Profile

The Profile page is the first thing you see under Settings → General. It shows who Fabrik thinks you are and gives you a quick read on your account activity.

The profile card

Left side: your identity as Fabrik sees it.

• Avatar initials — first letter of your first and last name, falling back to the first two characters of your username if you haven't set a name.
• Display name — first_name last_name if both are set, otherwise your username.
• Username — shown prefixed with @. Read-only; set at account creation and never changes.
• Group badges — the groups you're in. If you're a superuser, an amber Superuser badge appears too.

Below that, three editable fields:

• First name and Last name — used in the header and anywhere your name appears (scheduled task owners, share targets, audit descriptions).
• Email address — receives notification emails (if you have email delivery enabled) and is the account recovery channel.

An inline verification indicator sits under the email field:

• Email verified in green if you've clicked the verification link or an admin has marked you verified.
• Email not verified in amber otherwise. Unverified doesn't block login, but it does block email notification delivery in some deployments — the admin has the final say.

Click Update Profile to save. Changes are immediate.

The account activity card

Right side: a read-only snapshot of your account.

Stats row

Three counters at the top:

• Saved Queries — total saved queries you own.
• Favorites — classes you've starred in the Class Browser.
• Groups — count of group memberships.

These match the numbers you see in the Library and Class Browser — they're just aggregated here for context.

Account details

Four fields below the stats:

• Member since — your date_joined timestamp, formatted in your display timezone.
• Last login — most recent successful authentication, or "Never" if you've somehow never logged in (e.g. freshly created by an admin).
• Two-factor auth — green Enabled badge if MFA is active, gray Disabled otherwise.
• Email status — green Verified or amber Unverified, mirroring the verification state on the profile card.

The details are read-only. Change them through the relevant flows:

• Last login updates on every successful login.
• Two-factor auth is toggled from the Security page.
• Email status flips to verified when you click the link in the verification email — or when an admin does it for you.

What the server knows

The page fetches /api/auth/profile/ once on mount and again after every save. The payload the server sends back is the full UserProfile object, including computed flags like is_admin (true if you're in the Admin group or a superuser). The UI uses these flags to decide whether to show admin-only nav items elsewhere.

Why the username isn't editable

Usernames are the stable identifier everything else in the system refers to — audit logs, foreign keys, shared resource ownership. Letting you rename your account mid-life would either break those references or require a cascading rename across the entire database. It's simpler to let you pick a username once and change the display name to whatever suits you.

If you legitimately need a different username — name change, policy shift — ask an admin to create a new account and migrate any owned resources manually before deactivating the old one.