From 12d9061ff00fc043a7b12b01afdfe74bc8356fd5 Mon Sep 17 00:00:00 2001
From: "Calum H. (IMB11)" <contact@cal.engineer>
Date: Tue, 6 Jan 2026 18:07:33 -0500
Subject: [PATCH 01/16] feat: base locking impl

---
 ...82d8c484c3154f45ef0fbafc0380de9bba4f0.json |  40 ++++
 ...25b98efbb2f38fb2d113c2f894481f41dc24c.json |  14 ++
 ...38fecfa2d81d93bc72602d14be0c61c1195e5.json |  15 ++
 ...92147c88570ba9757a8204861187f0da7dbb1.json |  15 ++
 ...5561f625e7edfadb21f89a41d0c16cd25763a.json |  15 ++
 ...368931e5f711c6ce4e4af6b0ad523600da425.json |  12 ++
 .../20260106225635_moderation_locks.sql       |   8 +
 apps/labrinth/src/database/models/mod.rs      |   3 +
 .../database/models/moderation_lock_item.rs   | 150 ++++++++++++++
 .../src/routes/internal/moderation/mod.rs     | 195 +++++++++++++++++-
 10 files changed, 466 insertions(+), 1 deletion(-)
 create mode 100644 apps/labrinth/.sqlx/query-298ae84addf1c6cc6df2aa265bd82d8c484c3154f45ef0fbafc0380de9bba4f0.json
 create mode 100644 apps/labrinth/.sqlx/query-420453c85418f57da3f89396b0625b98efbb2f38fb2d113c2f894481f41dc24c.json
 create mode 100644 apps/labrinth/.sqlx/query-47df2d46f068e3158387ac8928238fecfa2d81d93bc72602d14be0c61c1195e5.json
 create mode 100644 apps/labrinth/.sqlx/query-72c050caf23ce0e7d9f2dbe2eca92147c88570ba9757a8204861187f0da7dbb1.json
 create mode 100644 apps/labrinth/.sqlx/query-834f4aca2ff23ccd041cd1028145561f625e7edfadb21f89a41d0c16cd25763a.json
 create mode 100644 apps/labrinth/.sqlx/query-e5a83a4d578f76e6e3298054960368931e5f711c6ce4e4af6b0ad523600da425.json
 create mode 100644 apps/labrinth/migrations/20260106225635_moderation_locks.sql
 create mode 100644 apps/labrinth/src/database/models/moderation_lock_item.rs

diff --git a/apps/labrinth/.sqlx/query-298ae84addf1c6cc6df2aa265bd82d8c484c3154f45ef0fbafc0380de9bba4f0.json b/apps/labrinth/.sqlx/query-298ae84addf1c6cc6df2aa265bd82d8c484c3154f45ef0fbafc0380de9bba4f0.json
new file mode 100644
index 0000000000..b7806d340c
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-298ae84addf1c6cc6df2aa265bd82d8c484c3154f45ef0fbafc0380de9bba4f0.json
@@ -0,0 +1,40 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n\t\t\tSELECT\n\t\t\t\tml.project_id,\n\t\t\t\tml.moderator_id,\n\t\t\t\tu.username as moderator_username,\n\t\t\t\tml.locked_at\n\t\t\tFROM moderation_locks ml\n\t\t\tINNER JOIN users u ON u.id = ml.moderator_id\n\t\t\tWHERE ml.project_id = $1\n\t\t\t",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "project_id",
+        "type_info": "Int8"
+      },
+      {
+        "ordinal": 1,
+        "name": "moderator_id",
+        "type_info": "Int8"
+      },
+      {
+        "ordinal": 2,
+        "name": "moderator_username",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 3,
+        "name": "locked_at",
+        "type_info": "Timestamptz"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Int8"
+      ]
+    },
+    "nullable": [
+      false,
+      false,
+      false,
+      false
+    ]
+  },
+  "hash": "298ae84addf1c6cc6df2aa265bd82d8c484c3154f45ef0fbafc0380de9bba4f0"
+}
diff --git a/apps/labrinth/.sqlx/query-420453c85418f57da3f89396b0625b98efbb2f38fb2d113c2f894481f41dc24c.json b/apps/labrinth/.sqlx/query-420453c85418f57da3f89396b0625b98efbb2f38fb2d113c2f894481f41dc24c.json
new file mode 100644
index 0000000000..c08dc312d4
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-420453c85418f57da3f89396b0625b98efbb2f38fb2d113c2f894481f41dc24c.json
