Email directly** — if SMTP is configured (see below), use "Email All" to send token links, or email individually per attendee.
-3. **Set base URL** — in Settings, set the public base URL (e.g., `https://turnpike.example.com`). Token links use this URL.
+Kiosk links are generated and distributed automatically through the volunteer signup flow:
+
+1. Volunteers sign up via the public signup form (`/volunteer-signup`) and confirm their email.
+2. In **Settings**, open shift signups. This generates kiosk codes for all confirmed volunteers and emails them their links. A confirmation dialog warns before sending.
+3. If a volunteer confirms their email while signups are already open, they receive their kiosk link immediately.
+
+**Set base URL** — in Settings, set the public base URL (e.g., `https://turnpike.example.com`). Kiosk links use this URL.
 
 ### Volunteer experience
 
-Each volunteer receives a link like `https://turnpike.example.com/#/v/ABC12345`. This opens a mobile-friendly page showing:
+Each volunteer receives a link like `https://turnpike.example.com/v/ABC12345`. This opens a mobile-friendly page showing:
 
 - Their name and department
 - Currently assigned shifts
@@ -144,20 +139,19 @@ Each volunteer receives a link like `https://turnpike.example.com/#/v/ABC12345`.
 
 Claiming a shift checks for time conflicts. If a conflict exists, the volunteer sees which shifts overlap and can confirm to proceed anyway.
 
-No login is required. The 8-character token authenticates the request.
+No login is required. The kiosk code authenticates the request.
 
-### Token format
+### Code format
 
-Tokens use the character set `A-Z, 2-9` (excluding 0/O, 1/I/L to avoid ambiguity when reading aloud or on printed badges).
+Kiosk codes use the character set `A-Z, 2-9` (excluding 0/O, 1/I/L to avoid ambiguity when reading aloud or on printed badges).
 
 ## Gate Check-In
 
-Users with the **gate** role see a dedicated full-screen UI:
+Users with the **gatekeeper** role see a dedicated full-screen UI:
 
 - **QR scanner** — uses the device camera via the BarcodeDetector API. Scanned codes populate the search field.
-- **Search** — type a name to filter attendees in real-time (searches local IndexedDB, works offline).
-- **Party check-in** — for attendees with `party_size > 1`, the gate UI shows progress ("2/3 checked in") and offers "Check in 1" or "Check in all remaining."
-- **Volunteer dual check-in** — if an attendee is linked to a volunteer record, the gate UI shows their volunteer status and offers to check in both simultaneously.
+- **Search** — type a name to filter tickets in real-time (searches local IndexedDB, works offline).
+- **Volunteer dual check-in** — if a ticket holder is also a volunteer, the gate UI shows their volunteer status and offers to check in both simultaneously.
 - **Recent check-ins** — the last 10 check-ins are shown for quick reference.
 
 Gate devices should install Turnpike as a PWA (Add to Home Screen) for the best experience. Check-ins are stored locally and sync when connectivity is available.
@@ -170,7 +164,7 @@ The Schedule page is the primary UI for managing shifts and volunteer assignment
 - Each shift card shows: name, time, capacity (used/total), assigned volunteers
 - Conflict badges when a volunteer has overlapping shifts on the same day
 
-**Coordinators and admins** see all departments. **Volunteer leads** see only their assigned department.
+**Admins and staffing** see all departments. **Coleads** see only their assigned department(s).
 
 Actions available:
 - Create new shifts (+ Add shift button)
@@ -182,7 +176,7 @@ Actions available:
 
 ## SMTP Configuration
 
-SMTP enables token email distribution and test emails. Configure in **Settings** (admin only):
+SMTP enables volunteer confirmation emails, kiosk link distribution, and test emails. Configure in **Settings** (admin only):
 
 | Field | Description |
 |-------|-------------|
@@ -203,13 +197,13 @@ Turnpike is a Progressive Web App (PWA). After the first load, it works offline:
 
 - **Gate check-ins** are stored in the browser's IndexedDB and sync when connectivity returns.
 - **Real-time updates** use Server-Sent Events (SSE). When the connection drops, the client reconnects automatically.
-- **Sync** pulls all changes from the server on startup and periodically thereafter. Local changes are queued in an outbox and flushed in order.
+- **Sync** pulls all changes from the server on startup and periodically thereafter.
 
 Install Turnpike as a PWA (Add to Home Screen on mobile, or Install App in desktop Chrome) for the best offline experience.
 
 ## CSV Exports
 
-Two CSV exports are available from the Attendees page:
+CSV exports are available from the Participants page:
 
-- **Attendee export** — all attendee records with check-in status
-- **Token link export** — columns: `Email Address`, `First Name`, `Token`, `Signup Link`. Only includes attendees with tokens. Compatible with MailChimp and Zeffy for bulk email campaigns.
+- **Participant export** — all participant records with check-in status
+- **Ticket export** — all ticket records with codes and check-in status

From 4d3da023fcbfc38a1f668d7af840ae9c0b626842 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Wed, 4 Mar 2026 23:06:03 -0600
Subject: [PATCH 16/47] Added event edit.

---
 docs/USAGE.md                      |  2 +-
 frontend/src/pages/Settings.svelte | 72 +++++++++++++++++++++++++++++-
 2 files changed, 72 insertions(+), 2 deletions(-)

diff --git a/docs/USAGE.md b/docs/USAGE.md
index 11684d4..6c5b9b7 100644
--- a/docs/USAGE.md
+++ b/docs/USAGE.md
@@ -22,7 +22,7 @@ Coleads are scoped to one or more departments. When creating a colead user, assi
 
 ## Event Setup
 
-1. **Configure your event** — set the event name, venue, dates, and timezone via the API (`PUT /api/event`). These appear on the Dashboard.
+1. **Configure your event** — go to **Settings** and set the event name, venue, dates, and timezone. These appear on the Dashboard and volunteer signup page.
 2. **Create departments** — under Departments, add each department your event needs (e.g., Gate, Greeters, Rangers, Build, LNT).
 3. **Import participants** — see next section.
 4. **Create shifts** — under Schedule, create shifts for each department with day, start/end time, and capacity.
diff --git a/frontend/src/pages/Settings.svelte b/frontend/src/pages/Settings.svelte
index 5caf2ee..138af08 100644
--- a/frontend/src/pages/Settings.svelte
+++ b/frontend/src/pages/Settings.svelte
@@ -1,9 +1,11 @@
 <script>
   import { onMount } from 'svelte'
   import { api } from '../api.js'
+  import { db } from '../db.js'
 
   let loading = $state(true)
   let saving = $state(false)
+  let savingEvent = $state(false)
   let testing = $state(false)
   let error = $state('')
   let success = $state('')
@@ -18,10 +20,23 @@
   let testEmail = $state('')
   let noteLabel = $state('Additional note')
   let noteRequired = $state(false)
+  let eventName = $state('')
+  let eventVenue = $state('')
+  let eventStartDate = $state('')
+  let eventEndDate = $state('')
+  let eventTimezone = $state('')
   let shiftSignupsOpen = $state(false)
   let togglingSignups = $state(false)
 
   onMount(async () => {
+    try {
+      const ev = await api.event.get()
+      eventName = ev.name ?? ''
+      eventVenue = ev.venue ?? ''
+      eventStartDate = ev.start_date ?? ''
+      eventEndDate = ev.end_date ?? ''
+      eventTimezone = ev.timezone ?? ''
+    } catch {}
     try {
       const s = await api.settings.get()
       smtpHost = s.smtp_host ?? ''
@@ -41,6 +56,28 @@
     }
   })
 
+  async function saveEvent(e) {
+    e.preventDefault()
+    savingEvent = true
+    error = ''
+    success = ''
+    try {
+      const updated = await api.event.update({
+        name: eventName,
+        venue: eventVenue,
+        start_date: eventStartDate,
+        end_date: eventEndDate,
+        timezone: eventTimezone,
+      })
+      await db.event.put({ ...updated, id: 1 })
+      success = 'Event saved.'
+    } catch (err) {
+      error = err.message
+    } finally {
+      savingEvent = false
+    }
+  }
+
   async function save(e) {
     e.preventDefault()
     saving = true
@@ -127,6 +164,39 @@
   {#if loading}
     <div class="text-muted">Loading…</div>
   {:else}
+    <form onsubmit={saveEvent}>
+      <div class="card" style="margin-bottom:1.5rem">
+        <h2 style="font-size:0.95rem;font-weight:700;margin-bottom:1rem">Event</h2>
+        <div style="display:grid;grid-template-columns:1fr 1fr;gap:1rem">
+          <div class="form-group" style="grid-column:1/-1">
+            <label for="e-name">Event Name *</label>
+            <input id="e-name" bind:value={eventName} required placeholder="My Event 2026" />
+          </div>
+          <div class="form-group" style="grid-column:1/-1">
+            <label for="e-venue">Venue</label>
+            <input id="e-venue" bind:value={eventVenue} placeholder="Location name" />
+          </div>
+          <div class="form-group">
+            <label for="e-start">Start Date *</label>
+            <input id="e-start" type="date" bind:value={eventStartDate} required />
+          </div>
+          <div class="form-group">
+            <label for="e-end">End Date *</label>
+            <input id="e-end" type="date" bind:value={eventEndDate} required />
+          </div>
+          <div class="form-group" style="grid-column:1/-1">
+            <label for="e-tz">Timezone</label>
+            <input id="e-tz" bind:value={eventTimezone} placeholder="America/Los_Angeles" />
+          </div>
+        </div>
+        <div class="actions">
+          <button type="submit" class="btn btn-primary" disabled={savingEvent}>
+            {savingEvent ? 'Saving…' : 'Save Event'}
+          </button>
+        </div>
+      </div>
+    </form>
+
     <form onsubmit={save}>
       <div class="card" style="margin-bottom:1.5rem">
         <h2 style="font-size:0.95rem;font-weight:700;margin-bottom:1rem">SMTP Email</h2>
@@ -160,7 +230,7 @@
         </div>
 
         <div class="form-group">
-          <label for="s-url">Base URL <span class="text-muted" style="font-weight:400">(for volunteer token links)</span></label>
+          <label for="s-url">Base URL <span class="text-muted" style="font-weight:400">(for kiosk links in emails)</span></label>
           <input id="s-url" bind:value={baseURL} placeholder="https://events.example.com" />
         </div>
 

From fa7ea35fd5ededf9d2db760ae16288d28945f3bf Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Wed, 4 Mar 2026 23:10:00 -0600
Subject: [PATCH 17/47] Added browser-supported timezone lookup.

---
 frontend/src/pages/Settings.svelte | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/frontend/src/pages/Settings.svelte b/frontend/src/pages/Settings.svelte
index 138af08..2f6ee8e 100644
--- a/frontend/src/pages/Settings.svelte
+++ b/frontend/src/pages/Settings.svelte
@@ -25,6 +25,7 @@
   let eventStartDate = $state('')
   let eventEndDate = $state('')
   let eventTimezone = $state('')
+  const timezones = Intl.supportedValuesOf('timeZone')
   let shiftSignupsOpen = $state(false)
   let togglingSignups = $state(false)
 
@@ -186,7 +187,12 @@
           </div>
           <div class="form-group" style="grid-column:1/-1">
             <label for="e-tz">Timezone</label>
-            <input id="e-tz" bind:value={eventTimezone} placeholder="America/Los_Angeles" />
+            <input id="e-tz" bind:value={eventTimezone} placeholder="America/Chicago" list="tz-list" />
+            <datalist id="tz-list">
+              {#each timezones as tz}
+                <option value={tz} />
+              {/each}
+            </datalist>
           </div>
         </div>
         <div class="actions">

From 6c21efcb16f678cc7486ef7dbb03132b6387a129 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Thu, 5 Mar 2026 09:17:57 -0600
Subject: [PATCH 18/47] Renamed Kiosks. Clarified Volunteer flow status.

---
 frontend/src/App.svelte                                | 10 +++++-----
 frontend/src/app.css                                   |  1 +
 frontend/src/components/CheckInButton.svelte           |  2 +-
 frontend/src/pages/{GateUI.svelte => GateKiosk.svelte} |  0
 frontend/src/pages/Participants.svelte                 |  4 ++--
 .../src/pages/{Kiosk.svelte => VolunteerKiosk.svelte}  |  0
 frontend/src/pages/Volunteers.svelte                   |  8 ++++----
 7 files changed, 13 insertions(+), 12 deletions(-)
 rename frontend/src/pages/{GateUI.svelte => GateKiosk.svelte} (100%)
 rename frontend/src/pages/{Kiosk.svelte => VolunteerKiosk.svelte} (100%)

diff --git a/frontend/src/App.svelte b/frontend/src/App.svelte
index 7f28a8a..7ad6bc9 100644
--- a/frontend/src/App.svelte
+++ b/frontend/src/App.svelte
@@ -9,10 +9,10 @@
   import Departments from './pages/Departments.svelte'
   import Users from './pages/Users.svelte'
   import Import from './pages/Import.svelte'
-  import Kiosk from './pages/Kiosk.svelte'
+  import VolunteerKiosk from './pages/VolunteerKiosk.svelte'
   import VolunteerSignup from './pages/VolunteerSignup.svelte'
   import ConfirmEmail from './pages/ConfirmEmail.svelte'
-  import GateUI from './pages/GateUI.svelte'
+  import GateKiosk from './pages/GateKiosk.svelte'
   import ScheduleBoard from './pages/ScheduleBoard.svelte'
   import Settings from './pages/Settings.svelte'
   import Nav from './components/Nav.svelte'
@@ -96,7 +96,7 @@
 {#if loading}
   <!-- checking session -->
 {:else if kioskToken}
-  <Kiosk />
+  <VolunteerKiosk />
 {:else if isVolunteerSignup}
   <VolunteerSignup />
 {:else if isConfirmEmail}
@@ -104,8 +104,8 @@
 {:else if !session}
   <Login onlogin={onLogin} />
 {:else if role === 'gatekeeper'}
-  <!-- Gate users get the full-screen GateUI instead of the standard layout -->
-  <GateUI {session} {onLogout} />
+  <!-- Gate users get the full-screen GateKiosk instead of the standard layout -->
+  <GateKiosk {session} {onLogout} />
 {:else}
   <div class="layout">
     <!-- svelte-ignore a11y_no_static_element_interactions -->
diff --git a/frontend/src/app.css b/frontend/src/app.css
index 5727e4d..c5de1fe 100644
--- a/frontend/src/app.css
+++ b/frontend/src/app.css
@@ -130,6 +130,7 @@ tr:hover td { background: rgba(255,255,255,0.02); }
   text-transform: uppercase; letter-spacing: 0.04em;
 }
 .badge-checked   { background: rgba(34,197,94,0.15); color: var(--c-success); }
+.badge-confirmed { background: rgba(99,102,241,0.15); color: var(--c-accent-h); }
 .badge-unchecked { background: rgba(122,127,150,0.15); color: var(--c-muted); }
 .badge-partial   { background: rgba(245,158,11,0.15); color: var(--c-warn); }
 .badge-role      { background: rgba(99,102,241,0.15); color: var(--c-accent-h); }
diff --git a/frontend/src/components/CheckInButton.svelte b/frontend/src/components/CheckInButton.svelte
index b3ce533..f0af073 100644
--- a/frontend/src/components/CheckInButton.svelte
+++ b/frontend/src/components/CheckInButton.svelte
@@ -9,5 +9,5 @@
 </script>
 
 <button class="btn btn-success btn-sm" onclick={handle} disabled={loading}>
-  {loading ? '…' : '✓ Check in'}
+  {loading ? '…' : '✓ Ready'}
 </button>
diff --git a/frontend/src/pages/GateUI.svelte b/frontend/src/pages/GateKiosk.svelte
similarity index 100%
rename from frontend/src/pages/GateUI.svelte
rename to frontend/src/pages/GateKiosk.svelte
diff --git a/frontend/src/pages/Participants.svelte b/frontend/src/pages/Participants.svelte
index 2495958..5eb7610 100644
--- a/frontend/src/pages/Participants.svelte
+++ b/frontend/src/pages/Participants.svelte
@@ -424,9 +424,9 @@
                         </div>
                         <div style="text-align:right">
                           {#if tk.checked_in_at}
-                            <span class="badge badge-checked">In {fmtTime(tk.checked_in_at)}</span>
+                            <span class="badge badge-checked">Checked in {fmtTime(tk.checked_in_at)}</span>
                           {:else}
-                            <span class="badge badge-unchecked">Pending</span>
+                            <span class="badge badge-unchecked">Not checked in</span>
                           {/if}
                           <div class="text-muted" style="font-size:0.75rem">{tk.source}</div>
                         </div>
diff --git a/frontend/src/pages/Kiosk.svelte b/frontend/src/pages/VolunteerKiosk.svelte
similarity index 100%
rename from frontend/src/pages/Kiosk.svelte
rename to frontend/src/pages/VolunteerKiosk.svelte
diff --git a/frontend/src/pages/Volunteers.svelte b/frontend/src/pages/Volunteers.svelte
index e028389..1e6eea4 100644
--- a/frontend/src/pages/Volunteers.svelte
+++ b/frontend/src/pages/Volunteers.svelte
@@ -183,8 +183,8 @@
     {/if}
     <select bind:value={filterChecked} style="width:auto">
       <option value="">All</option>
-      <option value="false">Not checked in</option>
-      <option value="true">Checked in</option>
+      <option value="false">Not ready</option>
+      <option value="true">Ready</option>
     </select>
     <span class="text-muted" style="font-size:0.85rem;white-space:nowrap">
       {filtered.length} shown
@@ -236,8 +236,8 @@
                 {/if}
               </td>
               <td>
-                <span class="badge {v.checked_in ? 'badge-checked' : 'badge-unchecked'}">
-                  {v.checked_in ? 'Checked in' : 'Pending'}
+                <span class="badge {v.checked_in ? 'badge-checked' : v.email_confirmed ? 'badge-confirmed' : 'badge-unchecked'}">
+                  {v.checked_in ? 'Ready' : v.email_confirmed ? 'Confirmed' : 'Unconfirmed'}
                 </span>
                 {#if v.checked_in_at}
                   <div class="text-muted" style="font-size:0.75rem">

From 2b409c65c1c00954b4e252e5b73849c4616f47e1 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Thu, 5 Mar 2026 09:35:35 -0600
Subject: [PATCH 19/47] Added check-in to admin Participants view.

---
 frontend/src/pages/Participants.svelte | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/frontend/src/pages/Participants.svelte b/frontend/src/pages/Participants.svelte
index 5eb7610..26f5c63 100644
--- a/frontend/src/pages/Participants.svelte
+++ b/frontend/src/pages/Participants.svelte
@@ -129,6 +129,16 @@
     }
   }
 
+  async function checkInTicket(tk) {
+    error = ''
+    try {
+      const result = await api.tickets.checkIn(tk.id)
+      if (result.ticket) await db.tickets.put(result.ticket)
+    } catch (err) {
+      error = err.message
+    }
+  }
+
   function fmtTime(ts) {
     if (!ts) return ''
     return new Date(ts).toLocaleTimeString([], { hour: '2-digit', minute: '2-digit' })
@@ -426,7 +436,7 @@
                           {#if tk.checked_in_at}
                             <span class="badge badge-checked">Checked in {fmtTime(tk.checked_in_at)}</span>
                           {:else}
-                            <span class="badge badge-unchecked">Not checked in</span>
+                            <button class="btn btn-success btn-sm" onclick={() => checkInTicket(tk)}>✓ Check in</button>
                           {/if}
                           <div class="text-muted" style="font-size:0.75rem">{tk.source}</div>
                         </div>

From 87da9cf97f55bb1fc4243fda8acc219f4f57e5e9 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Thu, 5 Mar 2026 09:51:40 -0600
Subject: [PATCH 20/47] Updated docs.

---
 README.md     |  6 +++---
 docs/USAGE.md | 21 +++++++++++++++------
 2 files changed, 18 insertions(+), 9 deletions(-)

diff --git a/README.md b/README.md
index 80a43e5..71132c4 100644
--- a/README.md
+++ b/README.md
@@ -9,8 +9,8 @@ Turnpike handles gate check-in, volunteer scheduling, and department coordinatio
 - **Participant & ticket management** — CSV import (CrowdWork/Zeffy auto-detected), search, check-in
 - **Volunteer scheduling** — departments, shifts with capacity, conflict detection, reordering
 - **Public volunteer signup** — self-registration form with email confirmation, auto-participant linking
-- **Volunteer kiosk** — code-authenticated self-service shift signup, no login required
-- **Gate check-in** — full-screen UI with QR scanner, volunteer dual check-in
+- **Volunteer kiosk** — public volunteer flow: signup, email confirmation, code-authenticated shift self-scheduling
+- **Gate kiosk** — full-screen check-in UI with QR scanner for gatekeepers
 - **Schedule** — create shifts, assign volunteers, manage assignments with conflict awareness
 - **Role-based access** — admin, ticketing, staffing, colead (department-scoped), gatekeeper
 - **Offline-first PWA** — installs on phones/tablets, full offline check-in with background sync
@@ -64,7 +64,7 @@ See [docs/INSTALLATION.md](docs/INSTALLATION.md) for systemd, Docker, NixOS, and
 | `ticketing` | Participants, tickets, import. No user management |
 | `staffing` | All departments: volunteers, shifts, schedule. No user management or settings |
 | `colead` | Own department only: volunteers and shifts scoped to assigned department(s) |
-| `gatekeeper` | Full-screen check-in UI with QR scanner. No access to other pages |
+| `gatekeeper` | Full-screen Gate Kiosk with QR scanner. No access to other pages |
 
 See [docs/USAGE.md](docs/USAGE.md) for detailed workflow documentation.
 
diff --git a/docs/USAGE.md b/docs/USAGE.md
index 6c5b9b7..23572eb 100644
--- a/docs/USAGE.md
+++ b/docs/USAGE.md
@@ -16,7 +16,7 @@ After logging in, create accounts for your team under **Users**. Each user gets
 | **ticketing** | Participants, Tickets, Import | Manage participants and tickets, run CSV imports |
 | **staffing** | Dashboard, Schedule, Volunteers, Departments | Manage volunteers, departments, and shifts across all departments. No user management or settings |
 | **colead** | Dashboard, Schedule, Volunteers | Manage volunteers and shifts within their assigned department(s) only |
-| **gatekeeper** | Full-screen Gate UI | Check in ticket holders (search + QR scan). No access to other pages |
+| **gatekeeper** | Full-screen Gate Kiosk | Check in ticket holders (search + QR scan). No access to other pages |
 
 Coleads are scoped to one or more departments. When creating a colead user, assign their department(s).
 
@@ -95,7 +95,15 @@ Under **Volunteers**, you can:
 - Create volunteers manually (name, email, department)
 - Assign volunteers to departments
 - Mark volunteers as co-leads
-- Check in volunteers
+- Mark volunteers as ready (briefed at the volunteer station)
+
+### Volunteer statuses
+
+| Status | Meaning |
+|--------|---------|
+| **Unconfirmed** | Signed up but hasn't confirmed their email |
+| **Confirmed** | Email confirmed, not yet briefed |
+| **Ready** | Briefed at the volunteer station, has what they need to report for shifts |
 
 Volunteers are separate from participants. A person can be both a ticket holder and a volunteer. When a volunteer signs up via the public form, they are automatically linked to their participant record by email.
 
@@ -117,7 +125,7 @@ Shifts can be reordered within a department to reflect priority or sequence usin
 
 ## Volunteer Kiosk
 
-The kiosk lets volunteers self-select shifts without logging in.
+The Volunteer Kiosk is the public-facing flow for volunteers: signup, email confirmation, and shift self-scheduling. The shift scheduling page lets volunteers self-select shifts without logging in.
 
 ### Setup
 
@@ -145,15 +153,16 @@ No login is required. The kiosk code authenticates the request.
 
 Kiosk codes use the character set `A-Z, 2-9` (excluding 0/O, 1/I/L to avoid ambiguity when reading aloud or on printed badges).
 
-## Gate Check-In
+## Gate Kiosk
 
-Users with the **gatekeeper** role see a dedicated full-screen UI:
+Users with the **gatekeeper** role see a dedicated full-screen Gate Kiosk:
 
 - **QR scanner** — uses the device camera via the BarcodeDetector API. Scanned codes populate the search field.
 - **Search** — type a name to filter tickets in real-time (searches local IndexedDB, works offline).
-- **Volunteer dual check-in** — if a ticket holder is also a volunteer, the gate UI shows their volunteer status and offers to check in both simultaneously.
 - **Recent check-ins** — the last 10 check-ins are shown for quick reference.
 
+Admins and ticketing leads can also check in tickets directly from the **Participants** page by expanding a participant's tickets.
+
 Gate devices should install Turnpike as a PWA (Add to Home Screen) for the best experience. Check-ins are stored locally and sync when connectivity is available.
 
 ## Schedule

From 07f7d3d245cebb3e112647076e0c4f4258833fc8 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Thu, 5 Mar 2026 09:51:58 -0600
Subject: [PATCH 21/47] Revised views for mobile.

---
 frontend/src/app.css                   | 28 ++++++++++++++++++++++++++
 frontend/src/pages/Participants.svelte | 16 ++++++++++++---
 frontend/src/pages/Users.svelte        | 20 ++++++++++++------
 frontend/src/pages/Volunteers.svelte   | 16 +++++++++++----
 4 files changed, 67 insertions(+), 13 deletions(-)

diff --git a/frontend/src/app.css b/frontend/src/app.css
index c5de1fe..d36f2f7 100644
--- a/frontend/src/app.css
+++ b/frontend/src/app.css
@@ -207,4 +207,32 @@ tr:hover td { background: rgba(255,255,255,0.02); }
   }
   .page { padding: 1rem; }
   .stats { grid-template-columns: repeat(2, 1fr); }
+
+  /* Touch targets */
+  .btn { min-height: 44px; padding: 0.6rem 1rem; }
+  .btn-sm { min-height: 44px; padding: 0.5rem 0.75rem; font-size: 0.85rem; }
+
+  /* Page header & actions */
+  .page-header { flex-wrap: wrap; gap: 0.75rem; }
+  .page-title { width: 100%; }
+  .actions { flex-wrap: wrap; }
+
+  /* Search bar */
+  .search-bar { flex-wrap: wrap; }
+  .search-bar input { max-width: none; flex: 1 1 100%; }
+
+  /* Table → card layout */
+  .table-wrap { overflow-x: visible; }
+  table { display: block; }
+  thead { display: none; }
+  tbody { display: flex; flex-direction: column; gap: 0.5rem; }
+  tr { display: flex; flex-wrap: wrap; gap: 0.25rem 0.75rem; align-items: center;
+       padding: 0.75rem; border: 1px solid var(--c-border); border-radius: var(--radius-lg);
+       background: var(--c-surface); }
+  tr:hover td { background: transparent; }
+  td { display: inline; padding: 0; border: none; }
+  td:empty { display: none; }
+
+  /* Forms */
+  .form-grid { grid-template-columns: 1fr !important; }
 }
diff --git a/frontend/src/pages/Participants.svelte b/frontend/src/pages/Participants.svelte
index 26f5c63..ef2274f 100644
--- a/frontend/src/pages/Participants.svelte
+++ b/frontend/src/pages/Participants.svelte
@@ -243,7 +243,7 @@
   {#if showAdd && canManage}
     <div class="card" style="margin-bottom:1.5rem">
       <form onsubmit={addParticipant}>
-        <div style="display:grid;grid-template-columns:1fr 1fr;gap:1rem">
+        <div class="form-grid" style="display:grid;grid-template-columns:1fr 1fr;gap:1rem">
           <div class="form-group">
             <label for="p-name">Name</label>
             <input id="p-name" bind:value={newName} placeholder="Preferred name" />
@@ -362,7 +362,7 @@
               onclick={mergeMode && mergeSource?.id !== p.id ? () => { mergeTarget = p } : null}
               style={mergeMode && mergeSource?.id !== p.id ? 'cursor:pointer' : ''}
             >
-              <td>
+              <td class="td-name">
                 <strong>{p.preferred_name || '—'}</strong>
                 {#if p.pronouns}
                   <span class="text-muted" style="font-size:0.78rem"> · {p.pronouns}</span>
@@ -397,7 +397,7 @@
                 {/if}
               </td>
               {#if canManage}
-                <td>
+                <td class="td-actions">
                   {#if !mergeMode}
                     <button class="btn btn-ghost btn-sm" onclick={(e) => { e.stopPropagation(); startEdit(p) }}
                       title="Edit participant">✎</button>
@@ -504,4 +504,14 @@
   .edit-fields { display: flex; gap: 0.4rem; flex-wrap: wrap; }
   .edit-fields input { flex: 1; min-width: 120px; font-size: 0.825rem; padding: 0.3rem 0.5rem; width: auto; }
 
+  @media (max-width: 640px) {
+    .td-name { width: 100%; }
+    .td-actions { width: 100%; }
+    .ticket-rows { padding: 0; border: none; border-radius: 0; margin-top: -0.5rem; }
+    .ticket-rows td { width: 100%; }
+    .ticket-row { flex-direction: column; gap: 0.35rem; }
+    .ticket-row div:last-child { text-align: left; }
+    .edit-row { padding: 0.75rem; }
+    .edit-row td { width: 100%; }
+  }
 </style>
diff --git a/frontend/src/pages/Users.svelte b/frontend/src/pages/Users.svelte
index c683fb9..c649964 100644
--- a/frontend/src/pages/Users.svelte
+++ b/frontend/src/pages/Users.svelte
@@ -148,7 +148,7 @@
   {#if showAdd}
     <div class="card" style="margin-bottom:1.5rem">
       <form onsubmit={addUser}>
-        <div style="display:grid;grid-template-columns:1fr 1fr 1fr;gap:1rem">
+        <div class="form-grid" style="display:grid;grid-template-columns:1fr 1fr 1fr;gap:1rem">
           <div class="form-group">
             <label for="u-username">Username *</label>
             <input id="u-username" bind:value={newUsername} required placeholder="username" autocomplete="off" />
@@ -213,8 +213,8 @@
         <tbody>
           {#each users as u (u.id)}
             {#if editID === u.id}
-              <tr>
-                <td><strong>{u.username}</strong> {#if u.id === me}<span class="badge badge-role">you</span>{/if}</td>
+              <tr class="edit-row">
+                <td class="td-name"><strong>{u.username}</strong> {#if u.id === me}<span class="badge badge-role">you</span>{/if}</td>
                 <td>
                   <select bind:value={editRole} style="width:auto;margin:0">
                     {#each roles as r}
@@ -239,7 +239,7 @@
                     placeholder="New password (leave blank to keep)"
                     style="margin-top:0.5rem" autocomplete="new-password" />
                 </td>
-                <td>
+                <td class="td-actions">
                   <div class="actions">
                     <button class="btn btn-primary btn-sm" onclick={() => saveUser(u)} disabled={saving}>
                       {saving ? '…' : 'Save'}
@@ -250,7 +250,7 @@
               </tr>
             {:else}
               <tr>
-                <td>
+                <td class="td-name">
                   <strong>{u.username}</strong>
                   {#if u.id === me}
                     <span class="badge badge-role" style="margin-left:0.4rem">you</span>
@@ -258,7 +258,7 @@
                 </td>
                 <td><span class="badge badge-role">{roleLabel(u.role)}</span></td>
                 <td class="text-muted">{deptNamesFor(u.department_ids || [])}</td>
-                <td>
+                <td class="td-actions">
                   <div class="actions">
                     <button class="btn btn-ghost btn-sm" onclick={() => startEdit(u)}>Edit</button>
                     {#if u.id !== me}
@@ -274,3 +274,11 @@
     </div>
   {/if}
 </div>
+
+<style>
+  @media (max-width: 640px) {
+    .td-name { width: 100%; }
+    .td-actions { width: 100%; }
+    .edit-row td { width: 100%; }
+  }
+</style>
diff --git a/frontend/src/pages/Volunteers.svelte b/frontend/src/pages/Volunteers.svelte
index 1e6eea4..8e5827a 100644
--- a/frontend/src/pages/Volunteers.svelte
+++ b/frontend/src/pages/Volunteers.svelte
@@ -132,7 +132,7 @@
   {#if showAdd && canManage}
     <div class="card" style="margin-bottom:1.5rem">
       <form onsubmit={addVolunteer}>
-        <div style="display:grid;grid-template-columns:1fr 1fr;gap:1rem">
+        <div class="form-grid" style="display:grid;grid-template-columns:1fr 1fr;gap:1rem">
           <div class="form-group">
             <label for="v-name">Name *</label>
             <input id="v-name" bind:value={newName} required placeholder="Full name" />
@@ -213,7 +213,7 @@
             {@const dept = deptFor(v.department_id)}
             {@const participant = participantFor(v.participant_id)}
             <tr>
-              <td>
+              <td class="td-name">
                 <strong>{v.name}</strong>
                 {#if v.is_lead}
                   <span class="badge badge-lead" style="margin-left:0.4rem">Co-Lead</span>
@@ -245,13 +245,13 @@
                   </div>
                 {/if}
               </td>
-              <td>
+              <td class="td-ready">
                 {#if !v.checked_in}
                   <CheckInButton onclick={() => checkIn(v)} />
                 {/if}
               </td>
               {#if canManage}
-                <td>
+                <td class="td-actions">
                   <button class="btn btn-ghost btn-sm" onclick={() => toggleLead(v)}
                     title={v.is_lead ? 'Remove co-lead' : 'Mark as co-lead'}>
                     {v.is_lead ? '− Co-Lead' : '+ Co-Lead'}
@@ -266,3 +266,11 @@
     </div>
   {/if}
 </div>
+
+<style>
+  @media (max-width: 640px) {
+    .td-name { width: 100%; }
+    .td-ready { width: 100%; }
+    .td-actions { width: 100%; }
+  }
+</style>

From d439306657bbc2edc6d6ee1a93606c1bc52eb342 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Thu, 5 Mar 2026 09:56:54 -0600
Subject: [PATCH 22/47] Moved action buttons on mobile cards.

---
 frontend/src/pages/Departments.svelte  | 23 ++++++++++++++++-------
 frontend/src/pages/Participants.svelte |  4 +---
 frontend/src/pages/Users.svelte        |  2 +-
 frontend/src/pages/Volunteers.svelte   | 12 +++++++-----
 4 files changed, 25 insertions(+), 16 deletions(-)

diff --git a/frontend/src/pages/Departments.svelte b/frontend/src/pages/Departments.svelte
index b7fd627..c2cf82b 100644
--- a/frontend/src/pages/Departments.svelte
+++ b/frontend/src/pages/Departments.svelte
@@ -100,7 +100,7 @@
   {#if showAdd && canCreate}
     <div class="card" style="margin-bottom:1.5rem">
       <form onsubmit={addDept}>
-        <div style="display:grid;grid-template-columns:1fr 1fr auto;gap:1rem;align-items:end">
+        <div class="form-grid" style="display:grid;grid-template-columns:1fr 1fr auto;gap:1rem;align-items:end">
           <div class="form-group" style="margin-bottom:0">
             <label for="d-name">Name *</label>
             <input id="d-name" bind:value={newName} required placeholder="e.g. Security" />
@@ -142,8 +142,8 @@
         <tbody>
           {#each $allDepts ?? [] as d (d.id)}
             {#if editID === d.id}
-              <tr>
-                <td>
+              <tr class="edit-row">
+                <td class="td-name">
                   <div style="display:flex;align-items:center;gap:0.5rem">
                     <input type="color" bind:value={editColor} style="width:36px;height:36px;padding:0.1rem;border-radius:4px;cursor:pointer;flex-shrink:0" />
                     <input bind:value={editName} required placeholder="Name" style="margin:0" />
@@ -153,7 +153,7 @@
                   <input bind:value={editDesc} placeholder="Description" style="margin:0" />
                 </td>
                 {#if canCreate}
-                  <td>
+                  <td class="td-actions">
                     <div class="actions">
                       <button class="btn btn-primary btn-sm" onclick={() => saveDept(d)} disabled={saving}>
                         {saving ? '…' : 'Save'}
@@ -165,13 +165,13 @@
               </tr>
             {:else}
               <tr>
-                <td>
+                <td class="td-name">
                   <span class="dept-dot" style="background:{d.color};margin-right:0.5rem"></span>
                   <strong>{d.name}</strong>
                 </td>
-                <td class="text-muted">{d.description || '—'}</td>
+                <td class="td-desc text-muted">{d.description || '—'}</td>
                 {#if canCreate}
-                  <td>
+                  <td class="td-actions">
                     <div class="actions">
                       <button class="btn btn-ghost btn-sm" onclick={() => startEdit(d)}>Edit</button>
                       {#if canDelete}
@@ -188,3 +188,12 @@
     </div>
   {/if}
 </div>
+
+<style>
+  @media (max-width: 640px) {
+    .td-name { width: 100%; }
+    .td-desc { width: 100%; }
+    .td-actions { width: 100%; display: flex; justify-content: flex-end; }
+    .edit-row td { width: 100%; }
+  }
+</style>
diff --git a/frontend/src/pages/Participants.svelte b/frontend/src/pages/Participants.svelte
index ef2274f..55714a6 100644
--- a/frontend/src/pages/Participants.svelte
+++ b/frontend/src/pages/Participants.svelte
@@ -506,11 +506,9 @@
 
   @media (max-width: 640px) {
     .td-name { width: 100%; }
-    .td-actions { width: 100%; }
+    .td-actions { width: 100%; display: flex; justify-content: flex-end; }
     .ticket-rows { padding: 0; border: none; border-radius: 0; margin-top: -0.5rem; }
     .ticket-rows td { width: 100%; }
-    .ticket-row { flex-direction: column; gap: 0.35rem; }
-    .ticket-row div:last-child { text-align: left; }
     .edit-row { padding: 0.75rem; }
     .edit-row td { width: 100%; }
   }
diff --git a/frontend/src/pages/Users.svelte b/frontend/src/pages/Users.svelte
index c649964..ee6b18a 100644
--- a/frontend/src/pages/Users.svelte
+++ b/frontend/src/pages/Users.svelte
@@ -278,7 +278,7 @@
 <style>
   @media (max-width: 640px) {
     .td-name { width: 100%; }
-    .td-actions { width: 100%; }
+    .td-actions { width: 100%; display: flex; justify-content: flex-end; }
     .edit-row td { width: 100%; }
   }
 </style>
diff --git a/frontend/src/pages/Volunteers.svelte b/frontend/src/pages/Volunteers.svelte
index 8e5827a..ade758b 100644
--- a/frontend/src/pages/Volunteers.svelte
+++ b/frontend/src/pages/Volunteers.svelte
@@ -228,14 +228,14 @@
                   <div class="text-muted" style="font-size:0.78rem">{v.note}</div>
                 {/if}
               </td>
-              <td class="text-muted">
+              <td class="td-dept text-muted">
                 {#if dept}
                   <span class="dept-dot" style="background:{dept.color};margin-right:0.4rem"></span>{dept.name}
                 {:else}
                   —
                 {/if}
               </td>
-              <td>
+              <td class="td-status">
                 <span class="badge {v.checked_in ? 'badge-checked' : v.email_confirmed ? 'badge-confirmed' : 'badge-unchecked'}">
                   {v.checked_in ? 'Ready' : v.email_confirmed ? 'Confirmed' : 'Unconfirmed'}
                 </span>
@@ -269,8 +269,10 @@
 
 <style>
   @media (max-width: 640px) {
-    .td-name { width: 100%; }
-    .td-ready { width: 100%; }
-    .td-actions { width: 100%; }
+    .td-name { flex: 1; min-width: 0; order: 1; }
+    .td-ready { flex-shrink: 0; align-self: flex-start; order: 2; }
+    .td-dept { width: 100%; order: 3; }
+    .td-status { width: 100%; order: 4; }
+    .td-actions { width: 100%; order: 5; display: flex; justify-content: flex-end; }
   }
 </style>

From 62b3dece84b27f14989e07ca6322626dc1037598 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Thu, 5 Mar 2026 10:35:27 -0600
Subject: [PATCH 23/47] Added Participant list to Gate kiosk.

---
 frontend/src/pages/GateKiosk.svelte | 67 ++++++++++++++++++++++++++---
 1 file changed, 61 insertions(+), 6 deletions(-)

diff --git a/frontend/src/pages/GateKiosk.svelte b/frontend/src/pages/GateKiosk.svelte
index 6c7dc71..d1eeaa1 100644
--- a/frontend/src/pages/GateKiosk.svelte
+++ b/frontend/src/pages/GateKiosk.svelte
@@ -7,6 +7,8 @@
   let { session, onLogout } = $props()
 
   let search = $state('')
+  let manuallySelectedId = $state(null)
+  let showAll = $state(false)
   let error = $state('')
   let scannerMsg = $state('')
   let qrSupported = $state(false)
@@ -44,22 +46,44 @@
     return ($tickets ?? []).find(t => t.external_id?.toLowerCase() === sl) ?? null
   })
 
-  // Name/email search across participants
+  const allParticipantsSorted = $derived.by(() =>
+    ($participants ?? [])
+      .filter(p => !p.deleted_at)
+      .sort((a, b) => (a.preferred_name || a.email || '').localeCompare(b.preferred_name || b.email || ''))
+  )
+
+  // Clear manual selection whenever search text changes
+  $effect(() => {
+    search
+    manuallySelectedId = null
+  })
+
+  // Name/email/ticket-name search across participants
   const filteredParticipants = $derived.by(() => {
     if (matchedTicket) return []
     const s = search.trim().toLowerCase()
     if (!s || s.length < 2) return []
+    const byTicketName = new Set(
+      ($tickets ?? [])
+        .filter(t => t.name?.toLowerCase().includes(s))
+        .map(t => t.participant_id)
+        .filter(Boolean)
+    )
     return ($participants ?? [])
       .filter(p =>
         p.preferred_name?.toLowerCase().includes(s) ||
-        p.email?.toLowerCase().includes(s)
+        p.email?.toLowerCase().includes(s) ||
+        byTicketName.has(p.id)
       )
       .sort((a, b) => (a.preferred_name || '').localeCompare(b.preferred_name || ''))
       .slice(0, 8)
   })
 
-  // Auto-select when exactly one participant matches
+  // Manual selection takes priority; fall back to auto-select on single match
   const selectedParticipant = $derived.by(() => {
+    if (manuallySelectedId) {
+      return ($participants ?? []).find(p => p.id === manuallySelectedId) ?? null
+    }
     if (filteredParticipants.length === 1) return filteredParticipants[0]
     return null
   })
@@ -165,6 +189,9 @@
           {scanning ? '■ Stop' : '⊡ Scan QR'}
         </button>
       {/if}
+      <button class="gbtn gbtn-ghost" onclick={() => { showAll = !showAll; search = ''; manuallySelectedId = null }}>
+        {showAll ? '✕ Close' : '☰ Browse'}
+      </button>
     </div>
 
     {#if scanning}
@@ -211,7 +238,13 @@
     {:else if selectedParticipant}
       {@const pts = ticketsFor(selectedParticipant.id)}
       <div class="gate-match">
-        <div class="gate-match-name">{selectedParticipant.preferred_name || selectedParticipant.email || '(unknown)'}</div>
+        <div class="gate-match-name-row">
+          <div class="gate-match-name">{selectedParticipant.preferred_name || selectedParticipant.email || '(unknown)'}</div>
+          {#if manuallySelectedId}
+            <button class="gbtn gbtn-ghost" style="font-size:0.8rem;padding:0.3rem 0.6rem"
+              onclick={() => manuallySelectedId = null}>← Back</button>
+          {/if}
+        </div>
         {#if selectedParticipant.email}
           <div class="gate-match-sub text-muted">{selectedParticipant.email}</div>
         {/if}
@@ -243,7 +276,7 @@
         {#each filteredParticipants as p}
           {@const pts = ticketsFor(p.id)}
           {@const ci = pts.filter(t => t.checked_in_at).length}
-          <button class="gate-result-row" onclick={() => search = p.preferred_name || p.email || ''}>
+          <button class="gate-result-row" onclick={() => manuallySelectedId = p.id}>
             <span>
               <strong>{p.preferred_name || p.email || '(unknown)'}</strong>
               {#if p.email && p.preferred_name}
@@ -261,6 +294,27 @@
       <div class="gate-msg gate-msg-warn">No matching participants or tickets found.</div>
     {/if}
 
+    <!-- Browse all participants -->
+    {#if showAll && !matchedTicket && !selectedParticipant && search.trim().length < 2}
+      <div class="gate-results">
+        {#each allParticipantsSorted as p}
+          {@const pts = ticketsFor(p.id)}
+          {@const ci = pts.filter(t => t.checked_in_at).length}
+          <button class="gate-result-row" onclick={() => { manuallySelectedId = p.id; showAll = false }}>
+            <span>
+              <strong>{p.preferred_name || p.email || '(unknown)'}</strong>
+              {#if p.email && p.preferred_name}
+                <span class="text-muted" style="font-size:0.8rem"> · {p.email}</span>
+              {/if}
+            </span>
+            <span class="badge {ci === pts.length && pts.length > 0 ? 'badge-checked' : ci > 0 ? 'badge-partial' : 'badge-unchecked'}">
+              {pts.length > 0 ? `${ci}/${pts.length}` : 'No ticket'}
+            </span>
+          </button>
+        {/each}
+      </div>
+    {/if}
+
     <!-- Recent check-ins -->
     <div class="gate-recent">
       <div class="gate-recent-title">Recent Check-ins</div>
@@ -385,7 +439,8 @@
     padding: 1.25rem;
     margin-bottom: 1rem;
   }
-  .gate-match-name { font-size: 1.4rem; font-weight: 700; margin-bottom: 0.2rem; }
+  .gate-match-name-row { display: flex; align-items: center; justify-content: space-between; gap: 0.5rem; margin-bottom: 0.2rem; }
+  .gate-match-name { font-size: 1.4rem; font-weight: 700; }
   .gate-match-sub { color: var(--c-muted); font-size: 0.875rem; }
   .gate-party {
     margin: 0.5rem 0;

From 72b245d6d6e01b3a29b921f8ec4d8cda553448e4 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Thu, 5 Mar 2026 15:52:40 -0600
Subject: [PATCH 24/47] Set up Unconfirmed -> Registered -> Confirmed -> Ready
 flow for Volunteers

---
 db.go                                | 26 +++++++++++++-
 docs/USAGE.md                        | 13 ++++---
 frontend/src/api.js                  |  1 +
 frontend/src/app.css                 |  7 ++--
 frontend/src/pages/Volunteers.svelte | 53 ++++++++++++++++++++++------
 handle_volunteers.go                 | 14 ++++++++
 main.go                              |  1 +
 7 files changed, 95 insertions(+), 20 deletions(-)

diff --git a/db.go b/db.go
index d93807d..be830db 100644
--- a/db.go
+++ b/db.go
@@ -174,6 +174,8 @@ func migrateV2(db *sql.DB) error {
 	addColumnIfMissing(db, "volunteers", "pronouns TEXT NOT NULL DEFAULT ''")
 	addColumnIfMissing(db, "volunteers", "email_confirmed INTEGER NOT NULL DEFAULT 0")
 	addColumnIfMissing(db, "volunteers", "confirmation_token TEXT")
+	addColumnIfMissing(db, "volunteers", "confirmed INTEGER NOT NULL DEFAULT 0")
+	addColumnIfMissing(db, "volunteers", "confirmed_at TEXT")
 	// Widen the uniqueness constraint from name-only to (name, ticket_id).
 	db.Exec(`DROP INDEX IF EXISTS idx_attendees_name`)
 	db.Exec(`CREATE UNIQUE INDEX IF NOT EXISTS idx_attendees_name_ticket ON attendees(name, ticket_id) WHERE deleted_at IS NULL`)
@@ -392,6 +394,8 @@ type Volunteer struct {
 	IsLead            bool    `json:"is_lead"`
 	CheckedIn         bool    `json:"checked_in"`
 	CheckedInAt       *string `json:"checked_in_at,omitempty"`
+	Confirmed         bool    `json:"confirmed"`
+	ConfirmedAt       *string `json:"confirmed_at,omitempty"`
 	EmailConfirmed    bool    `json:"email_confirmed"`
 	ConfirmationToken *string `json:"-"`
 	Note              string  `json:"note"`
@@ -1184,6 +1188,7 @@ const volunteerSelect = `v.id, v.participant_id, v.attendee_id,
 	COALESCE(NULLIF(p.phone,''), v.phone),
 	COALESCE(NULLIF(p.pronouns,''), v.pronouns),
 	v.department_id, v.is_lead, v.checked_in, v.checked_in_at,
+	v.confirmed, v.confirmed_at,
 	v.email_confirmed, v.confirmation_token, v.note,
 	v.created_at, v.updated_at, v.deleted_at`
 const volunteerFrom = `FROM volunteers v LEFT JOIN participants p ON p.id = v.participant_id`
@@ -1293,6 +1298,19 @@ func (app *App) checkInVolunteer(id, userID int) (*Volunteer, error) {
 	return v, nil
 }
 
+func (app *App) confirmVolunteer(id int) (*Volunteer, error) {
+	t := now()
+	_, err := app.db.Exec(
+		`UPDATE volunteers SET confirmed=1, confirmed_at=?, updated_at=?
+		 WHERE id=? AND deleted_at IS NULL AND confirmed=0`,
+		t, t, id,
+	)
+	if err != nil {
+		return nil, err
+	}
+	return app.getVolunteer(id)
+}
+
 func queryVolunteers(db *sql.DB, q string, args ...any) ([]Volunteer, error) {
 	rows, err := db.Query(q, args...)
 	if err != nil {
@@ -1303,12 +1321,14 @@ func queryVolunteers(db *sql.DB, q string, args ...any) ([]Volunteer, error) {
 	for rows.Next() {
 		var v Volunteer
 		var participantID, attendeeID, deptID sql.NullInt64
-		var isLead, checkedIn, emailConfirmed int
+		var isLead, checkedIn, confirmed, emailConfirmed int
 		var confirmationToken sql.NullString
+		var confirmedAt sql.NullString
 		if err := rows.Scan(
 			&v.ID, &participantID, &attendeeID, &v.Name, &v.PreferredName, &v.TicketName,
 			&v.Email, &v.Phone, &v.Pronouns, &deptID,
 			&isLead, &checkedIn, &v.CheckedInAt,
+			&confirmed, &confirmedAt,
 			&emailConfirmed, &confirmationToken, &v.Note,
 			&v.CreatedAt, &v.UpdatedAt, &v.DeletedAt,
 		); err != nil {
@@ -1329,8 +1349,12 @@ func queryVolunteers(db *sql.DB, q string, args ...any) ([]Volunteer, error) {
 		if confirmationToken.Valid {
 			v.ConfirmationToken = &confirmationToken.String
 		}
+		if confirmedAt.Valid {
+			v.ConfirmedAt = &confirmedAt.String
+		}
 		v.IsLead = isLead == 1
 		v.CheckedIn = checkedIn == 1
+		v.Confirmed = confirmed == 1
 		v.EmailConfirmed = emailConfirmed == 1
 		result = append(result, v)
 	}
diff --git a/docs/USAGE.md b/docs/USAGE.md
index 23572eb..949f71b 100644
--- a/docs/USAGE.md
+++ b/docs/USAGE.md
@@ -99,11 +99,14 @@ Under **Volunteers**, you can:
 
 ### Volunteer statuses
 
-| Status | Meaning |
-|--------|---------|
-| **Unconfirmed** | Signed up but hasn't confirmed their email |
-| **Confirmed** | Email confirmed, not yet briefed |
-| **Ready** | Briefed at the volunteer station, has what they need to report for shifts |
+| Status | Meaning | Who sets it |
+|--------|---------|-------------|
+| **Unconfirmed** | Signed up but hasn't confirmed their email | Automatic (not yet done) |
+| **Registered** | Email confirmed — volunteer is in the system | Automatic (email link) |
+| **Confirmed** | Staff has verified the volunteer is assigned and ready to be scheduled | Admin, staffing, or co-lead |
+| **Ready** | Briefed at the volunteer station, cleared to report for shifts | Gate staff at check-in |
+
+**Confirmation** is a deliberate staff action — it signals that a volunteer has been assigned to a department and you're expecting them. Only volunteers who have been assigned a department can be confirmed. Use the **Confirm** button on a registered volunteer's row.
 
