From 09e47d880012585ae92c53bb20fe7187d1fc428e Mon Sep 17 00:00:00 2001
From: Robin Choice <github.festive654@passmail.net>
Date: Sun, 12 Apr 2026 19:06:06 +0200
Subject: [PATCH] Password auth, artist folders, timezone fix
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Add password-based registration + login alongside existing magic links.
New /register and updated /login with tabs (password default, magic link
as alternative). Bun.password.hash/verify for bcrypt. Auto-login on
register. Landing page CTAs point to /register.

Add projects.artist field for grouping projects by artist in sidebar.
Sidebar shows collapsible artist sections (▸ Anna Berger) with project
counts, "Ohne Zuordnung" for ungrouped projects. Search filters across
artist names. New/edit project forms include artist field.

Fix timezone bug: set postgres connection timezone to UTC so magic link
expiry works correctly in CEST and other non-UTC timezones.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 apps/api/src/routes/auth.ts                   |  72 +-
 .../lib/components/workspace/Sidebar.svelte   | 151 ++-
 apps/web/src/lib/stores/auth.ts               |  12 +
 .../[projectId]/settings/+page.svelte         |   6 +-
 .../routes/(app)/projects/new/+page.svelte    |   3 +
 apps/web/src/routes/+layout.svelte            |   5 +-
 apps/web/src/routes/+page.svelte              |   6 +-
 apps/web/src/routes/login/+page.svelte        | 131 ++-
 apps/web/src/routes/register/+page.svelte     | 140 +++
 packages/db/src/index.ts                      |   4 +-
 .../db/src/migrations/0004_smart_karma.sql    |   1 +
 .../db/src/migrations/0005_rare_triathlon.sql |   1 +
 .../db/src/migrations/meta/0004_snapshot.json | 921 +++++++++++++++++
 .../db/src/migrations/meta/0005_snapshot.json | 927 ++++++++++++++++++
 packages/db/src/migrations/meta/_journal.json |  14 +
 packages/db/src/schema/projects.ts            |   1 +
 packages/db/src/schema/users.ts               |   1 +
 packages/shared/src/validation/auth.ts        |  13 +
 packages/shared/src/validation/project.ts     |   2 +
 19 files changed, 2335 insertions(+), 76 deletions(-)
 create mode 100644 apps/web/src/routes/register/+page.svelte
 create mode 100644 packages/db/src/migrations/0004_smart_karma.sql
 create mode 100644 packages/db/src/migrations/0005_rare_triathlon.sql
 create mode 100644 packages/db/src/migrations/meta/0004_snapshot.json
 create mode 100644 packages/db/src/migrations/meta/0005_snapshot.json

diff --git a/apps/api/src/routes/auth.ts b/apps/api/src/routes/auth.ts
index a27e9be..9525229 100644
--- a/apps/api/src/routes/auth.ts
+++ b/apps/api/src/routes/auth.ts
@@ -2,13 +2,63 @@ import { Hono } from 'hono';
 import { zValidator } from '@hono/zod-validator';
 import { setCookie, deleteCookie, getCookie } from 'hono/cookie';
 import { eq } from 'drizzle-orm';
-import { magicLinkSchema, verifyTokenSchema } from '@music-hub/shared';
+import { magicLinkSchema, verifyTokenSchema, registerSchema, loginSchema } from '@music-hub/shared';
 import { users, magicLinks, sessions } from '@music-hub/db';
 import { hashToken } from '../middleware/auth.js';
 import { sendMagicLinkEmail } from '../services/email.js';
 import type { AppEnv } from '../types.js';
 
+async function createSession(c: any, db: any, userId: string) {
+  const sessionToken = generateToken();
+  const tokenHash = await hashToken(sessionToken);
+  const expiresAt = new Date(Date.now() + 30 * 24 * 60 * 60 * 1000);
+  await db.insert(sessions).values({ userId, tokenHash, expiresAt });
+  setCookie(c, 'session', sessionToken, {
+    httpOnly: true,
+    sameSite: 'lax',
+    path: '/',
+    maxAge: 30 * 24 * 60 * 60,
+  });
+}
+
 export const authRoutes = new Hono<AppEnv>()
+  // Register with password
+  .post('/register', zValidator('json', registerSchema), async (c) => {
+    const { name, email, password } = c.req.valid('json');
+    const db = c.get('db');
+
+    const [existing] = await db.select().from(users).where(eq(users.email, email)).limit(1);
+    if (existing) return c.json({ error: 'E-Mail bereits vergeben' }, 409);
+
+    const passwordHash = await Bun.password.hash(password);
+    const [user] = await db
+      .insert(users)
+      .values({ email, name, passwordHash })
+      .returning({ id: users.id, email: users.email, name: users.name, avatarUrl: users.avatarUrl });
+
+    await createSession(c, db, user.id);
+    return c.json({ user }, 201);
+  })
+
+  // Login with password
+  .post('/login', zValidator('json', loginSchema), async (c) => {
+    const { email, password } = c.req.valid('json');
+    const db = c.get('db');
+
+    const [user] = await db.select().from(users).where(eq(users.email, email)).limit(1);
+    if (!user || !user.passwordHash) {
+      return c.json({ error: 'E-Mail oder Passwort falsch' }, 401);
+    }
+
+    const valid = await Bun.password.verify(password, user.passwordHash);
+    if (!valid) return c.json({ error: 'E-Mail oder Passwort falsch' }, 401);
+
+    await createSession(c, db, user.id);
+    return c.json({
+      user: { id: user.id, email: user.email, name: user.name, avatarUrl: user.avatarUrl },
+    });
+  })
+
   .post('/magic-link', zValidator('json', magicLinkSchema), async (c) => {
     const { email } = c.req.valid('json');
     const db = c.get('db');
@@ -61,25 +111,7 @@ export const authRoutes = new Hono<AppEnv>()
         .returning();
     }
 
-    // Create session
-    const sessionToken = generateToken();
-    const tokenHash = await hashToken(sessionToken);
-    const expiresAt = new Date(Date.now() + 30 * 24 * 60 * 60 * 1000); // 30 days
-
-    await db.insert(sessions).values({
-      userId: user.id,
-      tokenHash,
-      expiresAt,
-    });
-
-    setCookie(c, 'session', sessionToken, {
-      httpOnly: true,
-      secure: process.env.NODE_ENV === 'production',
-      sameSite: 'Lax',
-      path: '/',
-      maxAge: 30 * 24 * 60 * 60,
-    });
-
+    await createSession(c, db, user.id);
     return c.json({ user: { id: user.id, email: user.email, name: user.name } });
   })
 
diff --git a/apps/web/src/lib/components/workspace/Sidebar.svelte b/apps/web/src/lib/components/workspace/Sidebar.svelte
index 47f5da2..adf9599 100644
--- a/apps/web/src/lib/components/workspace/Sidebar.svelte
+++ b/apps/web/src/lib/components/workspace/Sidebar.svelte
@@ -8,8 +8,9 @@
   import Icon from '$lib/components/ui/Icon.svelte';
   import CoverImage from '$lib/components/ui/CoverImage.svelte';
 
