work on import

app/main.py

@@ -10,12 +10,13 @@ from fastapi.middleware.cors import CORSMiddleware
 from app.config import settings
 from app.database.base import engine
 from sqlalchemy import text
+from sqlalchemy.orm import sessionmaker
 from app.database.fts import ensure_rolodex_fts, ensure_files_fts, ensure_ledger_fts, ensure_qdros_fts
 from app.database.indexes import ensure_secondary_indexes
 from app.database.schema_updates import ensure_schema_updates
 from app.models import BaseModel
 from app.models.user import User
-from app.auth.security import get_admin_user
+from app.auth.security import get_admin_user, get_password_hash, verify_password
 from app.core.logging import setup_logging, get_logger
 from app.middleware.logging import LoggingMiddleware
 from app.middleware.errors import register_exception_handlers
@@ -54,6 +55,48 @@ ensure_secondary_indexes(engine)
 logger.info("Ensuring schema updates (new columns)")
 ensure_schema_updates(engine)
 
+
+def ensure_admin_user():
+    """Ensure admin user exists and password matches environment variable"""
+    SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
+    db = SessionLocal()
+    
+    try:
+        # Check if admin user exists
+        admin_user = db.query(User).filter(User.username == settings.admin_username).first()
+        
+        if not admin_user:
+            # Create admin user if it doesn't exist
+            logger.info(f"Creating admin user '{settings.admin_username}'")
+            admin_user = User(
+                username=settings.admin_username,
+                email=f"{settings.admin_username}@delphicg.local",
+                full_name="System Administrator",
+                hashed_password=get_password_hash(settings.admin_password),
+                is_active=True,
+                is_admin=True
+            )
+            db.add(admin_user)
+            db.commit()
+            logger.info(f"Admin user '{settings.admin_username}' created successfully")
+        else:
+            # Check if password needs to be updated
+            if not verify_password(settings.admin_password, admin_user.hashed_password):
+                logger.info(f"Updating admin password for user '{settings.admin_username}'")
+                admin_user.hashed_password = get_password_hash(settings.admin_password)
+                db.commit()
+                logger.info("Admin password updated successfully")
+            else:
+                logger.debug(f"Admin user '{settings.admin_username}' password is current")
+                
+    except Exception as e:
+        logger.error(f"Error ensuring admin user: {e}")
+        db.rollback()
+        raise
+    finally:
+        db.close()
+
+
 # Initialize FastAPI app
 logger.info("Initializing FastAPI application", version=settings.app_version, debug=settings.debug)
 app = FastAPI(
@@ -67,6 +110,11 @@ app = FastAPI(
 async def startup_event():
     """Initialize WebSocket pool and other startup tasks"""
     from app.services.websocket_pool import initialize_websocket_pool
+    
+    # Ensure admin user exists and password is synced with environment
+    logger.info("Ensuring admin user exists and password is current")
+    ensure_admin_user()
+    
     logger.info("Initializing WebSocket connection pool")
     await initialize_websocket_pool(
         cleanup_interval=60,