 Volunteers are separate from participants. A person can be both a ticket holder and a volunteer. When a volunteer signs up via the public form, they are automatically linked to their participant record by email.
 
diff --git a/frontend/src/api.js b/frontend/src/api.js
index b0767e6..6700d4b 100644
--- a/frontend/src/api.js
+++ b/frontend/src/api.js
@@ -79,6 +79,7 @@ export const api = {
     update: (id, data) => apiJSON(`/api/volunteers/${id}`, { method: 'PUT', body: JSON.stringify(data) }),
     delete: (id) => apiFetch(`/api/volunteers/${id}`, { method: 'DELETE' }),
     checkIn: (id) => apiJSON(`/api/volunteers/${id}/checkin`, { method: 'POST' }),
+    confirm: (id) => apiJSON(`/api/volunteers/${id}/confirm`, { method: 'POST' }),
     assignShift: (id, shiftId) => apiFetch(`/api/volunteers/${id}/shifts`, { method: 'POST', body: JSON.stringify({ shift_id: shiftId }) }),
     unassignShift: (id, shiftId) => apiFetch(`/api/volunteers/${id}/shifts/${shiftId}`, { method: 'DELETE' }),
   },
diff --git a/frontend/src/app.css b/frontend/src/app.css
index d36f2f7..0cd0ee8 100644
--- a/frontend/src/app.css
+++ b/frontend/src/app.css
@@ -129,9 +129,10 @@ tr:hover td { background: rgba(255,255,255,0.02); }
   font-size: 0.72rem; font-weight: 600;
   text-transform: uppercase; letter-spacing: 0.04em;
 }
-.badge-checked   { background: rgba(34,197,94,0.15); color: var(--c-success); }
-.badge-confirmed { background: rgba(99,102,241,0.15); color: var(--c-accent-h); }
-.badge-unchecked { background: rgba(122,127,150,0.15); color: var(--c-muted); }
+.badge-checked     { background: rgba(34,197,94,0.15); color: var(--c-success); }
+.badge-confirmed   { background: rgba(99,102,241,0.15); color: var(--c-accent-h); }
+.badge-registered  { background: rgba(14,165,233,0.15); color: #0ea5e9; }
+.badge-unchecked   { background: rgba(122,127,150,0.15); color: var(--c-muted); }
 .badge-partial   { background: rgba(245,158,11,0.15); color: var(--c-warn); }
 .badge-role      { background: rgba(99,102,241,0.15); color: var(--c-accent-h); }
 .badge-lead      { background: rgba(245,158,11,0.15); color: var(--c-warn); }
diff --git a/frontend/src/pages/Volunteers.svelte b/frontend/src/pages/Volunteers.svelte
index ade758b..e26ee6a 100644
--- a/frontend/src/pages/Volunteers.svelte
+++ b/frontend/src/pages/Volunteers.svelte
@@ -8,7 +8,7 @@
 
   let search = $state('')
   let filterDept = $state('')
-  let filterChecked = $state('')
+  let filterStatus = $state('')
   let error = $state('')
   let showAdd = $state(false)
   let adding = $state(false)
@@ -20,6 +20,7 @@
 
   const role = $derived(session?.user?.role ?? '')
   const canManage = $derived(['admin', 'ticketing', 'staffing', 'colead'].includes(role))
+  const canConfirm = $derived(['admin', 'staffing', 'colead'].includes(role))
   const myDeptIDs = $derived(session?.user?.department_ids ?? [])
 
   // Auto-filter coleads to their department on mount
@@ -33,6 +34,7 @@
     db.volunteers.filter(v => !v.deleted_at).toArray()
   )
   const allParticipants = liveQuery(() => db.participants.toArray())
+  const allTickets = liveQuery(() => db.tickets.filter(t => !t.deleted_at).toArray())
   const allDepts = liveQuery(() =>
     db.departments.filter(d => !d.deleted_at).toArray()
       .then(arr => arr.sort((a, b) => a.name.localeCompare(b.name)))
@@ -44,8 +46,10 @@
     return list
       .filter(v => {
         if (filterDept && v.department_id !== parseInt(filterDept)) return false
-        if (filterChecked === 'true' && !v.checked_in) return false
-        if (filterChecked === 'false' && v.checked_in) return false
+        if (filterStatus === 'unconfirmed' && v.email_confirmed) return false
+        if (filterStatus === 'registered' && (!v.email_confirmed || v.confirmed)) return false
+        if (filterStatus === 'confirmed' && (!v.confirmed || v.checked_in)) return false
+        if (filterStatus === 'ready' && !v.checked_in) return false
         if (s && !v.name.toLowerCase().includes(s) &&
             !(v.email || '').toLowerCase().includes(s)) return false
         return true
@@ -62,6 +66,15 @@
     }
   }
 
+  async function confirmVolunteer(v) {
+    try {
+      const updated = await api.volunteers.confirm(v.id)
+      await db.volunteers.put(updated)
+    } catch (err) {
+      error = err.message
+    }
+  }
+
   async function addVolunteer(e) {
     e.preventDefault()
     adding = true
@@ -110,6 +123,11 @@
     return ($allDepts ?? []).find(d => d.id === id)
   }
 
+  function participantHasTickets(participantId) {
+    if (!participantId) return false
+    return ($allTickets ?? []).some(t => t.participant_id === participantId)
+  }
+
   function participantFor(id) {
     return ($allParticipants ?? []).find(p => p.id === id) ?? null
   }
@@ -181,10 +199,12 @@
         {/each}
       </select>
     {/if}
-    <select bind:value={filterChecked} style="width:auto">
-      <option value="">All</option>
-      <option value="false">Not ready</option>
-      <option value="true">Ready</option>
+    <select bind:value={filterStatus} style="width:auto">
+      <option value="">All statuses</option>
+      <option value="unconfirmed">Unconfirmed</option>
+      <option value="registered">Registered</option>
+      <option value="confirmed">Confirmed</option>
+      <option value="ready">Ready</option>
     </select>
     <span class="text-muted" style="font-size:0.85rem;white-space:nowrap">
       {filtered.length} shown
@@ -219,7 +239,9 @@
                   <span class="badge badge-lead" style="margin-left:0.4rem">Co-Lead</span>
                 {/if}
                 {#if !v.participant_id}
-                  <span class="badge badge-unchecked" style="margin-left:0.4rem" title="Not linked to a participant — no ticket record">No ticket</span>
+                  <span class="badge badge-unchecked" style="margin-left:0.4rem" title="Not linked to a participant">No ticket</span>
+                {:else if !participantHasTickets(v.participant_id)}
+                  <span class="badge badge-partial" style="margin-left:0.4rem" title="Registered as volunteer but no ticket on file">No ticket</span>
                 {/if}
                 {#if v.email}
                   <div class="text-muted" style="font-size:0.78rem">{v.email}</div>
@@ -236,9 +258,15 @@
                 {/if}
               </td>
               <td class="td-status">
-                <span class="badge {v.checked_in ? 'badge-checked' : v.email_confirmed ? 'badge-confirmed' : 'badge-unchecked'}">
-                  {v.checked_in ? 'Ready' : v.email_confirmed ? 'Confirmed' : 'Unconfirmed'}
-                </span>
+                {#if v.checked_in}
+                  <span class="badge badge-checked">Ready</span>
+                {:else if v.confirmed}
+                  <span class="badge badge-confirmed">Confirmed</span>
+                {:else if v.email_confirmed}
+                  <span class="badge badge-registered">Registered</span>
+                {:else}
+                  <span class="badge badge-unchecked">Unconfirmed</span>
+                {/if}
                 {#if v.checked_in_at}
                   <div class="text-muted" style="font-size:0.75rem">
                     {new Date(v.checked_in_at).toLocaleTimeString()}
@@ -252,6 +280,9 @@
               </td>
               {#if canManage}
                 <td class="td-actions">
+                  {#if canConfirm && v.email_confirmed && !v.confirmed && v.department_id}
+                    <button class="btn btn-primary btn-sm" onclick={() => confirmVolunteer(v)}>Confirm</button>
+                  {/if}
                   <button class="btn btn-ghost btn-sm" onclick={() => toggleLead(v)}
                     title={v.is_lead ? 'Remove co-lead' : 'Mark as co-lead'}>
                     {v.is_lead ? '− Co-Lead' : '+ Co-Lead'}
diff --git a/handle_volunteers.go b/handle_volunteers.go
index 967ff2e..15f976f 100644
--- a/handle_volunteers.go
+++ b/handle_volunteers.go
@@ -142,6 +142,20 @@ func (app *App) handleCheckInVolunteer(w http.ResponseWriter, r *http.Request) {
 	writeJSON(w, v)
 }
 
+func (app *App) handleConfirmVolunteer(w http.ResponseWriter, r *http.Request) {
+	id, err := strconv.Atoi(r.PathValue("id"))
+	if err != nil {
+		writeError(w, "invalid id", http.StatusBadRequest)
+		return
+	}
+	v, err := app.confirmVolunteer(id)
+	if err != nil {
+		writeError(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	writeJSON(w, v)
+}
+
 func (app *App) handleAssignShift(w http.ResponseWriter, r *http.Request) {
 	volunteerID, err := strconv.Atoi(r.PathValue("id"))
 	if err != nil {
diff --git a/main.go b/main.go
index 2eedcd0..ea79877 100644
--- a/main.go
+++ b/main.go
@@ -126,6 +126,7 @@ func (app *App) registerRoutes(mux *http.ServeMux) {
 	mux.HandleFunc("PUT /api/volunteers/{id}", auth(app.handleUpdateVolunteer, "admin", "ticketing", "staffing", "colead"))
 	mux.HandleFunc("DELETE /api/volunteers/{id}", auth(app.handleDeleteVolunteer, "admin", "ticketing", "staffing", "colead"))
 	mux.HandleFunc("POST /api/volunteers/{id}/checkin", auth(app.handleCheckInVolunteer, "admin", "ticketing", "staffing", "colead"))
+	mux.HandleFunc("POST /api/volunteers/{id}/confirm", auth(app.handleConfirmVolunteer, "admin", "staffing", "colead"))
 	mux.HandleFunc("POST /api/volunteers/{id}/shifts", auth(app.handleAssignShift, "admin", "ticketing", "staffing", "colead"))
 	mux.HandleFunc("DELETE /api/volunteers/{id}/shifts/{shift_id}", auth(app.handleUnassignShift, "admin", "ticketing", "staffing", "colead"))
 

From 3eec81af7fcc143f6a059c438d6042082f1fffaa Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Thu, 5 Mar 2026 16:31:08 -0600
Subject: [PATCH 25/47] Refactored ticket code into kiosk code.

---
 db.go                 |  72 +++++++++++++++++++++++------
 handle_kiosk.go       |  43 +++++------------
 handle_kiosk_test.go  |  11 ++---
 handle_signup.go      | 104 ++++++++----------------------------------
 handle_signup_test.go |  70 ++++++++--------------------
 5 files changed, 110 insertions(+), 190 deletions(-)

diff --git a/db.go b/db.go
index be830db..9129489 100644
--- a/db.go
+++ b/db.go
@@ -176,6 +176,21 @@ func migrateV2(db *sql.DB) error {
 	addColumnIfMissing(db, "volunteers", "confirmation_token TEXT")
 	addColumnIfMissing(db, "volunteers", "confirmed INTEGER NOT NULL DEFAULT 0")
 	addColumnIfMissing(db, "volunteers", "confirmed_at TEXT")
+	addColumnIfMissing(db, "volunteers", "kiosk_code TEXT")
+	db.Exec(`CREATE UNIQUE INDEX IF NOT EXISTS idx_volunteers_kiosk_code ON volunteers(kiosk_code) WHERE kiosk_code IS NOT NULL`)
+	// Migrate kiosk codes from tickets to volunteers (idempotent).
+	db.Exec(`
+		UPDATE volunteers SET kiosk_code = (
+			SELECT t.code FROM tickets t
+			WHERE t.participant_id = volunteers.participant_id
+			  AND t.code IS NOT NULL AND t.deleted_at IS NULL
+			LIMIT 1
+		) WHERE kiosk_code IS NULL AND participant_id IS NOT NULL`)
+	// Delete stub tickets whose code has been migrated to the volunteer.
+	db.Exec(`
+		DELETE FROM tickets
+		WHERE source = 'manual' AND external_id = '' AND code IS NOT NULL
+		  AND participant_id IN (SELECT id FROM volunteers WHERE kiosk_code IS NOT NULL)`)
 	// Widen the uniqueness constraint from name-only to (name, ticket_id).
 	db.Exec(`DROP INDEX IF EXISTS idx_attendees_name`)
 	db.Exec(`CREATE UNIQUE INDEX IF NOT EXISTS idx_attendees_name_ticket ON attendees(name, ticket_id) WHERE deleted_at IS NULL`)
@@ -398,6 +413,7 @@ type Volunteer struct {
 	ConfirmedAt       *string `json:"confirmed_at,omitempty"`
 	EmailConfirmed    bool    `json:"email_confirmed"`
 	ConfirmationToken *string `json:"-"`
+	KioskCode         *string `json:"kiosk_code,omitempty"`
 	Note              string  `json:"note"`
 	CreatedAt         string  `json:"created_at"`
 	UpdatedAt         string  `json:"updated_at"`
@@ -1189,7 +1205,7 @@ const volunteerSelect = `v.id, v.participant_id, v.attendee_id,
 	COALESCE(NULLIF(p.pronouns,''), v.pronouns),
 	v.department_id, v.is_lead, v.checked_in, v.checked_in_at,
 	v.confirmed, v.confirmed_at,
-	v.email_confirmed, v.confirmation_token, v.note,
+	v.email_confirmed, v.confirmation_token, v.kiosk_code, v.note,
 	v.created_at, v.updated_at, v.deleted_at`
 const volunteerFrom = `FROM volunteers v LEFT JOIN participants p ON p.id = v.participant_id`
 
@@ -1322,14 +1338,13 @@ func queryVolunteers(db *sql.DB, q string, args ...any) ([]Volunteer, error) {
 		var v Volunteer
 		var participantID, attendeeID, deptID sql.NullInt64
 		var isLead, checkedIn, confirmed, emailConfirmed int
-		var confirmationToken sql.NullString
-		var confirmedAt sql.NullString
+		var confirmationToken, confirmedAt, kioskCode sql.NullString
 		if err := rows.Scan(
 			&v.ID, &participantID, &attendeeID, &v.Name, &v.PreferredName, &v.TicketName,
 			&v.Email, &v.Phone, &v.Pronouns, &deptID,
 			&isLead, &checkedIn, &v.CheckedInAt,
 			&confirmed, &confirmedAt,
-			&emailConfirmed, &confirmationToken, &v.Note,
+			&emailConfirmed, &confirmationToken, &kioskCode, &v.Note,
 			&v.CreatedAt, &v.UpdatedAt, &v.DeletedAt,
 		); err != nil {
 			return nil, err
@@ -1352,6 +1367,9 @@ func queryVolunteers(db *sql.DB, q string, args ...any) ([]Volunteer, error) {
 		if confirmedAt.Valid {
 			v.ConfirmedAt = &confirmedAt.String
 		}
+		if kioskCode.Valid {
+			v.KioskCode = &kioskCode.String
+		}
 		v.IsLead = isLead == 1
 		v.CheckedIn = checkedIn == 1
 		v.Confirmed = confirmed == 1
@@ -1386,19 +1404,43 @@ func (app *App) confirmVolunteerEmail(id int) error {
 	return err
 }
 
-// listConfirmedVolunteersNeedingCode returns confirmed volunteers whose participant
-// has no ticket with a code yet.
-func (app *App) listConfirmedVolunteersNeedingCode() ([]Volunteer, error) {
+func (app *App) getVolunteerByKioskCode(code string) (*Volunteer, error) {
+	rows, err := queryVolunteers(app.db,
+		`SELECT `+volunteerSelect+` `+volunteerFrom+` WHERE v.kiosk_code = ? AND v.deleted_at IS NULL LIMIT 1`, code)
+	if err != nil || len(rows) == 0 {
+		return nil, err
+	}
+	return &rows[0], nil
+}
+
+func (app *App) assignKioskCode(id int, code string) error {
+	_, err := app.db.Exec(
+		`UPDATE volunteers SET kiosk_code=?, updated_at=? WHERE id=?`, code, now(), id)
+	return err
+}
+
+// listVolunteersNeedingKioskCode returns email-confirmed volunteers without a kiosk code.
+func (app *App) listVolunteersNeedingKioskCode() ([]Volunteer, error) {
 	return queryVolunteers(app.db, `
 		SELECT `+volunteerSelect+` `+volunteerFrom+`
-		WHERE v.email_confirmed = 1 AND v.deleted_at IS NULL
-		  AND v.participant_id IS NOT NULL
-		  AND NOT EXISTS (
-		    SELECT 1 FROM tickets t
-		    WHERE t.participant_id = v.participant_id
-		      AND t.code IS NOT NULL
-		      AND t.deleted_at IS NULL
-		  )`)
+		WHERE v.email_confirmed = 1 AND v.kiosk_code IS NULL AND v.deleted_at IS NULL`)
+}
+
+func (app *App) generateVolunteerKioskCode() (string, error) {
+	for range 10 {
+		t, err := generateToken()
+		if err != nil {
+			return "", err
+		}
+		var count int
+		if err := app.db.QueryRow(`SELECT COUNT(*) FROM volunteers WHERE kiosk_code = ?`, t).Scan(&count); err != nil {
+			return "", fmt.Errorf("check kiosk code uniqueness: %w", err)
+		}
+		if count == 0 {
+			return t, nil
+		}
+	}
+	return "", fmt.Errorf("failed to generate unique kiosk code")
 }
 
 func generateConfirmationToken() (string, error) {
diff --git a/handle_kiosk.go b/handle_kiosk.go
index 646db43..773ccfe 100644
--- a/handle_kiosk.go
+++ b/handle_kiosk.go
@@ -6,26 +6,21 @@ import (
 	"strconv"
 )
 
+func (app *App) volunteerFromKioskToken(token string) (*Volunteer, error) {
+	return app.getVolunteerByKioskCode(token)
+}
+
 // handleKioskGet returns the volunteer's profile, current shift assignments, and
-// available open shifts in their department. Authenticated by ticket code only —
+// available open shifts in their department. Authenticated by kiosk code only —
 // no JWT required.
 func (app *App) handleKioskGet(w http.ResponseWriter, r *http.Request) {
 	token := r.PathValue("token")
-	t, err := app.getTicketByCode(token)
-	if err != nil || t == nil {
+	v, err := app.volunteerFromKioskToken(token)
+	if err != nil || v == nil {
 		writeError(w, "not found", http.StatusNotFound)
 		return
 	}
 
-	var v *Volunteer
-	if t.ParticipantID != nil {
-		v, _ = app.getVolunteerByParticipantID(*t.ParticipantID)
-	}
-	if v == nil {
-		writeError(w, "no volunteer record linked to this token", http.StatusNotFound)
-		return
-	}
-
 	assigned, _ := app.listShiftsForVolunteer(v.ID)
 	if assigned == nil {
 		assigned = []Shift{}
@@ -56,19 +51,11 @@ func (app *App) handleKioskClaim(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	t, err := app.getTicketByCode(token)
-	if err != nil || t == nil {
+	v, err := app.volunteerFromKioskToken(token)
+	if err != nil || v == nil {
 		writeError(w, "not found", http.StatusNotFound)
 		return
 	}
-	var v *Volunteer
-	if t.ParticipantID != nil {
-		v, _ = app.getVolunteerByParticipantID(*t.ParticipantID)
-	}
-	if v == nil {
-		writeError(w, "no volunteer linked to this token", http.StatusNotFound)
-		return
-	}
 
 	force := r.URL.Query().Get("force") == "true"
 
@@ -116,19 +103,11 @@ func (app *App) handleKioskUnclaim(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	t, err := app.getTicketByCode(token)
-	if err != nil || t == nil {
+	v, err := app.volunteerFromKioskToken(token)
+	if err != nil || v == nil {
 		writeError(w, "not found", http.StatusNotFound)
 		return
 	}
-	var v *Volunteer
-	if t.ParticipantID != nil {
-		v, _ = app.getVolunteerByParticipantID(*t.ParticipantID)
-	}
-	if v == nil {
-		writeError(w, "no volunteer linked to this token", http.StatusNotFound)
-		return
-	}
 
 	if err := app.unassignShift(v.ID, shiftID); err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
diff --git a/handle_kiosk_test.go b/handle_kiosk_test.go
index 1e3c682..e385ad3 100644
--- a/handle_kiosk_test.go
+++ b/handle_kiosk_test.go
@@ -14,14 +14,11 @@ func setupKiosk(t *testing.T) (*App, *http.ServeMux, string) {
 	dept, _ := app.createDepartment(Department{Name: "Gate"})
 	deptID := dept.ID
 
-	// Create participant + ticket with code
+	// Create volunteer with a kiosk_code directly on the volunteer record
 	p, _ := app.createParticipant(Participant{Email: "titania@test.com", PreferredName: "Titania"})
-	token, _ := app.generateUniqueToken()
-	tk, _ := app.createTicket(Ticket{ParticipantID: &p.ID, Name: "Titania", Source: "manual", Code: &token})
-	_ = tk
-
-	// Create linked volunteer via participant_id
-	app.createVolunteer(Volunteer{Name: "Titania", ParticipantID: &p.ID, DepartmentID: &deptID})
+	v, _ := app.createVolunteer(Volunteer{Name: "Titania", ParticipantID: &p.ID, DepartmentID: &deptID})
+	token, _ := app.generateVolunteerKioskCode()
+	app.assignKioskCode(v.ID, token)
 
 	// Create shifts
 	app.createShift(Shift{DepartmentID: deptID, Name: "Morning", Day: "2026-03-15", StartTime: "08:00", EndTime: "12:00", Capacity: 2})
diff --git a/handle_signup.go b/handle_signup.go
index 2373e9c..bd9f091 100644
--- a/handle_signup.go
+++ b/handle_signup.go
@@ -146,51 +146,19 @@ func (app *App) handleConfirmEmail(w http.ResponseWriter, r *http.Request) {
 	var signupsOpen string
 	app.db.QueryRow(`SELECT value FROM config WHERE key = 'shift_signups_open'`).Scan(&signupsOpen)
 
-	if signupsOpen == "true" && vol.ParticipantID != nil {
-		// Find a ticket with a code, or create/assign one.
-		tickets, _ := app.listTickets(vol.ParticipantID, "")
-		var code *string
-		for _, tk := range tickets {
-			if tk.Code != nil {
-				code = tk.Code
-				break
+	if signupsOpen == "true" {
+		code, err := app.generateVolunteerKioskCode()
+		if err == nil {
+			if err := app.assignKioskCode(vol.ID, code); err == nil {
+				kioskLink := fmt.Sprintf("%s/v/%s", app.resolveBaseURL(), code)
+				response["kiosk_link"] = kioskLink
+				go func() {
+					if err := app.sendShiftSignupEmail(vol.Email, vol.PreferredName, kioskLink); err != nil {
+						log.Printf("shift signup email to %s failed: %v", vol.Email, err)
+					}
+				}()
 			}
 		}
-		if code == nil {
-			// No coded ticket — find any ticket or create a stub, then generate code.
-			var ticketID int
-			if len(tickets) > 0 {
-				ticketID = tickets[0].ID
-			} else {
-				tkName := vol.TicketName
-				if tkName == "" {
-					tkName = vol.PreferredName
-				}
-				stub, err := app.createTicket(Ticket{
-					ParticipantID: vol.ParticipantID,
-					Name:          tkName,
-					Source:        "manual",
-				})
-				if err == nil {
-					ticketID = stub.ID
-				}
-			}
-			if ticketID > 0 {
-				if t, err := app.generateUniqueToken(); err == nil {
-					app.db.Exec(`UPDATE tickets SET code=?, updated_at=? WHERE id=?`, t, now(), ticketID)
-					code = &t
-				}
-			}
-		}
-		if code != nil {
-			kioskLink := fmt.Sprintf("%s/v/%s", app.resolveBaseURL(), *code)
-			response["kiosk_link"] = kioskLink
-			go func() {
-				if err := app.sendShiftSignupEmail(vol.Email, vol.PreferredName, kioskLink); err != nil {
-					log.Printf("shift signup email to %s failed: %v", vol.Email, err)
-				}
-			}()
-		}
 	}
 
 	writeJSON(w, response)
@@ -217,62 +185,28 @@ func (app *App) handleToggleShiftSignups(w http.ResponseWriter, r *http.Request)
 }
 
 func (app *App) openShiftSignups() {
-	// Generate codes for tickets belonging to confirmed volunteers that have no code yet.
-	vols, _ := app.listConfirmedVolunteersNeedingCode()
+	// Assign kiosk codes to email-confirmed volunteers that don't have one yet.
+	vols, _ := app.listVolunteersNeedingKioskCode()
 	for _, v := range vols {
-		if v.ParticipantID == nil {
-			continue
-		}
-		// Find any ticket for this participant, or create a stub one.
-		tickets, _ := app.listTickets(v.ParticipantID, "")
-		var ticketID int
-		if len(tickets) > 0 {
-			ticketID = tickets[0].ID
-		} else {
-			tkName := v.TicketName
-			if tkName == "" {
-				tkName = v.PreferredName
-			}
-			stub, err := app.createTicket(Ticket{
-				ParticipantID: v.ParticipantID,
-				Name:          tkName,
-				Source:        "manual",
-			})
-			if err != nil {
-				continue
-			}
-			ticketID = stub.ID
-		}
-		t, err := app.generateUniqueToken()
+		code, err := app.generateVolunteerKioskCode()
 		if err != nil {
 			continue
 		}
-		app.db.Exec(`UPDATE tickets SET code=?, updated_at=? WHERE id=?`, t, now(), ticketID)
+		app.assignKioskCode(v.ID, code)
 	}
 
-	// Email all confirmed volunteers that now have a ticket with a code.
+	// Email all email-confirmed volunteers that now have a kiosk code.
 	confirmed, _ := queryVolunteers(app.db, `
 		SELECT `+volunteerSelect+` `+volunteerFrom+`
-		WHERE v.email_confirmed = 1 AND v.deleted_at IS NULL AND v.participant_id IS NOT NULL`)
+		WHERE v.email_confirmed = 1 AND v.kiosk_code IS NOT NULL AND v.deleted_at IS NULL`)
 	baseURL := app.resolveBaseURL()
 	sent := 0
 
 	for _, v := range confirmed {
-		if v.ParticipantID == nil || v.Email == "" {
+		if v.Email == "" || v.KioskCode == nil {
 			continue
 		}
-		tickets, _ := app.listTickets(v.ParticipantID, "")
-		var code *string
-		for _, tk := range tickets {
-			if tk.Code != nil {
-				code = tk.Code
-				break
-			}
-		}
-		if code == nil {
-			continue
-		}
-		kioskLink := fmt.Sprintf("%s/v/%s", baseURL, *code)
+		kioskLink := fmt.Sprintf("%s/v/%s", baseURL, *v.KioskCode)
 		name := v.PreferredName
 		if name == "" {
 			name = v.Name
diff --git a/handle_signup_test.go b/handle_signup_test.go
index 86bcfe5..c240596 100644
--- a/handle_signup_test.go
+++ b/handle_signup_test.go
@@ -301,17 +301,14 @@ func TestConfirmEmailWithSignupsOpen(t *testing.T) {
 		t.Error("expected kiosk_link when signups are open")
 	}
 
-	// Ticket for participant should now have a code
-	tickets, _ := app.listTickets(&participant.ID, "")
-	hasCode := false
-	for _, tk := range tickets {
-		if tk.Code != nil && *tk.Code != "" {
-			hasCode = true
-			break
-		}
+	// Volunteer should now have a kiosk_code, no stub ticket created.
+	vol, _ := app.getVolunteerByEmail("titania@example.com")
+	if vol == nil || vol.KioskCode == nil {
+		t.Error("volunteer should have a kiosk_code after confirm with signups open")
 	}
-	if !hasCode {
-		t.Error("participant should have a ticket with code after confirm with signups open")
+	tickets, _ := app.listTickets(&participant.ID, "")
+	if len(tickets) != 0 {
+		t.Errorf("expected no stub tickets, got %d", len(tickets))
 	}
 }
 
@@ -345,14 +342,13 @@ func TestPublicSignupTicketNameDoesNotOverwritePreferredName(t *testing.T) {
 	}
 }
 
-func TestConfirmEmailStubTicketHasName(t *testing.T) {
+func TestConfirmEmailAssignsKioskCode(t *testing.T) {
 	app := testApp(t)
 	mux := testMux(app)
 
 	app.db.Exec(`INSERT OR REPLACE INTO config (key, value) VALUES ('shift_signups_open', 'true')`)
 	app.baseURL = "https://example.com"
 
-	// Volunteer with a ticket_name but no pre-existing ticket
 	participant, _ := app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@example.com"})
 	token := "abc123def456"
 	app.createVolunteer(Volunteer{
@@ -373,47 +369,19 @@ func TestConfirmEmailStubTicketHasName(t *testing.T) {
 	if result["status"] != "confirmed" {
 		t.Fatalf("expected confirmed, got %v", result["status"])
 	}
+	if result["kiosk_link"] == nil {
+		t.Error("expected kiosk_link in response when signups are open")
+	}
 
-	// Stub ticket should have been created with TicketName as its name
+	// Kiosk code should be on the volunteer record, not a stub ticket.
+	vol, _ := app.getVolunteerByEmail("titania@example.com")
+	if vol == nil || vol.KioskCode == nil {
+		t.Fatal("expected volunteer to have a kiosk_code")
+	}
+	// No stub ticket should have been created.
 	tickets, _ := app.listTickets(&participant.ID, "")
-	if len(tickets) == 0 {
-		t.Fatal("expected stub ticket to be created")
-	}
-	if tickets[0].Name != "Titania Fairweather" {
-		t.Errorf("stub ticket name = %q, want %q", tickets[0].Name, "Titania Fairweather")
-	}
-}
-
-func TestConfirmEmailStubTicketFallsBackToPreferredName(t *testing.T) {
-	app := testApp(t)
-	mux := testMux(app)
-
-	app.db.Exec(`INSERT OR REPLACE INTO config (key, value) VALUES ('shift_signups_open', 'true')`)
-	app.baseURL = "https://example.com"
-
-	// Volunteer with no ticket_name — stub should use preferred_name
-	participant, _ := app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@example.com"})
-	token := "abc123def456"
-	app.createVolunteer(Volunteer{
-		Name:              "Titania",
-		PreferredName:     "Titania",
-		Email:             "titania@example.com",
-		ParticipantID:     &participant.ID,
-		ConfirmationToken: &token,
-	})
-
-	w := httptest.NewRecorder()
-	mux.ServeHTTP(w, testRequest("POST", "/api/public/confirm", map[string]any{"token": token}))
-	if w.Code != 200 {
-		t.Fatalf("expected 200, got %d", w.Code)
-	}
-
-	tickets, _ := app.listTickets(&participant.ID, "")
-	if len(tickets) == 0 {
-		t.Fatal("expected stub ticket to be created")
-	}
-	if tickets[0].Name != "Titania" {
-		t.Errorf("stub ticket name = %q, want %q (preferred_name fallback)", tickets[0].Name, "Titania")
+	if len(tickets) != 0 {
+		t.Errorf("expected no stub tickets, got %d", len(tickets))
 	}
 }
 

From ab3d9a04090115315a3a87c7f15f3666b9a9facd Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Thu, 5 Mar 2026 16:42:05 -0600
Subject: [PATCH 26/47] Added Volunteer edit.

---
 frontend/src/pages/Volunteers.svelte | 195 +++++++++++++++++----------
 1 file changed, 127 insertions(+), 68 deletions(-)

diff --git a/frontend/src/pages/Volunteers.svelte b/frontend/src/pages/Volunteers.svelte
index e26ee6a..c8521e1 100644
--- a/frontend/src/pages/Volunteers.svelte
+++ b/frontend/src/pages/Volunteers.svelte
@@ -18,6 +18,12 @@
   let newIsLead = $state(false)
   let newNote = $state('')
 
+  let editID = $state(null)
+  let editDeptID = $state('')
+  let editIsLead = $state(false)
+  let editNote = $state('')
+  let saving = $state(false)
+
   const role = $derived(session?.user?.role ?? '')
   const canManage = $derived(['admin', 'ticketing', 'staffing', 'colead'].includes(role))
   const canConfirm = $derived(['admin', 'staffing', 'colead'].includes(role))
@@ -100,15 +106,6 @@
     }
   }
 
-  async function toggleLead(v) {
-    try {
-      const updated = await api.volunteers.update(v.id, { ...v, is_lead: !v.is_lead })
-      await db.volunteers.put(updated)
-    } catch (err) {
-      error = err.message
-    }
-  }
-
   async function deleteVolunteer(v) {
     if (!confirm(`Delete volunteer "${v.name}"?`)) return
     try {
@@ -119,6 +116,36 @@
     }
   }
 
+  function startEdit(v) {
+    editID = v.id
+    editDeptID = v.department_id ? String(v.department_id) : ''
+    editIsLead = v.is_lead
+    editNote = v.note ?? ''
+  }
+
+  function cancelEdit() {
+    editID = null
+  }
+
+  async function saveVolunteer(v) {
+    saving = true
+    error = ''
+    try {
+      const updated = await api.volunteers.update(v.id, {
+        ...v,
+        department_id: editDeptID ? parseInt(editDeptID) : null,
+        is_lead: editIsLead,
+        note: editNote,
+      })
+      await db.volunteers.put(updated)
+      editID = null
+    } catch (err) {
+      error = err.message
+    } finally {
+      saving = false
+    }
+  }
+
   function deptFor(id) {
     return ($allDepts ?? []).find(d => d.id === id)
   }
@@ -231,66 +258,96 @@
         <tbody>
           {#each filtered as v (v.id)}
             {@const dept = deptFor(v.department_id)}
-            {@const participant = participantFor(v.participant_id)}
-            <tr>
-              <td class="td-name">
-                <strong>{v.name}</strong>
-                {#if v.is_lead}
-                  <span class="badge badge-lead" style="margin-left:0.4rem">Co-Lead</span>
-                {/if}
-                {#if !v.participant_id}
-                  <span class="badge badge-unchecked" style="margin-left:0.4rem" title="Not linked to a participant">No ticket</span>
-                {:else if !participantHasTickets(v.participant_id)}
-                  <span class="badge badge-partial" style="margin-left:0.4rem" title="Registered as volunteer but no ticket on file">No ticket</span>
-                {/if}
-                {#if v.email}
-                  <div class="text-muted" style="font-size:0.78rem">{v.email}</div>
-                {/if}
-                {#if v.note}
-                  <div class="text-muted" style="font-size:0.78rem">{v.note}</div>
-                {/if}
-              </td>
-              <td class="td-dept text-muted">
-                {#if dept}
-                  <span class="dept-dot" style="background:{dept.color};margin-right:0.4rem"></span>{dept.name}
-                {:else}
-                  —
-                {/if}
-              </td>
-              <td class="td-status">
-                {#if v.checked_in}
-                  <span class="badge badge-checked">Ready</span>
-                {:else if v.confirmed}
-                  <span class="badge badge-confirmed">Confirmed</span>
-                {:else if v.email_confirmed}
-                  <span class="badge badge-registered">Registered</span>
-                {:else}
-                  <span class="badge badge-unchecked">Unconfirmed</span>
-                {/if}
-                {#if v.checked_in_at}
-                  <div class="text-muted" style="font-size:0.75rem">
-                    {new Date(v.checked_in_at).toLocaleTimeString()}
-                  </div>
-                {/if}
-              </td>
-              <td class="td-ready">
-                {#if !v.checked_in}
-                  <CheckInButton onclick={() => checkIn(v)} />
-                {/if}
-              </td>
-              {#if canManage}
-                <td class="td-actions">
-                  {#if canConfirm && v.email_confirmed && !v.confirmed && v.department_id}
-                    <button class="btn btn-primary btn-sm" onclick={() => confirmVolunteer(v)}>Confirm</button>
-                  {/if}
-                  <button class="btn btn-ghost btn-sm" onclick={() => toggleLead(v)}
-                    title={v.is_lead ? 'Remove co-lead' : 'Mark as co-lead'}>
-                    {v.is_lead ? '− Co-Lead' : '+ Co-Lead'}
-                  </button>
-                  <button class="btn btn-danger btn-sm" onclick={() => deleteVolunteer(v)}>Delete</button>
+            {#if editID === v.id}
+              <tr class="edit-row">
+                <td class="td-name" style="width:100%">
+                  <strong>{v.name}</strong>
+                  {#if v.email}<div class="text-muted" style="font-size:0.78rem">{v.email}</div>{/if}
                 </td>
-              {/if}
-            </tr>
+                <td class="td-edit-dept">
+                  <select bind:value={editDeptID} style="margin:0">
+                    <option value="">No department</option>
+                    {#each $allDepts ?? [] as d}
+                      <option value={String(d.id)}>{d.name}</option>
+                    {/each}
+                  </select>
+                </td>
+                <td class="td-edit-checks">
+                  <label style="display:flex;align-items:center;gap:0.4rem;cursor:pointer;white-space:nowrap">
+                    <input type="checkbox" style="width:auto" bind:checked={editIsLead} /> Co-Lead
+                  </label>
+                </td>
+                <td class="td-edit-note">
+                  <input bind:value={editNote} placeholder="Note" style="margin:0" />
+                </td>
+                <td class="td-actions">
+                  <button class="btn btn-primary btn-sm" onclick={() => saveVolunteer(v)} disabled={saving}>
+                    {saving ? '…' : 'Save'}
+                  </button>
+                  <button class="btn btn-ghost btn-sm" onclick={cancelEdit}>Cancel</button>
+                </td>
+              </tr>
+            {:else}
+              <tr>
+                <td class="td-name">
+                  <strong>{v.name}</strong>
+                  {#if v.is_lead}
+                    <span class="badge badge-lead" style="margin-left:0.4rem">Co-Lead</span>
+                  {/if}
+                  {#if !v.participant_id}
+                    <span class="badge badge-unchecked" style="margin-left:0.4rem" title="Not linked to a participant">No ticket</span>
+                  {:else if !participantHasTickets(v.participant_id)}
+                    <span class="badge badge-partial" style="margin-left:0.4rem" title="No ticket on file">No ticket</span>
+                  {/if}
+                  {#if v.ticket_name && v.ticket_name !== v.name}
+                    <div class="text-muted" style="font-size:0.78rem">Ticket: {v.ticket_name}</div>
+                  {/if}
+                  {#if v.email}
+                    <div class="text-muted" style="font-size:0.78rem">{v.email}</div>
+                  {/if}
+                  {#if v.note}
+                    <div class="text-muted" style="font-size:0.78rem">{v.note}</div>
+                  {/if}
+                </td>
+                <td class="td-dept text-muted">
+                  {#if dept}
+                    <span class="dept-dot" style="background:{dept.color};margin-right:0.4rem"></span>{dept.name}
+                  {:else}
+                    —
+                  {/if}
+                </td>
+                <td class="td-status">
+                  {#if v.checked_in}
+                    <span class="badge badge-checked">Ready</span>
+                  {:else if v.confirmed}
+                    <span class="badge badge-confirmed">Confirmed</span>
+                  {:else if v.email_confirmed}
+                    <span class="badge badge-registered">Registered</span>
+                  {:else}
+                    <span class="badge badge-unchecked">Unconfirmed</span>
+                  {/if}
+                  {#if v.checked_in_at}
+                    <div class="text-muted" style="font-size:0.75rem">
+                      {new Date(v.checked_in_at).toLocaleTimeString()}
+                    </div>
+                  {/if}
+                </td>
+                <td class="td-ready">
+                  {#if !v.checked_in}
+                    <CheckInButton onclick={() => checkIn(v)} />
+                  {/if}
+                </td>
+                {#if canManage}
+                  <td class="td-actions">
+                    {#if canConfirm && v.email_confirmed && !v.confirmed}
+                      <button class="btn btn-primary btn-sm" onclick={() => confirmVolunteer(v)}>Confirm</button>
+                    {/if}
+                    <button class="btn btn-ghost btn-sm" onclick={() => startEdit(v)}>Edit</button>
+                    <button class="btn btn-danger btn-sm" onclick={() => deleteVolunteer(v)}>Delete</button>
+                  </td>
+                {/if}
+              </tr>
+            {/if}
           {/each}
         </tbody>
       </table>
@@ -305,5 +362,7 @@
     .td-dept { width: 100%; order: 3; }
     .td-status { width: 100%; order: 4; }
     .td-actions { width: 100%; order: 5; display: flex; justify-content: flex-end; }
+    .edit-row td { width: 100%; }
+    .td-edit-dept, .td-edit-checks, .td-edit-note { width: 100%; }
   }
 </style>

From cc4dd7643850606c4bcd867544f3c9c60a143cf0 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Thu, 5 Mar 2026 16:51:39 -0600
Subject: [PATCH 27/47] Set co-leads to confirmed automatically, and updated
 test and documents.

---
 docs/USAGE.md             |  12 ++--
 handle_volunteers.go      |   4 ++
 handle_volunteers_test.go | 141 ++++++++++++++++++++++++++++++++++++++
 3 files changed, 151 insertions(+), 6 deletions(-)
 create mode 100644 handle_volunteers_test.go

diff --git a/docs/USAGE.md b/docs/USAGE.md
index 949f71b..c08ec50 100644
--- a/docs/USAGE.md
+++ b/docs/USAGE.md
@@ -83,7 +83,7 @@ In **Settings**, the "Volunteer Signup" card controls:
 
 In **Settings**, the "Shift Signups" card has an open/close toggle:
 
-- **Opening** signups generates kiosk codes for all confirmed volunteers and emails them their shift signup links. A confirmation dialog warns before sending.
+- **Opening** signups generates kiosk codes for all registered (email-confirmed) volunteers and emails them their shift signup links. A confirmation dialog warns before sending.
 - **Closing** signups prevents new kiosk links from being issued on confirmation, but existing links continue to work.
 
 If a volunteer confirms their email while signups are already open, they receive their kiosk link immediately in the confirmation response and via email.
@@ -92,9 +92,9 @@ If a volunteer confirms their email while signups are already open, they receive
 
 Under **Volunteers**, you can:
 
-- Create volunteers manually (name, email, department)
-- Assign volunteers to departments
-- Mark volunteers as co-leads
+- Create volunteers manually (name, email, department, co-lead, note)
+- Edit existing volunteers (department, co-lead, note) via the inline Edit button
+- Confirm registered volunteers (admin, staffing, colead)
 - Mark volunteers as ready (briefed at the volunteer station)
 
 ### Volunteer statuses
@@ -106,7 +106,7 @@ Under **Volunteers**, you can:
 | **Confirmed** | Staff has verified the volunteer is assigned and ready to be scheduled | Admin, staffing, or co-lead |
 | **Ready** | Briefed at the volunteer station, cleared to report for shifts | Gate staff at check-in |
 
-**Confirmation** is a deliberate staff action — it signals that a volunteer has been assigned to a department and you're expecting them. Only volunteers who have been assigned a department can be confirmed. Use the **Confirm** button on a registered volunteer's row.
+**Confirmation** is a deliberate staff action — it signals that you're expecting the volunteer for shifts. Use the **Confirm** button on a registered volunteer's row. Marking a volunteer as a co-lead (`is_lead`) automatically confirms them.
 
 Volunteers are separate from participants. A person can be both a ticket holder and a volunteer. When a volunteer signs up via the public form, they are automatically linked to their participant record by email.
 
@@ -135,7 +135,7 @@ The Volunteer Kiosk is the public-facing flow for volunteers: signup, email conf
 Kiosk links are generated and distributed automatically through the volunteer signup flow:
 
 1. Volunteers sign up via the public signup form (`/volunteer-signup`) and confirm their email.
-2. In **Settings**, open shift signups. This generates kiosk codes for all confirmed volunteers and emails them their links. A confirmation dialog warns before sending.
+2. In **Settings**, open shift signups. This generates kiosk codes for all registered (email-confirmed) volunteers and emails them their links. A confirmation dialog warns before sending.
 3. If a volunteer confirms their email while signups are already open, they receive their kiosk link immediately.
 
 **Set base URL** — in Settings, set the public base URL (e.g., `https://turnpike.example.com`). Kiosk links use this URL.
diff --git a/handle_volunteers.go b/handle_volunteers.go
index 15f976f..584927b 100644
--- a/handle_volunteers.go
+++ b/handle_volunteers.go
@@ -109,6 +109,10 @@ func (app *App) handleUpdateVolunteer(w http.ResponseWriter, r *http.Request) {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
+
+	if v.IsLead {
+		app.confirmVolunteer(id)
+	}
 	updated, _ := app.getVolunteer(id)
 	writeJSON(w, updated)
 }
diff --git a/handle_volunteers_test.go b/handle_volunteers_test.go
new file mode 100644
index 0000000..e10815c
--- /dev/null
+++ b/handle_volunteers_test.go
@@ -0,0 +1,141 @@
+package main
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"testing"
+)
+
+func TestConfirmVolunteer(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+	admin := testAdminUser(t, app)
+	tok := testToken(t, app, admin)
+
+	dept, _ := app.createDepartment(Department{Name: "Gate"})
+	deptID := dept.ID
+	v, _ := app.createVolunteer(Volunteer{
+		Name: "Titania", Email: "titania@test.com",
+		DepartmentID: &deptID, EmailConfirmed: true,
+	})
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testAuthRequest("POST", "/api/volunteers/"+itoa(v.ID)+"/confirm", nil, tok))
+	if w.Code != http.StatusOK {
+		t.Fatalf("expected 200, got %d: %s", w.Code, w.Body.String())
+	}
+
+	result := parseJSON(t, w)
+	vol := result["confirmed"]
+	if vol != true {
+		t.Error("expected confirmed=true in response")
+	}
+
+	got, _ := app.getVolunteer(v.ID)
+	if got == nil || !got.Confirmed {
+		t.Error("volunteer should be confirmed in DB")
+	}
+	if got.ConfirmedAt == nil {
+		t.Error("confirmed_at should be set")
+	}
+}
+
+func TestConfirmVolunteerIdempotent(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+	admin := testAdminUser(t, app)
+	tok := testToken(t, app, admin)
+
+	v, _ := app.createVolunteer(Volunteer{Name: "Puck", Email: "puck@test.com", EmailConfirmed: true})
+
+	// Confirm twice — second should be a no-op, not an error.
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testAuthRequest("POST", "/api/volunteers/"+itoa(v.ID)+"/confirm", nil, tok))
+	if w.Code != 200 {
+		t.Fatalf("first confirm: %d", w.Code)
+	}
+
+	w = httptest.NewRecorder()
+	mux.ServeHTTP(w, testAuthRequest("POST", "/api/volunteers/"+itoa(v.ID)+"/confirm", nil, tok))
+	if w.Code != 200 {
+		t.Fatalf("second confirm: %d", w.Code)
+	}
+}
+
+func TestConfirmVolunteerRequiresRole(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+
+	// Ticketing role should NOT be able to confirm volunteers.
+	ticketing := testUserWithRole(t, app, "ticket_lead", "ticketing", nil)
+	tok := testToken(t, app, ticketing)
+
+	v, _ := app.createVolunteer(Volunteer{Name: "Helena", EmailConfirmed: true})
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testAuthRequest("POST", "/api/volunteers/"+itoa(v.ID)+"/confirm", nil, tok))
+	if w.Code != http.StatusForbidden {
+		t.Errorf("expected 403 for ticketing role, got %d", w.Code)
+	}
+}
+
+func TestUpdateVolunteerDepartment(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+	admin := testAdminUser(t, app)
+	tok := testToken(t, app, admin)
+
+	dept, _ := app.createDepartment(Department{Name: "Gate"})
+	v, _ := app.createVolunteer(Volunteer{Name: "Hermia"})
+
+	// Assign department via update.
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testAuthRequest("PUT", "/api/volunteers/"+itoa(v.ID), map[string]any{
+		"name": "Hermia", "department_id": dept.ID,
+	}, tok))
+	if w.Code != 200 {
+		t.Fatalf("expected 200, got %d: %s", w.Code, w.Body.String())
+	}
+
+	got, _ := app.getVolunteer(v.ID)
+	if got.DepartmentID == nil || *got.DepartmentID != dept.ID {
+		t.Errorf("department_id = %v, want %d", got.DepartmentID, dept.ID)
+	}
+}
+
+func TestUpdateVolunteerCoLeadAutoConfirms(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+	admin := testAdminUser(t, app)
+	tok := testToken(t, app, admin)
+
+	dept, _ := app.createDepartment(Department{Name: "Build"})
+	deptID := dept.ID
+	v, _ := app.createVolunteer(Volunteer{
+		Name: "Lysander", Email: "lys@test.com",
+		DepartmentID: &deptID, EmailConfirmed: true,
+	})
+
+	// Verify not confirmed before update.
+	got, _ := app.getVolunteer(v.ID)
+	if got.Confirmed {
+		t.Fatal("should not be confirmed before update")
+	}
+
+	// Update is_lead=true should auto-confirm.
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testAuthRequest("PUT", "/api/volunteers/"+itoa(v.ID), map[string]any{
+		"name": "Lysander", "department_id": deptID, "is_lead": true,
+	}, tok))
+	if w.Code != 200 {
+		t.Fatalf("expected 200, got %d: %s", w.Code, w.Body.String())
+	}
+
+	got, _ = app.getVolunteer(v.ID)
+	if !got.IsLead {
+		t.Error("expected is_lead=true")
+	}
+	if !got.Confirmed {
+		t.Error("co-lead should be auto-confirmed")
+	}
+}

From e722ef055edd0ba7de3fe1db37397fe00f391151 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Thu, 5 Mar 2026 17:15:41 -0600
Subject: [PATCH 28/47] Move Ticket Name to the Participant model.