-  type Project = { id: string; name: string; coverUrl: string | null };
+  type Project = { id: string; name: string; artist: string | null; coverUrl: string | null };
   type ProjectMembership = { project: Project; role: string; trackCount: number };
+  type ArtistGroup = { artist: string; memberships: ProjectMembership[] };
   type TrackStatus = 'sketch' | 'in_progress' | 'final' | 'released';
   type Track = { id: string; name: string; coverUrl: string | null; status: TrackStatus };
 
@@ -37,17 +38,53 @@
   const activeProjectId = $derived(($page.params as Record<string, string>).projectId ?? null);
   const activeTrackId = $derived(($page.params as Record<string, string>).trackId ?? null);
 
-  // Filtered projects: a project matches if its name matches OR any of its loaded tracks match
+  // Filtered projects: a project matches if its name matches, artist matches, OR any of its loaded tracks match
   const filtered = $derived.by(() => {
     const q = query.trim().toLowerCase();
     if (!q) return projects;
     return projects.filter(({ project }) => {
       if (project.name.toLowerCase().includes(q)) return true;
+      if (project.artist?.toLowerCase().includes(q)) return true;
       const tracks = tracksByProject[project.id];
       return tracks?.some((t) => t.name.toLowerCase().includes(q));
     });
   });
 
+  // Group filtered projects by artist
+  const artistGroups = $derived.by(() => {
+    const groups = new Map<string, ProjectMembership[]>();
+    for (const m of filtered) {
+      const key = m.project.artist?.trim() || '';
+      if (!groups.has(key)) groups.set(key, []);
+      groups.get(key)!.push(m);
+    }
+    const sorted: ArtistGroup[] = [];
+    for (const [artist, memberships] of groups) {
+      if (artist) sorted.push({ artist, memberships });
+    }
+    sorted.sort((a, b) => a.artist.localeCompare(b.artist));
+    const ungrouped = groups.get('');
+    if (ungrouped) sorted.push({ artist: '', memberships: ungrouped });
+    return sorted;
+  });
+
+  // Artist group collapsed state
+  let collapsedArtists = $state<Set<string>>(new Set());
+  function toggleArtist(artist: string) {
+    const next = new Set(collapsedArtists);
+    if (next.has(artist)) next.delete(artist);
+    else next.add(artist);
+    collapsedArtists = next;
+  }
+  function isArtistExpanded(artist: string) {
+    if (collapsedArtists.has(artist)) return false;
+    // Auto-expand if active project is in this group or search is active
+    if (query.trim()) return true;
+    return artistGroups.some(
+      (g) => g.artist === artist && g.memberships.some((m) => m.project.id === activeProjectId),
+    );
+  }
+
   function trackMatches(track: Track) {
     const q = query.trim().toLowerCase();
     return !q || track.name.toLowerCase().includes(q);
@@ -133,44 +170,65 @@
         <Icon name="plus" size={14} />
       </a>
     </div>
-    <ul class="projects">
-      {#each filtered as { project, trackCount } (project.id)}
-        <li>
-          <a
-            href="/projects/{project.id}"
-            class="project"
-            class:active={activeProjectId === project.id}
-            onclick={handleNavClick}
-          >
-            <CoverImage src={project.coverUrl} name={project.name} size="xs" rounded="sm" />
-            <span class="name">{project.name}</span>
-            <span class="count">{trackCount}</span>
-          </a>
-          {#if shouldExpand(project.id) && tracksByProject[project.id]}
-            <ul class="tracks">
-              {#each tracksByProject[project.id].filter(trackMatches) as track (track.id)}
+    <div class="artist-groups">
+      {#each artistGroups as group (group.artist)}
+        {@const expanded = group.artist === '' || isArtistExpanded(group.artist) || !collapsedArtists.has(group.artist)}
+        <div class="artist-group">
+          {#if group.artist}
+            <button class="artist-head" onclick={() => toggleArtist(group.artist)}>
+              <Icon name={expanded ? 'chevron-down' : 'chevron-right'} size={12} />
+              <span class="artist-name">{group.artist}</span>
+              <span class="count">{group.memberships.length}</span>
+            </button>
+          {:else}
+            <div class="artist-head ungrouped">
+              <span class="artist-name">Ohne Zuordnung</span>
+            </div>
+          {/if}
+
+          {#if expanded}
+            <ul class="projects">
+              {#each group.memberships as { project, trackCount } (project.id)}
                 <li>
                   <a
-                    href="/projects/{project.id}/tracks/{track.id}"
-                    class="track"
-                    class:active={activeTrackId === track.id}
+                    href="/projects/{project.id}"
+                    class="project"
+                    class:active={activeProjectId === project.id}
                     onclick={handleNavClick}
                   >
-                    <span class="status-dot" style="background: {STATUS_COLORS[track.status]}"></span>
-                    {track.name}
+                    <CoverImage src={project.coverUrl} name={project.name} size="xs" rounded="sm" />
+                    <span class="name">{project.name}</span>
+                    <span class="count">{trackCount}</span>
                   </a>
+                  {#if shouldExpand(project.id) && tracksByProject[project.id]}
+                    <ul class="tracks">
+                      {#each tracksByProject[project.id].filter(trackMatches) as track (track.id)}
+                        <li>
+                          <a
+                            href="/projects/{project.id}/tracks/{track.id}"
+                            class="track"
+                            class:active={activeTrackId === track.id}
+                            onclick={handleNavClick}
+                          >
+                            <span class="status-dot" style="background: {STATUS_COLORS[track.status]}"></span>
+                            {track.name}
+                          </a>
+                        </li>
+                      {/each}
+                    </ul>
+                  {/if}
                 </li>
               {/each}
             </ul>
           {/if}
-        </li>
+        </div>
       {/each}
       {#if filtered.length === 0 && query}
-        <li class="empty">Nichts gefunden für "{query}"</li>
+        <p class="empty">Nichts gefunden für "{query}"</p>
       {:else if projects.length === 0}
-        <li class="empty">Noch keine Projekte</li>
+        <p class="empty">Noch keine Projekte</p>
       {/if}
-    </ul>
+    </div>
   </div>
 
   <div class="user-block">
@@ -314,6 +372,45 @@
     color: var(--color-accent);
   }
 
+  .artist-groups {
+    display: flex;
+    flex-direction: column;
+    gap: var(--space-3);
+  }
+  .artist-head {
+    display: flex;
+    align-items: center;
+    gap: var(--space-2);
+    width: 100%;
+    padding: var(--space-1) var(--space-3);
+    background: none;
+    border: none;
+    color: var(--color-text-tertiary);
+    font-size: var(--text-xs);
+    font-weight: 600;
+    font-family: inherit;
+    cursor: pointer;
+    text-align: left;
+    border-radius: var(--radius-sm);
+    transition: all var(--transition-fast);
+  }
+  .artist-head:hover {
+    color: var(--color-text-secondary);
+  }
+  .artist-head.ungrouped {
+    cursor: default;
+    padding-top: var(--space-2);
+    border-top: 1px solid var(--color-border);
+    margin-top: var(--space-1);
+    border-radius: 0;
+  }
+  .artist-name {
+    flex: 1;
+    overflow: hidden;
+    text-overflow: ellipsis;
+    white-space: nowrap;
+  }
+
   .projects {
     list-style: none;
     padding: 0;
diff --git a/apps/web/src/lib/stores/auth.ts b/apps/web/src/lib/stores/auth.ts
index d498b3b..7ec1bf0 100644
--- a/apps/web/src/lib/stores/auth.ts
+++ b/apps/web/src/lib/stores/auth.ts
@@ -22,6 +22,18 @@ export async function checkAuth() {
   }
 }
 
+export async function register(name: string, email: string, password: string) {
+  const res = await api.post<{ user: User }>('/auth/register', { name, email, password });
+  user.set(res.user);
+  return res.user;
+}
+
+export async function login(email: string, password: string) {
+  const res = await api.post<{ user: User }>('/auth/login', { email, password });
+  user.set(res.user);
+  return res.user;
+}
+
 export async function sendMagicLink(email: string) {
   return api.post('/auth/magic-link', { email });
 }
diff --git a/apps/web/src/routes/(app)/projects/[projectId]/settings/+page.svelte b/apps/web/src/routes/(app)/projects/[projectId]/settings/+page.svelte
index 4a561b6..b8bb6bb 100644
--- a/apps/web/src/routes/(app)/projects/[projectId]/settings/+page.svelte
+++ b/apps/web/src/routes/(app)/projects/[projectId]/settings/+page.svelte
@@ -19,7 +19,7 @@
     user: { id: string; email: string; name: string; avatarUrl: string | null };
   };
 
-  type Project = { id: string; name: string; description: string | null; coverUrl: string | null; coverImageUrl: string | null };
+  type Project = { id: string; name: string; description: string | null; artist: string | null; coverUrl: string | null; coverImageUrl: string | null };
 
   const projectId = $page.params.projectId!;
 
@@ -30,6 +30,7 @@
 
   // Edit project
   let editName = $state('');
+  let editArtist = $state('');
   let editDesc = $state('');
   let saving = $state(false);
 
@@ -52,6 +53,7 @@
       project = projectRes.project;
       role = projectRes.role;
       editName = project.name;
+      editArtist = project.artist || '';
       editDesc = project.description || '';
       members = membersRes.members;
     } finally {
@@ -70,6 +72,7 @@
     try {
       await api.patch(`/projects/${projectId}`, {
         name: editName,
+        artist: editArtist.trim() || null,
         description: editDesc || undefined,
       });
       toastSuccess('Projekt gespeichert');
@@ -135,6 +138,7 @@
       <div class="cover-row">
         <CoverUpload currentUrl={project.coverUrl} name={project.name} onUploaded={saveCover} />
         <form class="details-form" onsubmit={(e) => { e.preventDefault(); saveProject(); }}>
+          <Input label="Artist" bind:value={editArtist} placeholder="z.B. Anna Berger (optional)" />
           <Input label="Name" bind:value={editName} />
           <div class="textarea-group">
             <label class="textarea-label">Beschreibung</label>
diff --git a/apps/web/src/routes/(app)/projects/new/+page.svelte b/apps/web/src/routes/(app)/projects/new/+page.svelte
index 1d6ab04..74032f2 100644
--- a/apps/web/src/routes/(app)/projects/new/+page.svelte
+++ b/apps/web/src/routes/(app)/projects/new/+page.svelte
@@ -7,6 +7,7 @@
   import TopBar from '$lib/components/workspace/TopBar.svelte';
 
   let name = $state('');
+  let artist = $state('');
   let description = $state('');
   let loading = $state(false);
 
@@ -16,6 +17,7 @@
     try {
       const res = await api.post<{ project: { id: string } }>('/projects', {
         name,
+        artist: artist.trim() || null,
         description: description || undefined,
       });
       toastSuccess('Projekt erstellt');
@@ -38,6 +40,7 @@
     <h1>Neues Projekt</h1>
 
     <form onsubmit={handleSubmit}>
+      <Input label="Artist" bind:value={artist} placeholder="z.B. Anna Berger (optional)" />
       <Input label="Name" bind:value={name} placeholder="Mein Album" />
 
       <div class="textarea-group">
diff --git a/apps/web/src/routes/+layout.svelte b/apps/web/src/routes/+layout.svelte
index ddc8e72..f15f57d 100644
--- a/apps/web/src/routes/+layout.svelte
+++ b/apps/web/src/routes/+layout.svelte
@@ -3,6 +3,7 @@
   import { page } from '$app/stores';
   import { checkAuth, authLoading } from '$lib/stores/auth.js';
   import ToastContainer from '$lib/components/ui/ToastContainer.svelte';
+  // @ts-ignore — no types shipped for fontsource
   import '@fontsource-variable/inter';
 
   let { children } = $props();
@@ -11,7 +12,9 @@
   const isPublic = $derived(
     $page.url.pathname === '/' ||
       $page.url.pathname === '/login' ||
-      $page.url.pathname.startsWith('/listen/'),
+      $page.url.pathname === '/register' ||
+      $page.url.pathname.startsWith('/listen/') ||
+      $page.url.pathname.startsWith('/auth/'),
   );
 
   onMount(() => {
diff --git a/apps/web/src/routes/+page.svelte b/apps/web/src/routes/+page.svelte
index ba8dc26..ec98033 100644
--- a/apps/web/src/routes/+page.svelte
+++ b/apps/web/src/routes/+page.svelte
@@ -24,7 +24,7 @@
         <Button href="/dashboard" size="sm">Zum Dashboard</Button>
       {:else}
         <a href="/login" class="nav-link">Einloggen</a>
-        <Button href="/login" size="sm">Kostenlos starten</Button>
+        <Button href="/register" size="sm">Kostenlos starten</Button>
       {/if}
     </div>
   </nav>
@@ -43,7 +43,7 @@
         ohne Account, ohne Anmeldung, ohne Stress.
       </p>
       <div class="hero-cta">
-        <Button href="/login" size="lg">Kostenlos starten</Button>
+        <Button href="/register" size="lg">Kostenlos starten</Button>
         <a href="/listen/{DEMO_SHARE_TOKEN}" target="_blank" rel="noopener" class="cta-secondary">
           Live-Demo ansehen <span class="arrow">→</span>
         </a>
@@ -275,7 +275,7 @@
       präg die Roadmap mit. Gratis, ohne Verpflichtung.
     </p>
     <div class="hero-cta center">
-      <Button href="/login" size="lg">Account anlegen</Button>
+      <Button href="/register" size="lg">Account anlegen</Button>
       <!-- TODO: GitHub-Link sobald Repo öffentlich -->
       <a href="https://git.mydrugismusic.com/robin/music-hub" target="_blank" rel="noopener" class="cta-secondary">
         Auf Git anschauen <span class="arrow">→</span>
diff --git a/apps/web/src/routes/login/+page.svelte b/apps/web/src/routes/login/+page.svelte
index a0de6d9..fb11973 100644
--- a/apps/web/src/routes/login/+page.svelte
+++ b/apps/web/src/routes/login/+page.svelte
@@ -1,52 +1,99 @@
 <script lang="ts">
   import { goto } from '$app/navigation';
-  import { user, sendMagicLink } from '$lib/stores/auth.js';
+  import { user, login, sendMagicLink } from '$lib/stores/auth.js';
   import Button from '$lib/components/ui/Button.svelte';
   import Input from '$lib/components/ui/Input.svelte';
 
+  let tab = $state<'password' | 'magic'>('password');
+
+  // Password
   let email = $state('');
-  let sent = $state(false);
+  let password = $state('');
   let loading = $state(false);
   let error = $state('');
 