---
 db.go                                  | 30 +++++++++++++-------------
 frontend/src/pages/Participants.svelte |  4 ++++
 frontend/src/pages/Volunteers.svelte   |  3 ---
 handle_signup.go                       | 10 ++++-----
 handle_signup_test.go                  |  7 +++---
 5 files changed, 27 insertions(+), 27 deletions(-)

diff --git a/db.go b/db.go
index 9129489..c7a1089 100644
--- a/db.go
+++ b/db.go
@@ -201,6 +201,7 @@ func migrateV2(db *sql.DB) error {
 // and links volunteers to participants via participant_id.
 func migrateV3(db *sql.DB) error {
 	addColumnIfMissing(db, "volunteers", "participant_id INTEGER REFERENCES participants(id)")
+	addColumnIfMissing(db, "participants", "ticket_name TEXT NOT NULL DEFAULT ''")
 
 	// Seed participants from volunteers first (better name data: preferred_name).
 	db.Exec(`
@@ -401,7 +402,6 @@ type Volunteer struct {
 	AttendeeID        *int    `json:"attendee_id,omitempty"` // deprecated; kept for migration compat
 	Name              string  `json:"name"`
 	PreferredName     string  `json:"preferred_name"`
-	TicketName        string  `json:"ticket_name"`
 	Email             string  `json:"email"`
 	Phone             string  `json:"phone"`
 	Pronouns          string  `json:"pronouns"`
@@ -424,6 +424,7 @@ type Participant struct {
 	ID            int     `json:"id"`
 	Email         string  `json:"email"`
 	PreferredName string  `json:"preferred_name"`
+	TicketName    string  `json:"ticket_name"`
 	Phone         string  `json:"phone"`
 	Pronouns      string  `json:"pronouns"`
 	Note          string  `json:"note"`
@@ -860,7 +861,7 @@ func (app *App) attendeeCounts() (total, checkedIn int, err error) {
 
 // --- Participants ---
 
-const participantCols = `id, email, preferred_name, phone, pronouns, note, created_at, updated_at, deleted_at`
+const participantCols = `id, email, preferred_name, ticket_name, phone, pronouns, note, created_at, updated_at, deleted_at`
 
 func (app *App) listParticipants(search, since string) ([]Participant, error) {
 	var q string
@@ -900,8 +901,8 @@ func (app *App) getParticipantByEmail(email string) (*Participant, error) {
 
 func (app *App) createParticipant(p Participant) (*Participant, error) {
 	res, err := app.db.Exec(
-		`INSERT INTO participants (email, preferred_name, phone, pronouns, note, updated_at) VALUES (?, ?, ?, ?, ?, ?)`,
-		strings.ToLower(p.Email), p.PreferredName, p.Phone, p.Pronouns, p.Note, now(),
+		`INSERT INTO participants (email, preferred_name, ticket_name, phone, pronouns, note, updated_at) VALUES (?, ?, ?, ?, ?, ?, ?)`,
+		strings.ToLower(p.Email), p.PreferredName, p.TicketName, p.Phone, p.Pronouns, p.Note, now(),
 	)
 	if err != nil {
 		return nil, err
@@ -912,9 +913,9 @@ func (app *App) createParticipant(p Participant) (*Participant, error) {
 
 func (app *App) updateParticipant(p Participant) error {
 	_, err := app.db.Exec(
-		`UPDATE participants SET email=?, preferred_name=?, phone=?, pronouns=?, note=?, updated_at=?
+		`UPDATE participants SET email=?, preferred_name=?, ticket_name=?, phone=?, pronouns=?, note=?, updated_at=?
 		 WHERE id=? AND deleted_at IS NULL`,
-		strings.ToLower(p.Email), p.PreferredName, p.Phone, p.Pronouns, p.Note, now(), p.ID,
+		strings.ToLower(p.Email), p.PreferredName, p.TicketName, p.Phone, p.Pronouns, p.Note, now(), p.ID,
 	)
 	return err
 }
@@ -957,7 +958,7 @@ func queryParticipants(db *sql.DB, q string, args ...any) ([]Participant, error)
 	for rows.Next() {
 		var p Participant
 		if err := rows.Scan(
-			&p.ID, &p.Email, &p.PreferredName, &p.Phone, &p.Pronouns, &p.Note,
+			&p.ID, &p.Email, &p.PreferredName, &p.TicketName, &p.Phone, &p.Pronouns, &p.Note,
 			&p.CreatedAt, &p.UpdatedAt, &p.DeletedAt,
 		); err != nil {
 			return nil, err
@@ -1199,7 +1200,6 @@ func queryDepartments(db *sql.DB, q string, args ...any) ([]Department, error) {
 const volunteerSelect = `v.id, v.participant_id, v.attendee_id,
 	COALESCE(NULLIF(p.preferred_name,''), NULLIF(v.preferred_name,''), v.name),
 	COALESCE(NULLIF(p.preferred_name,''), NULLIF(v.preferred_name,''), v.name),
-	v.ticket_name,
 	COALESCE(NULLIF(p.email,''), v.email),
 	COALESCE(NULLIF(p.phone,''), v.phone),
 	COALESCE(NULLIF(p.pronouns,''), v.pronouns),
@@ -1210,7 +1210,7 @@ const volunteerSelect = `v.id, v.participant_id, v.attendee_id,
 const volunteerFrom = `FROM volunteers v LEFT JOIN participants p ON p.id = v.participant_id`
 
 // volunteerCols is kept for backward-compat references that expect unqualified column names.
-const volunteerCols = `id, attendee_id, name, preferred_name, ticket_name, email, phone, pronouns, department_id, is_lead, checked_in, checked_in_at, email_confirmed, confirmation_token, note, created_at, updated_at, deleted_at`
+const volunteerCols = `id, attendee_id, name, preferred_name, email, phone, pronouns, department_id, is_lead, checked_in, checked_in_at, email_confirmed, confirmation_token, note, created_at, updated_at, deleted_at`
 
 func (app *App) listVolunteers(search string, deptID *int, since string) ([]Volunteer, error) {
 	q := `SELECT ` + volunteerSelect + ` ` + volunteerFrom + ` WHERE 1=1`
@@ -1263,9 +1263,9 @@ func (app *App) getVolunteerByParticipantID(participantID int) (*Volunteer, erro
 
 func (app *App) createVolunteer(v Volunteer) (*Volunteer, error) {
 	res, err := app.db.Exec(
-		`INSERT INTO volunteers (participant_id, attendee_id, name, preferred_name, ticket_name, email, phone, pronouns, department_id, is_lead, email_confirmed, confirmation_token, note, updated_at)
-		 VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
-		v.ParticipantID, v.AttendeeID, v.Name, v.PreferredName, v.TicketName, v.Email, v.Phone, v.Pronouns,
+		`INSERT INTO volunteers (participant_id, attendee_id, name, preferred_name, email, phone, pronouns, department_id, is_lead, email_confirmed, confirmation_token, note, updated_at)
+		 VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+		v.ParticipantID, v.AttendeeID, v.Name, v.PreferredName, v.Email, v.Phone, v.Pronouns,
 		v.DepartmentID, boolInt(v.IsLead), boolInt(v.EmailConfirmed), v.ConfirmationToken, v.Note, now(),
 	)
 	if err != nil {
@@ -1277,9 +1277,9 @@ func (app *App) createVolunteer(v Volunteer) (*Volunteer, error) {
 
 func (app *App) updateVolunteer(v Volunteer) error {
 	_, err := app.db.Exec(
-		`UPDATE volunteers SET participant_id=?, attendee_id=?, name=?, preferred_name=?, ticket_name=?, email=?, phone=?, pronouns=?, department_id=?, is_lead=?, note=?, updated_at=?
+		`UPDATE volunteers SET participant_id=?, attendee_id=?, name=?, preferred_name=?, email=?, phone=?, pronouns=?, department_id=?, is_lead=?, note=?, updated_at=?
 		 WHERE id=? AND deleted_at IS NULL`,
-		v.ParticipantID, v.AttendeeID, v.Name, v.PreferredName, v.TicketName, v.Email, v.Phone, v.Pronouns,
+		v.ParticipantID, v.AttendeeID, v.Name, v.PreferredName, v.Email, v.Phone, v.Pronouns,
 		v.DepartmentID, boolInt(v.IsLead), v.Note, now(), v.ID,
 	)
 	return err
@@ -1340,7 +1340,7 @@ func queryVolunteers(db *sql.DB, q string, args ...any) ([]Volunteer, error) {
 		var isLead, checkedIn, confirmed, emailConfirmed int
 		var confirmationToken, confirmedAt, kioskCode sql.NullString
 		if err := rows.Scan(
-			&v.ID, &participantID, &attendeeID, &v.Name, &v.PreferredName, &v.TicketName,
+			&v.ID, &participantID, &attendeeID, &v.Name, &v.PreferredName,
 			&v.Email, &v.Phone, &v.Pronouns, &deptID,
 			&isLead, &checkedIn, &v.CheckedInAt,
 			&confirmed, &confirmedAt,
diff --git a/frontend/src/pages/Participants.svelte b/frontend/src/pages/Participants.svelte
index 55714a6..2867958 100644
--- a/frontend/src/pages/Participants.svelte
+++ b/frontend/src/pages/Participants.svelte
@@ -63,6 +63,7 @@
     return ($allTickets ?? []).filter(t => t.participant_id === participantId)
   }
 
+
   function checkedInCount(participantId) {
     return ticketsFor(participantId).filter(t => t.checked_in_at).length
   }
@@ -367,6 +368,9 @@
                 {#if p.pronouns}
                   <span class="text-muted" style="font-size:0.78rem"> · {p.pronouns}</span>
                 {/if}
+                {#if p.ticket_name && p.ticket_name !== p.preferred_name}
+                  <div class="text-muted" style="font-size:0.78rem">Ticket: {p.ticket_name}</div>
+                {/if}
                 {#if p.note}
                   <div class="text-muted" style="font-size:0.78rem">{p.note}</div>
                 {/if}
diff --git a/frontend/src/pages/Volunteers.svelte b/frontend/src/pages/Volunteers.svelte
index c8521e1..441e415 100644
--- a/frontend/src/pages/Volunteers.svelte
+++ b/frontend/src/pages/Volunteers.svelte
@@ -299,9 +299,6 @@
                   {:else if !participantHasTickets(v.participant_id)}
                     <span class="badge badge-partial" style="margin-left:0.4rem" title="No ticket on file">No ticket</span>
                   {/if}
-                  {#if v.ticket_name && v.ticket_name !== v.name}
-                    <div class="text-muted" style="font-size:0.78rem">Ticket: {v.ticket_name}</div>
-                  {/if}
                   {#if v.email}
                     <div class="text-muted" style="font-size:0.78rem">{v.email}</div>
                   {/if}
diff --git a/handle_signup.go b/handle_signup.go
index bd9f091..77a7c63 100644
--- a/handle_signup.go
+++ b/handle_signup.go
@@ -75,12 +75,13 @@ func (app *App) handlePublicSignup(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	// Update participant's personal details if they signed up with more info.
-	if body.Phone != "" || body.Pronouns != "" {
+	if body.Phone != "" || body.Pronouns != "" || body.TicketName != "" {
 		app.db.Exec(`UPDATE participants SET
-			phone    = CASE WHEN phone = '' THEN ? ELSE phone END,
-			pronouns = CASE WHEN pronouns = '' THEN ? ELSE pronouns END,
+			phone       = CASE WHEN phone = '' THEN ? ELSE phone END,
+			pronouns    = CASE WHEN pronouns = '' THEN ? ELSE pronouns END,
+			ticket_name = CASE WHEN ticket_name = '' THEN ? ELSE ticket_name END,
 			updated_at = ?
-			WHERE id = ?`, body.Phone, body.Pronouns, now(), participant.ID)
+			WHERE id = ?`, body.Phone, body.Pronouns, body.TicketName, now(), participant.ID)
 	}
 
 	confirmToken, err := generateConfirmationToken()
@@ -93,7 +94,6 @@ func (app *App) handlePublicSignup(w http.ResponseWriter, r *http.Request) {
 		ParticipantID:     &participant.ID,
 		Name:              body.PreferredName,
 		PreferredName:     body.PreferredName,
-		TicketName:        body.TicketName,
 		Email:             body.Email,
 		Phone:             body.Phone,
 		Pronouns:          body.Pronouns,
diff --git a/handle_signup_test.go b/handle_signup_test.go
index c240596..2b63c16 100644
--- a/handle_signup_test.go
+++ b/handle_signup_test.go
@@ -337,8 +337,8 @@ func TestPublicSignupTicketNameDoesNotOverwritePreferredName(t *testing.T) {
 	if p.PreferredName != "Titania" {
 		t.Errorf("participant preferred_name = %q, want %q (not ticket_name)", p.PreferredName, "Titania")
 	}
-	if vol.TicketName != "Titania Fairweather" {
-		t.Errorf("vol.TicketName = %q, want %q", vol.TicketName, "Titania Fairweather")
+	if p.TicketName != "Titania Fairweather" {
+		t.Errorf("participant.TicketName = %q, want %q", p.TicketName, "Titania Fairweather")
 	}
 }
 
@@ -349,12 +349,11 @@ func TestConfirmEmailAssignsKioskCode(t *testing.T) {
 	app.db.Exec(`INSERT OR REPLACE INTO config (key, value) VALUES ('shift_signups_open', 'true')`)
 	app.baseURL = "https://example.com"
 
-	participant, _ := app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@example.com"})
+	participant, _ := app.createParticipant(Participant{PreferredName: "Titania", TicketName: "Titania Fairweather", Email: "titania@example.com"})
 	token := "abc123def456"
 	app.createVolunteer(Volunteer{
 		Name:              "Titania",
 		PreferredName:     "Titania",
-		TicketName:        "Titania Fairweather",
 		Email:             "titania@example.com",
 		ParticipantID:     &participant.ID,
 		ConfirmationToken: &token,

From 4c462c9d4757c70d5e7694e0b93ee49a99021f38 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Thu, 5 Mar 2026 17:34:50 -0600
Subject: [PATCH 29/47] Refactored volunteer check_in as ready status.

---
 db.go                                        | 49 ++++++++++++++------
 frontend/src/api.js                          |  2 +-
 frontend/src/components/CheckInButton.svelte |  2 +-
 frontend/src/pages/Dashboard.svelte          |  2 +-
 frontend/src/pages/Volunteers.svelte         | 18 +++----
 handle_volunteers.go                         |  4 +-
 main.go                                      |  2 +-
 7 files changed, 51 insertions(+), 28 deletions(-)

diff --git a/db.go b/db.go
index c7a1089..514460e 100644
--- a/db.go
+++ b/db.go
@@ -93,8 +93,8 @@ func migrate(db *sql.DB) error {
 		phone         TEXT NOT NULL DEFAULT '',
 		department_id INTEGER REFERENCES departments(id) ON DELETE SET NULL,
 		is_lead       INTEGER NOT NULL DEFAULT 0,
-		checked_in    INTEGER NOT NULL DEFAULT 0,
-		checked_in_at TEXT,
+		ready         INTEGER NOT NULL DEFAULT 0,
+		ready_at      TEXT,
 		note          TEXT NOT NULL DEFAULT '',
 		created_at    TEXT NOT NULL DEFAULT (datetime('now')),
 		updated_at    TEXT NOT NULL DEFAULT (datetime('now')),
@@ -177,6 +177,8 @@ func migrateV2(db *sql.DB) error {
 	addColumnIfMissing(db, "volunteers", "confirmed INTEGER NOT NULL DEFAULT 0")
 	addColumnIfMissing(db, "volunteers", "confirmed_at TEXT")
 	addColumnIfMissing(db, "volunteers", "kiosk_code TEXT")
+	renameColumnIfExists(db, "volunteers", "checked_in", "ready")
+	renameColumnIfExists(db, "volunteers", "checked_in_at", "ready_at")
 	db.Exec(`CREATE UNIQUE INDEX IF NOT EXISTS idx_volunteers_kiosk_code ON volunteers(kiosk_code) WHERE kiosk_code IS NOT NULL`)
 	// Migrate kiosk codes from tickets to volunteers (idempotent).
 	db.Exec(`
@@ -340,6 +342,27 @@ func addColumnIfMissing(db *sql.DB, table, colDef string) {
 	db.Exec(`ALTER TABLE "` + table + `" ADD COLUMN ` + colDef)
 }
 
+func renameColumnIfExists(db *sql.DB, table, oldName, newName string) {
+	found := false
+	rows, err := db.Query(`PRAGMA table_info("` + table + `")`)
+	if err != nil {
+		return
+	}
+	for rows.Next() {
+		var cid, notNull, pk int
+		var name, typ string
+		var dflt sql.NullString
+		rows.Scan(&cid, &name, &typ, &notNull, &dflt, &pk)
+		if name == oldName {
+			found = true
+		}
+	}
+	rows.Close()
+	if found {
+		db.Exec(`ALTER TABLE "` + table + `" RENAME COLUMN "` + oldName + `" TO "` + newName + `"`)
+	}
+}
+
 // --- Types ---
 
 const attendeeCols = `id, name, email, phone, ticket_id, ticket_type, volunteer_token,
@@ -407,8 +430,8 @@ type Volunteer struct {
 	Pronouns          string  `json:"pronouns"`
 	DepartmentID      *int    `json:"department_id,omitempty"`
 	IsLead            bool    `json:"is_lead"`
-	CheckedIn         bool    `json:"checked_in"`
-	CheckedInAt       *string `json:"checked_in_at,omitempty"`
+	Ready             bool    `json:"ready"`
+	ReadyAt           *string `json:"ready_at,omitempty"`
 	Confirmed         bool    `json:"confirmed"`
 	ConfirmedAt       *string `json:"confirmed_at,omitempty"`
 	EmailConfirmed    bool    `json:"email_confirmed"`
@@ -1203,14 +1226,14 @@ const volunteerSelect = `v.id, v.participant_id, v.attendee_id,
 	COALESCE(NULLIF(p.email,''), v.email),
 	COALESCE(NULLIF(p.phone,''), v.phone),
 	COALESCE(NULLIF(p.pronouns,''), v.pronouns),
-	v.department_id, v.is_lead, v.checked_in, v.checked_in_at,
+	v.department_id, v.is_lead, v.ready, v.ready_at,
 	v.confirmed, v.confirmed_at,
 	v.email_confirmed, v.confirmation_token, v.kiosk_code, v.note,
 	v.created_at, v.updated_at, v.deleted_at`
 const volunteerFrom = `FROM volunteers v LEFT JOIN participants p ON p.id = v.participant_id`
 
 // volunteerCols is kept for backward-compat references that expect unqualified column names.
-const volunteerCols = `id, attendee_id, name, preferred_name, email, phone, pronouns, department_id, is_lead, checked_in, checked_in_at, email_confirmed, confirmation_token, note, created_at, updated_at, deleted_at`
+const volunteerCols = `id, attendee_id, name, preferred_name, email, phone, pronouns, department_id, is_lead, ready, ready_at, email_confirmed, confirmation_token, note, created_at, updated_at, deleted_at`
 
 func (app *App) listVolunteers(search string, deptID *int, since string) ([]Volunteer, error) {
 	q := `SELECT ` + volunteerSelect + ` ` + volunteerFrom + ` WHERE 1=1`
@@ -1292,13 +1315,13 @@ func (app *App) deleteVolunteer(id int) error {
 	return err
 }
 
-// checkInVolunteer marks the volunteer as checked in and, if linked to an attendee,
+// markVolunteerReady marks the volunteer as ready and, if linked to an attendee,
 // also increments the attendee's checked_in_count.
-func (app *App) checkInVolunteer(id, userID int) (*Volunteer, error) {
+func (app *App) markVolunteerReady(id, userID int) (*Volunteer, error) {
 	t := now()
 	_, err := app.db.Exec(
-		`UPDATE volunteers SET checked_in=1, checked_in_at=?, updated_at=?
-		 WHERE id=? AND deleted_at IS NULL AND checked_in=0`,
+		`UPDATE volunteers SET ready=1, ready_at=?, updated_at=?
+		 WHERE id=? AND deleted_at IS NULL AND ready=0`,
 		t, t, id,
 	)
 	if err != nil {
@@ -1337,12 +1360,12 @@ func queryVolunteers(db *sql.DB, q string, args ...any) ([]Volunteer, error) {
 	for rows.Next() {
 		var v Volunteer
 		var participantID, attendeeID, deptID sql.NullInt64
-		var isLead, checkedIn, confirmed, emailConfirmed int
+		var isLead, ready, confirmed, emailConfirmed int
 		var confirmationToken, confirmedAt, kioskCode sql.NullString
 		if err := rows.Scan(
 			&v.ID, &participantID, &attendeeID, &v.Name, &v.PreferredName,
 			&v.Email, &v.Phone, &v.Pronouns, &deptID,
-			&isLead, &checkedIn, &v.CheckedInAt,
+			&isLead, &ready, &v.ReadyAt,
 			&confirmed, &confirmedAt,
 			&emailConfirmed, &confirmationToken, &kioskCode, &v.Note,
 			&v.CreatedAt, &v.UpdatedAt, &v.DeletedAt,
@@ -1371,7 +1394,7 @@ func queryVolunteers(db *sql.DB, q string, args ...any) ([]Volunteer, error) {
 			v.KioskCode = &kioskCode.String
 		}
 		v.IsLead = isLead == 1
-		v.CheckedIn = checkedIn == 1
+		v.Ready = ready == 1
 		v.Confirmed = confirmed == 1
 		v.EmailConfirmed = emailConfirmed == 1
 		result = append(result, v)
diff --git a/frontend/src/api.js b/frontend/src/api.js
index 6700d4b..686faa8 100644
--- a/frontend/src/api.js
+++ b/frontend/src/api.js
@@ -78,7 +78,7 @@ export const api = {
     create: (data) => apiJSON('/api/volunteers', { method: 'POST', body: JSON.stringify(data) }),
     update: (id, data) => apiJSON(`/api/volunteers/${id}`, { method: 'PUT', body: JSON.stringify(data) }),
     delete: (id) => apiFetch(`/api/volunteers/${id}`, { method: 'DELETE' }),
-    checkIn: (id) => apiJSON(`/api/volunteers/${id}/checkin`, { method: 'POST' }),
+    markReady: (id) => apiJSON(`/api/volunteers/${id}/ready`, { method: 'POST' }),
     confirm: (id) => apiJSON(`/api/volunteers/${id}/confirm`, { method: 'POST' }),
     assignShift: (id, shiftId) => apiFetch(`/api/volunteers/${id}/shifts`, { method: 'POST', body: JSON.stringify({ shift_id: shiftId }) }),
     unassignShift: (id, shiftId) => apiFetch(`/api/volunteers/${id}/shifts/${shiftId}`, { method: 'DELETE' }),
diff --git a/frontend/src/components/CheckInButton.svelte b/frontend/src/components/CheckInButton.svelte
index f0af073..cbd4bd2 100644
--- a/frontend/src/components/CheckInButton.svelte
+++ b/frontend/src/components/CheckInButton.svelte
@@ -9,5 +9,5 @@
 </script>
 
 <button class="btn btn-success btn-sm" onclick={handle} disabled={loading}>
-  {loading ? '…' : '✓ Ready'}
+  {loading ? '…' : 'Mark ready'}
 </button>
diff --git a/frontend/src/pages/Dashboard.svelte b/frontend/src/pages/Dashboard.svelte
index 9a69d10..e5a26de 100644
--- a/frontend/src/pages/Dashboard.svelte
+++ b/frontend/src/pages/Dashboard.svelte
@@ -31,7 +31,7 @@
     return vols
   })
   const volTotal = $derived(volunteers.length)
-  const volCheckedIn = $derived(volunteers.filter(v => v.checked_in).length)
+  const volCheckedIn = $derived(volunteers.filter(v => v.ready).length)
   const volLeads = $derived(volunteers.filter(v => v.is_lead).length)
 
   // Shift stats (scoped for colead)
diff --git a/frontend/src/pages/Volunteers.svelte b/frontend/src/pages/Volunteers.svelte
index 441e415..f477e64 100644
--- a/frontend/src/pages/Volunteers.svelte
+++ b/frontend/src/pages/Volunteers.svelte
@@ -54,8 +54,8 @@
         if (filterDept && v.department_id !== parseInt(filterDept)) return false
         if (filterStatus === 'unconfirmed' && v.email_confirmed) return false
         if (filterStatus === 'registered' && (!v.email_confirmed || v.confirmed)) return false
-        if (filterStatus === 'confirmed' && (!v.confirmed || v.checked_in)) return false
-        if (filterStatus === 'ready' && !v.checked_in) return false
+        if (filterStatus === 'confirmed' && (!v.confirmed || v.ready)) return false
+        if (filterStatus === 'ready' && !v.ready) return false
         if (s && !v.name.toLowerCase().includes(s) &&
             !(v.email || '').toLowerCase().includes(s)) return false
         return true
@@ -63,9 +63,9 @@
       .sort((a, b) => a.name.localeCompare(b.name))
   })
 
-  async function checkIn(v) {
+  async function markReady(v) {
     try {
-      const updated = await api.volunteers.checkIn(v.id)
+      const updated = await api.volunteers.markReady(v.id)
       await db.volunteers.put(updated)
     } catch (err) {
       error = err.message
@@ -314,7 +314,7 @@
                   {/if}
                 </td>
                 <td class="td-status">
-                  {#if v.checked_in}
+                  {#if v.ready}
                     <span class="badge badge-checked">Ready</span>
                   {:else if v.confirmed}
                     <span class="badge badge-confirmed">Confirmed</span>
@@ -323,15 +323,15 @@
                   {:else}
                     <span class="badge badge-unchecked">Unconfirmed</span>
                   {/if}
-                  {#if v.checked_in_at}
+                  {#if v.ready_at}
                     <div class="text-muted" style="font-size:0.75rem">
-                      {new Date(v.checked_in_at).toLocaleTimeString()}
+                      {new Date(v.ready_at).toLocaleTimeString()}
                     </div>
                   {/if}
                 </td>
                 <td class="td-ready">
-                  {#if !v.checked_in}
-                    <CheckInButton onclick={() => checkIn(v)} />
+                  {#if v.confirmed && !v.ready}
+                    <CheckInButton onclick={() => markReady(v)} />
                   {/if}
                 </td>
                 {#if canManage}
diff --git a/handle_volunteers.go b/handle_volunteers.go
index 584927b..845bddd 100644
--- a/handle_volunteers.go
+++ b/handle_volunteers.go
@@ -130,14 +130,14 @@ func (app *App) handleDeleteVolunteer(w http.ResponseWriter, r *http.Request) {
 	w.WriteHeader(http.StatusNoContent)
 }
 
-func (app *App) handleCheckInVolunteer(w http.ResponseWriter, r *http.Request) {
+func (app *App) handleMarkVolunteerReady(w http.ResponseWriter, r *http.Request) {
 	id, err := strconv.Atoi(r.PathValue("id"))
 	if err != nil {
 		writeError(w, "invalid id", http.StatusBadRequest)
 		return
 	}
 	claims := claimsFromContext(r)
-	v, err := app.checkInVolunteer(id, claims.UserID)
+	v, err := app.markVolunteerReady(id, claims.UserID)
 	if err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
diff --git a/main.go b/main.go
index ea79877..be9fc53 100644
--- a/main.go
+++ b/main.go
@@ -125,7 +125,7 @@ func (app *App) registerRoutes(mux *http.ServeMux) {
 	mux.HandleFunc("GET /api/volunteers/{id}", auth(app.handleGetVolunteer, "admin", "ticketing", "staffing", "colead"))
 	mux.HandleFunc("PUT /api/volunteers/{id}", auth(app.handleUpdateVolunteer, "admin", "ticketing", "staffing", "colead"))
 	mux.HandleFunc("DELETE /api/volunteers/{id}", auth(app.handleDeleteVolunteer, "admin", "ticketing", "staffing", "colead"))
-	mux.HandleFunc("POST /api/volunteers/{id}/checkin", auth(app.handleCheckInVolunteer, "admin", "ticketing", "staffing", "colead"))
+	mux.HandleFunc("POST /api/volunteers/{id}/ready", auth(app.handleMarkVolunteerReady, "admin", "ticketing", "staffing", "colead"))
 	mux.HandleFunc("POST /api/volunteers/{id}/confirm", auth(app.handleConfirmVolunteer, "admin", "staffing", "colead"))
 	mux.HandleFunc("POST /api/volunteers/{id}/shifts", auth(app.handleAssignShift, "admin", "ticketing", "staffing", "colead"))
 	mux.HandleFunc("DELETE /api/volunteers/{id}/shifts/{shift_id}", auth(app.handleUnassignShift, "admin", "ticketing", "staffing", "colead"))

From c03498b59e8cf492db6c05b68f1c4e55205f7488 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Thu, 5 Mar 2026 19:11:58 -0600
Subject: [PATCH 30/47] Fixed volunteer filters.

---
 frontend/src/pages/ScheduleBoard.svelte | 5 ++++-
 frontend/src/pages/Volunteers.svelte    | 9 +++++----
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/frontend/src/pages/ScheduleBoard.svelte b/frontend/src/pages/ScheduleBoard.svelte
index 65391e0..6755588 100644
--- a/frontend/src/pages/ScheduleBoard.svelte
+++ b/frontend/src/pages/ScheduleBoard.svelte
@@ -414,7 +414,10 @@
                     <div class="board-assign-row">
                       <select bind:value={assignVolID} style="width:auto">
                         <option value={0}>— Select volunteer —</option>
-                        {#each $allVolunteers ?? [] as v}
+                        {#each ($allVolunteers ?? [])
+                          .filter(v => v.department_id === shift.department_id)
+                          .filter(v => !assigned.some(a => a.volunteer.id === v.id))
+                          as v}
                           <option value={v.id}>{v.name}</option>
                         {/each}
                       </select>
diff --git a/frontend/src/pages/Volunteers.svelte b/frontend/src/pages/Volunteers.svelte
index f477e64..5f5f3c8 100644
--- a/frontend/src/pages/Volunteers.svelte
+++ b/frontend/src/pages/Volunteers.svelte
@@ -29,10 +29,11 @@
   const canConfirm = $derived(['admin', 'staffing', 'colead'].includes(role))
   const myDeptIDs = $derived(session?.user?.department_ids ?? [])
 
-  // Auto-filter coleads to their department on mount
+  let deptInitialized = $state(false)
   $effect(() => {
-    if (role === 'colead' && myDeptIDs.length > 0 && !filterDept) {
+    if (!deptInitialized && role === 'colead' && myDeptIDs.length > 0) {
       filterDept = String(myDeptIDs[0])
+      deptInitialized = true
     }
   })
 
@@ -228,7 +229,7 @@
     {/if}
     <select bind:value={filterStatus} style="width:auto">
       <option value="">All statuses</option>
-      <option value="unconfirmed">Unconfirmed</option>
+      <option value="unconfirmed">Unregistered</option>
       <option value="registered">Registered</option>
       <option value="confirmed">Confirmed</option>
       <option value="ready">Ready</option>
@@ -321,7 +322,7 @@
                   {:else if v.email_confirmed}
                     <span class="badge badge-registered">Registered</span>
                   {:else}
-                    <span class="badge badge-unchecked">Unconfirmed</span>
+                    <span class="badge badge-unchecked">Unregistered</span>
                   {/if}
                   {#if v.ready_at}
                     <div class="text-muted" style="font-size:0.75rem">

From 3429ee92fea7054352db54de1b1fa881eea5d218 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Thu, 5 Mar 2026 20:09:58 -0600
Subject: [PATCH 31/47] Update manual Volunteer entry.

---
 frontend/src/pages/Volunteers.svelte | 12 +++++++++---
 handle_volunteers.go                 | 12 +++++++++---
 2 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/frontend/src/pages/Volunteers.svelte b/frontend/src/pages/Volunteers.svelte
index 5f5f3c8..06f6aac 100644
--- a/frontend/src/pages/Volunteers.svelte
+++ b/frontend/src/pages/Volunteers.svelte
@@ -13,6 +13,7 @@
   let showAdd = $state(false)
   let adding = $state(false)
   let newName = $state('')
+  let newTicketName = $state('')
   let newEmail = $state('')
   let newDeptID = $state('')
   let newIsLead = $state(false)
@@ -89,6 +90,7 @@
     try {
       const data = {
         name: newName,
+        ticket_name: newTicketName,
         email: newEmail,
         is_lead: newIsLead,
         note: newNote,
@@ -97,7 +99,7 @@
       const v = await api.volunteers.create(data)
       await db.volunteers.put(v)
       showAdd = false
-      newName = newEmail = newNote = ''
+      newName = newEmail = newTicketName = newNote = ''
       newDeptID = ''
       newIsLead = false
     } catch (err) {
@@ -180,8 +182,12 @@
       <form onsubmit={addVolunteer}>
         <div class="form-grid" style="display:grid;grid-template-columns:1fr 1fr;gap:1rem">
           <div class="form-group">
-            <label for="v-name">Name *</label>
-            <input id="v-name" bind:value={newName} required placeholder="Full name" />
+            <label for="v-name">Preferred Name *</label>
+            <input id="v-name" bind:value={newName} required placeholder="What they go by" />
+          </div>
+          <div class="form-group">
+            <label for="v-ticket-name">Name on Ticket</label>
+            <input id="v-ticket-name" bind:value={newTicketName} placeholder="Legal/ticketed name" />
           </div>
           <div class="form-group">
             <label for="v-email">Email</label>
diff --git a/handle_volunteers.go b/handle_volunteers.go
index 845bddd..6832995 100644
--- a/handle_volunteers.go
+++ b/handle_volunteers.go
@@ -33,11 +33,15 @@ func (app *App) handleListVolunteers(w http.ResponseWriter, r *http.Request) {
 }
 
 func (app *App) handleCreateVolunteer(w http.ResponseWriter, r *http.Request) {
-	var v Volunteer
-	if err := json.NewDecoder(r.Body).Decode(&v); err != nil {
+	var body struct {
+		Volunteer
+		TicketName string `json:"ticket_name"`
+	}
+	if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
 		writeError(w, "invalid request", http.StatusBadRequest)
 		return
 	}
+	v := body.Volunteer
 	if v.Name == "" {
 		writeError(w, "name is required", http.StatusBadRequest)
 		return
@@ -52,7 +56,9 @@ func (app *App) handleCreateVolunteer(w http.ResponseWriter, r *http.Request) {
 	if v.Email != "" && v.ParticipantID == nil {
 		p, _ := app.getParticipantByEmail(v.Email)
 		if p == nil {
-			p, _ = app.createParticipant(Participant{PreferredName: v.Name, Email: v.Email})
+			p, _ = app.createParticipant(Participant{PreferredName: v.Name, Email: v.Email, TicketName: body.TicketName})
+		} else if body.TicketName != "" && p.TicketName == "" {
+			app.db.Exec(`UPDATE participants SET ticket_name = ?, updated_at = ? WHERE id = ?`, body.TicketName, now(), p.ID)
 		}
 		if p != nil {
 			v.ParticipantID = &p.ID

From e7e542c03cc55dba0fa29a8443830fbc283f9b3e Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Thu, 5 Mar 2026 20:17:25 -0600
Subject: [PATCH 32/47] Require email on Volunteer entry.

---
 frontend/src/pages/Volunteers.svelte | 4 ++--
 handle_volunteers.go                 | 4 ++++
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/frontend/src/pages/Volunteers.svelte b/frontend/src/pages/Volunteers.svelte
index 06f6aac..e90bf80 100644
--- a/frontend/src/pages/Volunteers.svelte
+++ b/frontend/src/pages/Volunteers.svelte
@@ -190,8 +190,8 @@
             <input id="v-ticket-name" bind:value={newTicketName} placeholder="Legal/ticketed name" />
           </div>
           <div class="form-group">
-            <label for="v-email">Email</label>
-            <input id="v-email" type="email" bind:value={newEmail} placeholder="email@example.com" />
+            <label for="v-email">Email *</label>
+            <input id="v-email" type="email" bind:value={newEmail} required placeholder="email@example.com" />
           </div>
           <div class="form-group">
             <label for="v-dept">Department</label>
diff --git a/handle_volunteers.go b/handle_volunteers.go
index 6832995..b7e385a 100644
--- a/handle_volunteers.go
+++ b/handle_volunteers.go
@@ -46,6 +46,10 @@ func (app *App) handleCreateVolunteer(w http.ResponseWriter, r *http.Request) {
 		writeError(w, "name is required", http.StatusBadRequest)
 		return
 	}
+	if v.Email == "" {
+		writeError(w, "email is required", http.StatusBadRequest)
+		return
+	}
 	claims := claimsFromContext(r)
 	if claims.Role == "colead" {
 		if v.DepartmentID == nil || !inSlice(*v.DepartmentID, claims.DeptIDs) {

From fcf5bf1f34369da659490193fd39e04964c2df55 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Thu, 5 Mar 2026 20:28:21 -0600
Subject: [PATCH 33/47] Generate confirmation email for manually-entered
 volunteers.

---
 handle_volunteers.go | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/handle_volunteers.go b/handle_volunteers.go
index b7e385a..0a9fec0 100644
--- a/handle_volunteers.go
+++ b/handle_volunteers.go
@@ -2,6 +2,7 @@ package main
 
 import (
 	"encoding/json"
+	"log"
 	"net/http"
 	"strconv"
 )
@@ -68,11 +69,22 @@ func (app *App) handleCreateVolunteer(w http.ResponseWriter, r *http.Request) {
 			v.ParticipantID = &p.ID
 		}
 	}
+	confirmToken, err := generateConfirmationToken()
+	if err != nil {
+		writeError(w, "internal error", http.StatusInternalServerError)
+		return
+	}
+	v.ConfirmationToken = &confirmToken
 	created, err := app.createVolunteer(v)
 	if err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
+	go func() {
+		if err := app.sendConfirmationEmail(v.Email, v.Name, confirmToken); err != nil {
+			log.Printf("confirmation email to %s failed: %v", v.Email, err)
+		}
+	}()
 	w.WriteHeader(http.StatusCreated)
 	writeJSON(w, created)
 }

From 7d56ef2f339f2a8d0c43dc474a8232dc9645fac7 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Fri, 6 Mar 2026 07:11:19 -0600
Subject: [PATCH 34/47] Moved properties from Volunteer to Participant.

---
 db.go                     | 422 +++++++++-----------------------------
 db_test.go                |   9 +-
 frontend/src/db.js        |   5 +
 handle_kiosk_test.go      |   5 +-
 handle_shifts_test.go     |   6 +-
 handle_signup.go          |  25 +--
 handle_signup_test.go     |  65 +++---
 handle_volunteers.go      |  66 +++---
 handle_volunteers_test.go |  25 ++-
 9 files changed, 200 insertions(+), 428 deletions(-)

diff --git a/db.go b/db.go
index 514460e..bda44ed 100644
--- a/db.go
+++ b/db.go
@@ -86,21 +86,24 @@ func migrate(db *sql.DB) error {
 		ON attendees(name, ticket_id) WHERE deleted_at IS NULL;
 
 	CREATE TABLE IF NOT EXISTS volunteers (
-		id            INTEGER PRIMARY KEY AUTOINCREMENT,
-		attendee_id   INTEGER REFERENCES attendees(id) ON DELETE SET NULL,
-		name          TEXT NOT NULL,
-		email         TEXT NOT NULL DEFAULT '',
-		phone         TEXT NOT NULL DEFAULT '',
-		department_id INTEGER REFERENCES departments(id) ON DELETE SET NULL,
-		is_lead       INTEGER NOT NULL DEFAULT 0,
-		ready         INTEGER NOT NULL DEFAULT 0,
-		ready_at      TEXT,
-		note          TEXT NOT NULL DEFAULT '',
-		created_at    TEXT NOT NULL DEFAULT (datetime('now')),
-		updated_at    TEXT NOT NULL DEFAULT (datetime('now')),
-		deleted_at    TEXT
+		id             INTEGER PRIMARY KEY AUTOINCREMENT,
+		participant_id INTEGER NOT NULL REFERENCES participants(id) ON DELETE CASCADE,
+		department_id  INTEGER REFERENCES departments(id) ON DELETE SET NULL,
+		is_lead        INTEGER NOT NULL DEFAULT 0,
+		ready          INTEGER NOT NULL DEFAULT 0,
+		ready_at       TEXT,
+		confirmed      INTEGER NOT NULL DEFAULT 0,
+		confirmed_at   TEXT,
+		kiosk_code     TEXT,
+		note           TEXT NOT NULL DEFAULT '',
+		created_at     TEXT NOT NULL DEFAULT (datetime('now')),
+		updated_at     TEXT NOT NULL DEFAULT (datetime('now')),
+		deleted_at     TEXT
 	);
 
+	CREATE UNIQUE INDEX IF NOT EXISTS idx_volunteers_kiosk_code
+		ON volunteers(kiosk_code) WHERE kiosk_code IS NOT NULL;
+
 	CREATE TABLE IF NOT EXISTS shifts (
 		id            INTEGER PRIMARY KEY AUTOINCREMENT,
 		department_id INTEGER NOT NULL REFERENCES departments(id) ON DELETE CASCADE,
@@ -119,19 +122,23 @@ func migrate(db *sql.DB) error {
 		shift_id     INTEGER NOT NULL REFERENCES shifts(id) ON DELETE CASCADE,
 		confirmed    INTEGER NOT NULL DEFAULT 1,
 		updated_at   TEXT NOT NULL DEFAULT (datetime('now')),
+		deleted_at   TEXT,
 		PRIMARY KEY (volunteer_id, shift_id)
 	);
 
 	CREATE TABLE IF NOT EXISTS participants (
-		id             INTEGER PRIMARY KEY AUTOINCREMENT,
-		email          TEXT NOT NULL DEFAULT '',
-		preferred_name TEXT NOT NULL DEFAULT '',
-		phone          TEXT NOT NULL DEFAULT '',
-		pronouns       TEXT NOT NULL DEFAULT '',
-		note           TEXT NOT NULL DEFAULT '',
-		created_at     TEXT NOT NULL DEFAULT (datetime('now')),
-		updated_at     TEXT NOT NULL DEFAULT (datetime('now')),
-		deleted_at     TEXT
+		id                 INTEGER PRIMARY KEY AUTOINCREMENT,
+		email              TEXT NOT NULL DEFAULT '',
+		preferred_name     TEXT NOT NULL DEFAULT '',
+		ticket_name        TEXT NOT NULL DEFAULT '',
+		phone              TEXT NOT NULL DEFAULT '',
+		pronouns           TEXT NOT NULL DEFAULT '',
+		note               TEXT NOT NULL DEFAULT '',
+		email_confirmed    INTEGER NOT NULL DEFAULT 0,
+		confirmation_token TEXT,
+		created_at         TEXT NOT NULL DEFAULT (datetime('now')),
+		updated_at         TEXT NOT NULL DEFAULT (datetime('now')),
+		deleted_at         TEXT
 	);
 
 	CREATE UNIQUE INDEX IF NOT EXISTS idx_participants_email
@@ -159,210 +166,9 @@ func migrate(db *sql.DB) error {
 	if err != nil {
 		return err
 	}
-	return migrateV2(db)
-}
-
-// migrateV2 adds new columns to existing databases without data loss.
-func migrateV2(db *sql.DB) error {
-	addColumnIfMissing(db, "attendees", "volunteer_token TEXT UNIQUE")
-	addColumnIfMissing(db, "attendees", "party_size INTEGER NOT NULL DEFAULT 1")
-	addColumnIfMissing(db, "attendees", "checked_in_count INTEGER NOT NULL DEFAULT 0")
-	addColumnIfMissing(db, "shifts", "position INTEGER NOT NULL DEFAULT 0")
-	addColumnIfMissing(db, "volunteer_shifts", "deleted_at TEXT")
-	addColumnIfMissing(db, "volunteers", "preferred_name TEXT NOT NULL DEFAULT ''")
-	addColumnIfMissing(db, "volunteers", "ticket_name TEXT NOT NULL DEFAULT ''")
-	addColumnIfMissing(db, "volunteers", "pronouns TEXT NOT NULL DEFAULT ''")
-	addColumnIfMissing(db, "volunteers", "email_confirmed INTEGER NOT NULL DEFAULT 0")
-	addColumnIfMissing(db, "volunteers", "confirmation_token TEXT")
-	addColumnIfMissing(db, "volunteers", "confirmed INTEGER NOT NULL DEFAULT 0")
-	addColumnIfMissing(db, "volunteers", "confirmed_at TEXT")
-	addColumnIfMissing(db, "volunteers", "kiosk_code TEXT")
-	renameColumnIfExists(db, "volunteers", "checked_in", "ready")
-	renameColumnIfExists(db, "volunteers", "checked_in_at", "ready_at")
-	db.Exec(`CREATE UNIQUE INDEX IF NOT EXISTS idx_volunteers_kiosk_code ON volunteers(kiosk_code) WHERE kiosk_code IS NOT NULL`)
-	// Migrate kiosk codes from tickets to volunteers (idempotent).
-	db.Exec(`
-		UPDATE volunteers SET kiosk_code = (
-			SELECT t.code FROM tickets t
-			WHERE t.participant_id = volunteers.participant_id
-			  AND t.code IS NOT NULL AND t.deleted_at IS NULL
-			LIMIT 1
-		) WHERE kiosk_code IS NULL AND participant_id IS NOT NULL`)
-	// Delete stub tickets whose code has been migrated to the volunteer.
-	db.Exec(`
-		DELETE FROM tickets
-		WHERE source = 'manual' AND external_id = '' AND code IS NOT NULL
-		  AND participant_id IN (SELECT id FROM volunteers WHERE kiosk_code IS NOT NULL)`)
-	// Widen the uniqueness constraint from name-only to (name, ticket_id).
-	db.Exec(`DROP INDEX IF EXISTS idx_attendees_name`)
-	db.Exec(`CREATE UNIQUE INDEX IF NOT EXISTS idx_attendees_name_ticket ON attendees(name, ticket_id) WHERE deleted_at IS NULL`)
-	return migrateV3(db)
-}
-
-// migrateV3 populates participants + tickets from attendees/volunteers,
-// and links volunteers to participants via participant_id.
-func migrateV3(db *sql.DB) error {
-	addColumnIfMissing(db, "volunteers", "participant_id INTEGER REFERENCES participants(id)")
-	addColumnIfMissing(db, "participants", "ticket_name TEXT NOT NULL DEFAULT ''")
-
-	// Seed participants from volunteers first (better name data: preferred_name).
-	db.Exec(`
-		INSERT OR IGNORE INTO participants (email, preferred_name, phone, pronouns, created_at, updated_at)
-		SELECT
-			LOWER(email),
-			CASE WHEN preferred_name != '' THEN preferred_name ELSE name END,
-			phone,
-			pronouns,
-			created_at,
-			created_at
-		FROM volunteers
-		WHERE email != '' AND deleted_at IS NULL`)
-
-	// Fill in from attendees for emails not yet in participants.
-	db.Exec(`
-		INSERT OR IGNORE INTO participants (email, preferred_name, phone, created_at, updated_at)
-		SELECT LOWER(email), name, phone, created_at, created_at
-		FROM attendees
-		WHERE email != '' AND deleted_at IS NULL`)
-
-	// Attendees with no email: create a placeholder participant so tickets aren't orphaned.
-	rows, _ := db.Query(`SELECT id, name, created_at FROM attendees WHERE email = '' AND deleted_at IS NULL`)
-	if rows != nil {
-		type stub struct {
-			id, name, createdAt string
-		}
-		var stubs []stub
-		for rows.Next() {
-			var s stub
-			rows.Scan(&s.id, &s.name, &s.createdAt)
-			stubs = append(stubs, s)
-		}
-		rows.Close()
-		for _, s := range stubs {
-			placeholder := fmt.Sprintf("ticket-%s@unknown", s.id)
-			db.Exec(`INSERT OR IGNORE INTO participants (email, preferred_name, created_at, updated_at) VALUES (?, ?, ?, ?)`,
-				placeholder, s.name, s.createdAt, s.createdAt)
-		}
-	}
-
-	// Link volunteers to participants via email.
-	db.Exec(`
-		UPDATE volunteers SET participant_id = (
-			SELECT p.id FROM participants p WHERE LOWER(p.email) = LOWER(volunteers.email)
-		)
-		WHERE participant_id IS NULL AND email != ''`)
-
-	// Seed tickets from attendees (1 ticket per attendee row).
-	db.Exec(`
-		INSERT OR IGNORE INTO tickets (participant_id, name, ticket_type, source, external_id, order_id, code, checked_in_at, checked_in_by, created_at, updated_at, deleted_at)
-		SELECT
-			p.id,
-			a.name,
-			a.ticket_type,
-			CASE WHEN a.ticket_id != '' THEN 'crowdwork' ELSE 'manual' END,
-			a.ticket_id,
-			a.ticket_id,
-			a.volunteer_token,
-			a.checked_in_at,
-			a.checked_in_by,
-			a.created_at,
-			a.updated_at,
-			a.deleted_at
-		FROM attendees a
-		JOIN participants p ON LOWER(p.email) = LOWER(a.email) OR p.email = 'ticket-' || a.id || '@unknown'`)
-
-	// Volunteers whose participant has no ticket: create a stub ticket so they can get a kiosk code.
-	db.Exec(`
-		INSERT OR IGNORE INTO tickets (participant_id, source, created_at, updated_at)
-		SELECT DISTINCT v.participant_id, 'manual', v.created_at, v.created_at
-		FROM volunteers v
-		WHERE v.participant_id IS NOT NULL
-		  AND v.deleted_at IS NULL
-		  AND NOT EXISTS (SELECT 1 FROM tickets t WHERE t.participant_id = v.participant_id AND t.deleted_at IS NULL)`)
-
-	return migrateV4(db)
-}
-
-// migrateV4 renames roles: volunteer_lead→colead, coordinator→staffing, gate→gatekeeper.
-func migrateV4(db *sql.DB) error {
-	var count int
-	if err := db.QueryRow(`SELECT COUNT(*) FROM users WHERE role IN ('volunteer_lead','coordinator','gate')`).Scan(&count); err != nil || count == 0 {
-		return nil
-	}
-	if _, err := db.Exec(`PRAGMA foreign_keys = OFF`); err != nil {
-		return err
-	}
-	stmts := []string{
-		`CREATE TABLE users_v4 (
-			id            INTEGER PRIMARY KEY AUTOINCREMENT,
-			username      TEXT NOT NULL UNIQUE,
-			password_hash TEXT NOT NULL,
-			role          TEXT NOT NULL CHECK(role IN ('admin','ticketing','staffing','colead','gatekeeper')),
-			created_at    TEXT NOT NULL DEFAULT (datetime('now'))
-		)`,
-		`INSERT INTO users_v4 (id, username, password_hash, role, created_at)
-		 SELECT id, username, password_hash,
-			CASE role
-				WHEN 'volunteer_lead' THEN 'colead'
-				WHEN 'coordinator'    THEN 'staffing'
-				WHEN 'gate'           THEN 'gatekeeper'
-				ELSE role
-			END,
-			created_at
-		 FROM users`,
-		`DROP TABLE users`,
-		`ALTER TABLE users_v4 RENAME TO users`,
-		`PRAGMA foreign_keys = ON`,
-	}
-	for _, s := range stmts {
-		if _, err := db.Exec(s); err != nil {
-			db.Exec(`PRAGMA foreign_keys = ON`)
-			return fmt.Errorf("migrateV4: %w", err)
-		}
-	}
 	return nil
 }
 