+  // Magic Link
+  let magicEmail = $state('');
+  let magicSent = $state(false);
+  let magicLoading = $state(false);
+  let magicError = $state('');
+
   $effect(() => {
     if ($user) goto('/dashboard');
   });
 
-  async function handleSubmit(e: Event) {
+  async function handleLogin(e: Event) {
     e.preventDefault();
     error = '';
     loading = true;
     try {
-      await sendMagicLink(email);
-      sent = true;
+      await login(email, password);
+      goto('/dashboard');
     } catch (err) {
-      error = err instanceof Error ? err.message : 'Etwas ist schiefgelaufen';
+      error = err instanceof Error ? err.message : 'Login fehlgeschlagen';
     } finally {
       loading = false;
     }
   }
+
+  async function handleMagicLink(e: Event) {
+    e.preventDefault();
+    magicError = '';
+    magicLoading = true;
+    try {
+      await sendMagicLink(magicEmail);
+      magicSent = true;
+    } catch (err) {
+      magicError = err instanceof Error ? err.message : 'Fehler beim Senden';
+    } finally {
+      magicLoading = false;
+    }
+  }
 </script>
 
 <div class="login-page">
   <a href="/" class="back">← Zurück</a>
 
-  <div class="login-card">
+  <div class="card">
     <p class="brand">Music Hub</p>
     <h1>Einloggen</h1>
-    <p class="card-sub">Magic Link per E-Mail. Kein Passwort, keine Hürden.</p>
 
-    {#if sent}
-      <div class="success">
-        <p>📬 Check deine E-Mails — der Link ist unterwegs.</p>
-        <Button variant="secondary" onclick={() => { sent = false; email = ''; }}>Andere Adresse</Button>
-      </div>
-    {:else}
-      <form onsubmit={handleSubmit}>
-        <Input type="email" bind:value={email} placeholder="deine@email.de" {error} />
-        <Button type="submit" size="lg" {loading}>Login-Link senden</Button>
+    <div class="tabs">
+      <button class:active={tab === 'password'} onclick={() => (tab = 'password')}>Passwort</button>
+      <button class:active={tab === 'magic'} onclick={() => (tab = 'magic')}>Magic Link</button>
+    </div>
+
+    {#if tab === 'password'}
+      <form onsubmit={handleLogin}>
+        <Input type="email" bind:value={email} placeholder="deine@email.de" label="E-Mail" />
+        <Input type="password" bind:value={password} placeholder="Dein Passwort" label="Passwort" />
+        {#if error}
+          <p class="error">{error}</p>
+        {/if}
+        <Button type="submit" size="lg" {loading} disabled={!email || !password}>
+          Einloggen
+        </Button>
       </form>
+    {:else}
+      {#if magicSent}
+        <div class="success">
+          <p>Check deine E-Mails — der Link ist unterwegs.</p>
+          <Button variant="secondary" onclick={() => { magicSent = false; magicEmail = ''; }}>
+            Andere Adresse
+          </Button>
+        </div>
+      {:else}
+        <form onsubmit={handleMagicLink}>
+          <p class="hint">Kein Passwort? Wir schicken dir einen Login-Link per E-Mail.</p>
+          <Input type="email" bind:value={magicEmail} placeholder="deine@email.de" label="E-Mail" error={magicError} />
+          <Button type="submit" size="lg" loading={magicLoading}>
+            Login-Link senden
+          </Button>
+        </form>
+      {/if}
     {/if}
+
+    <p class="switch">Noch kein Konto? <a href="/register">Registrieren</a></p>
   </div>
 </div>
 
@@ -60,7 +107,6 @@
     padding: var(--space-8) var(--space-4);
     gap: var(--space-6);
   }
-
   .back {
     color: var(--color-text-tertiary);
     font-size: var(--text-sm);
@@ -70,7 +116,7 @@
     color: var(--color-text-primary);
   }
 
-  .login-card {
+  .card {
     background: var(--color-bg-overlay);
     border-radius: var(--radius-lg);
     padding: var(--space-10);
@@ -87,16 +133,36 @@
     font-size: var(--text-xs);
     margin: 0 0 var(--space-2);
   }
-
   h1 {
-    margin: 0 0 var(--space-1);
+    margin: 0 0 var(--space-5);
     font-size: var(--text-2xl);
   }
 
-  .card-sub {
+  .tabs {
+    display: flex;
+    border-bottom: 1px solid var(--color-border);
+    margin-bottom: var(--space-5);
+  }
+  .tabs button {
+    flex: 1;
+    background: none;
+    border: none;
     color: var(--color-text-tertiary);
+    padding: var(--space-3) var(--space-2);
+    cursor: pointer;
+    font-family: inherit;
     font-size: var(--text-sm);
-    margin: 0 0 var(--space-6);
+    font-weight: 500;
+    border-bottom: 2px solid transparent;
+    margin-bottom: -1px;
+    transition: all var(--transition-fast);
+  }
+  .tabs button:hover {
+    color: var(--color-text-primary);
+  }
+  .tabs button.active {
+    color: var(--color-text-primary);
+    border-bottom-color: var(--color-accent);
   }
 
   form {
@@ -105,8 +171,27 @@
     gap: var(--space-4);
   }
 
+  .error {
+    color: var(--color-error);
+    font-size: var(--text-sm);
+    margin: 0;
+  }
+  .hint {
+    color: var(--color-text-tertiary);
+    font-size: var(--text-sm);
+    margin: 0;
+  }
   .success p {
     color: var(--color-text-primary);
     margin-bottom: var(--space-4);
   }
+  .switch {
+    text-align: center;
+    color: var(--color-text-tertiary);
+    font-size: var(--text-sm);
+    margin: var(--space-5) 0 0;
+  }
+  .switch a {
+    color: var(--color-accent);
+  }
 </style>
diff --git a/apps/web/src/routes/register/+page.svelte b/apps/web/src/routes/register/+page.svelte
new file mode 100644
index 0000000..a0dbad6
--- /dev/null
+++ b/apps/web/src/routes/register/+page.svelte
@@ -0,0 +1,140 @@
+<script lang="ts">
+  import { goto } from '$app/navigation';
+  import { user, register } from '$lib/stores/auth.js';
+  import Button from '$lib/components/ui/Button.svelte';
+  import Input from '$lib/components/ui/Input.svelte';
+
+  let name = $state('');
+  let email = $state('');
+  let password = $state('');
+  let passwordConfirm = $state('');
+  let loading = $state(false);
+  let error = $state('');
+
+  $effect(() => {
+    if ($user) goto('/dashboard');
+  });
+
+  async function handleSubmit(e: Event) {
+    e.preventDefault();
+    error = '';
+
+    if (password !== passwordConfirm) {
+      error = 'Passwörter stimmen nicht überein';
+      return;
+    }
+    if (password.length < 8) {
+      error = 'Passwort muss mindestens 8 Zeichen haben';
+      return;
+    }
+
+    loading = true;
+    try {
+      await register(name, email, password);
+      goto('/dashboard');
+    } catch (err) {
+      error = err instanceof Error ? err.message : 'Registrierung fehlgeschlagen';
+    } finally {
+      loading = false;
+    }
+  }
+</script>
+
+<div class="register-page">
+  <a href="/" class="back">← Zurück</a>
+
+  <div class="card">
+    <p class="brand">Music Hub</p>
+    <h1>Konto erstellen</h1>
+    <p class="card-sub">Kostenlos. Kein Abo, keine Kreditkarte.</p>
+
+    <form onsubmit={handleSubmit}>
+      <Input label="Name" bind:value={name} placeholder="Dein Name" />
+      <Input label="E-Mail" type="email" bind:value={email} placeholder="deine@email.de" />
+      <Input label="Passwort" type="password" bind:value={password} placeholder="Mindestens 8 Zeichen" />
+      <Input label="Passwort wiederholen" type="password" bind:value={passwordConfirm} placeholder="Nochmal eingeben" />
+
+      {#if error}
+        <p class="error">{error}</p>
+      {/if}
+
+      <Button type="submit" size="lg" {loading} disabled={!name || !email || !password}>
+        Registrieren
+      </Button>
+    </form>
+
+    <p class="switch">Schon ein Konto? <a href="/login">Einloggen</a></p>
+  </div>
+</div>
+
+<style>
+  .register-page {
+    display: flex;
+    flex-direction: column;
+    align-items: center;
+    justify-content: center;
+    min-height: 100vh;
+    padding: var(--space-8) var(--space-4);
+    gap: var(--space-6);
+  }
+
+  .back {
+    color: var(--color-text-tertiary);
+    font-size: var(--text-sm);
+    text-decoration: none;
+  }
+  .back:hover {
+    color: var(--color-text-primary);
+  }
+
+  .card {
+    background: var(--color-bg-overlay);
+    border-radius: var(--radius-lg);
+    padding: var(--space-10);
+    border: 1px solid var(--color-border);
+    box-shadow: 0 20px 60px rgba(244, 63, 94, 0.08);
+    width: 100%;
+    max-width: 440px;
+  }
+
+  .brand {
+    color: var(--color-text-tertiary);
+    text-transform: uppercase;
+    letter-spacing: 0.2em;
+    font-size: var(--text-xs);
+    margin: 0 0 var(--space-2);
+  }
+
+  h1 {
+    margin: 0 0 var(--space-1);
+    font-size: var(--text-2xl);
+  }
+
+  .card-sub {
+    color: var(--color-text-tertiary);
+    font-size: var(--text-sm);
+    margin: 0 0 var(--space-6);
+  }
+
+  form {
+    display: flex;
+    flex-direction: column;
+    gap: var(--space-4);
+  }
+
+  .error {
+    color: var(--color-error);
+    font-size: var(--text-sm);
+    margin: 0;
+  }
+
+  .switch {
+    text-align: center;
+    color: var(--color-text-tertiary);
+    font-size: var(--text-sm);
+    margin: var(--space-5) 0 0;
+  }
+  .switch a {
+    color: var(--color-accent);
+  }
+</style>
diff --git a/packages/db/src/index.ts b/packages/db/src/index.ts
index 01c3bb3..c690f31 100644
--- a/packages/db/src/index.ts
+++ b/packages/db/src/index.ts
@@ -3,7 +3,9 @@ import postgres from 'postgres';
 import * as schema from './schema/index.js';
 
 export function createDb(connectionString: string) {
-  const client = postgres(connectionString);
+  const client = postgres(connectionString, {
+    connection: { timezone: 'UTC' },
+  });
   return drizzle(client, { schema });
 }
 