-func addColumnIfMissing(db *sql.DB, table, colDef string) {
-	colName := strings.Fields(colDef)[0]
-	rows, err := db.Query(`PRAGMA table_info("` + table + `")`)
-	if err != nil {
-		return
-	}
-	defer rows.Close()
-	for rows.Next() {
-		var cid, notNull, pk int
-		var name, typ string
-		var dflt sql.NullString
-		rows.Scan(&cid, &name, &typ, &notNull, &dflt, &pk)
-		if name == colName {
-			return
-		}
-	}
-	db.Exec(`ALTER TABLE "` + table + `" ADD COLUMN ` + colDef)
-}
-
-func renameColumnIfExists(db *sql.DB, table, oldName, newName string) {
-	found := false
-	rows, err := db.Query(`PRAGMA table_info("` + table + `")`)
-	if err != nil {
-		return
-	}
-	for rows.Next() {
-		var cid, notNull, pk int
-		var name, typ string
-		var dflt sql.NullString
-		rows.Scan(&cid, &name, &typ, &notNull, &dflt, &pk)
-		if name == oldName {
-			found = true
-		}
-	}
-	rows.Close()
-	if found {
-		db.Exec(`ALTER TABLE "` + table + `" RENAME COLUMN "` + oldName + `" TO "` + newName + `"`)
-	}
-}
-
 // --- Types ---
 
 const attendeeCols = `id, name, email, phone, ticket_id, ticket_type, volunteer_token,
@@ -420,40 +226,40 @@ type Department struct {
 }
 
 type Volunteer struct {
-	ID                int     `json:"id"`
-	ParticipantID     *int    `json:"participant_id,omitempty"`
-	AttendeeID        *int    `json:"attendee_id,omitempty"` // deprecated; kept for migration compat
-	Name              string  `json:"name"`
-	PreferredName     string  `json:"preferred_name"`
-	Email             string  `json:"email"`
-	Phone             string  `json:"phone"`
-	Pronouns          string  `json:"pronouns"`
-	DepartmentID      *int    `json:"department_id,omitempty"`
-	IsLead            bool    `json:"is_lead"`
-	Ready             bool    `json:"ready"`
-	ReadyAt           *string `json:"ready_at,omitempty"`
-	Confirmed         bool    `json:"confirmed"`
-	ConfirmedAt       *string `json:"confirmed_at,omitempty"`
-	EmailConfirmed    bool    `json:"email_confirmed"`
-	ConfirmationToken *string `json:"-"`
-	KioskCode         *string `json:"kiosk_code,omitempty"`
-	Note              string  `json:"note"`
-	CreatedAt         string  `json:"created_at"`
-	UpdatedAt         string  `json:"updated_at"`
-	DeletedAt         *string `json:"deleted_at,omitempty"`
-}
-
-type Participant struct {
 	ID            int     `json:"id"`
-	Email         string  `json:"email"`
-	PreferredName string  `json:"preferred_name"`
-	TicketName    string  `json:"ticket_name"`
-	Phone         string  `json:"phone"`
-	Pronouns      string  `json:"pronouns"`
+	ParticipantID int     `json:"participant_id"`
+	DepartmentID  *int    `json:"department_id,omitempty"`
+	IsLead        bool    `json:"is_lead"`
+	Ready         bool    `json:"ready"`
+	ReadyAt       *string `json:"ready_at,omitempty"`
+	Confirmed     bool    `json:"confirmed"`
+	ConfirmedAt   *string `json:"confirmed_at,omitempty"`
+	KioskCode     *string `json:"kiosk_code,omitempty"`
 	Note          string  `json:"note"`
 	CreatedAt     string  `json:"created_at"`
 	UpdatedAt     string  `json:"updated_at"`
 	DeletedAt     *string `json:"deleted_at,omitempty"`
+	// Populated via JOIN from participant, not stored on volunteers table:
+	Name           string `json:"name"`
+	Email          string `json:"email"`
+	Phone          string `json:"phone"`
+	Pronouns       string `json:"pronouns"`
+	EmailConfirmed bool   `json:"email_confirmed"`
+}
+
+type Participant struct {
+	ID                int     `json:"id"`
+	Email             string  `json:"email"`
+	PreferredName     string  `json:"preferred_name"`
+	TicketName        string  `json:"ticket_name"`
+	Phone             string  `json:"phone"`
+	Pronouns          string  `json:"pronouns"`
+	Note              string  `json:"note"`
+	EmailConfirmed    bool    `json:"email_confirmed"`
+	ConfirmationToken *string `json:"-"`
+	CreatedAt         string  `json:"created_at"`
+	UpdatedAt         string  `json:"updated_at"`
+	DeletedAt         *string `json:"deleted_at,omitempty"`
 }
 
 type Ticket struct {
@@ -884,7 +690,7 @@ func (app *App) attendeeCounts() (total, checkedIn int, err error) {
 
 // --- Participants ---
 
-const participantCols = `id, email, preferred_name, ticket_name, phone, pronouns, note, created_at, updated_at, deleted_at`
+const participantCols = `id, email, preferred_name, ticket_name, phone, pronouns, note, email_confirmed, confirmation_token, created_at, updated_at, deleted_at`
 
 func (app *App) listParticipants(search, since string) ([]Participant, error) {
 	var q string
@@ -924,8 +730,8 @@ func (app *App) getParticipantByEmail(email string) (*Participant, error) {
 
 func (app *App) createParticipant(p Participant) (*Participant, error) {
 	res, err := app.db.Exec(
-		`INSERT INTO participants (email, preferred_name, ticket_name, phone, pronouns, note, updated_at) VALUES (?, ?, ?, ?, ?, ?, ?)`,
-		strings.ToLower(p.Email), p.PreferredName, p.TicketName, p.Phone, p.Pronouns, p.Note, now(),
+		`INSERT INTO participants (email, preferred_name, ticket_name, phone, pronouns, note, email_confirmed, confirmation_token, updated_at) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+		strings.ToLower(p.Email), p.PreferredName, p.TicketName, p.Phone, p.Pronouns, p.Note, boolInt(p.EmailConfirmed), p.ConfirmationToken, now(),
 	)
 	if err != nil {
 		return nil, err
@@ -980,12 +786,19 @@ func queryParticipants(db *sql.DB, q string, args ...any) ([]Participant, error)
 	var result []Participant
 	for rows.Next() {
 		var p Participant
+		var emailConfirmed int
+		var confirmationToken sql.NullString
 		if err := rows.Scan(
 			&p.ID, &p.Email, &p.PreferredName, &p.TicketName, &p.Phone, &p.Pronouns, &p.Note,
+			&emailConfirmed, &confirmationToken,
 			&p.CreatedAt, &p.UpdatedAt, &p.DeletedAt,
 		); err != nil {
 			return nil, err
 		}
+		p.EmailConfirmed = emailConfirmed == 1
+		if confirmationToken.Valid {
+			p.ConfirmationToken = &confirmationToken.String
+		}
 		result = append(result, p)
 	}
 	return result, rows.Err()
@@ -1217,23 +1030,13 @@ func queryDepartments(db *sql.DB, q string, args ...any) ([]Department, error) {
 
 // --- Volunteers ---
 
-// volunteerSelect / volunteerFrom are used together for all volunteer queries.
-// Personal fields (name, email, phone, pronouns) come from the joined participant when available,
-// falling back to the volunteer's own columns for legacy rows.
-const volunteerSelect = `v.id, v.participant_id, v.attendee_id,
-	COALESCE(NULLIF(p.preferred_name,''), NULLIF(v.preferred_name,''), v.name),
-	COALESCE(NULLIF(p.preferred_name,''), NULLIF(v.preferred_name,''), v.name),
-	COALESCE(NULLIF(p.email,''), v.email),
-	COALESCE(NULLIF(p.phone,''), v.phone),
-	COALESCE(NULLIF(p.pronouns,''), v.pronouns),
+const volunteerSelect = `v.id, v.participant_id,
+	p.preferred_name, p.email, p.phone, p.pronouns,
 	v.department_id, v.is_lead, v.ready, v.ready_at,
 	v.confirmed, v.confirmed_at,
-	v.email_confirmed, v.confirmation_token, v.kiosk_code, v.note,
+	p.email_confirmed, v.kiosk_code, v.note,
 	v.created_at, v.updated_at, v.deleted_at`
-const volunteerFrom = `FROM volunteers v LEFT JOIN participants p ON p.id = v.participant_id`
-
-// volunteerCols is kept for backward-compat references that expect unqualified column names.
-const volunteerCols = `id, attendee_id, name, preferred_name, email, phone, pronouns, department_id, is_lead, ready, ready_at, email_confirmed, confirmation_token, note, created_at, updated_at, deleted_at`
+const volunteerFrom = `FROM volunteers v INNER JOIN participants p ON p.id = v.participant_id`
 
 func (app *App) listVolunteers(search string, deptID *int, since string) ([]Volunteer, error) {
 	q := `SELECT ` + volunteerSelect + ` ` + volunteerFrom + ` WHERE 1=1`
@@ -1245,15 +1048,15 @@ func (app *App) listVolunteers(search string, deptID *int, since string) ([]Volu
 		q += ` AND v.deleted_at IS NULL`
 	}
 	if search != "" {
-		q += ` AND (v.name LIKE ? OR v.email LIKE ? OR p.preferred_name LIKE ? OR p.email LIKE ?)`
+		q += ` AND (p.preferred_name LIKE ? OR p.email LIKE ?)`
 		s := "%" + search + "%"
-		args = append(args, s, s, s, s)
+		args = append(args, s, s)
 	}
 	if deptID != nil {
 		q += ` AND v.department_id = ?`
 		args = append(args, *deptID)
 	}
-	q += ` ORDER BY COALESCE(NULLIF(p.preferred_name,''), v.name)`
+	q += ` ORDER BY p.preferred_name`
 	return queryVolunteers(app.db, q, args...)
 }
 
@@ -1266,15 +1069,6 @@ func (app *App) getVolunteer(id int) (*Volunteer, error) {
 	return &rows[0], nil
 }
 
-func (app *App) getVolunteerByAttendeeID(attendeeID int) (*Volunteer, error) {
-	rows, err := queryVolunteers(app.db,
-		`SELECT `+volunteerSelect+` `+volunteerFrom+` WHERE v.attendee_id = ? AND v.deleted_at IS NULL LIMIT 1`, attendeeID)
-	if err != nil || len(rows) == 0 {
-		return nil, err
-	}
-	return &rows[0], nil
-}
-
 func (app *App) getVolunteerByParticipantID(participantID int) (*Volunteer, error) {
 	rows, err := queryVolunteers(app.db,
 		`SELECT `+volunteerSelect+` `+volunteerFrom+` WHERE v.participant_id = ? AND v.deleted_at IS NULL LIMIT 1`, participantID)
@@ -1286,10 +1080,9 @@ func (app *App) getVolunteerByParticipantID(participantID int) (*Volunteer, erro
 
 func (app *App) createVolunteer(v Volunteer) (*Volunteer, error) {
 	res, err := app.db.Exec(
-		`INSERT INTO volunteers (participant_id, attendee_id, name, preferred_name, email, phone, pronouns, department_id, is_lead, email_confirmed, confirmation_token, note, updated_at)
-		 VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
-		v.ParticipantID, v.AttendeeID, v.Name, v.PreferredName, v.Email, v.Phone, v.Pronouns,
-		v.DepartmentID, boolInt(v.IsLead), boolInt(v.EmailConfirmed), v.ConfirmationToken, v.Note, now(),
+		`INSERT INTO volunteers (participant_id, department_id, is_lead, note, updated_at)
+		 VALUES (?, ?, ?, ?, ?)`,
+		v.ParticipantID, v.DepartmentID, boolInt(v.IsLead), v.Note, now(),
 	)
 	if err != nil {
 		return nil, err
@@ -1300,9 +1093,8 @@ func (app *App) createVolunteer(v Volunteer) (*Volunteer, error) {
 
 func (app *App) updateVolunteer(v Volunteer) error {
 	_, err := app.db.Exec(
-		`UPDATE volunteers SET participant_id=?, attendee_id=?, name=?, preferred_name=?, email=?, phone=?, pronouns=?, department_id=?, is_lead=?, note=?, updated_at=?
+		`UPDATE volunteers SET department_id=?, is_lead=?, note=?, updated_at=?
 		 WHERE id=? AND deleted_at IS NULL`,
-		v.ParticipantID, v.AttendeeID, v.Name, v.PreferredName, v.Email, v.Phone, v.Pronouns,
 		v.DepartmentID, boolInt(v.IsLead), v.Note, now(), v.ID,
 	)
 	return err
@@ -1315,8 +1107,6 @@ func (app *App) deleteVolunteer(id int) error {
 	return err
 }
 
-// markVolunteerReady marks the volunteer as ready and, if linked to an attendee,
-// also increments the attendee's checked_in_count.
 func (app *App) markVolunteerReady(id, userID int) (*Volunteer, error) {
 	t := now()
 	_, err := app.db.Exec(
@@ -1327,14 +1117,7 @@ func (app *App) markVolunteerReady(id, userID int) (*Volunteer, error) {
 	if err != nil {
 		return nil, err
 	}
-	v, err := app.getVolunteer(id)
-	if err != nil || v == nil {
-		return v, err
-	}
-	if v.AttendeeID != nil {
-		app.checkInAttendee(*v.AttendeeID, userID, 1)
-	}
-	return v, nil
+	return app.getVolunteer(id)
 }
 
 func (app *App) confirmVolunteer(id int) (*Volunteer, error) {
@@ -1359,34 +1142,23 @@ func queryVolunteers(db *sql.DB, q string, args ...any) ([]Volunteer, error) {
 	var result []Volunteer
 	for rows.Next() {
 		var v Volunteer
-		var participantID, attendeeID, deptID sql.NullInt64
+		var deptID sql.NullInt64
 		var isLead, ready, confirmed, emailConfirmed int
-		var confirmationToken, confirmedAt, kioskCode sql.NullString
+		var confirmedAt, kioskCode sql.NullString
 		if err := rows.Scan(
-			&v.ID, &participantID, &attendeeID, &v.Name, &v.PreferredName,
-			&v.Email, &v.Phone, &v.Pronouns, &deptID,
-			&isLead, &ready, &v.ReadyAt,
+			&v.ID, &v.ParticipantID,
+			&v.Name, &v.Email, &v.Phone, &v.Pronouns,
+			&deptID, &isLead, &ready, &v.ReadyAt,
 			&confirmed, &confirmedAt,
-			&emailConfirmed, &confirmationToken, &kioskCode, &v.Note,
+			&emailConfirmed, &kioskCode, &v.Note,
 			&v.CreatedAt, &v.UpdatedAt, &v.DeletedAt,
 		); err != nil {
 			return nil, err
 		}
-		if participantID.Valid {
-			id := int(participantID.Int64)
-			v.ParticipantID = &id
-		}
-		if attendeeID.Valid {
-			id := int(attendeeID.Int64)
-			v.AttendeeID = &id
-		}
 		if deptID.Valid {
 			id := int(deptID.Int64)
 			v.DepartmentID = &id
 		}
-		if confirmationToken.Valid {
-			v.ConfirmationToken = &confirmationToken.String
-		}
 		if confirmedAt.Valid {
 			v.ConfirmedAt = &confirmedAt.String
 		}
@@ -1404,7 +1176,7 @@ func queryVolunteers(db *sql.DB, q string, args ...any) ([]Volunteer, error) {
 
 func (app *App) getVolunteerByEmail(email string) (*Volunteer, error) {
 	rows, err := queryVolunteers(app.db,
-		`SELECT `+volunteerSelect+` `+volunteerFrom+` WHERE LOWER(v.email) = LOWER(?) AND v.deleted_at IS NULL LIMIT 1`, email)
+		`SELECT `+volunteerSelect+` `+volunteerFrom+` WHERE LOWER(p.email) = LOWER(?) AND v.deleted_at IS NULL LIMIT 1`, email)
 	if err != nil || len(rows) == 0 {
 		return nil, err
 	}
@@ -1413,17 +1185,24 @@ func (app *App) getVolunteerByEmail(email string) (*Volunteer, error) {
 
 func (app *App) getVolunteerByConfirmationToken(token string) (*Volunteer, error) {
 	rows, err := queryVolunteers(app.db,
-		`SELECT `+volunteerSelect+` `+volunteerFrom+` WHERE v.confirmation_token = ? AND v.deleted_at IS NULL LIMIT 1`, token)
+		`SELECT `+volunteerSelect+` `+volunteerFrom+` WHERE p.confirmation_token = ? AND v.deleted_at IS NULL LIMIT 1`, token)
 	if err != nil || len(rows) == 0 {
 		return nil, err
 	}
 	return &rows[0], nil
 }
 
-func (app *App) confirmVolunteerEmail(id int) error {
+func (app *App) confirmParticipantEmail(participantID int) error {
 	_, err := app.db.Exec(
-		`UPDATE volunteers SET email_confirmed = 1, confirmation_token = NULL, updated_at = ? WHERE id = ?`,
-		now(), id)
+		`UPDATE participants SET email_confirmed = 1, confirmation_token = NULL, updated_at = ? WHERE id = ?`,
+		now(), participantID)
+	return err
+}
+
+func (app *App) setParticipantConfirmationToken(participantID int, token string) error {
+	_, err := app.db.Exec(
+		`UPDATE participants SET confirmation_token = ?, updated_at = ? WHERE id = ?`,
+		token, now(), participantID)
 	return err
 }
 
@@ -1442,11 +1221,10 @@ func (app *App) assignKioskCode(id int, code string) error {
 	return err
 }
 
-// listVolunteersNeedingKioskCode returns email-confirmed volunteers without a kiosk code.
 func (app *App) listVolunteersNeedingKioskCode() ([]Volunteer, error) {
 	return queryVolunteers(app.db, `
 		SELECT `+volunteerSelect+` `+volunteerFrom+`
-		WHERE v.email_confirmed = 1 AND v.kiosk_code IS NULL AND v.deleted_at IS NULL`)
+		WHERE p.email_confirmed = 1 AND v.kiosk_code IS NULL AND v.deleted_at IS NULL`)
 }
 
 func (app *App) generateVolunteerKioskCode() (string, error) {
@@ -1658,7 +1436,7 @@ var errShiftFull = fmt.Errorf("shift is full")
 
 func (app *App) unassignShift(volunteerID, shiftID int) error {
 	_, err := app.db.Exec(
-		`UPDATE volunteer_shifts SET deleted_at = ?, updated_at = ? WHERE volunteer_id=? AND shift_id=?`,
+		`UPDATE volunteer_shifts SET deleted_at=?, updated_at=? WHERE volunteer_id=? AND shift_id=?`,
 		now(), now(), volunteerID, shiftID,
 	)
 	return err
diff --git a/db_test.go b/db_test.go
index 0d453bb..c9e8b68 100644
--- a/db_test.go
+++ b/db_test.go
@@ -197,7 +197,8 @@ func TestAssignAndUnassignShift(t *testing.T) {
 	dept, _ := app.createDepartment(Department{Name: "Gate"})
 	deptID := dept.ID
 	s, _ := app.createShift(Shift{DepartmentID: deptID, Name: "AM", Day: "2026-03-15", StartTime: "08:00", EndTime: "12:00", Capacity: 2})
-	v, _ := app.createVolunteer(Volunteer{Name: "Helena", DepartmentID: &deptID})
+	p, _ := app.createParticipant(Participant{PreferredName: "Helena", Email: "helena@test.com"})
+	v, _ := app.createVolunteer(Volunteer{ParticipantID: p.ID, DepartmentID: &deptID})
 
 	if err := app.assignShift(v.ID, s.ID); err != nil {
 		t.Fatal(err)
@@ -221,7 +222,8 @@ func TestCheckShiftConflict(t *testing.T) {
 
 	dept, _ := app.createDepartment(Department{Name: "Gate"})
 	deptID := dept.ID
-	v, _ := app.createVolunteer(Volunteer{Name: "Hermia", DepartmentID: &deptID})
+	p, _ := app.createParticipant(Participant{PreferredName: "Hermia", Email: "hermia@test.com"})
+	v, _ := app.createVolunteer(Volunteer{ParticipantID: p.ID, DepartmentID: &deptID})
 
 	s1, _ := app.createShift(Shift{DepartmentID: deptID, Name: "Morning", Day: "2026-03-15", StartTime: "08:00", EndTime: "12:00"})
 	s2, _ := app.createShift(Shift{DepartmentID: deptID, Name: "Overlap", Day: "2026-03-15", StartTime: "10:00", EndTime: "14:00"})
@@ -250,7 +252,8 @@ func TestCheckShiftConflictMidnight(t *testing.T) {
 
 	dept, _ := app.createDepartment(Department{Name: "Sound"})
 	deptID := dept.ID
-	v, _ := app.createVolunteer(Volunteer{Name: "Lysander", DepartmentID: &deptID})
+	p, _ := app.createParticipant(Participant{PreferredName: "Lysander", Email: "lysander@test.com"})
+	v, _ := app.createVolunteer(Volunteer{ParticipantID: p.ID, DepartmentID: &deptID})
 
 	// Night shift: 22:00-02:00 (spans midnight)
 	night, _ := app.createShift(Shift{DepartmentID: deptID, Name: "Night", Day: "2026-03-15", StartTime: "22:00", EndTime: "02:00"})
diff --git a/frontend/src/db.js b/frontend/src/db.js
index a09f332..7e96bbc 100644
--- a/frontend/src/db.js
+++ b/frontend/src/db.js
@@ -46,6 +46,11 @@ db.version(4).stores({
   volunteers: 'id, name, department_id, checked_in, participant_id, deleted_at',
 })
 
+db.version(5).stores({
+  volunteers: 'id, participant_id, department_id, deleted_at',
+  participants: 'id, email, preferred_name, email_confirmed, updated_at, deleted_at',
+})
+
 export async function getLastSync() {
   const m = await db.meta.get('last_sync')
   return m?.value ?? ''
diff --git a/handle_kiosk_test.go b/handle_kiosk_test.go
index e385ad3..2bac7cf 100644
--- a/handle_kiosk_test.go
+++ b/handle_kiosk_test.go
@@ -16,7 +16,7 @@ func setupKiosk(t *testing.T) (*App, *http.ServeMux, string) {
 
 	// Create volunteer with a kiosk_code directly on the volunteer record
 	p, _ := app.createParticipant(Participant{Email: "titania@test.com", PreferredName: "Titania"})
-	v, _ := app.createVolunteer(Volunteer{Name: "Titania", ParticipantID: &p.ID, DepartmentID: &deptID})
+	v, _ := app.createVolunteer(Volunteer{ParticipantID: p.ID, DepartmentID: &deptID})
 	token, _ := app.generateVolunteerKioskCode()
 	app.assignKioskCode(v.ID, token)
 
@@ -132,7 +132,8 @@ func TestKioskClaimFull(t *testing.T) {
 	// Shift 2 has capacity 1. Fill it with another volunteer.
 	dept, _ := app.createDepartment(Department{Name: "Build"})
 	deptID := dept.ID
-	other, _ := app.createVolunteer(Volunteer{Name: "Other", DepartmentID: &deptID})
+	otherP, _ := app.createParticipant(Participant{PreferredName: "Other", Email: "other@test.com"})
+	other, _ := app.createVolunteer(Volunteer{ParticipantID: otherP.ID, DepartmentID: &deptID})
 	app.assignShift(other.ID, 2) // fills the capacity-1 shift
 
 	req := httptest.NewRequest("POST", "/api/v/"+token+"/shifts/2", nil)
diff --git a/handle_shifts_test.go b/handle_shifts_test.go
index 8c629b1..940164e 100644
--- a/handle_shifts_test.go
+++ b/handle_shifts_test.go
@@ -55,7 +55,8 @@ func TestShiftAssignVolunteer(t *testing.T) {
 	dept, _ := app.createDepartment(Department{Name: "Gate"})
 	deptID := dept.ID
 	app.createShift(Shift{DepartmentID: deptID, Name: "AM", Day: "2026-03-15", StartTime: "08:00", EndTime: "12:00"})
-	app.createVolunteer(Volunteer{Name: "Titania", DepartmentID: &deptID})
+	p, _ := app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@test.com"})
+	app.createVolunteer(Volunteer{ParticipantID: p.ID, DepartmentID: &deptID})
 
 	// Assign
 	req := testAuthRequest("POST", "/api/shifts/1/volunteers", map[string]any{
@@ -86,7 +87,8 @@ func TestShiftAssignConflict(t *testing.T) {
 	deptID := dept.ID
 	app.createShift(Shift{DepartmentID: deptID, Name: "AM", Day: "2026-03-15", StartTime: "08:00", EndTime: "12:00"})
 	app.createShift(Shift{DepartmentID: deptID, Name: "Overlap", Day: "2026-03-15", StartTime: "10:00", EndTime: "14:00"})
-	app.createVolunteer(Volunteer{Name: "Titania", DepartmentID: &deptID})
+	p, _ := app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@test.com"})
+	app.createVolunteer(Volunteer{ParticipantID: p.ID, DepartmentID: &deptID})
 
 	// Assign to first shift
 	app.assignShift(1, 1)
diff --git a/handle_signup.go b/handle_signup.go
index 77a7c63..1f0fe2e 100644
--- a/handle_signup.go
+++ b/handle_signup.go
@@ -89,17 +89,12 @@ func (app *App) handlePublicSignup(w http.ResponseWriter, r *http.Request) {
 		writeError(w, "internal error", http.StatusInternalServerError)
 		return
 	}
+	app.setParticipantConfirmationToken(participant.ID, confirmToken)
 
 	vol := Volunteer{
-		ParticipantID:     &participant.ID,
-		Name:              body.PreferredName,
-		PreferredName:     body.PreferredName,
-		Email:             body.Email,
-		Phone:             body.Phone,
-		Pronouns:          body.Pronouns,
-		DepartmentID:      body.DepartmentID,
-		Note:              body.Note,
-		ConfirmationToken: &confirmToken,
+		ParticipantID: participant.ID,
+		DepartmentID:  body.DepartmentID,
+		Note:          body.Note,
 	}
 
 	if _, err := app.createVolunteer(vol); err != nil {
@@ -136,7 +131,7 @@ func (app *App) handleConfirmEmail(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if err := app.confirmVolunteerEmail(vol.ID); err != nil {
+	if err := app.confirmParticipantEmail(vol.ParticipantID); err != nil {
 		writeError(w, "internal error", http.StatusInternalServerError)
 		return
 	}
@@ -153,7 +148,7 @@ func (app *App) handleConfirmEmail(w http.ResponseWriter, r *http.Request) {
 				kioskLink := fmt.Sprintf("%s/v/%s", app.resolveBaseURL(), code)
 				response["kiosk_link"] = kioskLink
 				go func() {
-					if err := app.sendShiftSignupEmail(vol.Email, vol.PreferredName, kioskLink); err != nil {
+					if err := app.sendShiftSignupEmail(vol.Email, vol.Name, kioskLink); err != nil {
 						log.Printf("shift signup email to %s failed: %v", vol.Email, err)
 					}
 				}()
@@ -198,7 +193,7 @@ func (app *App) openShiftSignups() {
 	// Email all email-confirmed volunteers that now have a kiosk code.
 	confirmed, _ := queryVolunteers(app.db, `
 		SELECT `+volunteerSelect+` `+volunteerFrom+`
-		WHERE v.email_confirmed = 1 AND v.kiosk_code IS NOT NULL AND v.deleted_at IS NULL`)
+		WHERE p.email_confirmed = 1 AND v.kiosk_code IS NOT NULL AND v.deleted_at IS NULL`)
 	baseURL := app.resolveBaseURL()
 	sent := 0
 
@@ -207,11 +202,7 @@ func (app *App) openShiftSignups() {
 			continue
 		}
 		kioskLink := fmt.Sprintf("%s/v/%s", baseURL, *v.KioskCode)
-		name := v.PreferredName
-		if name == "" {
-			name = v.Name
-		}
-		if err := app.sendShiftSignupEmail(v.Email, name, kioskLink); err == nil {
+		if err := app.sendShiftSignupEmail(v.Email, v.Name, kioskLink); err == nil {
 			sent++
 		} else {
 			log.Printf("shift signup email to %s failed: %v", v.Email, err)
diff --git a/handle_signup_test.go b/handle_signup_test.go
index 2b63c16..62f59d1 100644
--- a/handle_signup_test.go
+++ b/handle_signup_test.go
@@ -58,27 +58,27 @@ func TestPublicSignup(t *testing.T) {
 	if err != nil || vol == nil {
 		t.Fatal("volunteer not created")
 	}
-	if vol.PreferredName != "Titania" {
-		t.Errorf("preferred_name = %q, want Titania", vol.PreferredName)
+	if vol.Name != "Titania" {
+		t.Errorf("name = %q, want Titania", vol.Name)
 	}
 	if vol.Pronouns != "she/they" {
 		t.Errorf("pronouns = %q, want she/they", vol.Pronouns)
 	}
-	if vol.ConfirmationToken == nil || *vol.ConfirmationToken == "" {
-		t.Error("expected confirmation token to be set")
-	}
 	if vol.EmailConfirmed {
 		t.Error("should not be confirmed yet")
 	}
 
 	// Participant should be auto-created and linked
-	if vol.ParticipantID == nil {
+	if vol.ParticipantID == 0 {
 		t.Fatal("expected participant to be linked")
 	}
-	p, _ := app.getParticipant(*vol.ParticipantID)
+	p, _ := app.getParticipant(vol.ParticipantID)
 	if p == nil {
 		t.Fatal("linked participant not found")
 	}
+	if p.ConfirmationToken == nil || *p.ConfirmationToken == "" {
+		t.Error("expected confirmation token on participant")
+	}
 	if p.Email != "titania@example.com" {
 		t.Errorf("participant email = %q, want titania@example.com", p.Email)
 	}
@@ -105,8 +105,8 @@ func TestPublicSignupAutoMatchParticipant(t *testing.T) {
 	if vol == nil {
 		t.Fatal("volunteer not created")
 	}
-	if vol.ParticipantID == nil || *vol.ParticipantID != existing.ID {
-		t.Errorf("expected volunteer linked to existing participant %d, got %v", existing.ID, vol.ParticipantID)
+	if vol.ParticipantID == 0 || vol.ParticipantID != existing.ID {
+		t.Errorf("expected volunteer linked to existing participant %d, got %d", existing.ID, vol.ParticipantID)
 	}
 }
 
@@ -200,12 +200,8 @@ func TestConfirmEmail(t *testing.T) {
 	mux := testMux(app)
 
 	token := "abc123def456"
-	app.createVolunteer(Volunteer{
-		Name:              "Titania",
-		PreferredName:     "Titania",
-		Email:             "titania@example.com",
-		ConfirmationToken: &token,
-	})
+	p, _ := app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@example.com", ConfirmationToken: &token})
+	app.createVolunteer(Volunteer{ParticipantID: p.ID})
 
 	w := httptest.NewRecorder()
 	mux.ServeHTTP(w, testRequest("POST", "/api/public/confirm", map[string]any{"token": token}))
@@ -217,12 +213,13 @@ func TestConfirmEmail(t *testing.T) {
 		t.Errorf("expected confirmed, got %v", result["status"])
 	}
 
-	// Verify volunteer is confirmed
+	// Verify participant is email confirmed
 	vol, _ := app.getVolunteerByEmail("titania@example.com")
 	if vol == nil || !vol.EmailConfirmed {
-		t.Error("volunteer should be email confirmed")
+		t.Error("volunteer should show email confirmed via participant")
 	}
-	if vol.ConfirmationToken != nil {
+	updatedP, _ := app.getParticipant(p.ID)
+	if updatedP.ConfirmationToken != nil {
 		t.Error("confirmation token should be cleared after confirmation")
 	}
 }
@@ -247,12 +244,8 @@ func TestConfirmEmailAlreadyConfirmed(t *testing.T) {
 	mux := testMux(app)
 
 	token := "abc123def456"
-	app.createVolunteer(Volunteer{
-		Name:              "Titania",
-		PreferredName:     "Titania",
-		Email:             "titania@example.com",
-		ConfirmationToken: &token,
-	})
+	p, _ := app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@example.com", ConfirmationToken: &token})
+	app.createVolunteer(Volunteer{ParticipantID: p.ID})
 
 	// Confirm first time
 	w := httptest.NewRecorder()
@@ -277,15 +270,9 @@ func TestConfirmEmailWithSignupsOpen(t *testing.T) {
 	app.db.Exec(`INSERT OR REPLACE INTO config (key, value) VALUES ('shift_signups_open', 'true')`)
 	app.baseURL = "https://example.com"
 
-	participant, _ := app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@example.com"})
 	token := "abc123def456"
-	app.createVolunteer(Volunteer{
-		Name:              "Titania",
-		PreferredName:     "Titania",
-		Email:             "titania@example.com",
-		ParticipantID:     &participant.ID,
-		ConfirmationToken: &token,
-	})
+	participant, _ := app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@example.com", ConfirmationToken: &token})
+	app.createVolunteer(Volunteer{ParticipantID: participant.ID})
 
 	w := httptest.NewRecorder()
 	mux.ServeHTTP(w, testRequest("POST", "/api/public/confirm", map[string]any{"token": token}))
@@ -327,10 +314,10 @@ func TestPublicSignupTicketNameDoesNotOverwritePreferredName(t *testing.T) {
 	}
 
 	vol, _ := app.getVolunteerByEmail("titania@example.com")
-	if vol == nil || vol.ParticipantID == nil {
+	if vol == nil || vol.ParticipantID == 0 {
 		t.Fatal("volunteer/participant not created")
 	}
-	p, _ := app.getParticipant(*vol.ParticipantID)
+	p, _ := app.getParticipant(vol.ParticipantID)
 	if p == nil {
 		t.Fatal("participant not found")
 	}
@@ -349,15 +336,9 @@ func TestConfirmEmailAssignsKioskCode(t *testing.T) {
 	app.db.Exec(`INSERT OR REPLACE INTO config (key, value) VALUES ('shift_signups_open', 'true')`)
 	app.baseURL = "https://example.com"
 
-	participant, _ := app.createParticipant(Participant{PreferredName: "Titania", TicketName: "Titania Fairweather", Email: "titania@example.com"})
 	token := "abc123def456"
-	app.createVolunteer(Volunteer{
-		Name:              "Titania",
-		PreferredName:     "Titania",
-		Email:             "titania@example.com",
-		ParticipantID:     &participant.ID,
-		ConfirmationToken: &token,
-	})
+	participant, _ := app.createParticipant(Participant{PreferredName: "Titania", TicketName: "Titania Fairweather", Email: "titania@example.com", ConfirmationToken: &token})
+	app.createVolunteer(Volunteer{ParticipantID: participant.ID})
 
 	w := httptest.NewRecorder()
 	mux.ServeHTTP(w, testRequest("POST", "/api/public/confirm", map[string]any{"token": token}))
diff --git a/handle_volunteers.go b/handle_volunteers.go
index 0a9fec0..5d086ad 100644
--- a/handle_volunteers.go
+++ b/handle_volunteers.go
@@ -35,54 +35,62 @@ func (app *App) handleListVolunteers(w http.ResponseWriter, r *http.Request) {
 
 func (app *App) handleCreateVolunteer(w http.ResponseWriter, r *http.Request) {
 	var body struct {
-		Volunteer
-		TicketName string `json:"ticket_name"`
+		Name         string `json:"name"`
+		TicketName   string `json:"ticket_name"`
+		Email        string `json:"email"`
+		DepartmentID *int   `json:"department_id"`
+		IsLead       bool   `json:"is_lead"`
+		Note         string `json:"note"`
 	}
 	if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
 		writeError(w, "invalid request", http.StatusBadRequest)
 		return
 	}
-	v := body.Volunteer
-	if v.Name == "" {
+	if body.Name == "" {
 		writeError(w, "name is required", http.StatusBadRequest)
 		return
 	}
-	if v.Email == "" {
+	if body.Email == "" {
 		writeError(w, "email is required", http.StatusBadRequest)
 		return
 	}
 	claims := claimsFromContext(r)
 	if claims.Role == "colead" {
-		if v.DepartmentID == nil || !inSlice(*v.DepartmentID, claims.DeptIDs) {
+		if body.DepartmentID == nil || !inSlice(*body.DepartmentID, claims.DeptIDs) {
 			writeError(w, "forbidden: outside your department", http.StatusForbidden)
 			return
 		}
 	}
-	if v.Email != "" && v.ParticipantID == nil {
-		p, _ := app.getParticipantByEmail(v.Email)
-		if p == nil {
-			p, _ = app.createParticipant(Participant{PreferredName: v.Name, Email: v.Email, TicketName: body.TicketName})
-		} else if body.TicketName != "" && p.TicketName == "" {
-			app.db.Exec(`UPDATE participants SET ticket_name = ?, updated_at = ? WHERE id = ?`, body.TicketName, now(), p.ID)
-		}
-		if p != nil {
-			v.ParticipantID = &p.ID
-		}
+	p, _ := app.getParticipantByEmail(body.Email)
+	if p == nil {
+		p, _ = app.createParticipant(Participant{PreferredName: body.Name, Email: body.Email, TicketName: body.TicketName})
+	} else if body.TicketName != "" && p.TicketName == "" {
+		app.db.Exec(`UPDATE participants SET ticket_name = ?, updated_at = ? WHERE id = ?`, body.TicketName, now(), p.ID)
+	}
+	if p == nil {
+		writeError(w, "failed to create participant", http.StatusInternalServerError)
+		return
 	}
 	confirmToken, err := generateConfirmationToken()
 	if err != nil {
 		writeError(w, "internal error", http.StatusInternalServerError)
 		return
 	}
-	v.ConfirmationToken = &confirmToken
+	app.setParticipantConfirmationToken(p.ID, confirmToken)
+	v := Volunteer{
+		ParticipantID: p.ID,
+		DepartmentID:  body.DepartmentID,
+		IsLead:        body.IsLead,
+		Note:          body.Note,
+	}
 	created, err := app.createVolunteer(v)
 	if err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	go func() {
-		if err := app.sendConfirmationEmail(v.Email, v.Name, confirmToken); err != nil {
-			log.Printf("confirmation email to %s failed: %v", v.Email, err)
+		if err := app.sendConfirmationEmail(body.Email, body.Name, confirmToken); err != nil {
+			log.Printf("confirmation email to %s failed: %v", body.Email, err)
 		}
 	}()
 	w.WriteHeader(http.StatusCreated)
@@ -109,13 +117,13 @@ func (app *App) handleUpdateVolunteer(w http.ResponseWriter, r *http.Request) {
 		writeError(w, "invalid id", http.StatusBadRequest)
 		return
 	}
-	var v Volunteer
-	if err := json.NewDecoder(r.Body).Decode(&v); err != nil {
-		writeError(w, "invalid request", http.StatusBadRequest)
-		return
+	var body struct {
+		DepartmentID *int   `json:"department_id"`
+		IsLead       bool   `json:"is_lead"`
+		Note         string `json:"note"`
 	}
-	if v.Name == "" {
-		writeError(w, "name is required", http.StatusBadRequest)
+	if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
+		writeError(w, "invalid request", http.StatusBadRequest)
 		return
 	}
 	claims := claimsFromContext(r)
@@ -126,12 +134,16 @@ func (app *App) handleUpdateVolunteer(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 	}
-	v.ID = id
+	v := Volunteer{
+		ID:           id,
+		DepartmentID: body.DepartmentID,
+		IsLead:       body.IsLead,
+		Note:         body.Note,
+	}
 	if err := app.updateVolunteer(v); err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
-
 	if v.IsLead {
 		app.confirmVolunteer(id)
 	}
diff --git a/handle_volunteers_test.go b/handle_volunteers_test.go
index e10815c..ab51b9b 100644
--- a/handle_volunteers_test.go
+++ b/handle_volunteers_test.go
@@ -14,10 +14,8 @@ func TestConfirmVolunteer(t *testing.T) {
 
 	dept, _ := app.createDepartment(Department{Name: "Gate"})
 	deptID := dept.ID
-	v, _ := app.createVolunteer(Volunteer{
-		Name: "Titania", Email: "titania@test.com",
-		DepartmentID: &deptID, EmailConfirmed: true,
-	})
+	p, _ := app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@test.com", EmailConfirmed: true})
+	v, _ := app.createVolunteer(Volunteer{ParticipantID: p.ID, DepartmentID: &deptID})
 
 	w := httptest.NewRecorder()
 	mux.ServeHTTP(w, testAuthRequest("POST", "/api/volunteers/"+itoa(v.ID)+"/confirm", nil, tok))
@@ -46,7 +44,8 @@ func TestConfirmVolunteerIdempotent(t *testing.T) {
 	admin := testAdminUser(t, app)
 	tok := testToken(t, app, admin)
 
-	v, _ := app.createVolunteer(Volunteer{Name: "Puck", Email: "puck@test.com", EmailConfirmed: true})
+	p, _ := app.createParticipant(Participant{PreferredName: "Puck", Email: "puck@test.com", EmailConfirmed: true})
+	v, _ := app.createVolunteer(Volunteer{ParticipantID: p.ID})
 
 	// Confirm twice — second should be a no-op, not an error.
 	w := httptest.NewRecorder()
@@ -70,7 +69,8 @@ func TestConfirmVolunteerRequiresRole(t *testing.T) {
 	ticketing := testUserWithRole(t, app, "ticket_lead", "ticketing", nil)
 	tok := testToken(t, app, ticketing)
 
-	v, _ := app.createVolunteer(Volunteer{Name: "Helena", EmailConfirmed: true})
+	p, _ := app.createParticipant(Participant{PreferredName: "Helena", EmailConfirmed: true})
+	v, _ := app.createVolunteer(Volunteer{ParticipantID: p.ID})
 
 	w := httptest.NewRecorder()
 	mux.ServeHTTP(w, testAuthRequest("POST", "/api/volunteers/"+itoa(v.ID)+"/confirm", nil, tok))
@@ -86,12 +86,13 @@ func TestUpdateVolunteerDepartment(t *testing.T) {
 	tok := testToken(t, app, admin)
 
 	dept, _ := app.createDepartment(Department{Name: "Gate"})
-	v, _ := app.createVolunteer(Volunteer{Name: "Hermia"})
+	p, _ := app.createParticipant(Participant{PreferredName: "Hermia"})
+	v, _ := app.createVolunteer(Volunteer{ParticipantID: p.ID})
 
 	// Assign department via update.
 	w := httptest.NewRecorder()
 	mux.ServeHTTP(w, testAuthRequest("PUT", "/api/volunteers/"+itoa(v.ID), map[string]any{
-		"name": "Hermia", "department_id": dept.ID,
+		"department_id": dept.ID,
 	}, tok))
 	if w.Code != 200 {
 		t.Fatalf("expected 200, got %d: %s", w.Code, w.Body.String())
@@ -111,10 +112,8 @@ func TestUpdateVolunteerCoLeadAutoConfirms(t *testing.T) {
 
 	dept, _ := app.createDepartment(Department{Name: "Build"})
 	deptID := dept.ID
-	v, _ := app.createVolunteer(Volunteer{
-		Name: "Lysander", Email: "lys@test.com",
-		DepartmentID: &deptID, EmailConfirmed: true,
-	})
+	p, _ := app.createParticipant(Participant{PreferredName: "Lysander", Email: "lys@test.com", EmailConfirmed: true})
+	v, _ := app.createVolunteer(Volunteer{ParticipantID: p.ID, DepartmentID: &deptID})
 
 	// Verify not confirmed before update.
 	got, _ := app.getVolunteer(v.ID)
@@ -125,7 +124,7 @@ func TestUpdateVolunteerCoLeadAutoConfirms(t *testing.T) {
 	// Update is_lead=true should auto-confirm.
 	w := httptest.NewRecorder()
 	mux.ServeHTTP(w, testAuthRequest("PUT", "/api/volunteers/"+itoa(v.ID), map[string]any{
-		"name": "Lysander", "department_id": deptID, "is_lead": true,
+		"department_id": deptID, "is_lead": true,
 	}, tok))
 	if w.Code != 200 {
 		t.Fatalf("expected 200, got %d: %s", w.Code, w.Body.String())

From e640bf8bedbddd09341c79f381a4d4a268d00e15 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Tue, 10 Mar 2026 13:01:35 -0500
Subject: [PATCH 35/47] Removed `v` prefix from git tag recipes

---
 Makefile | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/Makefile b/Makefile
index 30bca30..a8de0d3 100644
--- a/Makefile
+++ b/Makefile
@@ -1,9 +1,9 @@
 .PHONY: build frontend-build dev clean test patch minor major
 
 LAST_TAG := $(shell git tag --sort=-v:refname | head -1)
-MAJOR := $(shell echo $(LAST_TAG) | sed 's/^v//' | cut -d. -f1)
-MINOR := $(shell echo $(LAST_TAG) | sed 's/^v//' | cut -d. -f2)
-PATCH := $(shell echo $(LAST_TAG) | sed 's/^v//' | cut -d. -f3)
+MAJOR := $(shell echo $(LAST_TAG) | cut -d. -f1)
+MINOR := $(shell echo $(LAST_TAG) | cut -d. -f2)
+PATCH := $(shell echo $(LAST_TAG) | cut -d. -f3)
 
 build: frontend-build
 	CGO_ENABLED=0 go build -ldflags "-X main.buildID=$$(git rev-parse --short HEAD)" -o turnpike .
@@ -25,13 +25,13 @@ clean:
 	rm -rf frontend/dist
 
 patch:
-	git tag v$(MAJOR).$(MINOR).$(shell echo $$(($(PATCH)+1)))
-	@echo "Tagged v$(MAJOR).$(MINOR).$(shell echo $$(($(PATCH)+1)))"
+	git tag $(MAJOR).$(MINOR).$(shell echo $$(($(PATCH)+1)))
+	@echo "Tagged $(MAJOR).$(MINOR).$(shell echo $$(($(PATCH)+1)))"
 
 minor:
-	git tag v$(MAJOR).$(shell echo $$(($(MINOR)+1))).0
-	@echo "Tagged v$(MAJOR).$(shell echo $$(($(MINOR)+1))).0"
+	git tag $(MAJOR).$(shell echo $$(($(MINOR)+1))).0
+	@echo "Tagged $(MAJOR).$(shell echo $$(($(MINOR)+1))).0"
 
 major:
-	git tag v$(shell echo $$(($(MAJOR)+1))).0.0
-	@echo "Tagged v$(shell echo $$(($(MAJOR)+1))).0.0"
+	git tag $(shell echo $$(($(MAJOR)+1))).0.0
+	@echo "Tagged $(shell echo $$(($(MAJOR)+1))).0.0"

From 1eb6a99ff6746d03a41d88ce59198130902a2ad8 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Tue, 10 Mar 2026 14:08:00 -0500
Subject: [PATCH 36/47] Refactored user/volunteer/participant identity.

---
 auth.go                                 |  30 +--
 auth_test.go                            |  15 +-
 db.go                                   | 290 +++++++++++++++++++-----
 db_test.go                              |   2 +-
 frontend/src/App.svelte                 |   9 +-
 frontend/src/api.js                     |   4 +-
 frontend/src/api.test.js                |   4 +-
 frontend/src/components/Nav.svelte      |   7 +-
 frontend/src/db.js                      |   2 +
 frontend/src/db.test.js                 |   4 +-
 frontend/src/pages/Dashboard.svelte     |  23 +-
 frontend/src/pages/Departments.svelte   |   7 +-
 frontend/src/pages/Login.svelte         |   8 +-
 frontend/src/pages/Participants.svelte  |   5 +-
 frontend/src/pages/ScheduleBoard.svelte |   7 +-
 frontend/src/pages/Users.svelte         |  86 ++++---
 frontend/src/pages/Volunteers.svelte    |   9 +-
 handle_attendees_test.go                |  12 +-
 handle_auth.go                          |   8 +-
 handle_participants.go                  |   2 +-
 handle_settings_test.go                 |   4 +-
 handle_shifts.go                        |   6 +-
 handle_sync_test.go                     |  25 +-
 handle_users.go                         |  36 +--
 handle_volunteers.go                    |   8 +-
 handle_volunteers_test.go               |   8 +-
 main.go                                 | 102 ++++-----
 testutil_test.go                        |  11 +-
 28 files changed, 469 insertions(+), 265 deletions(-)

diff --git a/auth.go b/auth.go
index c2d11af..0cc812a 100644
--- a/auth.go
+++ b/auth.go
@@ -12,10 +12,10 @@ import (
 )
 
 type Claims struct {
-	UserID   int    `json:"uid"`
-	Username string `json:"sub"`
-	Role     string `json:"role"`
-	DeptIDs  []int  `json:"dept_ids,omitempty"`
+	ParticipantID int      `json:"pid"`
+	Email         string   `json:"sub"`
+	Roles         []string `json:"roles"`
+	DeptIDs       []int    `json:"dept_ids,omitempty"`
 	jwt.RegisteredClaims
 }
 
@@ -28,13 +28,13 @@ func checkPassword(hash, password string) bool {
 	return bcrypt.CompareHashAndPassword([]byte(hash), []byte(password)) == nil
 }
 
-func (app *App) signToken(u *User) (string, error) {
+func (app *App) signToken(s *User) (string, error) {
 	expiry := time.Duration(app.tokenExpiry) * time.Hour
 	claims := Claims{
-		UserID:   u.ID,
-		Username: u.Username,
-		Role:     u.Role,
-		DeptIDs:  u.DepartmentIDs,
+		ParticipantID: s.ID,
+		Email:         s.Email,
+		Roles:         s.Roles,
+		DeptIDs:       s.DepartmentIDs,
 		RegisteredClaims: jwt.RegisteredClaims{
 			ExpiresAt: jwt.NewNumericDate(time.Now().Add(expiry)),
 			IssuedAt:  jwt.NewNumericDate(time.Now()),
@@ -88,7 +88,7 @@ func (app *App) requireAuth(next http.HandlerFunc, roles ...string) http.Handler
 			writeError(w, "unauthorized", http.StatusUnauthorized)
 			return
 		}
-		if len(roles) > 0 && !hasRole(claims.Role, roles) {
+		if len(roles) > 0 && !hasAnyRole(claims.Roles, roles) {
 			writeError(w, "forbidden", http.StatusForbidden)
 			return
 		}
@@ -97,10 +97,12 @@ func (app *App) requireAuth(next http.HandlerFunc, roles ...string) http.Handler
 	}
 }
 
-func hasRole(role string, allowed []string) bool {
-	for _, r := range allowed {
-		if r == role {
-			return true
+func hasAnyRole(roles []string, allowed []string) bool {
+	for _, r := range roles {
+		for _, a := range allowed {
+			if r == a {
+				return true
+			}
 		}
 	}
 	return false
diff --git a/auth_test.go b/auth_test.go
index f611bc1..602c6cf 100644
--- a/auth_test.go
+++ b/auth_test.go
@@ -12,7 +12,7 @@ func TestLoginValid(t *testing.T) {
 	mux := testMux(app)
 
 	req := testRequest("POST", "/api/login", map[string]string{
-		"username": admin.Username,
+		"email":    admin.Email,
 		"password": "admin123",
 	})
 	w := httptest.NewRecorder()
@@ -26,7 +26,7 @@ func TestLoginValid(t *testing.T) {
 		t.Error("missing token in response")
 	}
 	user, ok := result["user"].(map[string]any)
-	if !ok || user["username"] != "admin" {
+	if !ok || user["email"] != "oberon@athens.example" {
 		t.Errorf("user = %v", result["user"])
 	}
 }
@@ -37,7 +37,7 @@ func TestLoginWrongPassword(t *testing.T) {
 	mux := testMux(app)
 
 	req := testRequest("POST", "/api/login", map[string]string{
-		"username": "admin",
+		"email":    "oberon@athens.example",
 		"password": "wrong",
 	})
 	w := httptest.NewRecorder()
@@ -53,7 +53,7 @@ func TestLoginNonexistentUser(t *testing.T) {
 	mux := testMux(app)
 
 	req := testRequest("POST", "/api/login", map[string]string{
-		"username": "nobody",
+		"email":    "nobody@test.com",
 		"password": "test",
 	})
 	w := httptest.NewRecorder()
@@ -94,8 +94,7 @@ func TestAuthMiddlewareRoleEnforcement(t *testing.T) {
 	app := testApp(t)
 	mux := testMux(app)
 
-	// Create a gate user — should not be able to access /api/users (admin only)
-	gate := testUserWithRole(t, app, "gateuser", "gatekeeper", []int{})
+	gate := testUserWithRoles(t, app, "Starveling", []string{"gatekeeper"}, []int{})
 	token := testToken(t, app, gate)
 
 	req := testAuthRequest("GET", "/api/users", nil, token)
@@ -121,7 +120,7 @@ func TestMeEndpoint(t *testing.T) {
 		t.Fatalf("status = %d", w.Code)
 	}
 	result := parseJSON(t, w)
-	if result["username"] != "admin" {
-		t.Errorf("username = %v", result["username"])
+	if result["email"] != "oberon@athens.example" {
+		t.Errorf("email = %v", result["email"])
 	}
 }
diff --git a/db.go b/db.go
index bda44ed..99b335c 100644
--- a/db.go
+++ b/db.go
@@ -40,20 +40,6 @@ func migrate(db *sql.DB) error {
 		updated_at  TEXT NOT NULL DEFAULT (datetime('now'))
 	);
 
-	CREATE TABLE IF NOT EXISTS users (
-		id            INTEGER PRIMARY KEY AUTOINCREMENT,
-		username      TEXT NOT NULL UNIQUE,
-		password_hash TEXT NOT NULL,
-		role          TEXT NOT NULL CHECK(role IN ('admin','ticketing','staffing','colead','gatekeeper')),
-		created_at    TEXT NOT NULL DEFAULT (datetime('now'))
-	);
-
-	CREATE TABLE IF NOT EXISTS user_departments (
-		user_id       INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE,
-		department_id INTEGER NOT NULL REFERENCES departments(id) ON DELETE CASCADE,
-		PRIMARY KEY (user_id, department_id)
-	);
-
 	CREATE TABLE IF NOT EXISTS departments (
 		id          INTEGER PRIMARY KEY AUTOINCREMENT,
 		name        TEXT NOT NULL UNIQUE,
@@ -75,7 +61,7 @@ func migrate(db *sql.DB) error {
 		checked_in       INTEGER NOT NULL DEFAULT 0,
 		checked_in_count INTEGER NOT NULL DEFAULT 0,
 		checked_in_at    TEXT,
-		checked_in_by    INTEGER REFERENCES users(id),
+		checked_in_by    INTEGER REFERENCES participants(id),
 		note             TEXT NOT NULL DEFAULT '',
 		created_at       TEXT NOT NULL DEFAULT (datetime('now')),
 		updated_at       TEXT NOT NULL DEFAULT (datetime('now')),
@@ -154,7 +140,7 @@ func migrate(db *sql.DB) error {
 		order_id       TEXT NOT NULL DEFAULT '',
 		code           TEXT UNIQUE,
 		checked_in_at  TEXT,
-		checked_in_by  INTEGER REFERENCES users(id),
+		checked_in_by  INTEGER REFERENCES participants(id),
 		created_at     TEXT NOT NULL DEFAULT (datetime('now')),
 		updated_at     TEXT NOT NULL DEFAULT (datetime('now')),
 		deleted_at     TEXT
@@ -162,10 +148,99 @@ func migrate(db *sql.DB) error {
 
 	CREATE UNIQUE INDEX IF NOT EXISTS idx_tickets_source_external
 		ON tickets(source, external_id) WHERE external_id != '' AND deleted_at IS NULL;
+
+	CREATE TABLE IF NOT EXISTS participant_roles (
+		participant_id INTEGER NOT NULL REFERENCES participants(id) ON DELETE CASCADE,
+		role           TEXT NOT NULL CHECK(role IN ('admin','staffing','colead','gatekeeper')),
+		PRIMARY KEY (participant_id, role)
+	);
+
+	CREATE TABLE IF NOT EXISTS participant_departments (
+		participant_id INTEGER NOT NULL REFERENCES participants(id) ON DELETE CASCADE,
+		department_id  INTEGER NOT NULL REFERENCES departments(id) ON DELETE CASCADE,
+		PRIMARY KEY (participant_id, department_id)
+	);
 	`)
 	if err != nil {
 		return err
 	}
+	if err := migrateAuth(db); err != nil {
+		return err
+	}
+	return nil
+}
+
+func migrateAuth(db *sql.DB) error {
+	// Add auth columns to participants (idempotent — ignore "duplicate column" errors).
+	db.Exec(`ALTER TABLE participants ADD COLUMN password_hash TEXT`)
+	db.Exec(`ALTER TABLE participants ADD COLUMN login_enabled INTEGER NOT NULL DEFAULT 0`)
+
+	// Migrate users → participants if the old users table exists.
+	var hasUsers int
+	if err := db.QueryRow(`SELECT COUNT(*) FROM sqlite_master WHERE type='table' AND name='users'`).Scan(&hasUsers); err != nil || hasUsers == 0 {
+		return nil
+	}
+
+	// Collect all users first (single connection — can't query and exec concurrently).
+	type oldUser struct {
+		id   int
+		name string
+		hash string
+		role string
+	}
+	rows, err := db.Query(`SELECT id, username, password_hash, role FROM users`)
+	if err != nil {
+		return nil
+	}
+	var users []oldUser
+	for rows.Next() {
+		var u oldUser
+		if err := rows.Scan(&u.id, &u.name, &u.hash, &u.role); err != nil {
+			continue
+		}
+		if u.role == "ticketing" {
+			u.role = "admin"
+		}
+		users = append(users, u)
+	}
+	rows.Close()
+
+	// Collect department assignments.
+	type deptAssign struct {
+		userID int
+		deptID int
+	}
+	deptRows, err := db.Query(`SELECT user_id, department_id FROM user_departments`)
+	var deptAssigns []deptAssign
+	if err == nil {
+		for deptRows.Next() {
+			var da deptAssign
+			deptRows.Scan(&da.userID, &da.deptID)
+			deptAssigns = append(deptAssigns, da)
+		}
+		deptRows.Close()
+	}
+
+	// Now insert with the connection free.
+	for _, u := range users {
+		res, err := db.Exec(
+			`INSERT INTO participants (preferred_name, password_hash, login_enabled, updated_at) VALUES (?, ?, 1, ?)`,
+			u.name, u.hash, now(),
+		)
+		if err != nil {
+			continue
+		}
+		pid, _ := res.LastInsertId()
+		db.Exec(`INSERT OR IGNORE INTO participant_roles (participant_id, role) VALUES (?, ?)`, pid, u.role)
+		for _, da := range deptAssigns {
+			if da.userID == u.id {
+				db.Exec(`INSERT OR IGNORE INTO participant_departments (participant_id, department_id) VALUES (?, ?)`, pid, da.deptID)
+			}
+		}
+	}
+
+	db.Exec(`DROP TABLE IF EXISTS user_departments`)
+	db.Exec(`DROP TABLE IF EXISTS users`)
 	return nil
 }
 
@@ -190,11 +265,12 @@ type Event struct {
 }
 
 type User struct {
-	ID            int    `json:"id"`
-	Username      string `json:"username"`
-	Role          string `json:"role"`
-	DepartmentIDs []int  `json:"department_ids"`
-	CreatedAt     string `json:"created_at"`
+	ID            int      `json:"id"`
+	Email         string   `json:"email"`
+	PreferredName string   `json:"preferred_name"`
+	Roles         []string `json:"roles"`
+	DepartmentIDs []int    `json:"department_ids"`
+	CreatedAt     string   `json:"created_at"`
 }
 
 type Attendee struct {
@@ -325,11 +401,45 @@ func (app *App) upsertEvent(e Event) error {
 	return err
 }
 
-// --- Users ---
+// --- Staff (participants with login_enabled) ---
 
-func (app *App) getUserDeptIDs(userID int) ([]int, error) {
+func (app *App) getParticipantRoles(participantID int) ([]string, error) {
 	rows, err := app.db.Query(
-		`SELECT department_id FROM user_departments WHERE user_id = ? ORDER BY department_id`, userID,
+		`SELECT role FROM participant_roles WHERE participant_id = ? ORDER BY role`, participantID,
+	)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+	var roles []string
+	for rows.Next() {
+		var r string
+		rows.Scan(&r)
+		roles = append(roles, r)
+	}
+	if roles == nil {
+		roles = []string{}
+	}
+	return roles, rows.Err()
+}
+
+func (app *App) setParticipantRoles(participantID int, roles []string) error {
+	if _, err := app.db.Exec(`DELETE FROM participant_roles WHERE participant_id = ?`, participantID); err != nil {
+		return err
+	}
+	for _, role := range roles {
+		if _, err := app.db.Exec(
+			`INSERT INTO participant_roles (participant_id, role) VALUES (?, ?)`, participantID, role,
+		); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (app *App) getUserDeptIDs(participantID int) ([]int, error) {
+	rows, err := app.db.Query(
+		`SELECT department_id FROM participant_departments WHERE participant_id = ? ORDER BY department_id`, participantID,
 	)
 	if err != nil {
 		return nil, err
@@ -347,14 +457,13 @@ func (app *App) getUserDeptIDs(userID int) ([]int, error) {
 	return ids, rows.Err()
 }
 
-func (app *App) setUserDeptIDs(userID int, deptIDs []int) error {
-	_, err := app.db.Exec(`DELETE FROM user_departments WHERE user_id = ?`, userID)
-	if err != nil {
+func (app *App) setUserDeptIDs(participantID int, deptIDs []int) error {
+	if _, err := app.db.Exec(`DELETE FROM participant_departments WHERE participant_id = ?`, participantID); err != nil {
 		return err
 	}
 	for _, deptID := range deptIDs {
 		if _, err := app.db.Exec(
-			`INSERT INTO user_departments (user_id, department_id) VALUES (?, ?)`, userID, deptID,
+			`INSERT INTO participant_departments (participant_id, department_id) VALUES (?, ?)`, participantID, deptID,
 		); err != nil {
 			return err
 		}
@@ -362,98 +471,157 @@ func (app *App) setUserDeptIDs(userID int, deptIDs []int) error {
 	return nil
 }
 
-func (app *App) getUserByUsername(username string) (*User, string, error) {
-	var u User
-	var hash string
+func (app *App) getLoginParticipant(email string) (*User, string, error) {
+	var s User
+	var hash sql.NullString
 	err := app.db.QueryRow(
-		`SELECT id, username, password_hash, role, created_at FROM users WHERE username = ?`, username,
-	).Scan(&u.ID, &u.Username, &hash, &u.Role, &u.CreatedAt)
+		`SELECT id, email, preferred_name, password_hash, created_at
+		 FROM participants WHERE LOWER(email) = LOWER(?) AND login_enabled = 1 AND deleted_at IS NULL`, email,
+	).Scan(&s.ID, &s.Email, &s.PreferredName, &hash, &s.CreatedAt)
 	if err == sql.ErrNoRows {
 		return nil, "", nil
 	}
 	if err != nil {
 		return nil, "", err
 	}
-	u.DepartmentIDs, err = app.getUserDeptIDs(u.ID)
-	return &u, hash, err
+	var hashStr string
+	if hash.Valid {
+		hashStr = hash.String
+	}
+	s.Roles, _ = app.getParticipantRoles(s.ID)
+	s.DepartmentIDs, _ = app.getUserDeptIDs(s.ID)
+	return &s, hashStr, nil
 }
 
-func (app *App) getUserByID(id int) (*User, error) {
-	var u User
+func (app *App) getUser(id int) (*User, error) {
+	var s User
 	err := app.db.QueryRow(
-		`SELECT id, username, role, created_at FROM users WHERE id = ?`, id,
-	).Scan(&u.ID, &u.Username, &u.Role, &u.CreatedAt)
+		`SELECT id, email, preferred_name, created_at
+		 FROM participants WHERE id = ? AND login_enabled = 1 AND deleted_at IS NULL`, id,
+	).Scan(&s.ID, &s.Email, &s.PreferredName, &s.CreatedAt)
 	if err == sql.ErrNoRows {
 		return nil, nil
 	}
 	if err != nil {
 		return nil, err
 	}
-	u.DepartmentIDs, err = app.getUserDeptIDs(u.ID)
-	return &u, err
+	s.Roles, _ = app.getParticipantRoles(s.ID)
+	s.DepartmentIDs, _ = app.getUserDeptIDs(s.ID)
+	return &s, nil
 }
 
 func (app *App) listUsers() ([]User, error) {
 	rows, err := app.db.Query(
-		`SELECT id, username, role, created_at FROM users ORDER BY username`,
+		`SELECT id, email, preferred_name, created_at
+		 FROM participants WHERE login_enabled = 1 AND deleted_at IS NULL ORDER BY preferred_name, email`,
 	)
 	if err != nil {
 		return nil, err
 	}
 	defer rows.Close()
-	var users []User
+	var staff []User
 	for rows.Next() {
-		var u User
-		if err := rows.Scan(&u.ID, &u.Username, &u.Role, &u.CreatedAt); err != nil {
+		var s User
+		if err := rows.Scan(&s.ID, &s.Email, &s.PreferredName, &s.CreatedAt); err != nil {
 			return nil, err
 		}
-		u.DepartmentIDs = []int{}
-		users = append(users, u)
+		s.Roles = []string{}
+		s.DepartmentIDs = []int{}
+		staff = append(staff, s)
 	}
 	if err := rows.Err(); err != nil {
 		return nil, err
 	}
-	for i := range users {
-		users[i].DepartmentIDs, _ = app.getUserDeptIDs(users[i].ID)
+	for i := range staff {
+		staff[i].Roles, _ = app.getParticipantRoles(staff[i].ID)
+		staff[i].DepartmentIDs, _ = app.getUserDeptIDs(staff[i].ID)
 	}
-	return users, nil
+	return staff, nil
 }
 
-func (app *App) createUser(username, hash, role string, deptIDs []int) (*User, error) {
+func (app *App) createUser(email, preferredName, hash string, roles []string, deptIDs []int) (*User, error) {
+	// Find or create participant by email.
+	p, err := app.getParticipantByEmail(email)
+	if err != nil {
+		return nil, err
+	}
+	if p != nil {
+		// Participant exists — promote to staff.
+		if _, err := app.db.Exec(
+			`UPDATE participants SET password_hash = ?, login_enabled = 1, updated_at = ? WHERE id = ?`,
+			hash, now(), p.ID,
+		); err != nil {
+			return nil, err
+		}
+		if err := app.setParticipantRoles(p.ID, roles); err != nil {
+			return nil, err
+		}
+		if err := app.setUserDeptIDs(p.ID, deptIDs); err != nil {
+			return nil, err
+		}
+		return app.getUser(p.ID)
+	}
+	// Create new participant with auth.
 	res, err := app.db.Exec(
-		`INSERT INTO users (username, password_hash, role) VALUES (?, ?, ?)`,
-		username, hash, role,
+		`INSERT INTO participants (email, preferred_name, password_hash, login_enabled, updated_at)
+		 VALUES (?, ?, ?, 1, ?)`,
+		strings.ToLower(email), preferredName, hash, now(),
 	)
 	if err != nil {
 		return nil, err
 	}
 	id, _ := res.LastInsertId()
+	if err := app.setParticipantRoles(int(id), roles); err != nil {
+		return nil, err
+	}
 	if err := app.setUserDeptIDs(int(id), deptIDs); err != nil {
 		return nil, err
 	}
-	return app.getUserByID(int(id))
+	return app.getUser(int(id))
 }
 
-func (app *App) updateUser(id int, role string, deptIDs []int) error {
-	if _, err := app.db.Exec(`UPDATE users SET role = ? WHERE id = ?`, role, id); err != nil {
+func (app *App) updateUserRoles(id int, roles []string, deptIDs []int) error {
+	var enabled int
+	err := app.db.QueryRow(`SELECT login_enabled FROM participants WHERE id = ? AND deleted_at IS NULL`, id).Scan(&enabled)
+	if err != nil || enabled != 1 {
+		return fmt.Errorf("participant not found or not a staff member")
+	}
+	if err := app.setParticipantRoles(id, roles); err != nil {
 		return err
 	}
 	return app.setUserDeptIDs(id, deptIDs)
 }
 
 func (app *App) updateUserPassword(id int, hash string) error {
-	_, err := app.db.Exec(`UPDATE users SET password_hash = ? WHERE id = ?`, hash, id)
+	_, err := app.db.Exec(
+		`UPDATE participants SET password_hash = ?, updated_at = ? WHERE id = ? AND login_enabled = 1`, hash, now(), id,
+	)
 	return err
 }
 
-func (app *App) deleteUser(id int) error {
-	_, err := app.db.Exec(`DELETE FROM users WHERE id = ?`, id)
-	return err
+func (app *App) removeUser(id int) error {
+	tx, err := app.db.Begin()
+	if err != nil {
+		return err
+	}
+	defer tx.Rollback()
+	if _, err := tx.Exec(`DELETE FROM participant_roles WHERE participant_id = ?`, id); err != nil {
+		return err
+	}
+	if _, err := tx.Exec(`DELETE FROM participant_departments WHERE participant_id = ?`, id); err != nil {
+		return err
+	}
+	if _, err := tx.Exec(
+		`UPDATE participants SET login_enabled = 0, password_hash = NULL, updated_at = ? WHERE id = ?`, now(), id,
+	); err != nil {
+		return err
+	}
+	return tx.Commit()
 }
 
 func (app *App) countUsers() (int, error) {
 	var n int
-	err := app.db.QueryRow(`SELECT COUNT(*) FROM users`).Scan(&n)
+	err := app.db.QueryRow(`SELECT COUNT(*) FROM participants WHERE login_enabled = 1 AND deleted_at IS NULL`).Scan(&n)
 	return n, err
 }
 
diff --git a/db_test.go b/db_test.go
index c9e8b68..edb2b6d 100644
--- a/db_test.go
+++ b/db_test.go
@@ -7,7 +7,7 @@ import (
 func TestMigrate(t *testing.T) {
 	app := testApp(t)
 	// Verify tables exist by querying each one
-	tables := []string{"event", "users", "attendees", "departments", "volunteers", "shifts", "volunteer_shifts"}
+	tables := []string{"event", "participants", "participant_roles", "attendees", "departments", "volunteers", "shifts", "volunteer_shifts"}
 	for _, table := range tables {
 		var count int
 		err := app.db.QueryRow("SELECT COUNT(*) FROM " + table).Scan(&count)
diff --git a/frontend/src/App.svelte b/frontend/src/App.svelte
index 7ad6bc9..52c6741 100644
--- a/frontend/src/App.svelte
+++ b/frontend/src/App.svelte
@@ -83,7 +83,8 @@
   }
 
   const path = $derived(route || '/')
-  const role = $derived(session?.user?.role ?? '')
+  const roles = $derived(session?.user?.roles ?? [])
+  function hasRole(...allowed) { return roles.some(r => allowed.includes(r)) }
 </script>
 
 {#if updateAvailable}
@@ -103,8 +104,8 @@
   <ConfirmEmail />
 {:else if !session}
   <Login onlogin={onLogin} />
-{:else if role === 'gatekeeper'}
-  <!-- Gate users get the full-screen GateKiosk instead of the standard layout -->
+{:else if roles.length === 1 && roles[0] === 'gatekeeper'}
+  <!-- Gate-only users get the full-screen GateKiosk instead of the standard layout -->
   <GateKiosk {session} {onLogout} />
 {:else}
   <div class="layout">
@@ -121,7 +122,7 @@
         <span class="mobile-brand">Turn<span class="accent">pike</span></span>
       </header>
       {#if path === '/' || path === ''}
-        {#if role === 'colead'}
+        {#if roles.length === 1 && roles[0] === 'colead'}
           <ScheduleBoard {session} />
         {:else}
           <Dashboard {session} />
diff --git a/frontend/src/api.js b/frontend/src/api.js
index 686faa8..1b3d537 100644
--- a/frontend/src/api.js
+++ b/frontend/src/api.js
@@ -48,8 +48,8 @@ async function kioskFetch(path, options = {}) {
 }
 
 export const api = {
-  login: (username, password) =>
-    apiJSON('/api/login', { method: 'POST', body: JSON.stringify({ username, password }) }),
+  login: (email, password) =>
+    apiJSON('/api/login', { method: 'POST', body: JSON.stringify({ email, password }) }),
   logout: () => apiFetch('/api/logout', { method: 'POST' }),
   me: () => apiJSON('/api/me'),
   event: {
diff --git a/frontend/src/api.test.js b/frontend/src/api.test.js
index 974dd32..a725f32 100644
--- a/frontend/src/api.test.js
+++ b/frontend/src/api.test.js
@@ -64,11 +64,11 @@ describe('apiJSON', () => {
 describe('api methods', () => {
   it('login calls correct endpoint', async () => {
     const f = mockFetch({ token: 'tok', user: { id: 1 } })
-    await api.login('admin', 'pass')
+    await api.login('admin@example.com', 'pass')
     const [url, opts] = f.mock.calls[0]
     expect(url).toBe('/api/login')
     expect(opts.method).toBe('POST')
-    expect(JSON.parse(opts.body)).toEqual({ username: 'admin', password: 'pass' })
+    expect(JSON.parse(opts.body)).toEqual({ email: 'admin@example.com', password: 'pass' })
   })
 
   it('participants.list calls correct endpoint', async () => {
diff --git a/frontend/src/components/Nav.svelte b/frontend/src/components/Nav.svelte
index 545e171..61015f5 100644
--- a/frontend/src/components/Nav.svelte
+++ b/frontend/src/components/Nav.svelte
@@ -3,17 +3,18 @@
 
   let { session, active, onLogout, navigate, open = false } = $props()
 
-  const role = $derived(session?.user?.role ?? '')
+  const roles = $derived(session?.user?.roles ?? [])
+  function hasRole(...allowed) { return roles.some(r => allowed.includes(r)) }
 
   const iconProps = { size: 18, strokeWidth: 1.75 }
 
   const links = $derived.by(() => {
-    if (role === 'colead') return [
+    if (!hasRole('admin') && hasRole('colead') && !hasRole('staffing')) return [
       { href: '/', label: 'Schedule', icon: CalendarDays },
       { href: '/volunteers', label: 'Volunteers', icon: Heart },
       { href: '/departments', label: 'Departments', icon: Hexagon },
     ]
-    if (role === 'staffing') return [
+    if (!hasRole('admin') && hasRole('staffing')) return [
       { href: '/', label: 'Dashboard', icon: LayoutDashboard },
       { href: '/schedule', label: 'Schedule', icon: CalendarDays },
       { href: '/volunteers', label: 'Volunteers', icon: Heart },
diff --git a/frontend/src/db.js b/frontend/src/db.js
index 7e96bbc..cbc0d38 100644
--- a/frontend/src/db.js
+++ b/frontend/src/db.js
@@ -51,6 +51,8 @@ db.version(5).stores({
   participants: 'id, email, preferred_name, email_confirmed, updated_at, deleted_at',
 })
 
+db.version(6).stores({}).upgrade(tx => tx.table('session').clear())
+
 export async function getLastSync() {
   const m = await db.meta.get('last_sync')
   return m?.value ?? ''
diff --git a/frontend/src/db.test.js b/frontend/src/db.test.js
index 282b6fc..081ce1a 100644
--- a/frontend/src/db.test.js
+++ b/frontend/src/db.test.js
@@ -22,10 +22,10 @@ describe('session', () => {
   })
 
   it('saves and retrieves session', async () => {
-    await saveSession('tok123', { id: 1, username: 'admin', role: 'admin' })
+    await saveSession('tok123', { id: 1, email: 'admin@example.com', roles: ['admin'] })
     const s = await getSession()
     expect(s.token).toBe('tok123')
-    expect(s.user.username).toBe('admin')
+    expect(s.user.email).toBe('admin@example.com')
   })
 
   it('clears session and meta', async () => {
diff --git a/frontend/src/pages/Dashboard.svelte b/frontend/src/pages/Dashboard.svelte
index e5a26de..0f6decc 100644
--- a/frontend/src/pages/Dashboard.svelte
+++ b/frontend/src/pages/Dashboard.svelte
@@ -4,11 +4,12 @@
 
   let { session } = $props()
 
-  const role = $derived(session?.user?.role ?? '')
+  const roles = $derived(session?.user?.roles ?? [])
+  function hasRole(...allowed) { return roles.some(r => allowed.includes(r)) }
   const myDeptIDs = $derived(session?.user?.department_ids ?? [])
-  const isTicketing = $derived(['admin', 'ticketing'].includes(role))
-  const isStaffing = $derived(['admin', 'ticketing', 'staffing'].includes(role))
-  const isColead = $derived(role === 'colead')
+  const isAdmin = $derived(hasRole('admin'))
+  const isStaffing = $derived(hasRole('admin', 'staffing'))
+  const isColead = $derived(hasRole('colead'))
 
   const event = liveQuery(() => db.event.get(1))
   const allTickets = liveQuery(() => db.tickets.toArray())
@@ -76,8 +77,8 @@
     </p>
   {/if}
 
-  <!-- Ticket check-in (admin/ticketing) -->
-  {#if isTicketing}
+  <!-- Ticket check-in (admin) -->
+  {#if isAdmin}
     <h2 class="dash-section">Ticket Check-in</h2>
     <div class="stats">
       <div class="stat">
@@ -105,7 +106,7 @@
     {/if}
   {/if}
 
-  <!-- Volunteer stats (admin/ticketing/staffing/colead) -->
+  <!-- Volunteer stats (admin/staffing/colead) -->
   {#if isStaffing || isColead}
     <h2 class="dash-section">{isColead ? 'My Volunteers' : 'Volunteers'}</h2>
     <div class="stats">
@@ -124,7 +125,7 @@
     </div>
   {/if}
 
-  <!-- Shift coverage (admin/ticketing/staffing/colead) -->
+  <!-- Shift coverage (admin/staffing/colead) -->
   {#if isStaffing || isColead}
     <h2 class="dash-section">{isColead ? 'My Shifts' : 'Shift Coverage'}</h2>
     <div class="stats">
@@ -144,7 +145,7 @@
   {/if}
 
   <!-- Quick actions -->
-  {#if isTicketing}
+  {#if isAdmin}
     <div class="dash-actions">
       <a href="/import" class="btn btn-ghost btn-sm">Import CSV</a>
       <a href="/participants" class="btn btn-ghost btn-sm">Manage Participants</a>
@@ -158,8 +159,8 @@
   {/if}
 
   <p class="text-muted" style="font-size:0.85rem;margin-top:2rem">
-    Welcome, <strong style="color:var(--c-text)">{session?.user?.username}</strong>
-    · <span class="badge badge-role">{session?.user?.role}</span>
+    Welcome, <strong style="color:var(--c-text)">{session?.user?.preferred_name}</strong>
+    · {#each roles as r}<span class="badge badge-role" style="margin-right:0.25rem">{r}</span>{/each}
   </p>
 </div>
 
diff --git a/frontend/src/pages/Departments.svelte b/frontend/src/pages/Departments.svelte
index c2cf82b..26164eb 100644
--- a/frontend/src/pages/Departments.svelte
+++ b/frontend/src/pages/Departments.svelte
@@ -18,9 +18,10 @@
   let editDesc = $state('')
   let saving = $state(false)
 
-  const role = $derived(session?.user?.role ?? '')
-  const canCreate = $derived(['admin', 'ticketing', 'staffing'].includes(role))
-  const canDelete = $derived(['admin', 'ticketing'].includes(role))
+  const roles = $derived(session?.user?.roles ?? [])
+  function hasRole(...allowed) { return roles.some(r => allowed.includes(r)) }
+  const canCreate = $derived(hasRole('admin', 'staffing'))
+  const canDelete = $derived(hasRole('admin'))
 
   const allDepts = liveQuery(() =>
     db.departments.filter(d => !d.deleted_at).toArray()
diff --git a/frontend/src/pages/Login.svelte b/frontend/src/pages/Login.svelte
index de4f6af..1512af7 100644
--- a/frontend/src/pages/Login.svelte
+++ b/frontend/src/pages/Login.svelte
@@ -4,7 +4,7 @@
 
   let { onlogin } = $props()
 
-  let username = $state('')
+  let email = $state('')
   let password = $state('')
   let error = $state('')
   let loading = $state(false)
@@ -14,7 +14,7 @@
     error = ''
     loading = true
     try {
-      const { token, user } = await api.login(username, password)
+      const { token, user } = await api.login(email, password)
       await saveSession(token, user)
       onlogin({ token, user })
     } catch (err) {
@@ -34,8 +34,8 @@
     {/if}
     <form onsubmit={submit}>
       <div class="form-group">
-        <label for="username">Username</label>
-        <input id="username" bind:value={username} autocomplete="username" required />
+        <label for="email">Email</label>
+        <input id="email" type="email" bind:value={email} autocomplete="email" required />
       </div>
       <div class="form-group">
         <label for="password">Password</label>
diff --git a/frontend/src/pages/Participants.svelte b/frontend/src/pages/Participants.svelte
index 2867958..fa850a3 100644
--- a/frontend/src/pages/Participants.svelte
+++ b/frontend/src/pages/Participants.svelte
@@ -40,8 +40,9 @@
   let newTicketType = $state('')
   let newTicketExtId = $state('')
 
-  const role = $derived(session?.user?.role ?? '')
-  const canManage = $derived(['admin', 'ticketing'].includes(role))
+  const roles = $derived(session?.user?.roles ?? [])
+  function hasRole(...allowed) { return roles.some(r => allowed.includes(r)) }
+  const canManage = $derived(hasRole('admin'))
 
   const allParticipants = liveQuery(() => db.participants.toArray())
   const allTickets = liveQuery(() => db.tickets.toArray())
diff --git a/frontend/src/pages/ScheduleBoard.svelte b/frontend/src/pages/ScheduleBoard.svelte
index 6755588..922a0b0 100644
--- a/frontend/src/pages/ScheduleBoard.svelte
+++ b/frontend/src/pages/ScheduleBoard.svelte
@@ -25,8 +25,9 @@
   let assignVolID = $state(0)
   let assigning = $state(false)
 
-  const role = $derived(session?.user?.role ?? '')
-  const canManage = $derived(['admin', 'ticketing', 'staffing', 'colead'].includes(role))
+  const roles = $derived(session?.user?.roles ?? [])
+  function hasRole(...allowed) { return roles.some(r => allowed.includes(r)) }
+  const canManage = $derived(hasRole('admin', 'staffing', 'colead'))
   const myDeptIDs = $derived(session?.user?.department_ids ?? [])
 
   const allDepts = liveQuery(() =>
@@ -54,7 +55,7 @@
   // Departments visible to this user
   const visibleDepts = $derived.by(() => {
     const depts = $allDepts ?? []
-    if (role === 'colead') return depts.filter(d => myDeptIDs.includes(d.id))
+    if (hasRole('colead') && !hasRole('admin', 'staffing')) return depts.filter(d => myDeptIDs.includes(d.id))
     return depts
   })
 
diff --git a/frontend/src/pages/Users.svelte b/frontend/src/pages/Users.svelte
index ee6b18a..328cc66 100644
--- a/frontend/src/pages/Users.svelte
+++ b/frontend/src/pages/Users.svelte
@@ -12,13 +12,14 @@
 
   let showAdd = $state(false)
   let adding = $state(false)
-  let newUsername = $state('')
+  let newEmail = $state('')
+  let newName = $state('')
   let newPassword = $state('')
-  let newRole = $state('gate')
+  let newRoles = $state([])
   let newDeptIDs = $state([])
 
   let editID = $state(null)
-  let editRole = $state('')
+  let editRoles = $state([])
   let editDeptIDs = $state([])
   let editPassword = $state('')
   let saving = $state(false)
@@ -28,7 +29,7 @@
       .then(arr => arr.sort((a, b) => a.name.localeCompare(b.name)))
   )
 
-  const roles = ['admin', 'ticketing', 'staffing', 'colead', 'gatekeeper']
+  const availableRoles = ['admin', 'staffing', 'colead', 'gatekeeper']
 
   const me = $derived(session?.user?.id)
 
@@ -51,15 +52,16 @@
     error = ''
     try {
       const u = await api.users.create({
-        username: newUsername,
+        email: newEmail,
+        preferred_name: newName,
         password: newPassword,
-        role: newRole,
+        roles: newRoles,
         department_ids: newDeptIDs,
       })
       users = [...users, u]
       showAdd = false
-      newUsername = newPassword = ''
-      newRole = 'gate'
+      newEmail = newName = newPassword = ''
+      newRoles = []
       newDeptIDs = []
     } catch (err) {
       error = err.message
@@ -70,7 +72,7 @@
 
   function startEdit(u) {
     editID = u.id
-    editRole = u.role
+    editRoles = [...(u.roles || [])]
     editDeptIDs = [...(u.department_ids || [])]
     editPassword = ''
   }
@@ -83,7 +85,7 @@
     saving = true
     error = ''
     try {
-      const payload = { role: editRole, department_ids: editDeptIDs }
+      const payload = { roles: editRoles, department_ids: editDeptIDs }
       if (editPassword) payload.password = editPassword
       const updated = await api.users.update(u.id, payload)
       users = users.map(x => x.id === u.id ? updated : x)
@@ -96,7 +98,7 @@
   }
 
   async function deleteUser(u) {
-    if (!confirm(`Delete user "${u.username}"? This cannot be undone.`)) return
+    if (!confirm(`Remove login access for "${u.preferred_name || u.email}"? Their participant record will be kept.`)) return
     try {
       await api.users.delete(u.id)
       users = users.filter(x => x.id !== u.id)
@@ -105,7 +107,7 @@
     }
   }
 
-  function toggleDept(id, list) {
+  function toggleItem(id, list) {
     const idx = list.indexOf(id)
     if (idx === -1) return [...list, id]
     return list.filter(x => x !== id)
@@ -117,7 +119,7 @@
   }
 
   function roleLabel(r) {
-    return { admin: 'Admin', ticketing: 'Ticketing', staffing: 'Staffing', colead: 'Colead', gatekeeper: 'Gatekeeper' }[r] || r
+    return { admin: 'Admin', staffing: 'Staffing', colead: 'Colead', gatekeeper: 'Gatekeeper' }[r] || r
   }
 </script>
 
@@ -132,7 +134,6 @@
   <p class="text-muted" style="font-size:0.82rem;margin-bottom:1.5rem;line-height:1.6">
     <strong style="color:var(--c-text)">Roles:</strong>
     admin — full access ·
-    ticketing — participants, tickets, import ·
     staffing — volunteers, shifts, departments ·
     colead — manage assigned departments only ·
     gatekeeper — check-in only
@@ -150,20 +151,29 @@
       <form onsubmit={addUser}>
         <div class="form-grid" style="display:grid;grid-template-columns:1fr 1fr 1fr;gap:1rem">
           <div class="form-group">
-            <label for="u-username">Username *</label>
-            <input id="u-username" bind:value={newUsername} required placeholder="username" autocomplete="off" />
+            <label for="u-email">Email *</label>
+            <input id="u-email" type="email" bind:value={newEmail} required placeholder="email@example.com" autocomplete="off" />
+          </div>
+          <div class="form-group">
+            <label for="u-name">Name</label>
+            <input id="u-name" bind:value={newName} placeholder="Preferred name" autocomplete="off" />
           </div>
           <div class="form-group">
             <label for="u-password">Password *</label>
             <input id="u-password" type="password" bind:value={newPassword} required autocomplete="new-password" />
           </div>
-          <div class="form-group">
-            <label for="u-role">Role *</label>
-            <select id="u-role" bind:value={newRole}>
-              {#each roles as r}
-                <option value={r}>{roleLabel(r)}</option>
-              {/each}
-            </select>
+        </div>
+        <div class="form-group">
+          <span style="font-size:0.82rem;color:var(--c-muted);font-weight:500">Roles</span>
+          <div style="display:flex;flex-wrap:wrap;gap:0.5rem;margin-top:0.35rem">
+            {#each availableRoles as r}
+              <label style="display:flex;align-items:center;gap:0.35rem;cursor:pointer;font-size:0.875rem;color:var(--c-text)">
+                <input type="checkbox" style="width:auto"
+                  checked={newRoles.includes(r)}
+                  onchange={() => newRoles = toggleItem(r, newRoles)} />
+                {roleLabel(r)}
+              </label>
+            {/each}
           </div>
         </div>
         {#if ($allDepts ?? []).length > 0}
@@ -174,7 +184,7 @@
                 <label style="display:flex;align-items:center;gap:0.35rem;cursor:pointer;font-size:0.875rem;color:var(--c-text)">
                   <input type="checkbox" style="width:auto"
                     checked={newDeptIDs.includes(d.id)}
-                    onchange={() => newDeptIDs = toggleDept(d.id, newDeptIDs)} />
+                    onchange={() => newDeptIDs = toggleItem(d.id, newDeptIDs)} />
                   <span class="dept-dot" style="background:{d.color}"></span>
                   {d.name}
                 </label>
@@ -204,8 +214,8 @@
       <table>
         <thead>
           <tr>
-            <th>Username</th>
-            <th>Role</th>
+            <th>Name</th>
+            <th>Roles</th>
             <th>Departments</th>
             <th></th>
           </tr>
@@ -214,13 +224,18 @@
           {#each users as u (u.id)}
             {#if editID === u.id}
               <tr class="edit-row">
-                <td class="td-name"><strong>{u.username}</strong> {#if u.id === me}<span class="badge badge-role">you</span>{/if}</td>
+                <td class="td-name"><strong>{u.preferred_name || u.email}</strong> {#if u.id === me}<span class="badge badge-role">you</span>{/if}</td>
                 <td>
-                  <select bind:value={editRole} style="width:auto;margin:0">
-                    {#each roles as r}
-                      <option value={r}>{roleLabel(r)}</option>
+                  <div style="display:flex;flex-wrap:wrap;gap:0.4rem">
+                    {#each availableRoles as r}
+                      <label style="display:flex;align-items:center;gap:0.3rem;cursor:pointer;font-size:0.82rem;color:var(--c-text)">
+                        <input type="checkbox" style="width:auto"
+                          checked={editRoles.includes(r)}
+                          onchange={() => editRoles = toggleItem(r, editRoles)} />
+                        {roleLabel(r)}
+                      </label>
                     {/each}
-                  </select>
+                  </div>
                 </td>
                 <td>
                   {#if ($allDepts ?? []).length > 0}
@@ -229,7 +244,7 @@
                         <label style="display:flex;align-items:center;gap:0.3rem;cursor:pointer;font-size:0.82rem;color:var(--c-text)">
                           <input type="checkbox" style="width:auto"
                             checked={editDeptIDs.includes(d.id)}
-                            onchange={() => editDeptIDs = toggleDept(d.id, editDeptIDs)} />
+                            onchange={() => editDeptIDs = toggleItem(d.id, editDeptIDs)} />
                           {d.name}
                         </label>
                       {/each}
@@ -251,18 +266,19 @@
             {:else}
               <tr>
                 <td class="td-name">
-                  <strong>{u.username}</strong>
+                  <strong>{u.preferred_name || u.email}</strong>
                   {#if u.id === me}
                     <span class="badge badge-role" style="margin-left:0.4rem">you</span>
                   {/if}
+                  <br><span class="text-muted" style="font-size:0.8rem">{u.email}</span>
                 </td>
-                <td><span class="badge badge-role">{roleLabel(u.role)}</span></td>
+                <td>{#each u.roles ?? [] as r}<span class="badge badge-role" style="margin-right:0.25rem">{roleLabel(r)}</span>{/each}</td>
                 <td class="text-muted">{deptNamesFor(u.department_ids || [])}</td>
                 <td class="td-actions">
                   <div class="actions">
                     <button class="btn btn-ghost btn-sm" onclick={() => startEdit(u)}>Edit</button>
                     {#if u.id !== me}
-                      <button class="btn btn-danger btn-sm" onclick={() => deleteUser(u)}>Delete</button>
+                      <button class="btn btn-danger btn-sm" onclick={() => deleteUser(u)}>Remove</button>
                     {/if}
                   </div>
                 </td>
diff --git a/frontend/src/pages/Volunteers.svelte b/frontend/src/pages/Volunteers.svelte
index e90bf80..79681f8 100644
--- a/frontend/src/pages/Volunteers.svelte
+++ b/frontend/src/pages/Volunteers.svelte
@@ -25,14 +25,15 @@
   let editNote = $state('')
   let saving = $state(false)
 
-  const role = $derived(session?.user?.role ?? '')
-  const canManage = $derived(['admin', 'ticketing', 'staffing', 'colead'].includes(role))
-  const canConfirm = $derived(['admin', 'staffing', 'colead'].includes(role))
+  const roles = $derived(session?.user?.roles ?? [])
+  function hasRole(...allowed) { return roles.some(r => allowed.includes(r)) }
+  const canManage = $derived(hasRole('admin', 'staffing', 'colead'))
+  const canConfirm = $derived(hasRole('admin', 'staffing', 'colead'))
   const myDeptIDs = $derived(session?.user?.department_ids ?? [])
 
   let deptInitialized = $state(false)
   $effect(() => {
-    if (!deptInitialized && role === 'colead' && myDeptIDs.length > 0) {
+    if (!deptInitialized && hasRole('colead') && !hasRole('admin', 'staffing') && myDeptIDs.length > 0) {
       filterDept = String(myDeptIDs[0])
       deptInitialized = true
     }
diff --git a/handle_attendees_test.go b/handle_attendees_test.go
index c5e6adb..7dd7ff8 100644
--- a/handle_attendees_test.go
+++ b/handle_attendees_test.go
@@ -31,8 +31,8 @@ func TestParticipantsListCreateDelete(t *testing.T) {
 	}
 	list := parseJSON(t, w)
 	participants := list["participants"].([]any)
-	if len(participants) != 1 {
-		t.Errorf("list: got %d, want 1", len(participants))
+	if len(participants) != 2 { // admin + Titania
+		t.Errorf("list: got %d, want 2", len(participants))
 	}
 
 	// Delete
@@ -48,8 +48,8 @@ func TestParticipantsListCreateDelete(t *testing.T) {
 	w = httptest.NewRecorder()
 	mux.ServeHTTP(w, req)
 	list = parseJSON(t, w)
-	if ps, ok := list["participants"].([]any); ok && len(ps) != 0 {
-		t.Errorf("after delete: got %d, want 0", len(ps))
+	if ps, ok := list["participants"].([]any); ok && len(ps) != 1 { // admin remains
+		t.Errorf("after delete: got %d, want 1", len(ps))
 	}
 }
 
@@ -77,7 +77,7 @@ func TestCheckInTicketHandler(t *testing.T) {
 
 func TestGatekeeperRoleCanCheckIn(t *testing.T) {
 	app := testApp(t)
-	gate := testUserWithRole(t, app, "gateuser", "gatekeeper", []int{})
+	gate := testUserWithRoles(t, app, "Philostrate", []string{"gatekeeper"}, []int{})
 	token := testToken(t, app, gate)
 	mux := testMux(app)
 
@@ -94,7 +94,7 @@ func TestGatekeeperRoleCanCheckIn(t *testing.T) {
 
 func TestGatekeeperRoleCannotDelete(t *testing.T) {
 	app := testApp(t)
-	gate := testUserWithRole(t, app, "gateuser", "gatekeeper", []int{})
+	gate := testUserWithRoles(t, app, "Philostrate", []string{"gatekeeper"}, []int{})
 	token := testToken(t, app, gate)
 	mux := testMux(app)
 
diff --git a/handle_auth.go b/handle_auth.go
index 282bd85..d75483b 100644
--- a/handle_auth.go
+++ b/handle_auth.go
@@ -7,7 +7,7 @@ import (
 
 func (app *App) handleLogin(w http.ResponseWriter, r *http.Request) {
 	var body struct {
-		Username string `json:"username"`
+		Email    string `json:"email"`
 		Password string `json:"password"`
 	}
 	if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
@@ -15,7 +15,7 @@ func (app *App) handleLogin(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	user, hash, err := app.getUserByUsername(body.Username)
+	user, hash, err := app.getLoginParticipant(body.Email)
 	if err != nil {
 		writeError(w, "internal error", http.StatusInternalServerError)
 		return
@@ -40,9 +40,9 @@ func (app *App) handleLogout(w http.ResponseWriter, r *http.Request) {
 
 func (app *App) handleMe(w http.ResponseWriter, r *http.Request) {
 	claims := claimsFromContext(r)
-	user, err := app.getUserByID(claims.UserID)
+	user, err := app.getUser(claims.ParticipantID)
 	if err != nil || user == nil {
-		writeError(w, "not found", http.StatusNotFound)
+		writeError(w, "unauthorized", http.StatusUnauthorized)
 		return
 	}
 	writeJSON(w, user)
diff --git a/handle_participants.go b/handle_participants.go
index 6277824..52624d5 100644
--- a/handle_participants.go
+++ b/handle_participants.go
@@ -169,7 +169,7 @@ func (app *App) handleCheckInTicket(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	claims := claimsFromContext(r)
-	tk, err := app.checkInTicket(id, claims.UserID)
+	tk, err := app.checkInTicket(id, claims.ParticipantID)
 	if err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
diff --git a/handle_settings_test.go b/handle_settings_test.go
index cbc53fb..16ef59f 100644
--- a/handle_settings_test.go
+++ b/handle_settings_test.go
@@ -85,7 +85,7 @@ func TestResetTickets(t *testing.T) {
 
 func TestResetTicketsRequiresAdmin(t *testing.T) {
 	app := testApp(t)
-	gate := testUserWithRole(t, app, "gate1", "gatekeeper", []int{})
+	gate := testUserWithRoles(t, app, "Snug", []string{"gatekeeper"}, []int{})
 	token := testToken(t, app, gate)
 	mux := testMux(app)
 