diff --git a/packages/db/src/migrations/0004_smart_karma.sql b/packages/db/src/migrations/0004_smart_karma.sql
new file mode 100644
index 0000000..8cf6bd8
--- /dev/null
+++ b/packages/db/src/migrations/0004_smart_karma.sql
@@ -0,0 +1 @@
+ALTER TABLE "projects" ADD COLUMN "artist" varchar(255);
\ No newline at end of file
diff --git a/packages/db/src/migrations/0005_rare_triathlon.sql b/packages/db/src/migrations/0005_rare_triathlon.sql
new file mode 100644
index 0000000..05fa387
--- /dev/null
+++ b/packages/db/src/migrations/0005_rare_triathlon.sql
@@ -0,0 +1 @@
+ALTER TABLE "users" ADD COLUMN "password_hash" text;
\ No newline at end of file
diff --git a/packages/db/src/migrations/meta/0004_snapshot.json b/packages/db/src/migrations/meta/0004_snapshot.json
new file mode 100644
index 0000000..43a268d
--- /dev/null
+++ b/packages/db/src/migrations/meta/0004_snapshot.json
@@ -0,0 +1,921 @@
+{
+  "id": "3b7e4303-6bcd-4ba4-9079-9b19c4cc1043",
+  "prevId": "c17d41fa-dca4-4e1a-96c0-e3d574ce67e3",
+  "version": "7",
+  "dialect": "postgresql",
+  "tables": {
+    "public.users": {
+      "name": "users",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "primaryKey": true,
+          "notNull": true,
+          "default": "gen_random_uuid()"
+        },
+        "email": {
+          "name": "email",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "name": {
+          "name": "name",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "avatar_url": {
+          "name": "avatar_url",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {},
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {
+        "users_email_unique": {
+          "name": "users_email_unique",
+          "nullsNotDistinct": false,
+          "columns": [
+            "email"
+          ]
+        }
+      },
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.magic_links": {
+      "name": "magic_links",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "primaryKey": true,
+          "notNull": true,
+          "default": "gen_random_uuid()"
+        },
+        "email": {
+          "name": "email",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "token": {
+          "name": "token",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "expires_at": {
+          "name": "expires_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "used_at": {
+          "name": "used_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {},
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {
+        "magic_links_token_unique": {
+          "name": "magic_links_token_unique",
+          "nullsNotDistinct": false,
+          "columns": [
+            "token"
+          ]
+        }
+      },
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.sessions": {
+      "name": "sessions",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "primaryKey": true,
+          "notNull": true,
+          "default": "gen_random_uuid()"
+        },
+        "user_id": {
+          "name": "user_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "token_hash": {
+          "name": "token_hash",
+          "type": "varchar(128)",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "expires_at": {
+          "name": "expires_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "sessions_user_id_users_id_fk": {
+          "name": "sessions_user_id_users_id_fk",
+          "tableFrom": "sessions",
+          "tableTo": "users",
+          "columnsFrom": [
+            "user_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {
+        "sessions_token_hash_unique": {
+          "name": "sessions_token_hash_unique",
+          "nullsNotDistinct": false,
+          "columns": [
+            "token_hash"
+          ]
+        }
+      },
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.project_members": {
+      "name": "project_members",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "primaryKey": true,
+          "notNull": true,
+          "default": "gen_random_uuid()"
+        },
+        "project_id": {
+          "name": "project_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "user_id": {
+          "name": "user_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "role": {
+          "name": "role",
+          "type": "project_role",
+          "typeSchema": "public",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "can_upload": {
+          "name": "can_upload",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "default": false
+        },
+        "can_comment": {
+          "name": "can_comment",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "default": true
+        },
+        "can_approve": {
+          "name": "can_approve",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "default": false
+        },
+        "invited_at": {
+          "name": "invited_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "project_members_project_id_projects_id_fk": {
+          "name": "project_members_project_id_projects_id_fk",
+          "tableFrom": "project_members",
+          "tableTo": "projects",
+          "columnsFrom": [
+            "project_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
+        },
+        "project_members_user_id_users_id_fk": {
+          "name": "project_members_user_id_users_id_fk",
+          "tableFrom": "project_members",
+          "tableTo": "users",
+          "columnsFrom": [
+            "user_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {
+        "project_members_project_id_user_id_unique": {
+          "name": "project_members_project_id_user_id_unique",
+          "nullsNotDistinct": false,
+          "columns": [
+            "project_id",
+            "user_id"
+          ]
+        }
+      },
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.projects": {
+      "name": "projects",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "primaryKey": true,
+          "notNull": true,
+          "default": "gen_random_uuid()"
+        },
+        "name": {
+          "name": "name",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "description": {
+          "name": "description",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "artist": {
+          "name": "artist",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "cover_image_url": {
+          "name": "cover_image_url",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "created_by_id": {
+          "name": "created_by_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "is_archived": {
+          "name": "is_archived",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "default": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "projects_created_by_id_users_id_fk": {
+          "name": "projects_created_by_id_users_id_fk",
+          "tableFrom": "projects",
+          "tableTo": "users",
+          "columnsFrom": [
+            "created_by_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.tracks": {
+      "name": "tracks",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "primaryKey": true,
+          "notNull": true,
+          "default": "gen_random_uuid()"
+        },
+        "project_id": {
+          "name": "project_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "name": {
+          "name": "name",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "description": {
+          "name": "description",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "cover_image_url": {
+          "name": "cover_image_url",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "status": {
+          "name": "status",
+          "type": "track_status",
+          "typeSchema": "public",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "'in_progress'"
+        },
+        "section": {
+          "name": "section",
+          "type": "varchar(100)",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "sort_order": {
+          "name": "sort_order",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": true,
+          "default": 0
+        },
+        "created_by_id": {
+          "name": "created_by_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "tracks_project_id_projects_id_fk": {
+          "name": "tracks_project_id_projects_id_fk",
+          "tableFrom": "tracks",
+          "tableTo": "projects",
+          "columnsFrom": [
+            "project_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
+        },
+        "tracks_created_by_id_users_id_fk": {
+          "name": "tracks_created_by_id_users_id_fk",
+          "tableFrom": "tracks",
+          "tableTo": "users",
+          "columnsFrom": [
+            "created_by_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.versions": {
+      "name": "versions",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "primaryKey": true,
+          "notNull": true,
+          "default": "gen_random_uuid()"
+        },
+        "track_id": {
+          "name": "track_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "version_number": {
+          "name": "version_number",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "label": {
+          "name": "label",
+          "type": "varchar(100)",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "notes": {
+          "name": "notes",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "status": {
+          "name": "status",
+          "type": "version_status",
+          "typeSchema": "public",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "'uploaded'"
+        },
+        "parent_version_id": {
+          "name": "parent_version_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "branch_label": {
+          "name": "branch_label",
+          "type": "varchar(100)",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "original_file_name": {
+          "name": "original_file_name",
+          "type": "varchar(500)",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "mime_type": {
+          "name": "mime_type",
+          "type": "varchar(100)",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "file_size": {
+          "name": "file_size",
+          "type": "bigint",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "duration": {
+          "name": "duration",
+          "type": "real",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "sample_rate": {
+          "name": "sample_rate",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "bit_depth": {
+          "name": "bit_depth",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "original_file_key": {
+          "name": "original_file_key",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "stream_file_key": {
+          "name": "stream_file_key",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "waveform_data_key": {
+          "name": "waveform_data_key",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "created_by_id": {
+          "name": "created_by_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "versions_track_id_tracks_id_fk": {
+          "name": "versions_track_id_tracks_id_fk",
+          "tableFrom": "versions",
+          "tableTo": "tracks",
+          "columnsFrom": [
+            "track_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
+        },
+        "versions_parent_version_id_versions_id_fk": {
+          "name": "versions_parent_version_id_versions_id_fk",
+          "tableFrom": "versions",
+          "tableTo": "versions",
+          "columnsFrom": [
+            "parent_version_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "set null",
+          "onUpdate": "no action"
+        },
+        "versions_created_by_id_users_id_fk": {
+          "name": "versions_created_by_id_users_id_fk",
+          "tableFrom": "versions",
+          "tableTo": "users",
+          "columnsFrom": [
+            "created_by_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.comments": {
+      "name": "comments",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "primaryKey": true,
+          "notNull": true,
+          "default": "gen_random_uuid()"
+        },
+        "version_id": {
+          "name": "version_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "user_id": {
+          "name": "user_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "guest_name": {
+          "name": "guest_name",
+          "type": "varchar(100)",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "body": {
+          "name": "body",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "timestamp_seconds": {
+          "name": "timestamp_seconds",
+          "type": "real",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "parent_id": {
+          "name": "parent_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "resolved_at": {
+          "name": "resolved_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "comments_version_id_versions_id_fk": {
+          "name": "comments_version_id_versions_id_fk",
+          "tableFrom": "comments",
+          "tableTo": "versions",
+          "columnsFrom": [
+            "version_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
+        },
+        "comments_user_id_users_id_fk": {
+          "name": "comments_user_id_users_id_fk",
+          "tableFrom": "comments",
+          "tableTo": "users",
+          "columnsFrom": [
+            "user_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.share_links": {
+      "name": "share_links",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "primaryKey": true,
+          "notNull": true,
+          "default": "gen_random_uuid()"
+        },
+        "version_id": {
+          "name": "version_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "token": {
+          "name": "token",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "created_by_id": {
+          "name": "created_by_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "expires_at": {
+          "name": "expires_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "allow_comments": {
+          "name": "allow_comments",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "default": true
+        },
+        "allow_download": {
+          "name": "allow_download",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "default": false
+        },
+        "password_hash": {
+          "name": "password_hash",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "share_links_version_id_versions_id_fk": {
+          "name": "share_links_version_id_versions_id_fk",
+          "tableFrom": "share_links",
+          "tableTo": "versions",
+          "columnsFrom": [
+            "version_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
+        },
+        "share_links_created_by_id_users_id_fk": {
+          "name": "share_links_created_by_id_users_id_fk",
+          "tableFrom": "share_links",
+          "tableTo": "users",
+          "columnsFrom": [
+            "created_by_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {
+        "share_links_token_unique": {
+          "name": "share_links_token_unique",
+          "nullsNotDistinct": false,
+          "columns": [
+            "token"
+          ]
+        }
+      },
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    }
+  },
+  "enums": {
+    "public.project_role": {
+      "name": "project_role",
+      "schema": "public",
+      "values": [
+        "owner",
+        "recording_engineer",
+        "mixing_engineer",
+        "mastering_engineer",
+        "artist",
+        "label",
+        "management",
+        "viewer"
+      ]
+    },
+    "public.track_status": {
+      "name": "track_status",
+      "schema": "public",
+      "values": [
+        "sketch",
+        "in_progress",
+        "final",
+        "released"
+      ]
+    },
+    "public.version_status": {
+      "name": "version_status",
+      "schema": "public",
+      "values": [
+        "uploaded",
+        "processing",
+        "ready",
+        "approved",
+        "rejected"
+      ]
+    }
+  },
+  "schemas": {},
+  "sequences": {},
+  "roles": {},
+  "policies": {},
+  "views": {},
+  "_meta": {
+    "columns": {},
+    "schemas": {},
+    "tables": {}
+  }
+}
\ No newline at end of file
diff --git a/packages/db/src/migrations/meta/0005_snapshot.json b/packages/db/src/migrations/meta/0005_snapshot.json
new file mode 100644
index 0000000..3711888
--- /dev/null
+++ b/packages/db/src/migrations/meta/0005_snapshot.json
@@ -0,0 +1,927 @@
+{
+  "id": "4cc81b0e-e487-4b6f-8f35-a4cff42c2de6",
+  "prevId": "3b7e4303-6bcd-4ba4-9079-9b19c4cc1043",
+  "version": "7",
+  "dialect": "postgresql",
+  "tables": {
+    "public.users": {
+      "name": "users",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "primaryKey": true,
+          "notNull": true,
+          "default": "gen_random_uuid()"
+        },
+        "email": {
+          "name": "email",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "name": {
+          "name": "name",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "password_hash": {
+          "name": "password_hash",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "avatar_url": {
+          "name": "avatar_url",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {},
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {
+        "users_email_unique": {
+          "name": "users_email_unique",
+          "nullsNotDistinct": false,
+          "columns": [
+            "email"
+          ]
+        }
+      },
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.magic_links": {
+      "name": "magic_links",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "primaryKey": true,
+          "notNull": true,
+          "default": "gen_random_uuid()"
+        },
+        "email": {
+          "name": "email",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "token": {
+          "name": "token",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "expires_at": {
+          "name": "expires_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "used_at": {
+          "name": "used_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {},
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {
+        "magic_links_token_unique": {
+          "name": "magic_links_token_unique",
+          "nullsNotDistinct": false,
+          "columns": [
+            "token"
+          ]
+        }
+      },
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.sessions": {
+      "name": "sessions",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "primaryKey": true,
+          "notNull": true,
+          "default": "gen_random_uuid()"
+        },
+        "user_id": {
+          "name": "user_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "token_hash": {
+          "name": "token_hash",
+          "type": "varchar(128)",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "expires_at": {
+          "name": "expires_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "sessions_user_id_users_id_fk": {
+          "name": "sessions_user_id_users_id_fk",
+          "tableFrom": "sessions",
+          "tableTo": "users",
+          "columnsFrom": [
+            "user_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {
+        "sessions_token_hash_unique": {
+          "name": "sessions_token_hash_unique",
+          "nullsNotDistinct": false,
+          "columns": [
+            "token_hash"
+          ]
+        }
+      },
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.project_members": {
+      "name": "project_members",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "primaryKey": true,
+          "notNull": true,
+          "default": "gen_random_uuid()"
+        },
+        "project_id": {
+          "name": "project_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "user_id": {
+          "name": "user_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "role": {
+          "name": "role",
+          "type": "project_role",
+          "typeSchema": "public",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "can_upload": {
+          "name": "can_upload",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "default": false
+        },
+        "can_comment": {
+          "name": "can_comment",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "default": true
+        },
+        "can_approve": {
+          "name": "can_approve",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "default": false
+        },
+        "invited_at": {
+          "name": "invited_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "project_members_project_id_projects_id_fk": {
+          "name": "project_members_project_id_projects_id_fk",
+          "tableFrom": "project_members",
+          "tableTo": "projects",
+          "columnsFrom": [
+            "project_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
+        },
+        "project_members_user_id_users_id_fk": {
+          "name": "project_members_user_id_users_id_fk",
+          "tableFrom": "project_members",
+          "tableTo": "users",
+          "columnsFrom": [
+            "user_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {
+        "project_members_project_id_user_id_unique": {
+          "name": "project_members_project_id_user_id_unique",
+          "nullsNotDistinct": false,
+          "columns": [
+            "project_id",
+            "user_id"
+          ]
+        }
+      },
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.projects": {
+      "name": "projects",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "primaryKey": true,
+          "notNull": true,
+          "default": "gen_random_uuid()"
+        },
+        "name": {
+          "name": "name",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "description": {
+          "name": "description",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "artist": {
+          "name": "artist",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "cover_image_url": {
+          "name": "cover_image_url",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "created_by_id": {
+          "name": "created_by_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "is_archived": {
+          "name": "is_archived",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "default": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "projects_created_by_id_users_id_fk": {
+          "name": "projects_created_by_id_users_id_fk",
+          "tableFrom": "projects",
+          "tableTo": "users",
+          "columnsFrom": [
+            "created_by_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.tracks": {
+      "name": "tracks",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "primaryKey": true,
+          "notNull": true,
+          "default": "gen_random_uuid()"
+        },
+        "project_id": {
+          "name": "project_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "name": {
+          "name": "name",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "description": {
+          "name": "description",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "cover_image_url": {
+          "name": "cover_image_url",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "status": {
+          "name": "status",
+          "type": "track_status",
+          "typeSchema": "public",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "'in_progress'"
+        },
+        "section": {
+          "name": "section",
+          "type": "varchar(100)",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "sort_order": {
+          "name": "sort_order",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": true,
+          "default": 0
+        },
+        "created_by_id": {
+          "name": "created_by_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "tracks_project_id_projects_id_fk": {
+          "name": "tracks_project_id_projects_id_fk",
+          "tableFrom": "tracks",
+          "tableTo": "projects",
+          "columnsFrom": [
+            "project_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
+        },
+        "tracks_created_by_id_users_id_fk": {
+          "name": "tracks_created_by_id_users_id_fk",
+          "tableFrom": "tracks",
+          "tableTo": "users",
+          "columnsFrom": [
+            "created_by_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.versions": {
+      "name": "versions",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "primaryKey": true,
+          "notNull": true,
+          "default": "gen_random_uuid()"
+        },
+        "track_id": {
+          "name": "track_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "version_number": {
+          "name": "version_number",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "label": {
+          "name": "label",
+          "type": "varchar(100)",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "notes": {
+          "name": "notes",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "status": {
+          "name": "status",
+          "type": "version_status",
+          "typeSchema": "public",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "'uploaded'"
+        },
+        "parent_version_id": {
+          "name": "parent_version_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "branch_label": {
+          "name": "branch_label",
+          "type": "varchar(100)",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "original_file_name": {
+          "name": "original_file_name",
+          "type": "varchar(500)",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "mime_type": {
+          "name": "mime_type",
+          "type": "varchar(100)",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "file_size": {
+          "name": "file_size",
+          "type": "bigint",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "duration": {
+          "name": "duration",
+          "type": "real",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "sample_rate": {
+          "name": "sample_rate",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "bit_depth": {
+          "name": "bit_depth",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "original_file_key": {
+          "name": "original_file_key",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "stream_file_key": {
+          "name": "stream_file_key",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "waveform_data_key": {
+          "name": "waveform_data_key",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "created_by_id": {
+          "name": "created_by_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "versions_track_id_tracks_id_fk": {
+          "name": "versions_track_id_tracks_id_fk",
+          "tableFrom": "versions",
+          "tableTo": "tracks",
+          "columnsFrom": [
+            "track_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
+        },
+        "versions_parent_version_id_versions_id_fk": {
+          "name": "versions_parent_version_id_versions_id_fk",
+          "tableFrom": "versions",
+          "tableTo": "versions",
+          "columnsFrom": [
+            "parent_version_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "set null",
+          "onUpdate": "no action"
+        },
+        "versions_created_by_id_users_id_fk": {
+          "name": "versions_created_by_id_users_id_fk",
+          "tableFrom": "versions",
+          "tableTo": "users",
+          "columnsFrom": [
+            "created_by_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.comments": {
+      "name": "comments",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "primaryKey": true,
+          "notNull": true,
+          "default": "gen_random_uuid()"
+        },
+        "version_id": {
+          "name": "version_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "user_id": {
+          "name": "user_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "guest_name": {
+          "name": "guest_name",
+          "type": "varchar(100)",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "body": {
+          "name": "body",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "timestamp_seconds": {
+          "name": "timestamp_seconds",
+          "type": "real",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "parent_id": {
+          "name": "parent_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "resolved_at": {
+          "name": "resolved_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "comments_version_id_versions_id_fk": {
+          "name": "comments_version_id_versions_id_fk",
+          "tableFrom": "comments",
+          "tableTo": "versions",
+          "columnsFrom": [
+            "version_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
+        },
+        "comments_user_id_users_id_fk": {
+          "name": "comments_user_id_users_id_fk",
+          "tableFrom": "comments",
+          "tableTo": "users",
+          "columnsFrom": [
+            "user_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.share_links": {
+      "name": "share_links",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "primaryKey": true,
+          "notNull": true,
+          "default": "gen_random_uuid()"
+        },
+        "version_id": {
+          "name": "version_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "token": {
+          "name": "token",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "created_by_id": {
+          "name": "created_by_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "expires_at": {
+          "name": "expires_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "allow_comments": {
+          "name": "allow_comments",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "default": true
+        },
+        "allow_download": {
+          "name": "allow_download",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "default": false
+        },
+        "password_hash": {
+          "name": "password_hash",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "share_links_version_id_versions_id_fk": {
+          "name": "share_links_version_id_versions_id_fk",
+          "tableFrom": "share_links",
+          "tableTo": "versions",
+          "columnsFrom": [
+            "version_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
+        },
+        "share_links_created_by_id_users_id_fk": {
+          "name": "share_links_created_by_id_users_id_fk",
+          "tableFrom": "share_links",
+          "tableTo": "users",
+          "columnsFrom": [
+            "created_by_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {
+        "share_links_token_unique": {
+          "name": "share_links_token_unique",
+          "nullsNotDistinct": false,
+          "columns": [
+            "token"
+          ]
+        }
+      },
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    }
+  },
+  "enums": {
+    "public.project_role": {
+      "name": "project_role",
+      "schema": "public",
+      "values": [
+        "owner",
+        "recording_engineer",
+        "mixing_engineer",
+        "mastering_engineer",
+        "artist",
+        "label",
+        "management",
+        "viewer"
+      ]
+    },
+    "public.track_status": {
+      "name": "track_status",
+      "schema": "public",
+      "values": [
+        "sketch",
+        "in_progress",
+        "final",
+        "released"
+      ]
+    },
+    "public.version_status": {
+      "name": "version_status",
+      "schema": "public",
+      "values": [
+        "uploaded",
+        "processing",
+        "ready",
+        "approved",
+        "rejected"
+      ]
+    }
+  },
+  "schemas": {},
+  "sequences": {},
+  "roles": {},
+  "policies": {},
+  "views": {},
+  "_meta": {
+    "columns": {},
+    "schemas": {},
+    "tables": {}
+  }
+}
\ No newline at end of file
diff --git a/packages/db/src/migrations/meta/_journal.json b/packages/db/src/migrations/meta/_journal.json
index 696dbb3..5c9bd19 100644
--- a/packages/db/src/migrations/meta/_journal.json
+++ b/packages/db/src/migrations/meta/_journal.json
@@ -29,6 +29,20 @@
       "when": 1775723994470,
       "tag": "0003_huge_mystique",
       "breakpoints": true
+    },
+    {
+      "idx": 4,
+      "version": "7",
+      "when": 1776008240052,
+      "tag": "0004_smart_karma",
+      "breakpoints": true
+    },
+    {
+      "idx": 5,
+      "version": "7",
+      "when": 1776012912970,
+      "tag": "0005_rare_triathlon",
+      "breakpoints": true
     }
   ]
 }
\ No newline at end of file
diff --git a/packages/db/src/schema/projects.ts b/packages/db/src/schema/projects.ts
index f1ad37b..02ced9c 100644
--- a/packages/db/src/schema/projects.ts
+++ b/packages/db/src/schema/projects.ts
@@ -25,6 +25,7 @@ export const projects = pgTable('projects', {
   id: uuid('id').defaultRandom().primaryKey(),
   name: varchar('name', { length: 255 }).notNull(),
   description: text('description'),
+  artist: varchar('artist', { length: 255 }),
   coverImageUrl: text('cover_image_url'),
   createdById: uuid('created_by_id')
     .references(() => users.id)
diff --git a/packages/db/src/schema/users.ts b/packages/db/src/schema/users.ts
index 91013f2..e0c5d18 100644
--- a/packages/db/src/schema/users.ts
+++ b/packages/db/src/schema/users.ts
@@ -4,6 +4,7 @@ export const users = pgTable('users', {
   id: uuid('id').defaultRandom().primaryKey(),
   email: varchar('email', { length: 255 }).notNull().unique(),
   name: varchar('name', { length: 255 }).notNull(),
+  passwordHash: text('password_hash'),
   avatarUrl: text('avatar_url'),
   createdAt: timestamp('created_at').defaultNow().notNull(),
   updatedAt: timestamp('updated_at').defaultNow().notNull(),
diff --git a/packages/shared/src/validation/auth.ts b/packages/shared/src/validation/auth.ts
index 9b29732..ea5c70b 100644
--- a/packages/shared/src/validation/auth.ts
+++ b/packages/shared/src/validation/auth.ts
@@ -8,5 +8,18 @@ export const verifyTokenSchema = z.object({
   token: z.string().min(1),
 });
 