@@ -131,7 +131,7 @@ func TestResetDepartmentsCascadesShifts(t *testing.T) {
 
 func TestSettingsNonAdminRejected(t *testing.T) {
 	app := testApp(t)
-	gate := testUserWithRole(t, app, "gateuser", "gatekeeper", []int{})
+	gate := testUserWithRoles(t, app, "Quince", []string{"gatekeeper"}, []int{})
 	token := testToken(t, app, gate)
 	mux := testMux(app)
 
diff --git a/handle_shifts.go b/handle_shifts.go
index a0ceb41..67312c5 100644
--- a/handle_shifts.go
+++ b/handle_shifts.go
@@ -17,7 +17,7 @@ func (app *App) handleListShifts(w http.ResponseWriter, r *http.Request) {
 	}
 
 	claims := claimsFromContext(r)
-	if claims.Role == "colead" && deptID == nil && len(claims.DeptIDs) > 0 {
+	if hasAnyRole(claims.Roles, []string{"colead"}) && !hasAnyRole(claims.Roles, []string{"admin", "staffing"}) && deptID == nil && len(claims.DeptIDs) > 0 {
 		deptID = &claims.DeptIDs[0]
 	}
 
@@ -40,7 +40,7 @@ func (app *App) handleCreateShift(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	claims := claimsFromContext(r)
-	if claims.Role == "colead" && !inSlice(s.DepartmentID, claims.DeptIDs) {
+	if hasAnyRole(claims.Roles, []string{"colead"}) && !hasAnyRole(claims.Roles, []string{"admin", "staffing"}) && !inSlice(s.DepartmentID, claims.DeptIDs) {
 		writeError(w, "forbidden: outside your department", http.StatusForbidden)
 		return
 	}
@@ -65,7 +65,7 @@ func (app *App) handleUpdateShift(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	claims := claimsFromContext(r)
-	if claims.Role == "colead" {
+	if hasAnyRole(claims.Roles, []string{"colead"}) && !hasAnyRole(claims.Roles, []string{"admin", "staffing"}) {
 		existing, _ := app.getShift(id)
 		if existing == nil || !inSlice(existing.DepartmentID, claims.DeptIDs) {
 			writeError(w, "forbidden: outside your department", http.StatusForbidden)
diff --git a/handle_sync_test.go b/handle_sync_test.go
index e4aa2af..000bc60 100644
--- a/handle_sync_test.go
+++ b/handle_sync_test.go
@@ -13,10 +13,10 @@ func TestSyncPullFull(t *testing.T) {
 	token := testToken(t, app, admin)
 	mux := testMux(app)
 
-	app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@example.com"})
+	p, _ := app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@example.com"})
 	dept, _ := app.createDepartment(Department{Name: "Gate"})
 	deptID := dept.ID
-	app.createVolunteer(Volunteer{Name: "Titania", DepartmentID: &deptID})
+	app.createVolunteer(Volunteer{Name: "Titania", ParticipantID: p.ID, DepartmentID: &deptID})
 	app.createShift(Shift{DepartmentID: deptID, Name: "AM", Day: "2026-03-15", StartTime: "08:00", EndTime: "12:00"})
 
 	req := testAuthRequest("GET", "/api/sync/pull", nil, token)
@@ -32,8 +32,8 @@ func TestSyncPullFull(t *testing.T) {
 		t.Error("missing server_time")
 	}
 	participants := result["participants"].([]any)
-	if len(participants) != 1 {
-		t.Errorf("participants = %d, want 1", len(participants))
+	if len(participants) != 2 { // admin + Titania
+		t.Errorf("participants = %d, want 2", len(participants))
 	}
 	depts := result["departments"].([]any)
 	if len(depts) != 1 {
@@ -47,14 +47,16 @@ func TestSyncPullIncremental(t *testing.T) {
 	token := testToken(t, app, admin)
 	mux := testMux(app)
 
+	// Backdate admin participant so it falls before the "since" cutoff.
+	app.db.Exec(`UPDATE participants SET updated_at = '2026-01-01T00:00:00Z' WHERE id = ?`, admin.ID)
+
 	p1, _ := app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@example.com"})
-	// Backdate Titania so she falls before the "since" cutoff
 	app.db.Exec(`UPDATE participants SET updated_at = '2026-01-01T00:00:00Z' WHERE id = ?`, p1.ID)
 
 	since := "2026-01-01T12:00:00Z"
 
-	// Oberon created with default updated_at (now), which is after our since
-	app.createParticipant(Participant{PreferredName: "Oberon", Email: "oberon@example.com"})
+	// Lysander created with default updated_at (now), which is after our since
+	app.createParticipant(Participant{PreferredName: "Lysander", Email: "lysander@example.com"})
 
 	req := testAuthRequest("GET", "/api/sync/pull?since="+since, nil, token)
 	w := httptest.NewRecorder()
@@ -62,14 +64,13 @@ func TestSyncPullIncremental(t *testing.T) {
 
 	result := parseJSON(t, w)
 	participants := result["participants"].([]any)
-	// Should only include Oberon (created after `since`)
 	if len(participants) != 1 {
 		t.Errorf("incremental: got %d participants, want 1", len(participants))
 	}
 	if len(participants) == 1 {
 		p := participants[0].(map[string]any)
-		if p["preferred_name"] != "Oberon" {
-			t.Errorf("preferred_name = %v, want Oberon", p["preferred_name"])
+		if p["preferred_name"] != "Lysander" {
+			t.Errorf("preferred_name = %v, want Lysander", p["preferred_name"])
 		}
 	}
 }
@@ -80,8 +81,10 @@ func TestSyncPullIncludesSoftDeleted(t *testing.T) {
 	token := testToken(t, app, admin)
 	mux := testMux(app)
 
+	// Backdate admin participant.
+	app.db.Exec(`UPDATE participants SET updated_at = '2026-01-01T00:00:00Z' WHERE id = ?`, admin.ID)
+
 	p, _ := app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@example.com"})
-	// Backdate Titania's creation so the since cutoff is between creation and deletion
 	app.db.Exec(`UPDATE participants SET updated_at = '2026-01-01T00:00:00Z' WHERE id = ?`, p.ID)
 
 	since := "2026-01-01T12:00:00Z"
diff --git a/handle_users.go b/handle_users.go
index 386e5b0..4de6109 100644
--- a/handle_users.go
+++ b/handle_users.go
@@ -17,17 +17,18 @@ func (app *App) handleListUsers(w http.ResponseWriter, r *http.Request) {
 
 func (app *App) handleCreateUser(w http.ResponseWriter, r *http.Request) {
 	var body struct {
-		Username      string `json:"username"`
-		Password      string `json:"password"`
-		Role          string `json:"role"`
-		DepartmentIDs []int  `json:"department_ids"`
+		Email         string   `json:"email"`
+		PreferredName string   `json:"preferred_name"`
+		Password      string   `json:"password"`
+		Roles         []string `json:"roles"`
+		DepartmentIDs []int    `json:"department_ids"`
 	}
 	if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
 		writeError(w, "invalid request", http.StatusBadRequest)
 		return
 	}
-	if body.Username == "" || body.Password == "" || body.Role == "" {
-		writeError(w, "username, password, and role are required", http.StatusBadRequest)
+	if body.Email == "" || body.Password == "" || len(body.Roles) == 0 {
+		writeError(w, "email, password, and at least one role are required", http.StatusBadRequest)
 		return
 	}
 	hash, err := hashPassword(body.Password)
@@ -38,7 +39,7 @@ func (app *App) handleCreateUser(w http.ResponseWriter, r *http.Request) {
 	if body.DepartmentIDs == nil {
 		body.DepartmentIDs = []int{}
 	}
-	user, err := app.createUser(body.Username, hash, body.Role, body.DepartmentIDs)
+	user, err := app.createUser(body.Email, body.PreferredName, hash, body.Roles, body.DepartmentIDs)
 	if err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
@@ -53,10 +54,15 @@ func (app *App) handleUpdateUser(w http.ResponseWriter, r *http.Request) {
 		writeError(w, "invalid id", http.StatusBadRequest)
 		return
 	}
+	target, _ := app.getUser(id)
+	if target == nil {
+		writeError(w, "not found", http.StatusNotFound)
+		return
+	}
 	var body struct {
-		Role          string `json:"role"`
-		Password      string `json:"password"`
-		DepartmentIDs []int  `json:"department_ids"`
+		Roles         []string `json:"roles"`
+		Password      string   `json:"password"`
+		DepartmentIDs []int    `json:"department_ids"`
 	}
 	if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
 		writeError(w, "invalid request", http.StatusBadRequest)
@@ -65,8 +71,8 @@ func (app *App) handleUpdateUser(w http.ResponseWriter, r *http.Request) {
 	if body.DepartmentIDs == nil {
 		body.DepartmentIDs = []int{}
 	}
-	if body.Role != "" {
-		if err := app.updateUser(id, body.Role, body.DepartmentIDs); err != nil {
+	if body.Roles != nil {
+		if err := app.updateUserRoles(id, body.Roles, body.DepartmentIDs); err != nil {
 			writeError(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
@@ -82,7 +88,7 @@ func (app *App) handleUpdateUser(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 	}
-	user, _ := app.getUserByID(id)
+	user, _ := app.getUser(id)
 	writeJSON(w, user)
 }
 
@@ -93,11 +99,11 @@ func (app *App) handleDeleteUser(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	claims := claimsFromContext(r)
-	if claims.UserID == id {
+	if claims.ParticipantID == id {
 		writeError(w, "cannot delete yourself", http.StatusBadRequest)
 		return
 	}
-	if err := app.deleteUser(id); err != nil {
+	if err := app.removeUser(id); err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
diff --git a/handle_volunteers.go b/handle_volunteers.go
index 5d086ad..ec3a317 100644
--- a/handle_volunteers.go
+++ b/handle_volunteers.go
@@ -21,7 +21,7 @@ func (app *App) handleListVolunteers(w http.ResponseWriter, r *http.Request) {
 	}
 
 	claims := claimsFromContext(r)
-	if claims.Role == "colead" && deptID == nil && len(claims.DeptIDs) > 0 {
+	if hasAnyRole(claims.Roles, []string{"colead"}) && !hasAnyRole(claims.Roles, []string{"admin", "staffing"}) && deptID == nil && len(claims.DeptIDs) > 0 {
 		deptID = &claims.DeptIDs[0]
 	}
 
@@ -55,7 +55,7 @@ func (app *App) handleCreateVolunteer(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	claims := claimsFromContext(r)
-	if claims.Role == "colead" {
+	if hasAnyRole(claims.Roles, []string{"colead"}) && !hasAnyRole(claims.Roles, []string{"admin", "staffing"}) {
 		if body.DepartmentID == nil || !inSlice(*body.DepartmentID, claims.DeptIDs) {
 			writeError(w, "forbidden: outside your department", http.StatusForbidden)
 			return
@@ -127,7 +127,7 @@ func (app *App) handleUpdateVolunteer(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	claims := claimsFromContext(r)
-	if claims.Role == "colead" {
+	if hasAnyRole(claims.Roles, []string{"colead"}) && !hasAnyRole(claims.Roles, []string{"admin", "staffing"}) {
 		existing, _ := app.getVolunteer(id)
 		if existing == nil || existing.DepartmentID == nil || !inSlice(*existing.DepartmentID, claims.DeptIDs) {
 			writeError(w, "forbidden: outside your department", http.StatusForbidden)
@@ -171,7 +171,7 @@ func (app *App) handleMarkVolunteerReady(w http.ResponseWriter, r *http.Request)
 		return
 	}
 	claims := claimsFromContext(r)
-	v, err := app.markVolunteerReady(id, claims.UserID)
+	v, err := app.markVolunteerReady(id, claims.ParticipantID)
 	if err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
diff --git a/handle_volunteers_test.go b/handle_volunteers_test.go
index ab51b9b..19ff1b0 100644
--- a/handle_volunteers_test.go
+++ b/handle_volunteers_test.go
@@ -65,9 +65,9 @@ func TestConfirmVolunteerRequiresRole(t *testing.T) {
 	app := testApp(t)
 	mux := testMux(app)
 
-	// Ticketing role should NOT be able to confirm volunteers.
-	ticketing := testUserWithRole(t, app, "ticket_lead", "ticketing", nil)
-	tok := testToken(t, app, ticketing)
+	// Gatekeeper role should NOT be able to confirm volunteers.
+	gatekeeper := testUserWithRoles(t, app, "Egeus", []string{"gatekeeper"}, []int{})
+	tok := testToken(t, app, gatekeeper)
 
 	p, _ := app.createParticipant(Participant{PreferredName: "Helena", EmailConfirmed: true})
 	v, _ := app.createVolunteer(Volunteer{ParticipantID: p.ID})
@@ -75,7 +75,7 @@ func TestConfirmVolunteerRequiresRole(t *testing.T) {
 	w := httptest.NewRecorder()
 	mux.ServeHTTP(w, testAuthRequest("POST", "/api/volunteers/"+itoa(v.ID)+"/confirm", nil, tok))
 	if w.Code != http.StatusForbidden {
-		t.Errorf("expected 403 for ticketing role, got %d", w.Code)
+		t.Errorf("expected 403 for gatekeeper role, got %d", w.Code)
 	}
 }
 
diff --git a/main.go b/main.go
index be9fc53..f775bb6 100644
--- a/main.go
+++ b/main.go
@@ -97,62 +97,62 @@ func (app *App) registerRoutes(mux *http.ServeMux) {
 	mux.HandleFunc("GET /api/me", auth(app.handleMe))
 
 	mux.HandleFunc("GET /api/event", auth(app.handleGetEvent))
-	mux.HandleFunc("PUT /api/event", auth(app.handleUpdateEvent, "admin", "ticketing"))
+	mux.HandleFunc("PUT /api/event", auth(app.handleUpdateEvent, "admin"))
 
-	mux.HandleFunc("GET /api/participants", auth(app.handleListParticipants, "admin", "ticketing", "gatekeeper"))
-	mux.HandleFunc("POST /api/participants", auth(app.handleCreateParticipant, "admin", "ticketing"))
-	mux.HandleFunc("GET /api/participants/export", auth(app.handleExportParticipants, "admin", "ticketing"))
-	mux.HandleFunc("GET /api/participants/{id}", auth(app.handleGetParticipant, "admin", "ticketing", "gatekeeper"))
-	mux.HandleFunc("PUT /api/participants/{id}", auth(app.handleUpdateParticipant, "admin", "ticketing"))
-	mux.HandleFunc("DELETE /api/participants/{id}", auth(app.handleDeleteParticipant, "admin", "ticketing"))
-	mux.HandleFunc("POST /api/participants/{id}/merge/{other_id}", auth(app.handleMergeParticipants, "admin", "ticketing"))
+	mux.HandleFunc("GET /api/participants", auth(app.handleListParticipants, "admin", "gatekeeper"))
+	mux.HandleFunc("POST /api/participants", auth(app.handleCreateParticipant, "admin"))
+	mux.HandleFunc("GET /api/participants/export", auth(app.handleExportParticipants, "admin"))
+	mux.HandleFunc("GET /api/participants/{id}", auth(app.handleGetParticipant, "admin", "gatekeeper"))
+	mux.HandleFunc("PUT /api/participants/{id}", auth(app.handleUpdateParticipant, "admin"))
+	mux.HandleFunc("DELETE /api/participants/{id}", auth(app.handleDeleteParticipant, "admin"))
+	mux.HandleFunc("POST /api/participants/{id}/merge/{other_id}", auth(app.handleMergeParticipants, "admin"))
 
-	mux.HandleFunc("GET /api/tickets", auth(app.handleListTickets, "admin", "ticketing", "gatekeeper"))
-	mux.HandleFunc("POST /api/tickets", auth(app.handleCreateTicket, "admin", "ticketing"))
-	mux.HandleFunc("POST /api/tickets/{id}/checkin", auth(app.handleCheckInTicket, "admin", "ticketing", "gatekeeper"))
-	mux.HandleFunc("POST /api/tickets/generate-codes", auth(app.handleGenerateTokens, "admin", "ticketing"))
-	mux.HandleFunc("GET /api/tickets/export-links", auth(app.handleExportTokenLinks, "admin", "ticketing"))
-	mux.HandleFunc("POST /api/tickets/email-codes", auth(app.handleEmailAllTokens, "admin", "ticketing"))
-	mux.HandleFunc("POST /api/tickets/{id}/email-code", auth(app.handleEmailToken, "admin", "ticketing"))
+	mux.HandleFunc("GET /api/tickets", auth(app.handleListTickets, "admin", "gatekeeper"))
+	mux.HandleFunc("POST /api/tickets", auth(app.handleCreateTicket, "admin"))
+	mux.HandleFunc("POST /api/tickets/{id}/checkin", auth(app.handleCheckInTicket, "admin", "gatekeeper"))
+	mux.HandleFunc("POST /api/tickets/generate-codes", auth(app.handleGenerateTokens, "admin"))
+	mux.HandleFunc("GET /api/tickets/export-links", auth(app.handleExportTokenLinks, "admin"))
+	mux.HandleFunc("POST /api/tickets/email-codes", auth(app.handleEmailAllTokens, "admin"))
+	mux.HandleFunc("POST /api/tickets/{id}/email-code", auth(app.handleEmailToken, "admin"))
 
 	mux.HandleFunc("GET /api/departments", auth(app.handleListDepartments))
-	mux.HandleFunc("POST /api/departments", auth(app.handleCreateDepartment, "admin", "ticketing", "staffing"))
-	mux.HandleFunc("PUT /api/departments/{id}", auth(app.handleUpdateDepartment, "admin", "ticketing", "staffing"))
-	mux.HandleFunc("DELETE /api/departments/{id}", auth(app.handleDeleteDepartment, "admin", "ticketing"))
+	mux.HandleFunc("POST /api/departments", auth(app.handleCreateDepartment, "admin", "staffing"))
+	mux.HandleFunc("PUT /api/departments/{id}", auth(app.handleUpdateDepartment, "admin", "staffing"))
+	mux.HandleFunc("DELETE /api/departments/{id}", auth(app.handleDeleteDepartment, "admin"))
 
-	mux.HandleFunc("GET /api/volunteers", auth(app.handleListVolunteers, "admin", "ticketing", "staffing", "colead"))
-	mux.HandleFunc("POST /api/volunteers", auth(app.handleCreateVolunteer, "admin", "ticketing", "staffing", "colead"))
-	mux.HandleFunc("GET /api/volunteers/{id}", auth(app.handleGetVolunteer, "admin", "ticketing", "staffing", "colead"))
-	mux.HandleFunc("PUT /api/volunteers/{id}", auth(app.handleUpdateVolunteer, "admin", "ticketing", "staffing", "colead"))
-	mux.HandleFunc("DELETE /api/volunteers/{id}", auth(app.handleDeleteVolunteer, "admin", "ticketing", "staffing", "colead"))
-	mux.HandleFunc("POST /api/volunteers/{id}/ready", auth(app.handleMarkVolunteerReady, "admin", "ticketing", "staffing", "colead"))
+	mux.HandleFunc("GET /api/volunteers", auth(app.handleListVolunteers, "admin", "staffing", "colead"))
+	mux.HandleFunc("POST /api/volunteers", auth(app.handleCreateVolunteer, "admin", "staffing", "colead"))
+	mux.HandleFunc("GET /api/volunteers/{id}", auth(app.handleGetVolunteer, "admin", "staffing", "colead"))
+	mux.HandleFunc("PUT /api/volunteers/{id}", auth(app.handleUpdateVolunteer, "admin", "staffing", "colead"))
+	mux.HandleFunc("DELETE /api/volunteers/{id}", auth(app.handleDeleteVolunteer, "admin", "staffing", "colead"))
+	mux.HandleFunc("POST /api/volunteers/{id}/ready", auth(app.handleMarkVolunteerReady, "admin", "staffing", "colead"))
 	mux.HandleFunc("POST /api/volunteers/{id}/confirm", auth(app.handleConfirmVolunteer, "admin", "staffing", "colead"))
-	mux.HandleFunc("POST /api/volunteers/{id}/shifts", auth(app.handleAssignShift, "admin", "ticketing", "staffing", "colead"))
-	mux.HandleFunc("DELETE /api/volunteers/{id}/shifts/{shift_id}", auth(app.handleUnassignShift, "admin", "ticketing", "staffing", "colead"))
+	mux.HandleFunc("POST /api/volunteers/{id}/shifts", auth(app.handleAssignShift, "admin", "staffing", "colead"))
+	mux.HandleFunc("DELETE /api/volunteers/{id}/shifts/{shift_id}", auth(app.handleUnassignShift, "admin", "staffing", "colead"))
 
-	mux.HandleFunc("GET /api/shifts", auth(app.handleListShifts, "admin", "ticketing", "staffing", "colead"))
-	mux.HandleFunc("POST /api/shifts", auth(app.handleCreateShift, "admin", "ticketing", "staffing", "colead"))
-	mux.HandleFunc("POST /api/shifts/reorder", auth(app.handleReorderShifts, "admin", "ticketing", "staffing", "colead"))
-	mux.HandleFunc("PUT /api/shifts/{id}", auth(app.handleUpdateShift, "admin", "ticketing", "staffing", "colead"))
-	mux.HandleFunc("DELETE /api/shifts/{id}", auth(app.handleDeleteShift, "admin", "ticketing", "staffing", "colead"))
-	mux.HandleFunc("POST /api/shifts/{id}/volunteers", auth(app.handleAssignShiftVolunteer, "admin", "ticketing", "staffing", "colead"))
-	mux.HandleFunc("DELETE /api/shifts/{id}/volunteers/{volunteer_id}", auth(app.handleUnassignShiftVolunteer, "admin", "ticketing", "staffing", "colead"))
+	mux.HandleFunc("GET /api/shifts", auth(app.handleListShifts, "admin", "staffing", "colead"))
+	mux.HandleFunc("POST /api/shifts", auth(app.handleCreateShift, "admin", "staffing", "colead"))
+	mux.HandleFunc("POST /api/shifts/reorder", auth(app.handleReorderShifts, "admin", "staffing", "colead"))
+	mux.HandleFunc("PUT /api/shifts/{id}", auth(app.handleUpdateShift, "admin", "staffing", "colead"))
+	mux.HandleFunc("DELETE /api/shifts/{id}", auth(app.handleDeleteShift, "admin", "staffing", "colead"))
+	mux.HandleFunc("POST /api/shifts/{id}/volunteers", auth(app.handleAssignShiftVolunteer, "admin", "staffing", "colead"))
+	mux.HandleFunc("DELETE /api/shifts/{id}/volunteers/{volunteer_id}", auth(app.handleUnassignShiftVolunteer, "admin", "staffing", "colead"))
 
-	mux.HandleFunc("GET /api/users", auth(app.handleListUsers, "admin", "ticketing"))
-	mux.HandleFunc("POST /api/users", auth(app.handleCreateUser, "admin", "ticketing"))
-	mux.HandleFunc("PUT /api/users/{id}", auth(app.handleUpdateUser, "admin", "ticketing"))
-	mux.HandleFunc("DELETE /api/users/{id}", auth(app.handleDeleteUser, "admin", "ticketing"))
+	mux.HandleFunc("GET /api/users", auth(app.handleListUsers, "admin"))
+	mux.HandleFunc("POST /api/users", auth(app.handleCreateUser, "admin"))
+	mux.HandleFunc("PUT /api/users/{id}", auth(app.handleUpdateUser, "admin"))
+	mux.HandleFunc("DELETE /api/users/{id}", auth(app.handleDeleteUser, "admin"))
 
-	mux.HandleFunc("GET /api/settings", auth(app.handleGetSettings, "admin", "ticketing"))
-	mux.HandleFunc("PUT /api/settings", auth(app.handleUpdateSettings, "admin", "ticketing"))
-	mux.HandleFunc("POST /api/settings/test-email", auth(app.handleTestEmail, "admin", "ticketing"))
-	mux.HandleFunc("POST /api/settings/reset-tickets", auth(app.handleResetTickets, "admin", "ticketing"))
-	mux.HandleFunc("POST /api/settings/reset-volunteers", auth(app.handleResetVolunteers, "admin", "ticketing"))
-	mux.HandleFunc("POST /api/settings/reset-shifts", auth(app.handleResetShifts, "admin", "ticketing"))
-	mux.HandleFunc("POST /api/settings/reset-departments", auth(app.handleResetDepartments, "admin", "ticketing"))
-	mux.HandleFunc("POST /api/settings/reset-volunteer-shifts", auth(app.handleResetVolunteerShifts, "admin", "ticketing"))
+	mux.HandleFunc("GET /api/settings", auth(app.handleGetSettings, "admin"))
+	mux.HandleFunc("PUT /api/settings", auth(app.handleUpdateSettings, "admin"))
+	mux.HandleFunc("POST /api/settings/test-email", auth(app.handleTestEmail, "admin"))
+	mux.HandleFunc("POST /api/settings/reset-tickets", auth(app.handleResetTickets, "admin"))
+	mux.HandleFunc("POST /api/settings/reset-volunteers", auth(app.handleResetVolunteers, "admin"))
+	mux.HandleFunc("POST /api/settings/reset-shifts", auth(app.handleResetShifts, "admin"))
+	mux.HandleFunc("POST /api/settings/reset-departments", auth(app.handleResetDepartments, "admin"))
+	mux.HandleFunc("POST /api/settings/reset-volunteer-shifts", auth(app.handleResetVolunteerShifts, "admin"))
 
-	mux.HandleFunc("POST /api/import", auth(app.handleImport, "admin", "ticketing"))
+	mux.HandleFunc("POST /api/import", auth(app.handleImport, "admin"))
 
 	mux.HandleFunc("GET /api/sync/pull", auth(app.handleSyncPull))
 	mux.HandleFunc("GET /api/sync/stream", auth(app.handleSyncStream))
@@ -161,7 +161,7 @@ func (app *App) registerRoutes(mux *http.ServeMux) {
 		writeJSON(w, map[string]string{"build": buildID})
 	})
 
-	mux.HandleFunc("POST /api/settings/shift-signups", auth(app.handleToggleShiftSignups, "admin", "ticketing", "staffing"))
+	mux.HandleFunc("POST /api/settings/shift-signups", auth(app.handleToggleShiftSignups, "admin", "staffing"))
 
 	// Public endpoints — no JWT required.
 	mux.HandleFunc("GET /api/public/signup-config", app.handlePublicSignupConfig)
@@ -196,9 +196,9 @@ func (app *App) registerRoutes(mux *http.ServeMux) {
 }
 
 func (app *App) bootstrapAdmin() error {
-	adminUser := os.Getenv("TURNPIKE_ADMIN_USER")
+	adminEmail := os.Getenv("TURNPIKE_ADMIN_EMAIL")
 	adminPass := os.Getenv("TURNPIKE_ADMIN_PASSWORD")
-	if adminUser == "" || adminPass == "" {
+	if adminEmail == "" || adminPass == "" {
 		return nil
 	}
 	n, err := app.countUsers()
@@ -209,11 +209,11 @@ func (app *App) bootstrapAdmin() error {
 	if err != nil {
 		return err
 	}
-	_, err = app.createUser(adminUser, hash, "admin", []int{})
+	_, err = app.createUser(adminEmail, "Admin", hash, []string{"admin"}, []int{})
 	if err != nil {
 		return err
 	}
-	log.Printf("Created admin user: %s", adminUser)
+	log.Printf("Created admin user: %s", adminEmail)
 	return nil
 }
 
diff --git a/testutil_test.go b/testutil_test.go
index 8f58833..14351e5 100644
--- a/testutil_test.go
+++ b/testutil_test.go
@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"net/http"
 	"net/http/httptest"
+	"strings"
 	"testing"
 )
 
@@ -16,7 +17,6 @@ func testApp(t *testing.T) *App {
 		t.Fatal(err)
 	}
 	t.Cleanup(func() { db.Close() })
-	// Ensure config table exists (normally created by getOrCreateSecret)
 	db.Exec(`CREATE TABLE IF NOT EXISTS config (key TEXT PRIMARY KEY, value TEXT NOT NULL)`)
 	return &App{
 		db:          db,
@@ -29,17 +29,18 @@ func testApp(t *testing.T) *App {
 func testAdminUser(t *testing.T, app *App) *User {
 	t.Helper()
 	hash, _ := hashPassword("admin123")
-	u, err := app.createUser("admin", hash, "admin", []int{})
+	u, err := app.createUser("oberon@athens.example", "Oberon", hash, []string{"admin"}, []int{})
 	if err != nil {
 		t.Fatal(err)
 	}
 	return u
 }
 
-func testUserWithRole(t *testing.T, app *App, username, role string, deptIDs []int) *User {
+func testUserWithRoles(t *testing.T, app *App, name string, roles []string, deptIDs []int) *User {
 	t.Helper()
-	hash, _ := hashPassword(username + "123")
-	u, err := app.createUser(username, hash, role, deptIDs)
+	email := strings.ToLower(name) + "@athens.example"
+	hash, _ := hashPassword(name + "123")
+	u, err := app.createUser(email, name, hash, roles, deptIDs)
 	if err != nil {
 		t.Fatal(err)
 	}

From da5f3524fa42a97a0f8c2ea44929f1d6cdf449e5 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Tue, 10 Mar 2026 14:24:51 -0500
Subject: [PATCH 37/47] Fixed db resync.

---
 frontend/src/db.js   | 11 ++++++++++-
 frontend/src/sync.js | 39 +++++++++++++++++++++++++++++++++++----
 2 files changed, 45 insertions(+), 5 deletions(-)

diff --git a/frontend/src/db.js b/frontend/src/db.js
index cbc0d38..bfddf9f 100644
--- a/frontend/src/db.js
+++ b/frontend/src/db.js
@@ -51,7 +51,16 @@ db.version(5).stores({
   participants: 'id, email, preferred_name, email_confirmed, updated_at, deleted_at',
 })
 
-db.version(6).stores({}).upgrade(tx => tx.table('session').clear())
+db.version(6).stores({}).upgrade(async tx => {
+  await tx.table('session').clear()
+  await tx.table('meta').clear()
+  await tx.table('participants').clear()
+  await tx.table('tickets').clear()
+  await tx.table('departments').clear()
+  await tx.table('volunteers').clear()
+  await tx.table('shifts').clear()
+  await tx.table('volunteer_shifts').clear()
+})
 
 export async function getLastSync() {
   const m = await db.meta.get('last_sync')
diff --git a/frontend/src/sync.js b/frontend/src/sync.js
index fa3b641..e2c4bff 100644
--- a/frontend/src/sync.js
+++ b/frontend/src/sync.js
@@ -4,10 +4,36 @@ import { api } from './api.js'
 let syncing = false
 let sseSource = null
 
+async function checkBuildChanged() {
+  try {
+    const res = await fetch('/api/version')
+    const { build } = await res.json()
+    if (!build) return
+    const stored = await db.meta.get('build')
+    if (!stored || stored.value !== build) {
+      await db.transaction('rw',
+        [db.meta, db.event, db.participants, db.tickets, db.departments, db.volunteers, db.shifts, db.volunteer_shifts],
+        async () => {
+          await db.meta.clear()
+          await db.event.clear()
+          await db.participants.clear()
+          await db.tickets.clear()
+          await db.departments.clear()
+          await db.volunteers.clear()
+          await db.shifts.clear()
+          await db.volunteer_shifts.clear()
+        }
+      )
+    }
+    await db.meta.put({ key: 'build', value: build })
+  } catch {}
+}
+
 export async function syncPull() {
   if (syncing) return
   syncing = true
   try {
+    await checkBuildChanged()
     const since = await getLastSync()
     const data = await api.sync.pull(since)
 
@@ -51,7 +77,7 @@ export async function syncPull() {
       }
     )
 
-    await setLastSync(data.server_time)
+    if (data.server_time) await setLastSync(data.server_time)
     return true
   } catch (err) {
     console.warn('Sync pull failed:', err.message)
@@ -97,7 +123,7 @@ export function startSSE(onEvent) {
           syncPull()
         }, 5000)
       }
-    })
+    }).catch(() => {})
   }
 
   connect()
@@ -108,18 +134,23 @@ export function stopSSE() {
   sseSource = null
 }
 
-// Poll for sync when online, with exponential backoff on failure
 let syncInterval = null
+let onlineHandler = null
 
 export function startSyncLoop(intervalMs = 30000) {
   if (syncInterval) return
   syncInterval = setInterval(() => {
     if (navigator.onLine) syncPull()
   }, intervalMs)
-  window.addEventListener('online', () => syncPull())
+  onlineHandler = () => syncPull()
+  window.addEventListener('online', onlineHandler)
 }
 
 export function stopSyncLoop() {
   clearInterval(syncInterval)
   syncInterval = null
+  if (onlineHandler) {
+    window.removeEventListener('online', onlineHandler)
+    onlineHandler = null
+  }
 }

From 7dbcd052620f92d953a21e1a63b072533a3e54b4 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Tue, 10 Mar 2026 15:14:36 -0500
Subject: [PATCH 38/47] Rescoped colead role and revised session handling.

---
 auth.go                                 |  14 +++
 db.go                                   |  31 ++++--
 frontend/src/App.svelte                 |   3 +-
 frontend/src/db.js                      |  16 ++-
 frontend/src/pages/Dashboard.svelte     |  12 +--
 frontend/src/pages/ScheduleBoard.svelte |  12 ++-
 frontend/src/sync.js                    |   2 +-
 handle_settings.go                      |   2 +-
 handle_shifts.go                        |  51 ++++++++--
 handle_shifts_test.go                   |  80 +++++++++++++++
 handle_volunteers.go                    |  79 +++++++++++----
 handle_volunteers_test.go               | 124 ++++++++++++++++++++++++
 12 files changed, 376 insertions(+), 50 deletions(-)

diff --git a/auth.go b/auth.go
index 0cc812a..b675e6f 100644
--- a/auth.go
+++ b/auth.go
@@ -108,6 +108,20 @@ func hasAnyRole(roles []string, allowed []string) bool {
 	return false
 }
 
+func isCoLeadOnly(claims *Claims) bool {
+	return hasAnyRole(claims.Roles, []string{"colead"}) &&
+		!hasAnyRole(claims.Roles, []string{"admin", "staffing"})
+}
+
+func inSlice(v int, s []int) bool {
+	for _, x := range s {
+		if x == v {
+			return true
+		}
+	}
+	return false
+}
+
 func claimsFromContext(r *http.Request) *Claims {
 	c, _ := r.Context().Value(claimsKey).(*Claims)
 	return c
diff --git a/db.go b/db.go
index 99b335c..7857020 100644
--- a/db.go
+++ b/db.go
@@ -939,6 +939,8 @@ func (app *App) mergeParticipants(canonicalID, otherID int) error {
 	); err != nil {
 		return err
 	}
+	app.db.Exec(`INSERT OR IGNORE INTO participant_roles (participant_id, role) SELECT ?, role FROM participant_roles WHERE participant_id = ?`, canonicalID, otherID)
+	app.db.Exec(`INSERT OR IGNORE INTO participant_departments (participant_id, department_id) SELECT ?, department_id FROM participant_departments WHERE participant_id = ?`, canonicalID, otherID)
 	_, err := app.db.Exec(
 		`UPDATE participants SET deleted_at=?, updated_at=? WHERE id=?`, ts, ts, otherID,
 	)
@@ -1206,7 +1208,7 @@ const volunteerSelect = `v.id, v.participant_id,
 	v.created_at, v.updated_at, v.deleted_at`
 const volunteerFrom = `FROM volunteers v INNER JOIN participants p ON p.id = v.participant_id`
 
-func (app *App) listVolunteers(search string, deptID *int, since string) ([]Volunteer, error) {
+func (app *App) listVolunteers(search string, deptIDs []int, since string) ([]Volunteer, error) {
 	q := `SELECT ` + volunteerSelect + ` ` + volunteerFrom + ` WHERE 1=1`
 	var args []any
 	if since != "" {
@@ -1220,9 +1222,14 @@ func (app *App) listVolunteers(search string, deptID *int, since string) ([]Volu
 		s := "%" + search + "%"
 		args = append(args, s, s)
 	}
-	if deptID != nil {
+	if len(deptIDs) == 1 {
 		q += ` AND v.department_id = ?`
-		args = append(args, *deptID)
+		args = append(args, deptIDs[0])
+	} else if len(deptIDs) > 1 {
+		q += ` AND v.department_id IN (` + placeholders(len(deptIDs)) + `)`
+		for _, id := range deptIDs {
+			args = append(args, id)
+		}
 	}
 	q += ` ORDER BY p.preferred_name`
 	return queryVolunteers(app.db, q, args...)
@@ -1422,7 +1429,7 @@ func generateConfirmationToken() (string, error) {
 
 // --- Shifts ---
 
-func (app *App) listShifts(deptID *int, day, since string) ([]Shift, error) {
+func (app *App) listShifts(deptIDs []int, day, since string) ([]Shift, error) {
 	q := `SELECT ` + shiftCols + ` FROM shifts WHERE 1=1`
 	var args []any
 	if since != "" {
@@ -1431,9 +1438,14 @@ func (app *App) listShifts(deptID *int, day, since string) ([]Shift, error) {
 	} else {
 		q += ` AND deleted_at IS NULL`
 	}
-	if deptID != nil {
+	if len(deptIDs) == 1 {
 		q += ` AND department_id = ?`
-		args = append(args, *deptID)
+		args = append(args, deptIDs[0])
+	} else if len(deptIDs) > 1 {
+		q += ` AND department_id IN (` + placeholders(len(deptIDs)) + `)`
+		for _, id := range deptIDs {
+			args = append(args, id)
+		}
 	}
 	if day != "" {
 		q += ` AND day = ?`
@@ -1669,3 +1681,10 @@ func boolInt(b bool) int {
 	}
 	return 0
 }
+
+func placeholders(n int) string {
+	if n <= 0 {
+		return ""
+	}
+	return strings.Repeat("?,", n-1) + "?"
+}
diff --git a/frontend/src/App.svelte b/frontend/src/App.svelte
index 52c6741..a1fa253 100644
--- a/frontend/src/App.svelte
+++ b/frontend/src/App.svelte
@@ -84,7 +84,6 @@
 
   const path = $derived(route || '/')
   const roles = $derived(session?.user?.roles ?? [])
-  function hasRole(...allowed) { return roles.some(r => allowed.includes(r)) }
 </script>
 
 {#if updateAvailable}
@@ -125,7 +124,7 @@
         {#if roles.length === 1 && roles[0] === 'colead'}
           <ScheduleBoard {session} />
         {:else}
-          <Dashboard {session} />
+          <Dashboard {session} {navigate} />
         {/if}
       {:else if path.startsWith('/participants')}
         <Participants {session} />
diff --git a/frontend/src/db.js b/frontend/src/db.js
index bfddf9f..bd3b490 100644
--- a/frontend/src/db.js
+++ b/frontend/src/db.js
@@ -80,6 +80,18 @@ export async function saveSession(token, user) {
 }
 
 export async function clearSession() {
-  await db.session.clear()
-  await db.meta.clear()
+  await db.transaction('rw',
+    [db.session, db.meta, db.event, db.participants, db.tickets, db.departments, db.volunteers, db.shifts, db.volunteer_shifts],
+    async () => {
+      await db.session.clear()
+      await db.meta.clear()
+      await db.event.clear()
+      await db.participants.clear()
+      await db.tickets.clear()
+      await db.departments.clear()
+      await db.volunteers.clear()
+      await db.shifts.clear()
+      await db.volunteer_shifts.clear()
+    }
+  )
 }
diff --git a/frontend/src/pages/Dashboard.svelte b/frontend/src/pages/Dashboard.svelte
index 0f6decc..9756b31 100644
--- a/frontend/src/pages/Dashboard.svelte
+++ b/frontend/src/pages/Dashboard.svelte
@@ -2,7 +2,7 @@
   import { liveQuery } from 'dexie'
   import { db } from '../db.js'
 
-  let { session } = $props()
+  let { session, navigate } = $props()
 
   const roles = $derived(session?.user?.roles ?? [])
   function hasRole(...allowed) { return roles.some(r => allowed.includes(r)) }
@@ -147,14 +147,14 @@
   <!-- Quick actions -->
   {#if isAdmin}
     <div class="dash-actions">
-      <a href="/import" class="btn btn-ghost btn-sm">Import CSV</a>
-      <a href="/participants" class="btn btn-ghost btn-sm">Manage Participants</a>
-      <a href="/settings" class="btn btn-ghost btn-sm">Settings</a>
+      <a href="/import" class="btn btn-ghost btn-sm" onclick={(e) => { e.preventDefault(); navigate('/import') }}>Import CSV</a>
+      <a href="/participants" class="btn btn-ghost btn-sm" onclick={(e) => { e.preventDefault(); navigate('/participants') }}>Manage Participants</a>
+      <a href="/settings" class="btn btn-ghost btn-sm" onclick={(e) => { e.preventDefault(); navigate('/settings') }}>Settings</a>
     </div>
   {:else if isStaffing || isColead}
     <div class="dash-actions">
-      <a href="/schedule" class="btn btn-ghost btn-sm">View Schedule</a>
-      <a href="/volunteers" class="btn btn-ghost btn-sm">Manage Volunteers</a>
+      <a href="/schedule" class="btn btn-ghost btn-sm" onclick={(e) => { e.preventDefault(); navigate('/schedule') }}>View Schedule</a>
+      <a href="/volunteers" class="btn btn-ghost btn-sm" onclick={(e) => { e.preventDefault(); navigate('/volunteers') }}>Manage Volunteers</a>
     </div>
   {/if}
 
diff --git a/frontend/src/pages/ScheduleBoard.svelte b/frontend/src/pages/ScheduleBoard.svelte
index 922a0b0..6bea05e 100644
--- a/frontend/src/pages/ScheduleBoard.svelte
+++ b/frontend/src/pages/ScheduleBoard.svelte
@@ -135,11 +135,13 @@
 
     try {
       const res = await api.shifts.reorder(positions)
-      if (res && !res.ok) throw new Error()
-      for (const p of positions) {
-        const s = await db.shifts.get(p.id)
-        if (s) await db.shifts.put({ ...s, position: p.position })
-      }
+      if (res && !res.ok) throw new Error('Reorder failed')
+      await db.transaction('rw', db.shifts, async () => {
+        for (const p of positions) {
+          const s = await db.shifts.get(p.id)
+          if (s) await db.shifts.put({ ...s, position: p.position })
+        }
+      })
     } catch (err) {
       error = err.message
     }
diff --git a/frontend/src/sync.js b/frontend/src/sync.js
index e2c4bff..ef22313 100644
--- a/frontend/src/sync.js
+++ b/frontend/src/sync.js
@@ -22,10 +22,10 @@ async function checkBuildChanged() {
           await db.volunteers.clear()
           await db.shifts.clear()
           await db.volunteer_shifts.clear()
+          await db.meta.put({ key: 'build', value: build })
         }
       )
     }
-    await db.meta.put({ key: 'build', value: build })
   } catch {}
 }
 
diff --git a/handle_settings.go b/handle_settings.go
index d4ed01c..2c0c991 100644
--- a/handle_settings.go
+++ b/handle_settings.go
@@ -58,7 +58,7 @@ func (app *App) handleUpdateSettings(w http.ResponseWriter, r *http.Request) {
 		var val string
 		switch vv := v.(type) {
 		case string:
-			if k == "smtp_password" && vv == "" {
+			if k == "smtp_password" && (vv == "" || vv == "***") {
 				continue
 			}
 			val = vv
diff --git a/handle_shifts.go b/handle_shifts.go
index 67312c5..9299916 100644
--- a/handle_shifts.go
+++ b/handle_shifts.go
@@ -8,20 +8,19 @@ import (
 
 func (app *App) handleListShifts(w http.ResponseWriter, r *http.Request) {
 	q := r.URL.Query()
-	var deptID *int
+	var deptIDs []int
 	if d := q.Get("dept"); d != "" {
-		id, err := strconv.Atoi(d)
-		if err == nil {
-			deptID = &id
+		if id, err := strconv.Atoi(d); err == nil {
+			deptIDs = []int{id}
 		}
 	}
 
 	claims := claimsFromContext(r)
-	if hasAnyRole(claims.Roles, []string{"colead"}) && !hasAnyRole(claims.Roles, []string{"admin", "staffing"}) && deptID == nil && len(claims.DeptIDs) > 0 {
-		deptID = &claims.DeptIDs[0]
+	if isCoLeadOnly(claims) && len(deptIDs) == 0 {
+		deptIDs = claims.DeptIDs
 	}
 
-	shifts, err := app.listShifts(deptID, q.Get("day"), q.Get("since"))
+	shifts, err := app.listShifts(deptIDs, q.Get("day"), q.Get("since"))
 	if err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
@@ -40,7 +39,7 @@ func (app *App) handleCreateShift(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	claims := claimsFromContext(r)
-	if hasAnyRole(claims.Roles, []string{"colead"}) && !hasAnyRole(claims.Roles, []string{"admin", "staffing"}) && !inSlice(s.DepartmentID, claims.DeptIDs) {
+	if isCoLeadOnly(claims) && !inSlice(s.DepartmentID, claims.DeptIDs) {
 		writeError(w, "forbidden: outside your department", http.StatusForbidden)
 		return
 	}
@@ -65,7 +64,7 @@ func (app *App) handleUpdateShift(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	claims := claimsFromContext(r)
-	if hasAnyRole(claims.Roles, []string{"colead"}) && !hasAnyRole(claims.Roles, []string{"admin", "staffing"}) {
+	if isCoLeadOnly(claims) {
 		existing, _ := app.getShift(id)
 		if existing == nil || !inSlice(existing.DepartmentID, claims.DeptIDs) {
 			writeError(w, "forbidden: outside your department", http.StatusForbidden)
@@ -87,6 +86,14 @@ func (app *App) handleDeleteShift(w http.ResponseWriter, r *http.Request) {
 		writeError(w, "invalid id", http.StatusBadRequest)
 		return
 	}
+	claims := claimsFromContext(r)
+	if isCoLeadOnly(claims) {
+		s, _ := app.getShift(id)
+		if s == nil || !inSlice(s.DepartmentID, claims.DeptIDs) {
+			writeError(w, "forbidden: outside your department", http.StatusForbidden)
+			return
+		}
+	}
 	if err := app.deleteShift(id); err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
@@ -111,6 +118,14 @@ func (app *App) handleAssignShiftVolunteer(w http.ResponseWriter, r *http.Reques
 		writeError(w, "volunteer_id required", http.StatusBadRequest)
 		return
 	}
+	claims := claimsFromContext(r)
+	if isCoLeadOnly(claims) {
+		s, _ := app.getShift(shiftID)
+		if s == nil || !inSlice(s.DepartmentID, claims.DeptIDs) {
+			writeError(w, "forbidden: outside your department", http.StatusForbidden)
+			return
+		}
+	}
 
 	if !body.Force {
 		conflicts, err := app.checkShiftConflict(body.VolunteerID, shiftID)
@@ -149,6 +164,14 @@ func (app *App) handleUnassignShiftVolunteer(w http.ResponseWriter, r *http.Requ
 		writeError(w, "invalid volunteer id", http.StatusBadRequest)
 		return
 	}
+	claims := claimsFromContext(r)
+	if isCoLeadOnly(claims) {
+		s, _ := app.getShift(shiftID)
+		if s == nil || !inSlice(s.DepartmentID, claims.DeptIDs) {
+			writeError(w, "forbidden: outside your department", http.StatusForbidden)
+			return
+		}
+	}
 	if err := app.unassignShift(volunteerID, shiftID); err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
@@ -167,6 +190,16 @@ func (app *App) handleReorderShifts(w http.ResponseWriter, r *http.Request) {
 		writeError(w, "array of {id, position} required", http.StatusBadRequest)
 		return
 	}
+	claims := claimsFromContext(r)
+	if isCoLeadOnly(claims) {
+		for _, p := range raw {
+			s, _ := app.getShift(p.ID)
+			if s == nil || !inSlice(s.DepartmentID, claims.DeptIDs) {
+				writeError(w, "forbidden: outside your department", http.StatusForbidden)
+				return
+			}
+		}
+	}
 	positions := make([]struct{ ID, Position int }, len(raw))
 	for i, p := range raw {
 		positions[i] = struct{ ID, Position int }{p.ID, p.Position}
diff --git a/handle_shifts_test.go b/handle_shifts_test.go
index 940164e..19c49bf 100644
--- a/handle_shifts_test.go
+++ b/handle_shifts_test.go
@@ -104,6 +104,86 @@ func TestShiftAssignConflict(t *testing.T) {
 	}
 }
 