+export const registerSchema = z.object({
+  name: z.string().min(1).max(255),
+  email: z.string().email(),
+  password: z.string().min(8).max(200),
+});
+
+export const loginSchema = z.object({
+  email: z.string().email(),
+  password: z.string().min(1).max(200),
+});
+
 export type MagicLinkInput = z.infer<typeof magicLinkSchema>;
 export type VerifyTokenInput = z.infer<typeof verifyTokenSchema>;
+export type RegisterInput = z.infer<typeof registerSchema>;
+export type LoginInput = z.infer<typeof loginSchema>;
diff --git a/packages/shared/src/validation/project.ts b/packages/shared/src/validation/project.ts
index 8f0b61f..1b2d904 100644
--- a/packages/shared/src/validation/project.ts
+++ b/packages/shared/src/validation/project.ts
@@ -4,11 +4,13 @@ import { PROJECT_ROLES } from '../constants/roles.js';
 export const createProjectSchema = z.object({
   name: z.string().min(1).max(255),
   description: z.string().max(2000).optional(),
+  artist: z.string().max(255).nullable().optional(),
 });
 
 export const updateProjectSchema = z.object({
   name: z.string().min(1).max(255).optional(),
   description: z.string().max(2000).optional(),
+  artist: z.string().max(255).nullable().optional(),
   coverImageUrl: z.string().nullable().optional(),
 });