+func TestCoLeadDeleteShiftOtherDept(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+
+	deptA, _ := app.createDepartment(Department{Name: "Gate"})
+	deptB, _ := app.createDepartment(Department{Name: "Build"})
+	colead := testUserWithRoles(t, app, "Hermia", []string{"colead"}, []int{deptA.ID})
+	tok := testToken(t, app, colead)
+
+	s, _ := app.createShift(Shift{DepartmentID: deptB.ID, Name: "AM", Day: "2026-03-15", StartTime: "08:00", EndTime: "12:00"})
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testAuthRequest("DELETE", "/api/shifts/"+itoa(s.ID), nil, tok))
+	if w.Code != http.StatusForbidden {
+		t.Errorf("expected 403 for other dept, got %d", w.Code)
+	}
+}
+
+func TestCoLeadDeleteShiftOwnDept(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+
+	deptA, _ := app.createDepartment(Department{Name: "Gate"})
+	colead := testUserWithRoles(t, app, "Hermia", []string{"colead"}, []int{deptA.ID})
+	tok := testToken(t, app, colead)
+
+	s, _ := app.createShift(Shift{DepartmentID: deptA.ID, Name: "AM", Day: "2026-03-15", StartTime: "08:00", EndTime: "12:00"})
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testAuthRequest("DELETE", "/api/shifts/"+itoa(s.ID), nil, tok))
+	if w.Code != http.StatusNoContent {
+		t.Errorf("expected 204 for own dept, got %d: %s", w.Code, w.Body.String())
+	}
+}
+
+func TestCoLeadAssignShiftVolunteerOtherDept(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+
+	deptA, _ := app.createDepartment(Department{Name: "Gate"})
+	deptB, _ := app.createDepartment(Department{Name: "Build"})
+	colead := testUserWithRoles(t, app, "Hermia", []string{"colead"}, []int{deptA.ID})
+	tok := testToken(t, app, colead)
+
+	s, _ := app.createShift(Shift{DepartmentID: deptB.ID, Name: "AM", Day: "2026-03-15", StartTime: "08:00", EndTime: "12:00"})
+	deptBID := deptB.ID
+	p, _ := app.createParticipant(Participant{PreferredName: "Puck", Email: "puck@test.com"})
+	v, _ := app.createVolunteer(Volunteer{ParticipantID: p.ID, DepartmentID: &deptBID})
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testAuthRequest("POST", "/api/shifts/"+itoa(s.ID)+"/volunteers", map[string]any{
+		"volunteer_id": v.ID,
+	}, tok))
+	if w.Code != http.StatusForbidden {
+		t.Errorf("expected 403 for other dept, got %d", w.Code)
+	}
+}
+
+func TestCoLeadReorderShiftsOtherDept(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+
+	deptA, _ := app.createDepartment(Department{Name: "Gate"})
+	deptB, _ := app.createDepartment(Department{Name: "Build"})
+	colead := testUserWithRoles(t, app, "Hermia", []string{"colead"}, []int{deptA.ID})
+	tok := testToken(t, app, colead)
+
+	s1, _ := app.createShift(Shift{DepartmentID: deptB.ID, Name: "A", Day: "2026-03-15", StartTime: "08:00", EndTime: "12:00"})
+	s2, _ := app.createShift(Shift{DepartmentID: deptB.ID, Name: "B", Day: "2026-03-15", StartTime: "12:00", EndTime: "16:00"})
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testAuthRequest("POST", "/api/shifts/reorder", []map[string]int{
+		{"id": s1.ID, "position": 2},
+		{"id": s2.ID, "position": 1},
+	}, tok))
+	if w.Code != http.StatusForbidden {
+		t.Errorf("expected 403 for other dept reorder, got %d", w.Code)
+	}
+}
+
 func TestShiftReorder(t *testing.T) {
 	app := testApp(t)
 	admin := testAdminUser(t, app)
diff --git a/handle_volunteers.go b/handle_volunteers.go
index ec3a317..cd891d2 100644
--- a/handle_volunteers.go
+++ b/handle_volunteers.go
@@ -12,20 +12,19 @@ func (app *App) handleListVolunteers(w http.ResponseWriter, r *http.Request) {
 	search := q.Get("search")
 	since := q.Get("since")
 
-	var deptID *int
+	var deptIDs []int
 	if d := q.Get("dept"); d != "" {
-		id, err := strconv.Atoi(d)
-		if err == nil {
-			deptID = &id
+		if id, err := strconv.Atoi(d); err == nil {
+			deptIDs = []int{id}
 		}
 	}
 
 	claims := claimsFromContext(r)
-	if hasAnyRole(claims.Roles, []string{"colead"}) && !hasAnyRole(claims.Roles, []string{"admin", "staffing"}) && deptID == nil && len(claims.DeptIDs) > 0 {
-		deptID = &claims.DeptIDs[0]
+	if isCoLeadOnly(claims) && len(deptIDs) == 0 {
+		deptIDs = claims.DeptIDs
 	}
 
-	volunteers, err := app.listVolunteers(search, deptID, since)
+	volunteers, err := app.listVolunteers(search, deptIDs, since)
 	if err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
@@ -55,7 +54,7 @@ func (app *App) handleCreateVolunteer(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	claims := claimsFromContext(r)
-	if hasAnyRole(claims.Roles, []string{"colead"}) && !hasAnyRole(claims.Roles, []string{"admin", "staffing"}) {
+	if isCoLeadOnly(claims) {
 		if body.DepartmentID == nil || !inSlice(*body.DepartmentID, claims.DeptIDs) {
 			writeError(w, "forbidden: outside your department", http.StatusForbidden)
 			return
@@ -127,12 +126,16 @@ func (app *App) handleUpdateVolunteer(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	claims := claimsFromContext(r)
-	if hasAnyRole(claims.Roles, []string{"colead"}) && !hasAnyRole(claims.Roles, []string{"admin", "staffing"}) {
+	if isCoLeadOnly(claims) {
 		existing, _ := app.getVolunteer(id)
 		if existing == nil || existing.DepartmentID == nil || !inSlice(*existing.DepartmentID, claims.DeptIDs) {
 			writeError(w, "forbidden: outside your department", http.StatusForbidden)
 			return
 		}
+		if body.DepartmentID != nil && !inSlice(*body.DepartmentID, claims.DeptIDs) {
+			writeError(w, "forbidden: cannot move volunteer to that department", http.StatusForbidden)
+			return
+		}
 	}
 	v := Volunteer{
 		ID:           id,
@@ -157,6 +160,14 @@ func (app *App) handleDeleteVolunteer(w http.ResponseWriter, r *http.Request) {
 		writeError(w, "invalid id", http.StatusBadRequest)
 		return
 	}
+	claims := claimsFromContext(r)
+	if isCoLeadOnly(claims) {
+		v, _ := app.getVolunteer(id)
+		if v == nil || v.DepartmentID == nil || !inSlice(*v.DepartmentID, claims.DeptIDs) {
+			writeError(w, "forbidden: outside your department", http.StatusForbidden)
+			return
+		}
+	}
 	if err := app.deleteVolunteer(id); err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
@@ -171,6 +182,13 @@ func (app *App) handleMarkVolunteerReady(w http.ResponseWriter, r *http.Request)
 		return
 	}
 	claims := claimsFromContext(r)
+	if isCoLeadOnly(claims) {
+		v, _ := app.getVolunteer(id)
+		if v == nil || v.DepartmentID == nil || !inSlice(*v.DepartmentID, claims.DeptIDs) {
+			writeError(w, "forbidden: outside your department", http.StatusForbidden)
+			return
+		}
+	}
 	v, err := app.markVolunteerReady(id, claims.ParticipantID)
 	if err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
@@ -186,6 +204,14 @@ func (app *App) handleConfirmVolunteer(w http.ResponseWriter, r *http.Request) {
 		writeError(w, "invalid id", http.StatusBadRequest)
 		return
 	}
+	claims := claimsFromContext(r)
+	if isCoLeadOnly(claims) {
+		v, _ := app.getVolunteer(id)
+		if v == nil || v.DepartmentID == nil || !inSlice(*v.DepartmentID, claims.DeptIDs) {
+			writeError(w, "forbidden: outside your department", http.StatusForbidden)
+			return
+		}
+	}
 	v, err := app.confirmVolunteer(id)
 	if err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
@@ -207,7 +233,24 @@ func (app *App) handleAssignShift(w http.ResponseWriter, r *http.Request) {
 		writeError(w, "shift_id required", http.StatusBadRequest)
 		return
 	}
-	if err := app.assignShift(volunteerID, body.ShiftID); err != nil {
+	claims := claimsFromContext(r)
+	if isCoLeadOnly(claims) {
+		v, _ := app.getVolunteer(volunteerID)
+		if v == nil || v.DepartmentID == nil || !inSlice(*v.DepartmentID, claims.DeptIDs) {
+			writeError(w, "forbidden: outside your department", http.StatusForbidden)
+			return
+		}
+	}
+	shift, err := app.getShift(body.ShiftID)
+	if err != nil || shift == nil {
+		writeError(w, "shift not found", http.StatusNotFound)
+		return
+	}
+	if err := app.assignShiftWithCapacity(volunteerID, body.ShiftID, shift.Capacity); err != nil {
+		if err == errShiftFull {
+			writeError(w, "shift is at capacity", http.StatusConflict)
+			return
+		}
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
@@ -225,6 +268,14 @@ func (app *App) handleUnassignShift(w http.ResponseWriter, r *http.Request) {
 		writeError(w, "invalid shift id", http.StatusBadRequest)
 		return
 	}
+	claims := claimsFromContext(r)
+	if isCoLeadOnly(claims) {
+		v, _ := app.getVolunteer(volunteerID)
+		if v == nil || v.DepartmentID == nil || !inSlice(*v.DepartmentID, claims.DeptIDs) {
+			writeError(w, "forbidden: outside your department", http.StatusForbidden)
+			return
+		}
+	}
 	if err := app.unassignShift(volunteerID, shiftID); err != nil {
 		writeError(w, err.Error(), http.StatusInternalServerError)
 		return
@@ -232,11 +283,3 @@ func (app *App) handleUnassignShift(w http.ResponseWriter, r *http.Request) {
 	w.WriteHeader(http.StatusNoContent)
 }
 
-func inSlice(v int, s []int) bool {
-	for _, x := range s {
-		if x == v {
-			return true
-		}
-	}
-	return false
-}
diff --git a/handle_volunteers_test.go b/handle_volunteers_test.go
index 19ff1b0..dc61f28 100644
--- a/handle_volunteers_test.go
+++ b/handle_volunteers_test.go
@@ -79,6 +79,130 @@ func TestConfirmVolunteerRequiresRole(t *testing.T) {
 	}
 }
 
+func TestCoLeadDeleteVolunteerOwnDept(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+
+	deptA, _ := app.createDepartment(Department{Name: "Gate"})
+	colead := testUserWithRoles(t, app, "Hermia", []string{"colead"}, []int{deptA.ID})
+	tok := testToken(t, app, colead)
+
+	deptAID := deptA.ID
+	p, _ := app.createParticipant(Participant{PreferredName: "Puck", Email: "puck@test.com"})
+	v, _ := app.createVolunteer(Volunteer{ParticipantID: p.ID, DepartmentID: &deptAID})
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testAuthRequest("DELETE", "/api/volunteers/"+itoa(v.ID), nil, tok))
+	if w.Code != http.StatusNoContent {
+		t.Errorf("expected 204 for own dept, got %d: %s", w.Code, w.Body.String())
+	}
+}
+
+func TestCoLeadDeleteVolunteerOtherDept(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+
+	deptA, _ := app.createDepartment(Department{Name: "Gate"})
+	deptB, _ := app.createDepartment(Department{Name: "Build"})
+	colead := testUserWithRoles(t, app, "Hermia", []string{"colead"}, []int{deptA.ID})
+	tok := testToken(t, app, colead)
+
+	deptBID := deptB.ID
+	p, _ := app.createParticipant(Participant{PreferredName: "Puck", Email: "puck@test.com"})
+	v, _ := app.createVolunteer(Volunteer{ParticipantID: p.ID, DepartmentID: &deptBID})
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testAuthRequest("DELETE", "/api/volunteers/"+itoa(v.ID), nil, tok))
+	if w.Code != http.StatusForbidden {
+		t.Errorf("expected 403 for other dept, got %d", w.Code)
+	}
+}
+
+func TestCoLeadConfirmVolunteerOtherDept(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+
+	deptA, _ := app.createDepartment(Department{Name: "Gate"})
+	deptB, _ := app.createDepartment(Department{Name: "Build"})
+	colead := testUserWithRoles(t, app, "Hermia", []string{"colead"}, []int{deptA.ID})
+	tok := testToken(t, app, colead)
+
+	deptBID := deptB.ID
+	p, _ := app.createParticipant(Participant{PreferredName: "Puck", Email: "puck@test.com"})
+	v, _ := app.createVolunteer(Volunteer{ParticipantID: p.ID, DepartmentID: &deptBID})
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testAuthRequest("POST", "/api/volunteers/"+itoa(v.ID)+"/confirm", nil, tok))
+	if w.Code != http.StatusForbidden {
+		t.Errorf("expected 403 for other dept, got %d", w.Code)
+	}
+}
+
+func TestCoLeadReadyVolunteerOtherDept(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+
+	deptA, _ := app.createDepartment(Department{Name: "Gate"})
+	deptB, _ := app.createDepartment(Department{Name: "Build"})
+	colead := testUserWithRoles(t, app, "Hermia", []string{"colead"}, []int{deptA.ID})
+	tok := testToken(t, app, colead)
+
+	deptBID := deptB.ID
+	p, _ := app.createParticipant(Participant{PreferredName: "Puck", Email: "puck@test.com"})
+	v, _ := app.createVolunteer(Volunteer{ParticipantID: p.ID, DepartmentID: &deptBID})
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testAuthRequest("POST", "/api/volunteers/"+itoa(v.ID)+"/ready", nil, tok))
+	if w.Code != http.StatusForbidden {
+		t.Errorf("expected 403 for other dept, got %d", w.Code)
+	}
+}
+
+func TestCoLeadAssignShiftOtherDept(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+
+	deptA, _ := app.createDepartment(Department{Name: "Gate"})
+	deptB, _ := app.createDepartment(Department{Name: "Build"})
+	colead := testUserWithRoles(t, app, "Hermia", []string{"colead"}, []int{deptA.ID})
+	tok := testToken(t, app, colead)
+
+	deptBID := deptB.ID
+	p, _ := app.createParticipant(Participant{PreferredName: "Puck", Email: "puck@test.com"})
+	v, _ := app.createVolunteer(Volunteer{ParticipantID: p.ID, DepartmentID: &deptBID})
+	s, _ := app.createShift(Shift{DepartmentID: deptB.ID, Name: "AM", Day: "2026-03-15", StartTime: "08:00", EndTime: "12:00"})
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testAuthRequest("POST", "/api/volunteers/"+itoa(v.ID)+"/shifts", map[string]any{
+		"shift_id": s.ID,
+	}, tok))
+	if w.Code != http.StatusForbidden {
+		t.Errorf("expected 403 for other dept, got %d", w.Code)
+	}
+}
+
+func TestCoLeadUpdateVolunteerTargetDeptForbidden(t *testing.T) {
+	app := testApp(t)
+	mux := testMux(app)
+
+	deptA, _ := app.createDepartment(Department{Name: "Gate"})
+	deptB, _ := app.createDepartment(Department{Name: "Build"})
+	colead := testUserWithRoles(t, app, "Hermia", []string{"colead"}, []int{deptA.ID})
+	tok := testToken(t, app, colead)
+
+	deptAID := deptA.ID
+	p, _ := app.createParticipant(Participant{PreferredName: "Puck", Email: "puck@test.com"})
+	v, _ := app.createVolunteer(Volunteer{ParticipantID: p.ID, DepartmentID: &deptAID})
+
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, testAuthRequest("PUT", "/api/volunteers/"+itoa(v.ID), map[string]any{
+		"department_id": deptB.ID,
+	}, tok))
+	if w.Code != http.StatusForbidden {
+		t.Errorf("expected 403 moving to other dept, got %d: %s", w.Code, w.Body.String())
+	}
+}
+
 func TestUpdateVolunteerDepartment(t *testing.T) {
 	app := testApp(t)
 	mux := testMux(app)

From ad8c3a64b64d8bbd98873513503e67a5ecd2ec93 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Tue, 10 Mar 2026 15:27:49 -0500
Subject: [PATCH 39/47] Removed dead attendees DB code.

---
 db.go      | 325 +----------------------------------------------------
 db_test.go |  94 +---------------
 2 files changed, 4 insertions(+), 415 deletions(-)

diff --git a/db.go b/db.go
index 7857020..0315da8 100644
--- a/db.go
+++ b/db.go
@@ -49,28 +49,6 @@ func migrate(db *sql.DB) error {
 		deleted_at  TEXT
 	);
 
-	CREATE TABLE IF NOT EXISTS attendees (
-		id               INTEGER PRIMARY KEY AUTOINCREMENT,
-		name             TEXT NOT NULL,
-		email            TEXT NOT NULL DEFAULT '',
-		phone            TEXT NOT NULL DEFAULT '',
-		ticket_id        TEXT NOT NULL DEFAULT '',
-		ticket_type      TEXT NOT NULL DEFAULT '',
-		volunteer_token  TEXT UNIQUE,
-		party_size       INTEGER NOT NULL DEFAULT 1,
-		checked_in       INTEGER NOT NULL DEFAULT 0,
-		checked_in_count INTEGER NOT NULL DEFAULT 0,
-		checked_in_at    TEXT,
-		checked_in_by    INTEGER REFERENCES participants(id),
-		note             TEXT NOT NULL DEFAULT '',
-		created_at       TEXT NOT NULL DEFAULT (datetime('now')),
-		updated_at       TEXT NOT NULL DEFAULT (datetime('now')),
-		deleted_at       TEXT
-	);
-
-	CREATE UNIQUE INDEX IF NOT EXISTS idx_attendees_name_ticket
-		ON attendees(name, ticket_id) WHERE deleted_at IS NULL;
-
 	CREATE TABLE IF NOT EXISTS volunteers (
 		id             INTEGER PRIMARY KEY AUTOINCREMENT,
 		participant_id INTEGER NOT NULL REFERENCES participants(id) ON DELETE CASCADE,
@@ -122,6 +100,8 @@ func migrate(db *sql.DB) error {
 		note               TEXT NOT NULL DEFAULT '',
 		email_confirmed    INTEGER NOT NULL DEFAULT 0,
 		confirmation_token TEXT,
+		password_hash      TEXT,
+		login_enabled      INTEGER NOT NULL DEFAULT 0,
 		created_at         TEXT NOT NULL DEFAULT (datetime('now')),
 		updated_at         TEXT NOT NULL DEFAULT (datetime('now')),
 		deleted_at         TEXT
@@ -161,95 +141,11 @@ func migrate(db *sql.DB) error {
 		PRIMARY KEY (participant_id, department_id)
 	);
 	`)
-	if err != nil {
-		return err
-	}
-	if err := migrateAuth(db); err != nil {
-		return err
-	}
-	return nil
-}
-
-func migrateAuth(db *sql.DB) error {
-	// Add auth columns to participants (idempotent — ignore "duplicate column" errors).
-	db.Exec(`ALTER TABLE participants ADD COLUMN password_hash TEXT`)
-	db.Exec(`ALTER TABLE participants ADD COLUMN login_enabled INTEGER NOT NULL DEFAULT 0`)
-
-	// Migrate users → participants if the old users table exists.
-	var hasUsers int
-	if err := db.QueryRow(`SELECT COUNT(*) FROM sqlite_master WHERE type='table' AND name='users'`).Scan(&hasUsers); err != nil || hasUsers == 0 {
-		return nil
-	}
-
-	// Collect all users first (single connection — can't query and exec concurrently).
-	type oldUser struct {
-		id   int
-		name string
-		hash string
-		role string
-	}
-	rows, err := db.Query(`SELECT id, username, password_hash, role FROM users`)
-	if err != nil {
-		return nil
-	}
-	var users []oldUser
-	for rows.Next() {
-		var u oldUser
-		if err := rows.Scan(&u.id, &u.name, &u.hash, &u.role); err != nil {
-			continue
-		}
-		if u.role == "ticketing" {
-			u.role = "admin"
-		}
-		users = append(users, u)
-	}
-	rows.Close()
-
-	// Collect department assignments.
-	type deptAssign struct {
-		userID int
-		deptID int
-	}
-	deptRows, err := db.Query(`SELECT user_id, department_id FROM user_departments`)
-	var deptAssigns []deptAssign
-	if err == nil {
-		for deptRows.Next() {
-			var da deptAssign
-			deptRows.Scan(&da.userID, &da.deptID)
-			deptAssigns = append(deptAssigns, da)
-		}
-		deptRows.Close()
-	}
-
-	// Now insert with the connection free.
-	for _, u := range users {
-		res, err := db.Exec(
-			`INSERT INTO participants (preferred_name, password_hash, login_enabled, updated_at) VALUES (?, ?, 1, ?)`,
-			u.name, u.hash, now(),
-		)
-		if err != nil {
-			continue
-		}
-		pid, _ := res.LastInsertId()
-		db.Exec(`INSERT OR IGNORE INTO participant_roles (participant_id, role) VALUES (?, ?)`, pid, u.role)
-		for _, da := range deptAssigns {
-			if da.userID == u.id {
-				db.Exec(`INSERT OR IGNORE INTO participant_departments (participant_id, department_id) VALUES (?, ?)`, pid, da.deptID)
-			}
-		}
-	}
-
-	db.Exec(`DROP TABLE IF EXISTS user_departments`)
-	db.Exec(`DROP TABLE IF EXISTS users`)
-	return nil
+	return err
 }
 
 // --- Types ---
 
-const attendeeCols = `id, name, email, phone, ticket_id, ticket_type, volunteer_token,
-	party_size, checked_in, checked_in_count, checked_in_at, checked_in_by,
-	note, created_at, updated_at, deleted_at`
-
 const shiftCols = `id, department_id, name, day, start_time, end_time, capacity, position, updated_at, deleted_at`
 const shiftColsS = `s.id, s.department_id, s.name, s.day, s.start_time, s.end_time, s.capacity, s.position, s.updated_at, s.deleted_at`
 
@@ -273,25 +169,6 @@ type User struct {
 	CreatedAt     string   `json:"created_at"`
 }
 
-type Attendee struct {
-	ID             int     `json:"id"`
-	Name           string  `json:"name"`
-	Email          string  `json:"email"`
-	Phone          string  `json:"phone"`
-	TicketID       string  `json:"ticket_id"`
-	TicketType     string  `json:"ticket_type"`
-	VolunteerToken *string `json:"volunteer_token,omitempty"`
-	PartySize      int     `json:"party_size"`
-	CheckedIn      bool    `json:"checked_in"`
-	CheckedInCount int     `json:"checked_in_count"`
-	CheckedInAt    *string `json:"checked_in_at,omitempty"`
-	CheckedInBy    *int    `json:"checked_in_by,omitempty"`
-	Note           string  `json:"note"`
-	CreatedAt      string  `json:"created_at"`
-	UpdatedAt      string  `json:"updated_at"`
-	DeletedAt      *string `json:"deleted_at,omitempty"`
-}
-
 type Department struct {
 	ID          int     `json:"id"`
 	Name        string  `json:"name"`
@@ -688,174 +565,6 @@ func (app *App) generateCodesForAll() (int, error) {
 	return count, nil
 }
 
-// incrementPartySize is kept for backward compatibility with existing tests.
-func (app *App) incrementPartySize(name, ticketID string) (bool, error) {
-	res, err := app.db.Exec(
-		`UPDATE attendees SET party_size = party_size + 1, updated_at = ?
-		 WHERE name = ? AND ticket_id = ? AND deleted_at IS NULL`,
-		now(), name, ticketID,
-	)
-	if err != nil {
-		return false, err
-	}
-	n, _ := res.RowsAffected()
-	return n > 0, nil
-}
-
-// --- Attendees ---
-
-func (app *App) listAttendees(search, ticketType, checkedIn string) ([]Attendee, error) {
-	q := `SELECT ` + attendeeCols + ` FROM attendees WHERE deleted_at IS NULL`
-	var args []any
-	if search != "" {
-		q += ` AND (name LIKE ? OR email LIKE ? OR ticket_id LIKE ?)`
-		s := "%" + search + "%"
-		args = append(args, s, s, s)
-	}
-	if ticketType != "" {
-		q += ` AND ticket_type = ?`
-		args = append(args, ticketType)
-	}
-	if checkedIn == "true" {
-		q += ` AND checked_in = 1`
-	} else if checkedIn == "false" {
-		q += ` AND checked_in = 0`
-	}
-	q += ` ORDER BY name ASC`
-	return queryAttendees(app.db, q, args...)
-}
-
-func (app *App) getAttendee(id int) (*Attendee, error) {
-	rows, err := queryAttendees(app.db,
-		`SELECT `+attendeeCols+` FROM attendees WHERE id = ?`, id)
-	if err != nil || len(rows) == 0 {
-		return nil, err
-	}
-	return &rows[0], nil
-}
-
-func (app *App) createAttendee(a Attendee) (*Attendee, error) {
-	res, err := app.db.Exec(
-		`INSERT INTO attendees (name, email, phone, ticket_id, ticket_type, note, updated_at)
-		 VALUES (?, ?, ?, ?, ?, ?, ?)`,
-		a.Name, a.Email, a.Phone, a.TicketID, a.TicketType, a.Note, now(),
-	)
-	if err != nil {
-		return nil, err
-	}
-	id, _ := res.LastInsertId()
-	return app.getAttendee(int(id))
-}
-
-func (app *App) updateAttendee(a Attendee) error {
-	_, err := app.db.Exec(
-		`UPDATE attendees SET name=?, email=?, phone=?, ticket_id=?, ticket_type=?, note=?, updated_at=?
-		 WHERE id = ? AND deleted_at IS NULL`,
-		a.Name, a.Email, a.Phone, a.TicketID, a.TicketType, a.Note, now(), a.ID,
-	)
-	return err
-}
-
-func (app *App) deleteAttendee(id int) error {
-	_, err := app.db.Exec(
-		`UPDATE attendees SET deleted_at = ?, updated_at = ? WHERE id = ?`, now(), now(), id,
-	)
-	return err
-}
-
-// checkInAttendee increments checked_in_count by count (capped at party_size).
-// Sets checked_in and checked_in_at on the first check-in.
-func (app *App) checkInAttendee(id, userID, count int) (*Attendee, error) {
-	if count < 1 {
-		count = 1
-	}
-	a, err := app.getAttendee(id)
-	if err != nil || a == nil {
-		return nil, err
-	}
-	remaining := a.PartySize - a.CheckedInCount
-	if count > remaining {
-		count = remaining
-	}
-	if count <= 0 {
-		return a, nil
-	}
-	t := now()
-	_, err = app.db.Exec(`
-		UPDATE attendees SET
-			checked_in_count = checked_in_count + ?,
-			checked_in       = CASE WHEN checked_in = 0 THEN 1 ELSE checked_in END,
-			checked_in_at    = CASE WHEN checked_in = 0 THEN ? ELSE checked_in_at END,
-			checked_in_by    = CASE WHEN checked_in = 0 THEN ? ELSE checked_in_by END,
-			updated_at       = ?
-		WHERE id = ? AND deleted_at IS NULL`,
-		count, t, userID, t, id,
-	)
-	if err != nil {
-		return nil, err
-	}
-	return app.getAttendee(id)
-}
-
-func (app *App) attendeesSince(since string) ([]Attendee, error) {
-	return queryAttendees(app.db,
-		`SELECT `+attendeeCols+` FROM attendees WHERE updated_at > ? ORDER BY updated_at ASC`, since)
-}
-
-func queryAttendees(db *sql.DB, q string, args ...any) ([]Attendee, error) {
-	rows, err := db.Query(q, args...)
-	if err != nil {
-		return nil, err
-	}
-	defer rows.Close()
-	var result []Attendee
-	for rows.Next() {
-		var a Attendee
-		var checkedIn int
-		var token sql.NullString
-		if err := rows.Scan(
-			&a.ID, &a.Name, &a.Email, &a.Phone, &a.TicketID, &a.TicketType,
-			&token, &a.PartySize, &checkedIn, &a.CheckedInCount,
-			&a.CheckedInAt, &a.CheckedInBy, &a.Note,
-			&a.CreatedAt, &a.UpdatedAt, &a.DeletedAt,
-		); err != nil {
-			return nil, err
-		}
-		if token.Valid && token.String != "" {
-			a.VolunteerToken = &token.String
-		}
-		a.CheckedIn = checkedIn == 1
-		if a.PartySize < 1 {
-			a.PartySize = 1
-		}
-		result = append(result, a)
-	}
-	return result, rows.Err()
-}
-
-func (app *App) attendeeTicketTypes() ([]string, error) {
-	rows, err := app.db.Query(
-		`SELECT DISTINCT ticket_type FROM attendees WHERE ticket_type != '' AND deleted_at IS NULL ORDER BY ticket_type`,
-	)
-	if err != nil {
-		return nil, err
-	}
-	defer rows.Close()
-	var types []string
-	for rows.Next() {
-		var t string
-		rows.Scan(&t)
-		types = append(types, t)
-	}
-	return types, rows.Err()
-}
-
-func (app *App) attendeeCounts() (total, checkedIn int, err error) {
-	app.db.QueryRow(`SELECT COUNT(*) FROM attendees WHERE deleted_at IS NULL`).Scan(&total)
-	app.db.QueryRow(`SELECT COUNT(*) FROM attendees WHERE checked_in=1 AND deleted_at IS NULL`).Scan(&checkedIn)
-	return
-}
-
 // --- Participants ---
 
 const participantCols = `id, email, preferred_name, ticket_name, phone, pronouns, note, email_confirmed, confirmation_token, created_at, updated_at, deleted_at`
@@ -1021,15 +730,6 @@ func (app *App) getTicket(id int) (*Ticket, error) {
 	return &rows[0], nil
 }
 
-func (app *App) getTicketByCode(code string) (*Ticket, error) {
-	rows, err := queryTickets(app.db,
-		`SELECT `+ticketCols+` FROM tickets WHERE code = ? AND deleted_at IS NULL`, code)
-	if err != nil || len(rows) == 0 {
-		return nil, err
-	}
-	return &rows[0], nil
-}
-
 func (app *App) createTicket(t Ticket) (*Ticket, error) {
 	res, err := app.db.Exec(
 		`INSERT INTO tickets (participant_id, name, ticket_type, source, external_id, order_id, code, updated_at)
@@ -1066,16 +766,6 @@ func (app *App) deleteTicket(id int) error {
 	return err
 }
 
-func (app *App) ticketsSince(since string) ([]Ticket, error) {
-	return queryTickets(app.db,
-		`SELECT `+ticketCols+` FROM tickets WHERE updated_at > ? ORDER BY updated_at ASC`, since)
-}
-
-func (app *App) participantsSince(since string) ([]Participant, error) {
-	return queryParticipants(app.db,
-		`SELECT `+participantCols+` FROM participants WHERE updated_at > ? ORDER BY updated_at ASC`, since)
-}
-
 func queryTickets(db *sql.DB, q string, args ...any) ([]Ticket, error) {
 	rows, err := db.Query(q, args...)
 	if err != nil {
@@ -1244,15 +934,6 @@ func (app *App) getVolunteer(id int) (*Volunteer, error) {
 	return &rows[0], nil
 }
 
-func (app *App) getVolunteerByParticipantID(participantID int) (*Volunteer, error) {
-	rows, err := queryVolunteers(app.db,
-		`SELECT `+volunteerSelect+` `+volunteerFrom+` WHERE v.participant_id = ? AND v.deleted_at IS NULL LIMIT 1`, participantID)
-	if err != nil || len(rows) == 0 {
-		return nil, err
-	}
-	return &rows[0], nil
-}
-
 func (app *App) createVolunteer(v Volunteer) (*Volunteer, error) {
 	res, err := app.db.Exec(
 		`INSERT INTO volunteers (participant_id, department_id, is_lead, note, updated_at)
diff --git a/db_test.go b/db_test.go
index edb2b6d..5755d08 100644
--- a/db_test.go
+++ b/db_test.go
@@ -7,7 +7,7 @@ import (
 func TestMigrate(t *testing.T) {
 	app := testApp(t)
 	// Verify tables exist by querying each one
-	tables := []string{"event", "participants", "participant_roles", "attendees", "departments", "volunteers", "shifts", "volunteer_shifts"}
+	tables := []string{"event", "participants", "participant_roles", "departments", "volunteers", "shifts", "volunteer_shifts"}
 	for _, table := range tables {
 		var count int
 		err := app.db.QueryRow("SELECT COUNT(*) FROM " + table).Scan(&count)
@@ -17,98 +17,6 @@ func TestMigrate(t *testing.T) {
 	}
 }
 
-func TestAttendeesCRUD(t *testing.T) {
-	app := testApp(t)
-
-	a, err := app.createAttendee(Attendee{Name: "Titania", Email: "titania@test.com", TicketType: "GA"})
-	if err != nil {
-		t.Fatal(err)
-	}
-	if a.ID == 0 || a.Name != "Titania" {
-		t.Errorf("create: got %+v", a)
-	}
-
-	got, err := app.getAttendee(a.ID)
-	if err != nil || got == nil {
-		t.Fatal("get: not found")
-	}
-	if got.Email != "titania@test.com" {
-		t.Errorf("get: email = %q", got.Email)
-	}
-
-	got.Name = "Titania Fairweather"
-	if err := app.updateAttendee(*got); err != nil {
-		t.Fatal(err)
-	}
-	got2, _ := app.getAttendee(a.ID)
-	if got2.Name != "Titania Fairweather" {
-		t.Errorf("update: name = %q", got2.Name)
-	}
-
-	if err := app.deleteAttendee(a.ID); err != nil {
-		t.Fatal(err)
-	}
-	// getAttendee returns soft-deleted records; listAttendees filters them
-	attendees, _ := app.listAttendees("", "", "")
-	for _, at := range attendees {
-		if at.ID == a.ID {
-			t.Error("delete: still visible in list")
-		}
-	}
-}
-
-func TestIncrementPartySize(t *testing.T) {
-	app := testApp(t)
-
-	app.createAttendee(Attendee{Name: "Oberon", TicketID: "ORD-100"})
-
-	merged, err := app.incrementPartySize("Oberon", "ORD-100")
-	if err != nil || !merged {
-		t.Fatalf("increment: merged=%v, err=%v", merged, err)
-	}
-
-	a, _ := app.getAttendee(1)
-	if a.PartySize != 2 {
-		t.Errorf("party_size = %d, want 2", a.PartySize)
-	}
-
-	// Different ticket_id should not merge
-	merged2, _ := app.incrementPartySize("Oberon", "ORD-200")
-	if merged2 {
-		t.Error("should not merge different ticket_id")
-	}
-}
-
-func TestCheckInAttendee(t *testing.T) {
-	app := testApp(t)
-	admin := testAdminUser(t, app)
-
-	app.createAttendee(Attendee{Name: "Puck"})
-	// Set party_size directly since createAttendee defaults to 1
-	app.db.Exec(`UPDATE attendees SET party_size = 3 WHERE id = 1`)
-
-	// Check in 1
-	a, err := app.checkInAttendee(1, admin.ID, 1)
-	if err != nil {
-		t.Fatal(err)
-	}
-	if a.CheckedInCount != 1 || !a.CheckedIn {
-		t.Errorf("after 1: count=%d, checked_in=%v", a.CheckedInCount, a.CheckedIn)
-	}
-
-	// Check in 2 more (should cap at party_size=3)
-	a, _ = app.checkInAttendee(1, admin.ID, 5)
-	if a.CheckedInCount != 3 {
-		t.Errorf("after cap: count=%d, want 3", a.CheckedInCount)
-	}
-
-	// Check in again — already full, should stay at 3
-	a, _ = app.checkInAttendee(1, admin.ID, 1)
-	if a.CheckedInCount != 3 {
-		t.Errorf("after full: count=%d, want 3", a.CheckedInCount)
-	}
-}
-
 func TestGenerateToken(t *testing.T) {
 	token, err := generateToken()
 	if err != nil {

From 5527c1eb91df025343052c06faef1eaac2d29578 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Tue, 10 Mar 2026 15:37:34 -0500
Subject: [PATCH 40/47] Clarified distinction between Preferred and Ticketed
 Name.

---
 frontend/src/pages/Participants.svelte | 22 +++++++++++++++-------
 frontend/src/pages/Users.svelte        |  4 ++--
 frontend/src/pages/Volunteers.svelte   |  6 +++++-
 3 files changed, 22 insertions(+), 10 deletions(-)

diff --git a/frontend/src/pages/Participants.svelte b/frontend/src/pages/Participants.svelte
index fa850a3..65eda24 100644
--- a/frontend/src/pages/Participants.svelte
+++ b/frontend/src/pages/Participants.svelte
@@ -19,6 +19,7 @@
   let showAdd = $state(false)
   let adding = $state(false)
   let newName = $state('')
+  let newTicketedName = $state('')
   let newEmail = $state('')
   let newPhone = $state('')
   let newPronouns = $state('')
@@ -27,6 +28,7 @@
   // Edit participant
   let editId = $state(null)
   let editName = $state('')
+  let editTicketedName = $state('')
   let editEmail = $state('')
   let editPhone = $state('')
   let editPronouns = $state('')
@@ -151,12 +153,12 @@
     adding = true; error = ''
     try {
       const p = await api.participants.create({
-        preferred_name: newName, email: newEmail, phone: newPhone,
-        pronouns: newPronouns, note: newNote,
+        preferred_name: newName, ticket_name: newTicketedName, email: newEmail,
+        phone: newPhone, pronouns: newPronouns, note: newNote,
       })
       await db.participants.put(p)
       showAdd = false
-      newName = newEmail = newPhone = newPronouns = newNote = ''
+      newName = newTicketedName = newEmail = newPhone = newPronouns = newNote = ''
     } catch (err) {
       error = err.message
     } finally {
@@ -167,6 +169,7 @@
   function startEdit(p) {
     editId = p.id
     editName = p.preferred_name
+    editTicketedName = p.ticket_name || ''
     editEmail = p.email
     editPhone = p.phone
     editPronouns = p.pronouns
@@ -178,8 +181,8 @@
     saving = true; error = ''
     try {
       const p = await api.participants.update(editId, {
-        preferred_name: editName, email: editEmail, phone: editPhone,
-        pronouns: editPronouns, note: editNote,
+        preferred_name: editName, ticket_name: editTicketedName, email: editEmail,
+        phone: editPhone, pronouns: editPronouns, note: editNote,
       })
       await db.participants.put(p)
       editId = null
@@ -247,9 +250,13 @@
       <form onsubmit={addParticipant}>
         <div class="form-grid" style="display:grid;grid-template-columns:1fr 1fr;gap:1rem">
           <div class="form-group">
-            <label for="p-name">Name</label>
+            <label for="p-name">Preferred Name</label>
             <input id="p-name" bind:value={newName} placeholder="Preferred name" />
           </div>
+          <div class="form-group">
+            <label for="p-tname">Ticketed Name</label>
+            <input id="p-tname" bind:value={newTicketedName} placeholder="Legal/ticketed name" />
+          </div>
           <div class="form-group">
             <label for="p-email">Email</label>
             <input id="p-email" type="email" bind:value={newEmail} placeholder="email@example.com" />
@@ -324,7 +331,7 @@
       <table>
         <thead>
           <tr>
-            <th>Name</th>
+            <th>Preferred Name</th>
             <th>Email</th>
             <th>Tickets</th>
             <th>Status</th>
@@ -344,6 +351,7 @@
                   <form class="participant-edit-form" onsubmit={saveEdit}>
                     <div class="edit-fields">
                       <input bind:value={editName} placeholder="Preferred name" />
+                      <input bind:value={editTicketedName} placeholder="Ticketed name" />
                       <input type="email" bind:value={editEmail} placeholder="Email" />
                       <input bind:value={editPhone} placeholder="Phone" />
                       <input bind:value={editPronouns} placeholder="Pronouns" />
diff --git a/frontend/src/pages/Users.svelte b/frontend/src/pages/Users.svelte
index 328cc66..cb7a3f8 100644
--- a/frontend/src/pages/Users.svelte
+++ b/frontend/src/pages/Users.svelte
@@ -155,7 +155,7 @@
             <input id="u-email" type="email" bind:value={newEmail} required placeholder="email@example.com" autocomplete="off" />
           </div>
           <div class="form-group">
-            <label for="u-name">Name</label>
+            <label for="u-name">Preferred Name</label>
             <input id="u-name" bind:value={newName} placeholder="Preferred name" autocomplete="off" />
           </div>
           <div class="form-group">
@@ -214,7 +214,7 @@
       <table>
         <thead>
           <tr>
-            <th>Name</th>
+            <th>Preferred Name</th>
             <th>Roles</th>
             <th>Departments</th>
             <th></th>
diff --git a/frontend/src/pages/Volunteers.svelte b/frontend/src/pages/Volunteers.svelte
index 79681f8..d61cc3d 100644
--- a/frontend/src/pages/Volunteers.svelte
+++ b/frontend/src/pages/Volunteers.svelte
@@ -256,7 +256,7 @@
       <table>
         <thead>
           <tr>
-            <th>Name</th>
+            <th>Preferred Name</th>
             <th>Department</th>
             <th>Status</th>
             <th></th>
@@ -296,6 +296,7 @@
                 </td>
               </tr>
             {:else}
+              {@const participant = participantFor(v.participant_id)}
               <tr>
                 <td class="td-name">
                   <strong>{v.name}</strong>
@@ -307,6 +308,9 @@
                   {:else if !participantHasTickets(v.participant_id)}
                     <span class="badge badge-partial" style="margin-left:0.4rem" title="No ticket on file">No ticket</span>
                   {/if}
+                  {#if participant?.ticket_name && participant.ticket_name !== v.name}
+                    <div class="text-muted" style="font-size:0.78rem">Ticket: {participant.ticket_name}</div>
+                  {/if}
                   {#if v.email}
                     <div class="text-muted" style="font-size:0.78rem">{v.email}</div>
                   {/if}

From 54da04763f35a6752588ea71e450268fe0c4a41b Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Tue, 10 Mar 2026 17:45:38 -0500
Subject: [PATCH 41/47] Added optional Discourse SSO.

---
 db.go                              |  26 ++++
 frontend/src/App.svelte            |  32 ++++-
 frontend/src/api.js                |   4 +
 frontend/src/pages/Login.svelte    |  49 +++++++-
 frontend/src/pages/Settings.svelte |  27 +++-
 handle_settings.go                 |  14 ++-
 handle_sso.go                      | 190 +++++++++++++++++++++++++++++
 main.go                            |   3 +
 8 files changed, 337 insertions(+), 8 deletions(-)
 create mode 100644 handle_sso.go

diff --git a/db.go b/db.go
index 0315da8..0ec6716 100644
--- a/db.go
+++ b/db.go
@@ -140,6 +140,11 @@ func migrate(db *sql.DB) error {
 		department_id  INTEGER NOT NULL REFERENCES departments(id) ON DELETE CASCADE,
 		PRIMARY KEY (participant_id, department_id)
 	);
+
+	CREATE TABLE IF NOT EXISTS sso_nonces (
+		nonce      TEXT PRIMARY KEY,
+		created_at TEXT NOT NULL DEFAULT (datetime('now'))
+	);
 	`)
 	return err
 }
@@ -1350,6 +1355,27 @@ func (app *App) listOpenShiftsForDept(deptID int) ([]Shift, error) {
 		ORDER BY s.day, s.position, s.start_time`, deptID)
 }
 
+// --- SSO Nonces ---
+
+func (app *App) createSSONonce(nonce string) error {
+	_, err := app.db.Exec(`INSERT INTO sso_nonces (nonce) VALUES (?)`, nonce)
+	return err
+}
+
+func (app *App) consumeSSONonce(nonce string) (bool, error) {
+	res, err := app.db.Exec(
+		`DELETE FROM sso_nonces WHERE nonce = ? AND created_at > datetime('now', '-10 minutes')`, nonce)
+	if err != nil {
+		return false, err
+	}
+	n, _ := res.RowsAffected()
+	return n > 0, nil
+}
+
+func (app *App) cleanExpiredNonces() {
+	app.db.Exec(`DELETE FROM sso_nonces WHERE created_at < datetime('now', '-10 minutes')`)
+}
+
 // --- Helpers ---
 
 func now() string {
diff --git a/frontend/src/App.svelte b/frontend/src/App.svelte
index a1fa253..f680143 100644
--- a/frontend/src/App.svelte
+++ b/frontend/src/App.svelte
@@ -1,6 +1,6 @@
 <script>
   import { onMount } from 'svelte'
-  import { getSession, clearSession } from './db.js'
+  import { getSession, saveSession, clearSession } from './db.js'
   import { syncPull, startSSE, startSyncLoop } from './sync.js'
   import Login from './pages/Login.svelte'
   import Dashboard from './pages/Dashboard.svelte'
@@ -25,6 +25,7 @@
   let route = $state(window.location.pathname)
   let updateAvailable = $state(false)
   let mobileNavOpen = $state(false)
+  let ssoError = $state('')
 
   // Check if this is a public page (no auth needed)
   const kioskToken = $derived(route.match(/^\/v\/([A-Z0-9]+)/i)?.[1] ?? '')
@@ -54,7 +55,32 @@
       loading = false
       return
     }
-    session = await getSession()
+
+    // Handle SSO callback in URL fragment
+    const hash = window.location.hash
+    if (hash.startsWith('#sso_token=')) {
+      const token = decodeURIComponent(hash.slice('#sso_token='.length))
+      history.replaceState(null, '', '/')
+      try {
+        const res = await fetch('/api/me', { headers: { Authorization: `Bearer ${token}` } })
+        if (res.ok) {
+          const user = await res.json()
+          await saveSession(token, user)
+          session = { token, user }
+        } else {
+          ssoError = 'SSO login failed. Please try again.'
+        }
+      } catch {
+        ssoError = 'SSO login failed. Please try again.'
+      }
+    } else if (hash.startsWith('#sso_error=')) {
+      ssoError = decodeURIComponent(hash.slice('#sso_error='.length))
+      history.replaceState(null, '', '/')
+    }
+
+    if (!session) {
+      session = await getSession()
+    }
     loading = false
     if (session) {
       await syncPull()
@@ -102,7 +128,7 @@
 {:else if isConfirmEmail}
   <ConfirmEmail />
 {:else if !session}
-  <Login onlogin={onLogin} />
+  <Login onlogin={onLogin} error={ssoError} />
 {:else if roles.length === 1 && roles[0] === 'gatekeeper'}
   <!-- Gate-only users get the full-screen GateKiosk instead of the standard layout -->
   <GateKiosk {session} {onLogout} />
diff --git a/frontend/src/api.js b/frontend/src/api.js
index 1b3d537..31a517f 100644
--- a/frontend/src/api.js
+++ b/frontend/src/api.js
@@ -118,6 +118,10 @@ export const api = {
     resetDepartments: () => apiJSON('/api/settings/reset-departments', { method: 'POST' }),
     resetVolunteerShifts: () => apiJSON('/api/settings/reset-volunteer-shifts', { method: 'POST' }),
   },
+  sso: {
+    enabled: () => kioskFetch('/api/public/sso-enabled'),
+    init: () => kioskFetch('/api/sso/init'),
+  },
   signup: {
     config: () => kioskFetch('/api/public/signup-config'),
     submit: (data) => kioskFetch('/api/public/signup', { method: 'POST', body: JSON.stringify(data) }),
diff --git a/frontend/src/pages/Login.svelte b/frontend/src/pages/Login.svelte
index 1512af7..993dbb4 100644
--- a/frontend/src/pages/Login.svelte
+++ b/frontend/src/pages/Login.svelte
@@ -1,13 +1,23 @@
 <script>
+  import { onMount } from 'svelte'
   import { api } from '../api.js'
   import { saveSession } from '../db.js'
 
-  let { onlogin } = $props()
+  let { onlogin, error: initialError = '' } = $props()
 
   let email = $state('')
   let password = $state('')
-  let error = $state('')
+  let error = $state(initialError)
   let loading = $state(false)
+  let ssoEnabled = $state(false)
+  let ssoLoading = $state(false)
+
+  onMount(async () => {
+    try {
+      const res = await api.sso.enabled()
+      ssoEnabled = res.enabled
+    } catch {}
+  })
 
   async function submit(e) {
     e.preventDefault()
@@ -23,6 +33,18 @@
       loading = false
     }
   }
+
+  async function startSSO() {
+    error = ''
+    ssoLoading = true
+    try {
+      const { redirect_url } = await api.sso.init()
+      window.location.href = redirect_url
+    } catch (err) {
+      error = err.message || 'SSO failed'
+      ssoLoading = false
+    }
+  }
 </script>
 
 <div class="login-wrap">
@@ -45,5 +67,28 @@
         {loading ? 'Signing in…' : 'Sign in'}
       </button>
     </form>
+    {#if ssoEnabled}
+      <div class="sso-divider"><span>or</span></div>
+      <button class="btn btn-ghost" style="width:100%" onclick={startSSO} disabled={ssoLoading}>
+        {ssoLoading ? 'Redirecting…' : 'Log in with Discourse'}
+      </button>
+    {/if}
   </div>
 </div>
+
+<style>
+  .sso-divider {
+    display: flex;
+    align-items: center;
+    margin: 1rem 0;
+    gap: 0.75rem;
+    color: var(--c-muted);
+    font-size: 0.8rem;
+  }
+  .sso-divider::before,
+  .sso-divider::after {
+    content: '';
+    flex: 1;
+    border-top: 1px solid var(--c-border);
+  }
+</style>
diff --git a/frontend/src/pages/Settings.svelte b/frontend/src/pages/Settings.svelte
index 2f6ee8e..bc87738 100644
--- a/frontend/src/pages/Settings.svelte
+++ b/frontend/src/pages/Settings.svelte
@@ -26,6 +26,8 @@
   let eventEndDate = $state('')
   let eventTimezone = $state('')
   const timezones = Intl.supportedValuesOf('timeZone')
+  let discourseSSOUrl = $state('')
+  let discourseSSOSecret = $state('')
   let shiftSignupsOpen = $state(false)
   let togglingSignups = $state(false)
 
@@ -49,6 +51,8 @@
       baseURL = s.base_url ?? ''
       noteLabel = s.volunteer_note_label ?? 'Additional note'
       noteRequired = s.volunteer_note_required ?? false
+      discourseSSOUrl = s.discourse_sso_url ?? ''
+      discourseSSOSecret = ''
       shiftSignupsOpen = s.shift_signups_open ?? false
     } catch (err) {
       error = err.message
@@ -89,14 +93,17 @@
         smtp_host: smtpHost,
         smtp_port: smtpPort,
         smtp_user: smtpUser,
-        smtp_password: smtpPassword, // empty = keep existing
+        smtp_password: smtpPassword,
         smtp_from: smtpFrom,
         smtp_from_name: smtpFromName,
         base_url: baseURL,
         volunteer_note_label: noteLabel,
         volunteer_note_required: noteRequired,
+        discourse_sso_url: discourseSSOUrl,
+        discourse_sso_secret: discourseSSOSecret,
       })
       smtpPassword = ''
+      discourseSSOSecret = ''
       success = 'Settings saved.'
     } catch (err) {
       error = err.message
@@ -240,6 +247,24 @@
           <input id="s-url" bind:value={baseURL} placeholder="https://events.example.com" />
         </div>
 
+        <!-- Discourse SSO -->
+        <h2 style="font-size:0.95rem;font-weight:700;margin:1.5rem 0 1rem">Discourse SSO</h2>
+        <p class="text-muted" style="font-size:0.78rem;margin-bottom:1rem">
+          Enable DiscourseConnect SSO so users can log in with their Discourse account.
+          Set the same secret in your Discourse admin under Connect &gt; discourse connect secret.
+        </p>
+        <div style="display:grid;grid-template-columns:1fr 1fr;gap:1rem">
+          <div class="form-group" style="grid-column:1/-1">
+            <label for="sso-url">Discourse URL</label>
+            <input id="sso-url" bind:value={discourseSSOUrl} placeholder="https://forum.example.com" />
+          </div>
+          <div class="form-group" style="grid-column:1/-1">
+            <label for="sso-secret">SSO Secret</label>
+            <input id="sso-secret" type="password" bind:value={discourseSSOSecret}
+              placeholder="Leave blank to keep existing" autocomplete="new-password" />
+          </div>
+        </div>
+
         <div class="actions">
           <button type="submit" class="btn btn-primary" disabled={saving}>
             {saving ? 'Saving…' : 'Save Settings'}
diff --git a/handle_settings.go b/handle_settings.go
index 2c0c991..5da8084 100644
--- a/handle_settings.go
+++ b/handle_settings.go
@@ -27,6 +27,14 @@ func (app *App) handleGetSettings(w http.ResponseWriter, r *http.Request) {
 		noteLabel = "Additional note"
 	}
 
+	var ssoURL, ssoSecret string
+	app.db.QueryRow(`SELECT value FROM config WHERE key = 'discourse_sso_url'`).Scan(&ssoURL)
+	app.db.QueryRow(`SELECT value FROM config WHERE key = 'discourse_sso_secret'`).Scan(&ssoSecret)
+	maskedSSOSecret := ""
+	if ssoSecret != "" {
+		maskedSSOSecret = "***"
+	}
+
 	writeJSON(w, map[string]any{
 		"smtp_host":              cfg.Host,
 		"smtp_port":              cfg.Port,
@@ -38,6 +46,8 @@ func (app *App) handleGetSettings(w http.ResponseWriter, r *http.Request) {
 		"volunteer_note_label":   noteLabel,
 		"volunteer_note_required": noteRequired == "true",
 		"shift_signups_open":     signupsOpen == "true",
+		"discourse_sso_url":     ssoURL,
+		"discourse_sso_secret":  maskedSSOSecret,
 	})
 }
 
@@ -49,7 +59,7 @@ func (app *App) handleUpdateSettings(w http.ResponseWriter, r *http.Request) {
 	}
 
 	keys := []string{"smtp_host", "smtp_port", "smtp_user", "smtp_password", "smtp_from", "smtp_from_name", "base_url",
-		"volunteer_note_label", "volunteer_note_required"}
+		"volunteer_note_label", "volunteer_note_required", "discourse_sso_url", "discourse_sso_secret"}
 	for _, k := range keys {
 		v, ok := body[k]
 		if !ok {
@@ -58,7 +68,7 @@ func (app *App) handleUpdateSettings(w http.ResponseWriter, r *http.Request) {
 		var val string
 		switch vv := v.(type) {
 		case string:
-			if k == "smtp_password" && (vv == "" || vv == "***") {
+			if (k == "smtp_password" || k == "discourse_sso_secret") && (vv == "" || vv == "***") {
 				continue
 			}
 			val = vv
diff --git a/handle_sso.go b/handle_sso.go
new file mode 100644
index 0000000..e97c887
--- /dev/null
+++ b/handle_sso.go
@@ -0,0 +1,190 @@
+package main
+
+import (
+	"crypto/hmac"
+	"crypto/rand"
+	"crypto/sha256"
+	"encoding/base64"
+	"encoding/hex"
+	"fmt"
+	"net/http"
+	"net/url"
+	"strings"
+)
+
+func (app *App) getSSOConfig() (ssoURL, ssoSecret string) {
+	app.db.QueryRow(`SELECT value FROM config WHERE key = 'discourse_sso_url'`).Scan(&ssoURL)
+	app.db.QueryRow(`SELECT value FROM config WHERE key = 'discourse_sso_secret'`).Scan(&ssoSecret)
+	return
+}
+
+func (app *App) handleSSOEnabled(w http.ResponseWriter, r *http.Request) {
+	ssoURL, ssoSecret := app.getSSOConfig()
+	writeJSON(w, map[string]bool{"enabled": ssoURL != "" && ssoSecret != ""})
+}
+
+func (app *App) getBaseURL() string {
+	if app.baseURL != "" {
+		return app.baseURL
+	}
+	var u string
+	app.db.QueryRow(`SELECT value FROM config WHERE key = 'base_url'`).Scan(&u)
+	return u
+}
+
+func (app *App) handleSSOInit(w http.ResponseWriter, r *http.Request) {
+	ssoURL, ssoSecret := app.getSSOConfig()
+	if ssoURL == "" || ssoSecret == "" {
+		writeError(w, "SSO not configured", http.StatusNotFound)
+		return
+	}
+
+	baseURL := app.getBaseURL()
+	if baseURL == "" {
+		writeError(w, "base_url must be configured for SSO", http.StatusBadRequest)
+		return
+	}
+
+	b := make([]byte, 32)
+	rand.Read(b)
+	nonce := hex.EncodeToString(b)
+
+	app.cleanExpiredNonces()
+	if err := app.createSSONonce(nonce); err != nil {
+		writeError(w, "internal error", http.StatusInternalServerError)
+		return
+	}
+
+	returnURL := strings.TrimRight(baseURL, "/") + "/api/sso/callback"
+
+	payload := fmt.Sprintf("nonce=%s&return_sso_url=%s", url.QueryEscape(nonce), url.QueryEscape(returnURL))
+	encoded := base64.StdEncoding.EncodeToString([]byte(payload))
+
+	mac := hmac.New(sha256.New, []byte(ssoSecret))
+	mac.Write([]byte(encoded))
+	sig := hex.EncodeToString(mac.Sum(nil))
+
+	redirect := fmt.Sprintf("%s/session/sso_provider?sso=%s&sig=%s",
+		strings.TrimRight(ssoURL, "/"), url.QueryEscape(encoded), url.QueryEscape(sig))
+
+	writeJSON(w, map[string]string{"redirect_url": redirect})
+}
+
+func (app *App) handleSSOCallback(w http.ResponseWriter, r *http.Request) {
+	baseURL := app.getBaseURL()
+
+	ssoRedirectError := func(msg string) {
+		if baseURL != "" {
+			http.Redirect(w, r, strings.TrimRight(baseURL, "/")+"/#sso_error="+url.QueryEscape(msg), http.StatusFound)
+		} else {
+			writeError(w, msg, http.StatusBadRequest)
+		}
+	}
+
+	_, ssoSecret := app.getSSOConfig()
+	if ssoSecret == "" {
+		ssoRedirectError("SSO not configured")
+		return
+	}
+
+	ssoParam := r.URL.Query().Get("sso")
+	sigParam := r.URL.Query().Get("sig")
+	if ssoParam == "" || sigParam == "" {
+		ssoRedirectError("Invalid SSO response")
+		return
+	}
+
+	mac := hmac.New(sha256.New, []byte(ssoSecret))
+	mac.Write([]byte(ssoParam))
+	expectedSig := hex.EncodeToString(mac.Sum(nil))
+	if !hmac.Equal([]byte(expectedSig), []byte(sigParam)) {
+		ssoRedirectError("Invalid SSO signature")
+		return
+	}
+
+	decoded, err := base64.StdEncoding.DecodeString(ssoParam)
+	if err != nil {
+		ssoRedirectError("Invalid SSO payload")
+		return
+	}
+
+	vals, err := url.ParseQuery(string(decoded))
+	if err != nil {
+		ssoRedirectError("Invalid SSO payload")
+		return
+	}
+
+	nonce := vals.Get("nonce")
+	valid, err := app.consumeSSONonce(nonce)
+	if err != nil || !valid {
+		ssoRedirectError("SSO session expired. Please try again.")
+		return
+	}
+
+	email := strings.ToLower(vals.Get("email"))
+	if email == "" {
+		ssoRedirectError("No email in SSO response")
+		return
+	}
+
+	name := vals.Get("name")
+	if name == "" {
+		name = vals.Get("username")
+	}
+
+	user, _, err := app.getLoginParticipant(email)
+	if err != nil {
+		ssoRedirectError("Login failed. Please try again.")
+		return
+	}
+
+	if user == nil {
+		p, err := app.getParticipantByEmail(email)
+		if err != nil {
+			ssoRedirectError("Login failed. Please try again.")
+			return
+		}
+		if p != nil {
+			if _, err := app.db.Exec(
+				`UPDATE participants SET login_enabled = 1, updated_at = ? WHERE id = ?`,
+				now(), p.ID,
+			); err != nil {
+				ssoRedirectError("Login failed. Please try again.")
+				return
+			}
+			user, err = app.getUser(p.ID)
+			if err != nil {
+				ssoRedirectError("Login failed. Please try again.")
+				return
+			}
+		}
+	}
+
+	if user == nil {
+		if name == "" {
+			name = strings.Split(email, "@")[0]
+		}
+		res, err := app.db.Exec(
+			`INSERT INTO participants (email, preferred_name, login_enabled, updated_at) VALUES (?, ?, 1, ?)`,
+			email, name, now(),
+		)
+		if err != nil {
+			ssoRedirectError("Login failed. Please try again.")
+			return
+		}
+		id, _ := res.LastInsertId()
+		user, err = app.getUser(int(id))
+		if err != nil || user == nil {
+			ssoRedirectError("Login failed. Please try again.")
+			return
+		}
+	}
+
+	token, err := app.signToken(user)
+	if err != nil {
+		ssoRedirectError("Login failed. Please try again.")
+		return
+	}
+
+	http.Redirect(w, r, strings.TrimRight(baseURL, "/")+"/#sso_token="+url.QueryEscape(token), http.StatusFound)
+}
diff --git a/main.go b/main.go
index f775bb6..186362c 100644
--- a/main.go
+++ b/main.go
@@ -164,6 +164,9 @@ func (app *App) registerRoutes(mux *http.ServeMux) {
 	mux.HandleFunc("POST /api/settings/shift-signups", auth(app.handleToggleShiftSignups, "admin", "staffing"))
 
 	// Public endpoints — no JWT required.
+	mux.HandleFunc("GET /api/public/sso-enabled", app.handleSSOEnabled)
+	mux.HandleFunc("GET /api/sso/init", app.handleSSOInit)
+	mux.HandleFunc("GET /api/sso/callback", app.handleSSOCallback)
 	mux.HandleFunc("GET /api/public/signup-config", app.handlePublicSignupConfig)
 	mux.HandleFunc("POST /api/public/signup", app.handlePublicSignup)
 	mux.HandleFunc("POST /api/public/confirm", app.handleConfirmEmail)

From dc087235005fffbc2a40e9a0716609a466a92671 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Tue, 10 Mar 2026 17:55:41 -0500
Subject: [PATCH 42/47] Fixed overflowing text on mobile view.

---
 frontend/src/pages/Settings.svelte | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/frontend/src/pages/Settings.svelte b/frontend/src/pages/Settings.svelte
index bc87738..4f28bfc 100644
--- a/frontend/src/pages/Settings.svelte
+++ b/frontend/src/pages/Settings.svelte
@@ -294,7 +294,7 @@
         <label for="s-note-label">Note Field Label</label>
         <input id="s-note-label" bind:value={noteLabel} placeholder="Additional note" />
       </div>
-      <label style="display:flex;align-items:center;gap:0.5rem;font-size:0.875rem;cursor:pointer">
+      <label style="display:inline-flex;align-items:center;gap:0.5rem;font-size:0.875rem;cursor:pointer">
         <input type="checkbox" bind:checked={noteRequired} />
         Note field is required
       </label>

From faa359751d0aee5e4b505cfa92317a2ddd6a931e Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Wed, 11 Mar 2026 09:33:52 -0500
Subject: [PATCH 43/47] Revised form styles.

---
 frontend/src/app.css                 |  3 +++
 frontend/src/pages/Settings.svelte   |  2 +-
 frontend/src/pages/Users.svelte      | 16 ++++++++--------
 frontend/src/pages/Volunteers.svelte |  8 ++++----
 4 files changed, 16 insertions(+), 13 deletions(-)

diff --git a/frontend/src/app.css b/frontend/src/app.css
index 0cd0ee8..70ec51c 100644
--- a/frontend/src/app.css
+++ b/frontend/src/app.css
@@ -103,8 +103,11 @@ input, select, textarea {
   width: 100%; font-family: var(--font);
   transition: border-color var(--transition);
 }
+input[type="checkbox"] { width: auto; }
 input:focus, select:focus, textarea:focus { outline: none; border-color: var(--c-accent); }
 input::placeholder { color: var(--c-muted); }
+.checkbox-label { display: inline-flex; align-items: center; gap: 0.5rem; font-size: 0.875rem; cursor: pointer; }
+.checkbox-label-sm { display: inline-flex; align-items: center; gap: 0.3rem; font-size: 0.82rem; cursor: pointer; color: var(--c-text); }
 
 /* Search */
 .search-bar { display: flex; gap: 0.5rem; align-items: center; margin-bottom: 1rem; }
diff --git a/frontend/src/pages/Settings.svelte b/frontend/src/pages/Settings.svelte
index 4f28bfc..9ac3c63 100644
--- a/frontend/src/pages/Settings.svelte
+++ b/frontend/src/pages/Settings.svelte
@@ -294,7 +294,7 @@
         <label for="s-note-label">Note Field Label</label>
         <input id="s-note-label" bind:value={noteLabel} placeholder="Additional note" />
       </div>
-      <label style="display:inline-flex;align-items:center;gap:0.5rem;font-size:0.875rem;cursor:pointer">
+      <label class="checkbox-label">
         <input type="checkbox" bind:checked={noteRequired} />
         Note field is required
       </label>
diff --git a/frontend/src/pages/Users.svelte b/frontend/src/pages/Users.svelte
index cb7a3f8..c1c3a58 100644
--- a/frontend/src/pages/Users.svelte
+++ b/frontend/src/pages/Users.svelte
@@ -167,8 +167,8 @@
           <span style="font-size:0.82rem;color:var(--c-muted);font-weight:500">Roles</span>
           <div style="display:flex;flex-wrap:wrap;gap:0.5rem;margin-top:0.35rem">
             {#each availableRoles as r}
-              <label style="display:flex;align-items:center;gap:0.35rem;cursor:pointer;font-size:0.875rem;color:var(--c-text)">
-                <input type="checkbox" style="width:auto"
+              <label class="checkbox-label">
+                <input type="checkbox"
                   checked={newRoles.includes(r)}
                   onchange={() => newRoles = toggleItem(r, newRoles)} />
                 {roleLabel(r)}
@@ -181,8 +181,8 @@
             <span style="font-size:0.82rem;color:var(--c-muted);font-weight:500">Departments</span>
             <div style="display:flex;flex-wrap:wrap;gap:0.5rem;margin-top:0.35rem">
               {#each $allDepts ?? [] as d}
-                <label style="display:flex;align-items:center;gap:0.35rem;cursor:pointer;font-size:0.875rem;color:var(--c-text)">
-                  <input type="checkbox" style="width:auto"
+                <label class="checkbox-label">
+                  <input type="checkbox"
                     checked={newDeptIDs.includes(d.id)}
                     onchange={() => newDeptIDs = toggleItem(d.id, newDeptIDs)} />
                   <span class="dept-dot" style="background:{d.color}"></span>
@@ -228,8 +228,8 @@
                 <td>
                   <div style="display:flex;flex-wrap:wrap;gap:0.4rem">
                     {#each availableRoles as r}
-                      <label style="display:flex;align-items:center;gap:0.3rem;cursor:pointer;font-size:0.82rem;color:var(--c-text)">
-                        <input type="checkbox" style="width:auto"
+                      <label class="checkbox-label-sm">
+                        <input type="checkbox"
                           checked={editRoles.includes(r)}
                           onchange={() => editRoles = toggleItem(r, editRoles)} />
                         {roleLabel(r)}
@@ -241,8 +241,8 @@
                   {#if ($allDepts ?? []).length > 0}
                     <div style="display:flex;flex-wrap:wrap;gap:0.4rem">
                       {#each $allDepts ?? [] as d}
-                        <label style="display:flex;align-items:center;gap:0.3rem;cursor:pointer;font-size:0.82rem;color:var(--c-text)">
-                          <input type="checkbox" style="width:auto"
+                        <label class="checkbox-label-sm">
+                          <input type="checkbox"
                             checked={editDeptIDs.includes(d.id)}
                             onchange={() => editDeptIDs = toggleItem(d.id, editDeptIDs)} />
                           {d.name}
diff --git a/frontend/src/pages/Volunteers.svelte b/frontend/src/pages/Volunteers.svelte
index d61cc3d..fb92897 100644
--- a/frontend/src/pages/Volunteers.svelte
+++ b/frontend/src/pages/Volunteers.svelte
@@ -209,8 +209,8 @@
           <input id="v-note" bind:value={newNote} placeholder="Optional note" />
         </div>
         <div style="margin-bottom:1rem">
-          <label style="display:flex;align-items:center;gap:0.5rem;cursor:pointer">
-            <input type="checkbox" style="width:auto" bind:checked={newIsLead} />
+          <label class="checkbox-label">
+            <input type="checkbox" bind:checked={newIsLead} />
             Department lead
           </label>
         </div>
@@ -281,8 +281,8 @@
                   </select>
                 </td>
                 <td class="td-edit-checks">
-                  <label style="display:flex;align-items:center;gap:0.4rem;cursor:pointer;white-space:nowrap">
-                    <input type="checkbox" style="width:auto" bind:checked={editIsLead} /> Co-Lead
+                  <label class="checkbox-label-sm" style="white-space:nowrap">
+                    <input type="checkbox" bind:checked={editIsLead} /> Co-Lead
                   </label>
                 </td>
                 <td class="td-edit-note">

From 374316944ecb2cebd5ba61dfde7435e3721caa07 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Wed, 11 Mar 2026 10:04:30 -0500
Subject: [PATCH 44/47] Refactored inline styles.

---
 frontend/src/app.css                    |  6 +++
 frontend/src/pages/Dashboard.svelte     |  2 +-
 frontend/src/pages/Participants.svelte  |  2 +-
 frontend/src/pages/ScheduleBoard.svelte |  4 +-
 frontend/src/pages/Settings.svelte      | 53 ++++++++++++-------------
 frontend/src/pages/Users.svelte         |  4 +-
 frontend/src/pages/Volunteers.svelte    |  8 ++--
 7 files changed, 42 insertions(+), 37 deletions(-)

diff --git a/frontend/src/app.css b/frontend/src/app.css
index 70ec51c..0395a12 100644
--- a/frontend/src/app.css
+++ b/frontend/src/app.css
@@ -66,6 +66,9 @@ a:hover { color: var(--c-accent-h); }
 
 /* Cards */
 .card { background: var(--c-surface); border: 1px solid var(--c-border); border-radius: var(--radius-lg); padding: 1.25rem; }
+.card + .card, .card + form, form + .card, form + form { margin-top: 1.5rem; }
+.card-title { font-size: 0.95rem; font-weight: 700; margin-bottom: 1rem; }
+.card-hint { font-size: 0.78rem; color: var(--c-muted); }
 
 /* Stats */
 .stats { display: grid; grid-template-columns: repeat(auto-fill, minmax(160px, 1fr)); gap: 1rem; margin-bottom: 1.5rem; }
@@ -106,6 +109,8 @@ input, select, textarea {
 input[type="checkbox"] { width: auto; }
 input:focus, select:focus, textarea:focus { outline: none; border-color: var(--c-accent); }
 input::placeholder { color: var(--c-muted); }
+.form-grid { display: grid; grid-template-columns: 1fr 1fr; gap: 1rem; }
+.form-grid .full { grid-column: 1 / -1; }
 .checkbox-label { display: inline-flex; align-items: center; gap: 0.5rem; font-size: 0.875rem; cursor: pointer; }
 .checkbox-label-sm { display: inline-flex; align-items: center; gap: 0.3rem; font-size: 0.82rem; cursor: pointer; color: var(--c-text); }
 
@@ -131,6 +136,7 @@ tr:hover td { background: rgba(255,255,255,0.02); }
   padding: 0.18rem 0.55rem; border-radius: 99px;
   font-size: 0.72rem; font-weight: 600;
   text-transform: uppercase; letter-spacing: 0.04em;
+  margin-left: 0.3rem;
 }
 .badge-checked     { background: rgba(34,197,94,0.15); color: var(--c-success); }
 .badge-confirmed   { background: rgba(99,102,241,0.15); color: var(--c-accent-h); }
diff --git a/frontend/src/pages/Dashboard.svelte b/frontend/src/pages/Dashboard.svelte
index 9756b31..73800d6 100644
--- a/frontend/src/pages/Dashboard.svelte
+++ b/frontend/src/pages/Dashboard.svelte
@@ -160,7 +160,7 @@
 
   <p class="text-muted" style="font-size:0.85rem;margin-top:2rem">
     Welcome, <strong style="color:var(--c-text)">{session?.user?.preferred_name}</strong>
-    · {#each roles as r}<span class="badge badge-role" style="margin-right:0.25rem">{r}</span>{/each}
+    · {#each roles as r}<span class="badge badge-role">{r}</span>{/each}
   </p>
 </div>
 
diff --git a/frontend/src/pages/Participants.svelte b/frontend/src/pages/Participants.svelte
index 65eda24..0be1485 100644
--- a/frontend/src/pages/Participants.svelte
+++ b/frontend/src/pages/Participants.svelte
@@ -248,7 +248,7 @@
   {#if showAdd && canManage}
     <div class="card" style="margin-bottom:1.5rem">
       <form onsubmit={addParticipant}>
-        <div class="form-grid" style="display:grid;grid-template-columns:1fr 1fr;gap:1rem">
+        <div class="form-grid">
           <div class="form-group">
             <label for="p-name">Preferred Name</label>
             <input id="p-name" bind:value={newName} placeholder="Preferred name" />
diff --git a/frontend/src/pages/ScheduleBoard.svelte b/frontend/src/pages/ScheduleBoard.svelte
index 6bea05e..a09bf0f 100644
--- a/frontend/src/pages/ScheduleBoard.svelte
+++ b/frontend/src/pages/ScheduleBoard.svelte
@@ -275,7 +275,7 @@
   {#if showAdd && canManage}
     <div class="card" style="margin-bottom:1.5rem">
       <form onsubmit={addShift}>
-        <div style="display:grid;grid-template-columns:1fr 1fr;gap:1rem">
+        <div class="form-grid">
           <div class="form-group">
             <label for="s-dept">Department *</label>
             <select id="s-dept" bind:value={newDeptID} required>
@@ -380,7 +380,7 @@
                         <span class="board-cap">{assigned.length}</span>
                       {/if}
                       {#if hasConflict}
-                        <span class="badge badge-lead" style="margin-left:0.3rem">⚠ conflict</span>
+                        <span class="badge badge-lead">⚠ conflict</span>
                       {/if}
                     </div>
 
diff --git a/frontend/src/pages/Settings.svelte b/frontend/src/pages/Settings.svelte
index 9ac3c63..1c8b6c4 100644
--- a/frontend/src/pages/Settings.svelte
+++ b/frontend/src/pages/Settings.svelte
@@ -173,14 +173,14 @@
     <div class="text-muted">Loading…</div>
   {:else}
     <form onsubmit={saveEvent}>
-      <div class="card" style="margin-bottom:1.5rem">
-        <h2 style="font-size:0.95rem;font-weight:700;margin-bottom:1rem">Event</h2>
-        <div style="display:grid;grid-template-columns:1fr 1fr;gap:1rem">
-          <div class="form-group" style="grid-column:1/-1">
+      <div class="card">
+        <h2 class="card-title">Event</h2>
+        <div class="form-grid">
+          <div class="form-group full">
             <label for="e-name">Event Name *</label>
             <input id="e-name" bind:value={eventName} required placeholder="My Event 2026" />
           </div>
-          <div class="form-group" style="grid-column:1/-1">
+          <div class="form-group full">
             <label for="e-venue">Venue</label>
             <input id="e-venue" bind:value={eventVenue} placeholder="Location name" />
           </div>
@@ -192,7 +192,7 @@
             <label for="e-end">End Date *</label>
             <input id="e-end" type="date" bind:value={eventEndDate} required />
           </div>
-          <div class="form-group" style="grid-column:1/-1">
+          <div class="form-group full">
             <label for="e-tz">Timezone</label>
             <input id="e-tz" bind:value={eventTimezone} placeholder="America/Chicago" list="tz-list" />
             <datalist id="tz-list">
@@ -211,11 +211,11 @@
     </form>
 
     <form onsubmit={save}>
-      <div class="card" style="margin-bottom:1.5rem">
-        <h2 style="font-size:0.95rem;font-weight:700;margin-bottom:1rem">SMTP Email</h2>
+      <div class="card">
+        <h2 class="card-title">SMTP Email</h2>
 
-        <div style="display:grid;grid-template-columns:1fr 1fr;gap:1rem">
-          <div class="form-group" style="grid-column:1">
+        <div class="form-grid">
+          <div class="form-group">
             <label for="s-host">SMTP Host</label>
             <input id="s-host" bind:value={smtpHost} placeholder="smtp.fastmail.com" />
           </div>
@@ -243,22 +243,21 @@
         </div>
 
         <div class="form-group">
-          <label for="s-url">Base URL <span class="text-muted" style="font-weight:400">(for kiosk links in emails)</span></label>
+          <label for="s-url">Base URL <span class="card-hint" style="font-weight:400">(for kiosk links in emails)</span></label>
           <input id="s-url" bind:value={baseURL} placeholder="https://events.example.com" />
         </div>
 
-        <!-- Discourse SSO -->
-        <h2 style="font-size:0.95rem;font-weight:700;margin:1.5rem 0 1rem">Discourse SSO</h2>
-        <p class="text-muted" style="font-size:0.78rem;margin-bottom:1rem">
+        <h2 class="card-title" style="margin-top:1.5rem">Discourse SSO</h2>
+        <p class="card-hint" style="margin-bottom:1rem">
           Enable DiscourseConnect SSO so users can log in with their Discourse account.
           Set the same secret in your Discourse admin under Connect &gt; discourse connect secret.
         </p>
-        <div style="display:grid;grid-template-columns:1fr 1fr;gap:1rem">
-          <div class="form-group" style="grid-column:1/-1">
+        <div class="form-grid">
+          <div class="form-group full">
             <label for="sso-url">Discourse URL</label>
             <input id="sso-url" bind:value={discourseSSOUrl} placeholder="https://forum.example.com" />
           </div>
-          <div class="form-group" style="grid-column:1/-1">
+          <div class="form-group full">
             <label for="sso-secret">SSO Secret</label>
             <input id="sso-secret" type="password" bind:value={discourseSSOSecret}
               placeholder="Leave blank to keep existing" autocomplete="new-password" />
@@ -274,8 +273,8 @@
     </form>
 
     <!-- Test email -->
-    <div class="card" style="margin-bottom:1.5rem">
-      <h2 style="font-size:0.95rem;font-weight:700;margin-bottom:1rem">Test Email</h2>
+    <div class="card">
+      <h2 class="card-title">Test Email</h2>
       <div style="display:flex;gap:0.5rem;align-items:flex-end">
         <div class="form-group" style="flex:1;margin-bottom:0">
           <label for="s-test">Send to</label>
@@ -288,8 +287,8 @@
     </div>
 
     <!-- Volunteer Signup -->
-    <div class="card" style="margin-bottom:1.5rem">
-      <h2 style="font-size:0.95rem;font-weight:700;margin-bottom:1rem">Volunteer Signup</h2>
+    <div class="card">
+      <h2 class="card-title">Volunteer Signup</h2>
       <div class="form-group">
         <label for="s-note-label">Note Field Label</label>
         <input id="s-note-label" bind:value={noteLabel} placeholder="Additional note" />
@@ -298,14 +297,14 @@
         <input type="checkbox" bind:checked={noteRequired} />
         Note field is required
       </label>
-      <p class="text-muted" style="font-size:0.78rem;margin-top:0.75rem">
+      <p class="card-hint" style="margin-top:0.75rem">
         Signup form: <a href="/volunteer-signup" target="_blank" style="color:var(--c-accent)">/volunteer-signup</a>
       </p>
     </div>
 
     <!-- Shift Signups -->
-    <div class="card" style="margin-bottom:1.5rem">
-      <h2 style="font-size:0.95rem;font-weight:700;margin-bottom:1rem">Shift Signups</h2>
+    <div class="card">
+      <h2 class="card-title">Shift Signups</h2>
       <div style="display:flex;align-items:center;gap:1rem">
         <span style="font-size:0.875rem">
           Status: <strong>{shiftSignupsOpen ? 'Open' : 'Closed'}</strong>
@@ -320,7 +319,7 @@
         </button>
       </div>
       {#if !shiftSignupsOpen}
-        <p class="text-muted" style="font-size:0.78rem;margin-top:0.75rem">
+        <p class="card-hint" style="margin-top:0.75rem">
           Opening signups will email all confirmed volunteers their shift signup links.
         </p>
       {/if}
@@ -328,8 +327,8 @@
 
     <!-- Data Management -->
     <div class="card">
-      <h2 style="font-size:0.95rem;font-weight:700;margin-bottom:0.5rem">Data Management</h2>
-      <p class="text-muted" style="font-size:0.78rem;margin-bottom:1rem">
+      <h2 class="card-title" style="margin-bottom:0.5rem">Data Management</h2>
+      <p class="card-hint" style="margin-bottom:1rem">
         Permanently delete all records of a given type. This cannot be undone.
       </p>
       <div style="display:flex;flex-wrap:wrap;gap:0.5rem">
diff --git a/frontend/src/pages/Users.svelte b/frontend/src/pages/Users.svelte
index c1c3a58..e75364c 100644
--- a/frontend/src/pages/Users.svelte
+++ b/frontend/src/pages/Users.svelte
@@ -268,11 +268,11 @@
                 <td class="td-name">
                   <strong>{u.preferred_name || u.email}</strong>
                   {#if u.id === me}
-                    <span class="badge badge-role" style="margin-left:0.4rem">you</span>
+                    <span class="badge badge-role">you</span>
                   {/if}
                   <br><span class="text-muted" style="font-size:0.8rem">{u.email}</span>
                 </td>
-                <td>{#each u.roles ?? [] as r}<span class="badge badge-role" style="margin-right:0.25rem">{roleLabel(r)}</span>{/each}</td>
+                <td>{#each u.roles ?? [] as r}<span class="badge badge-role">{roleLabel(r)}</span>{/each}</td>
                 <td class="text-muted">{deptNamesFor(u.department_ids || [])}</td>
                 <td class="td-actions">
                   <div class="actions">
diff --git a/frontend/src/pages/Volunteers.svelte b/frontend/src/pages/Volunteers.svelte
index fb92897..4bced77 100644
--- a/frontend/src/pages/Volunteers.svelte
+++ b/frontend/src/pages/Volunteers.svelte
@@ -181,7 +181,7 @@
   {#if showAdd && canManage}
     <div class="card" style="margin-bottom:1.5rem">
       <form onsubmit={addVolunteer}>
-        <div class="form-grid" style="display:grid;grid-template-columns:1fr 1fr;gap:1rem">
+        <div class="form-grid">
           <div class="form-group">
             <label for="v-name">Preferred Name *</label>
             <input id="v-name" bind:value={newName} required placeholder="What they go by" />
@@ -301,12 +301,12 @@
                 <td class="td-name">
                   <strong>{v.name}</strong>
                   {#if v.is_lead}
-                    <span class="badge badge-lead" style="margin-left:0.4rem">Co-Lead</span>
+                    <span class="badge badge-lead">Co-Lead</span>
                   {/if}
                   {#if !v.participant_id}
-                    <span class="badge badge-unchecked" style="margin-left:0.4rem" title="Not linked to a participant">No ticket</span>
+                    <span class="badge badge-unchecked" title="Not linked to a participant">No ticket</span>
                   {:else if !participantHasTickets(v.participant_id)}
-                    <span class="badge badge-partial" style="margin-left:0.4rem" title="No ticket on file">No ticket</span>
+                    <span class="badge badge-partial" title="No ticket on file">No ticket</span>
                   {/if}
                   {#if participant?.ticket_name && participant.ticket_name !== v.name}
                     <div class="text-muted" style="font-size:0.78rem">Ticket: {participant.ticket_name}</div>

From 6d4c49a223ece4c0dae2e74bc048b043e2b08571 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Wed, 11 Mar 2026 10:22:54 -0500
Subject: [PATCH 45/47] Added autozoom fix.

---
 frontend/src/app.css | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/frontend/src/app.css b/frontend/src/app.css
index 0395a12..546dc22 100644
--- a/frontend/src/app.css
+++ b/frontend/src/app.css
@@ -243,6 +243,7 @@ tr:hover td { background: rgba(255,255,255,0.02); }
   td { display: inline; padding: 0; border: none; }
   td:empty { display: none; }
 
-  /* Forms */
+  /* Forms — 16px prevents iOS auto-zoom on focus */
+  input, select, textarea { font-size: 16px; }
   .form-grid { grid-template-columns: 1fr !important; }
 }

From d73a74965d2a04f432215dbd4065a81acb654944 Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Wed, 11 Mar 2026 10:31:50 -0500
Subject: [PATCH 46/47] Added datepicker fix.

---
 frontend/src/app.css | 1 +
 1 file changed, 1 insertion(+)

diff --git a/frontend/src/app.css b/frontend/src/app.css
index 546dc22..b61ed5e 100644
--- a/frontend/src/app.css
+++ b/frontend/src/app.css
@@ -107,6 +107,7 @@ input, select, textarea {
   transition: border-color var(--transition);
 }
 input[type="checkbox"] { width: auto; }
+input[type="date"], input[type="time"], input[type="datetime-local"] { -webkit-appearance: none; appearance: none; min-height: 2.35rem; }
 input:focus, select:focus, textarea:focus { outline: none; border-color: var(--c-accent); }
 input::placeholder { color: var(--c-muted); }
 .form-grid { display: grid; grid-template-columns: 1fr 1fr; gap: 1rem; }

From d64e93674e2960de61dc8968c5b8f742e67d548b Mon Sep 17 00:00:00 2001
From: Pen Anderson <pen@pentacle.games>
Date: Wed, 11 Mar 2026 12:26:33 -0500
Subject: [PATCH 47/47] Refactored styles.

---
 frontend/src/App.svelte                 |  1 +
 frontend/src/api.js                     |  4 +-
 frontend/src/app.css                    |  5 +-
 frontend/src/pages/Departments.svelte   |  5 +-
 frontend/src/pages/Login.svelte         |  6 ++-
 frontend/src/pages/ScheduleBoard.svelte | 64 +++++++++++++------------
 frontend/src/pages/Settings.svelte      | 15 ++++--
 frontend/src/pages/Users.svelte         |  2 +-
 frontend/src/pages/Volunteers.svelte    |  7 ++-
 9 files changed, 64 insertions(+), 45 deletions(-)

diff --git a/frontend/src/App.svelte b/frontend/src/App.svelte
index f680143..ac0957e 100644
--- a/frontend/src/App.svelte
+++ b/frontend/src/App.svelte
@@ -37,6 +37,7 @@
     history.pushState(null, '', path)
     route = path
     mobileNavOpen = false
+    window.scrollTo(0, 0)
   }
 
   async function checkVersion() {
diff --git a/frontend/src/api.js b/frontend/src/api.js
index 31a517f..d15abc4 100644
--- a/frontend/src/api.js
+++ b/frontend/src/api.js
@@ -1,4 +1,4 @@
-import { db } from './db.js'
+import { db, clearSession } from './db.js'
 
 async function getToken() {
   const session = await db.session.get(1)
@@ -17,7 +17,7 @@ export async function apiFetch(path, options = {}) {
 
   const res = await fetch(path, { ...options, headers })
   if (res.status === 401) {
-    await db.session.clear()
+    await clearSession()
     window.location.pathname = '/login'
     throw new Error('unauthorized')
   }
diff --git a/frontend/src/app.css b/frontend/src/app.css
index b61ed5e..3a685ae 100644
--- a/frontend/src/app.css
+++ b/frontend/src/app.css
@@ -111,6 +111,7 @@ input[type="date"], input[type="time"], input[type="datetime-local"] { -webkit-a
 input:focus, select:focus, textarea:focus { outline: none; border-color: var(--c-accent); }
 input::placeholder { color: var(--c-muted); }
 .form-grid { display: grid; grid-template-columns: 1fr 1fr; gap: 1rem; }
+.form-grid-3 { display: grid; grid-template-columns: 1fr 1fr auto; gap: 1rem; align-items: end; }
 .form-grid .full { grid-column: 1 / -1; }
 .checkbox-label { display: inline-flex; align-items: center; gap: 0.5rem; font-size: 0.875rem; cursor: pointer; }
 .checkbox-label-sm { display: inline-flex; align-items: center; gap: 0.3rem; font-size: 0.82rem; cursor: pointer; color: var(--c-text); }
@@ -137,8 +138,8 @@ tr:hover td { background: rgba(255,255,255,0.02); }
   padding: 0.18rem 0.55rem; border-radius: 99px;
   font-size: 0.72rem; font-weight: 600;
   text-transform: uppercase; letter-spacing: 0.04em;
-  margin-left: 0.3rem;
 }
+* + .badge { margin-left: 0.3rem; }
 .badge-checked     { background: rgba(34,197,94,0.15); color: var(--c-success); }
 .badge-confirmed   { background: rgba(99,102,241,0.15); color: var(--c-accent-h); }
 .badge-registered  { background: rgba(14,165,233,0.15); color: #0ea5e9; }
@@ -246,5 +247,5 @@ tr:hover td { background: rgba(255,255,255,0.02); }
 
   /* Forms — 16px prevents iOS auto-zoom on focus */
   input, select, textarea { font-size: 16px; }
-  .form-grid { grid-template-columns: 1fr !important; }
+  .form-grid, .form-grid-3 { grid-template-columns: 1fr !important; }
 }
diff --git a/frontend/src/pages/Departments.svelte b/frontend/src/pages/Departments.svelte
index 26164eb..863c4a1 100644
--- a/frontend/src/pages/Departments.svelte
+++ b/frontend/src/pages/Departments.svelte
@@ -101,7 +101,7 @@
   {#if showAdd && canCreate}
     <div class="card" style="margin-bottom:1.5rem">
       <form onsubmit={addDept}>
-        <div class="form-grid" style="display:grid;grid-template-columns:1fr 1fr auto;gap:1rem;align-items:end">
+        <div class="form-grid-3">
           <div class="form-group" style="margin-bottom:0">
             <label for="d-name">Name *</label>
             <input id="d-name" bind:value={newName} required placeholder="e.g. Security" />
@@ -112,7 +112,7 @@
           </div>
           <div class="form-group" style="margin-bottom:0">
             <label for="d-color">Color</label>
-            <input id="d-color" type="color" bind:value={newColor} style="width:60px;padding:0.2rem;height:2.3rem;cursor:pointer" />
+            <input id="d-color" type="color" bind:value={newColor} class="color-input" />
           </div>
         </div>
         <div class="actions" style="margin-top:1rem">
@@ -191,6 +191,7 @@
 </div>
 
 <style>
+  .color-input { width: 60px; padding: 0.2rem; height: 2.3rem; cursor: pointer; }
   @media (max-width: 640px) {
     .td-name { width: 100%; }
     .td-desc { width: 100%; }
diff --git a/frontend/src/pages/Login.svelte b/frontend/src/pages/Login.svelte
index 993dbb4..5249231 100644
--- a/frontend/src/pages/Login.svelte
+++ b/frontend/src/pages/Login.svelte
@@ -3,11 +3,13 @@
   import { api } from '../api.js'
   import { saveSession } from '../db.js'
 
-  let { onlogin, error: initialError = '' } = $props()
+  let { onlogin, error: externalError = '' } = $props()
 
   let email = $state('')
   let password = $state('')
-  let error = $state(initialError)
+  let error = $state('')
+
+  $effect(() => { if (externalError) error = externalError })
   let loading = $state(false)
   let ssoEnabled = $state(false)
   let ssoLoading = $state(false)
diff --git a/frontend/src/pages/ScheduleBoard.svelte b/frontend/src/pages/ScheduleBoard.svelte
index a09bf0f..529264f 100644
--- a/frontend/src/pages/ScheduleBoard.svelte
+++ b/frontend/src/pages/ScheduleBoard.svelte
@@ -384,14 +384,16 @@
                       {/if}
                     </div>
 
-                    <div class="board-shift-actions">
-                      <button class="btn btn-ghost btn-sm" onclick={() => startEdit(shift)}>Edit</button>
-                      <button class="btn btn-ghost btn-sm" title="Move up"
-                        onclick={() => reorder(shift.id, -1, rows)}>↑</button>
-                      <button class="btn btn-ghost btn-sm" title="Move down"
-                        onclick={() => reorder(shift.id, 1, rows)}>↓</button>
-                      <button class="btn btn-danger btn-sm" onclick={() => deleteShift(shift)}>Delete</button>
-                    </div>
+                    {#if canManage}
+                      <div class="board-shift-actions">
+                        <button class="btn btn-ghost btn-sm" onclick={() => startEdit(shift)}>Edit</button>
+                        <button class="btn btn-ghost btn-sm" title="Move up"
+                          onclick={() => reorder(shift.id, -1, rows)}>↑</button>
+                        <button class="btn btn-ghost btn-sm" title="Move down"
+                          onclick={() => reorder(shift.id, 1, rows)}>↓</button>
+                        <button class="btn btn-danger btn-sm" onclick={() => deleteShift(shift)}>Delete</button>
+                      </div>
+                    {/if}
                   </div>
 
                   <!-- Assigned volunteers -->
@@ -406,34 +408,36 @@
                           {#if checkConflict(volunteer.id, shift.id, $allVolunteerShifts ?? [], $allShifts ?? [])}
                             <span title="Scheduling conflict" style="color:var(--c-warn)">⚠</span>
                           {/if}
-                          <button class="board-vol-remove" onclick={() => unassign(shift.id, volunteer.id)} title="Remove">×</button>
+                          {#if canManage}<button class="board-vol-remove" onclick={() => unassign(shift.id, volunteer.id)} title="Remove">×</button>{/if}
                         </div>
                       {/each}
                     </div>
                   {/if}
 
                   <!-- Assign volunteer -->
-                  {#if assigningShiftID === shift.id}
-                    <div class="board-assign-row">
-                      <select bind:value={assignVolID} style="width:auto">
-                        <option value={0}>— Select volunteer —</option>
-                        {#each ($allVolunteers ?? [])
-                          .filter(v => v.department_id === shift.department_id)
-                          .filter(v => !assigned.some(a => a.volunteer.id === v.id))
-                          as v}
-                          <option value={v.id}>{v.name}</option>
-                        {/each}
-                      </select>
-                      <button class="btn btn-primary btn-sm" onclick={() => doAssign(shift.id)} disabled={!assignVolID || assigning}>
-                        {assigning ? '…' : 'Assign'}
-                      </button>
-                      <button class="btn btn-ghost btn-sm" onclick={() => doAssignForce(shift.id)} disabled={!assignVolID || assigning} title="Assign ignoring conflicts">
-                        Force
-                      </button>
-                      <button class="btn btn-ghost btn-sm" onclick={() => { assigningShiftID = null; assignVolID = 0 }}>Cancel</button>
-                    </div>
-                  {:else}
-                    <button class="board-add-vol" onclick={() => startAssign(shift.id)}>+ Assign volunteer</button>
+                  {#if canManage}
+                    {#if assigningShiftID === shift.id}
+                      <div class="board-assign-row">
+                        <select bind:value={assignVolID} style="width:auto">
+                          <option value={0}>— Select volunteer —</option>
+                          {#each ($allVolunteers ?? [])
+                            .filter(v => v.department_id === shift.department_id)
+                            .filter(v => !assigned.some(a => a.volunteer.id === v.id))
+                            as v}
+                            <option value={v.id}>{v.name}</option>
+                          {/each}
+                        </select>
+                        <button class="btn btn-primary btn-sm" onclick={() => doAssign(shift.id)} disabled={!assignVolID || assigning}>
+                          {assigning ? '…' : 'Assign'}
+                        </button>
+                        <button class="btn btn-ghost btn-sm" onclick={() => doAssignForce(shift.id)} disabled={!assignVolID || assigning} title="Assign ignoring conflicts">
+                          Force
+                        </button>
+                        <button class="btn btn-ghost btn-sm" onclick={() => { assigningShiftID = null; assignVolID = 0 }}>Cancel</button>
+                      </div>
+                    {:else}
+                      <button class="board-add-vol" onclick={() => startAssign(shift.id)}>+ Assign volunteer</button>
+                    {/if}
                   {/if}
                 {/if}
               </div>
diff --git a/frontend/src/pages/Settings.svelte b/frontend/src/pages/Settings.svelte
index 1c8b6c4..9df6b81 100644
--- a/frontend/src/pages/Settings.svelte
+++ b/frontend/src/pages/Settings.svelte
@@ -7,6 +7,7 @@
   let saving = $state(false)
   let savingEvent = $state(false)
   let testing = $state(false)
+  let resetting = $state(false)
   let error = $state('')
   let success = $state('')
 
@@ -130,7 +131,9 @@
   }
 
   async function resetModel(label, fn) {
+    if (resetting) return
     if (!confirm(`PERMANENTLY DELETE all ${label}? This cannot be undone.`)) return
+    resetting = true
     error = ''
     success = ''
     try {
@@ -138,6 +141,8 @@
       success = `Deleted ${result.deleted} ${label}.`
     } catch (err) {
       error = err.message
+    } finally {
+      resetting = false
     }
   }
 
@@ -332,19 +337,19 @@
         Permanently delete all records of a given type. This cannot be undone.
       </p>
       <div style="display:flex;flex-wrap:wrap;gap:0.5rem">
-        <button class="btn btn-danger" onclick={() => resetModel('tickets', api.settings.resetTickets)}>
+        <button class="btn btn-danger" disabled={resetting} onclick={() => resetModel('tickets', api.settings.resetTickets)}>
           Delete All Tickets
         </button>
-        <button class="btn btn-danger" onclick={() => resetModel('volunteers', api.settings.resetVolunteers)}>
+        <button class="btn btn-danger" disabled={resetting} onclick={() => resetModel('volunteers', api.settings.resetVolunteers)}>
           Delete All Volunteers
         </button>
-        <button class="btn btn-danger" onclick={() => resetModel('shifts', api.settings.resetShifts)}>
+        <button class="btn btn-danger" disabled={resetting} onclick={() => resetModel('shifts', api.settings.resetShifts)}>
           Delete All Shifts
         </button>
-        <button class="btn btn-danger" onclick={() => resetModel('departments', api.settings.resetDepartments)}>
+        <button class="btn btn-danger" disabled={resetting} onclick={() => resetModel('departments', api.settings.resetDepartments)}>
           Delete All Departments
         </button>
-        <button class="btn btn-danger" onclick={() => resetModel('volunteer shift assignments', api.settings.resetVolunteerShifts)}>
+        <button class="btn btn-danger" disabled={resetting} onclick={() => resetModel('volunteer shift assignments', api.settings.resetVolunteerShifts)}>
           Delete All Shift Assignments
         </button>
       </div>
diff --git a/frontend/src/pages/Users.svelte b/frontend/src/pages/Users.svelte
index e75364c..f49c8c6 100644
--- a/frontend/src/pages/Users.svelte
+++ b/frontend/src/pages/Users.svelte
@@ -149,7 +149,7 @@
   {#if showAdd}
     <div class="card" style="margin-bottom:1.5rem">
       <form onsubmit={addUser}>
-        <div class="form-grid" style="display:grid;grid-template-columns:1fr 1fr 1fr;gap:1rem">
+        <div class="form-grid-3">
           <div class="form-group">
             <label for="u-email">Email *</label>
             <input id="u-email" type="email" bind:value={newEmail} required placeholder="email@example.com" autocomplete="off" />
diff --git a/frontend/src/pages/Volunteers.svelte b/frontend/src/pages/Volunteers.svelte
index 4bced77..8f5abe5 100644
--- a/frontend/src/pages/Volunteers.svelte
+++ b/frontend/src/pages/Volunteers.svelte
@@ -24,6 +24,7 @@
   let editIsLead = $state(false)
   let editNote = $state('')
   let saving = $state(false)
+  let confirmingID = $state(null)
 
   const roles = $derived(session?.user?.roles ?? [])
   function hasRole(...allowed) { return roles.some(r => allowed.includes(r)) }
@@ -76,11 +77,15 @@
   }
 
   async function confirmVolunteer(v) {
+    if (confirmingID) return
+    confirmingID = v.id
     try {
       const updated = await api.volunteers.confirm(v.id)
       await db.volunteers.put(updated)
     } catch (err) {
       error = err.message
+    } finally {
+      confirmingID = null
     }
   }
 
@@ -349,7 +354,7 @@
                 {#if canManage}
                   <td class="td-actions">
                     {#if canConfirm && v.email_confirmed && !v.confirmed}
-                      <button class="btn btn-primary btn-sm" onclick={() => confirmVolunteer(v)}>Confirm</button>
+                      <button class="btn btn-primary btn-sm" onclick={() => confirmVolunteer(v)} disabled={confirmingID === v.id}>Confirm</button>
                     {/if}
                     <button class="btn btn-ghost btn-sm" onclick={() => startEdit(v)}>Edit</button>
                     <button class="btn btn-danger btn-sm" onclick={() => deleteVolunteer(v)}>Delete</button>