@@ -0,0 +1,14 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "UPDATE moderation_locks SET locked_at = NOW() WHERE project_id = $1",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Int8"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "420453c85418f57da3f89396b0625b98efbb2f38fb2d113c2f894481f41dc24c"
+}
diff --git a/apps/labrinth/.sqlx/query-47df2d46f068e3158387ac8928238fecfa2d81d93bc72602d14be0c61c1195e5.json b/apps/labrinth/.sqlx/query-47df2d46f068e3158387ac8928238fecfa2d81d93bc72602d14be0c61c1195e5.json
new file mode 100644
index 0000000000..bf099e2918
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-47df2d46f068e3158387ac8928238fecfa2d81d93bc72602d14be0c61c1195e5.json
@@ -0,0 +1,15 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "DELETE FROM moderation_locks WHERE project_id = $1 AND moderator_id = $2",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Int8",
+        "Int8"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "47df2d46f068e3158387ac8928238fecfa2d81d93bc72602d14be0c61c1195e5"
+}
diff --git a/apps/labrinth/.sqlx/query-72c050caf23ce0e7d9f2dbe2eca92147c88570ba9757a8204861187f0da7dbb1.json b/apps/labrinth/.sqlx/query-72c050caf23ce0e7d9f2dbe2eca92147c88570ba9757a8204861187f0da7dbb1.json
new file mode 100644
index 0000000000..9d2554f1b2
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-72c050caf23ce0e7d9f2dbe2eca92147c88570ba9757a8204861187f0da7dbb1.json
@@ -0,0 +1,15 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "UPDATE moderation_locks SET moderator_id = $1, locked_at = NOW() WHERE project_id = $2",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Int8",
+        "Int8"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "72c050caf23ce0e7d9f2dbe2eca92147c88570ba9757a8204861187f0da7dbb1"
+}
diff --git a/apps/labrinth/.sqlx/query-834f4aca2ff23ccd041cd1028145561f625e7edfadb21f89a41d0c16cd25763a.json b/apps/labrinth/.sqlx/query-834f4aca2ff23ccd041cd1028145561f625e7edfadb21f89a41d0c16cd25763a.json
new file mode 100644
index 0000000000..1b4008fcaa
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-834f4aca2ff23ccd041cd1028145561f625e7edfadb21f89a41d0c16cd25763a.json
@@ -0,0 +1,15 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "INSERT INTO moderation_locks (project_id, moderator_id, locked_at)\n\t\t\tVALUES ($1, $2, NOW())\n\t\t\tON CONFLICT (project_id) DO UPDATE\n\t\t\tSET moderator_id = EXCLUDED.moderator_id, locked_at = EXCLUDED.locked_at",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Int8",
+        "Int8"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "834f4aca2ff23ccd041cd1028145561f625e7edfadb21f89a41d0c16cd25763a"
+}
diff --git a/apps/labrinth/.sqlx/query-e5a83a4d578f76e6e3298054960368931e5f711c6ce4e4af6b0ad523600da425.json b/apps/labrinth/.sqlx/query-e5a83a4d578f76e6e3298054960368931e5f711c6ce4e4af6b0ad523600da425.json
new file mode 100644
index 0000000000..1d33516a62
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-e5a83a4d578f76e6e3298054960368931e5f711c6ce4e4af6b0ad523600da425.json
@@ -0,0 +1,12 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "DELETE FROM moderation_locks WHERE locked_at < NOW() - INTERVAL '15 minutes'",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": []
+    },
+    "nullable": []
+  },
+  "hash": "e5a83a4d578f76e6e3298054960368931e5f711c6ce4e4af6b0ad523600da425"
+}
diff --git a/apps/labrinth/migrations/20260106225635_moderation_locks.sql b/apps/labrinth/migrations/20260106225635_moderation_locks.sql
new file mode 100644
index 0000000000..173d93dec1
--- /dev/null
+++ b/apps/labrinth/migrations/20260106225635_moderation_locks.sql
@@ -0,0 +1,8 @@
+CREATE TABLE moderation_locks (
+	project_id BIGINT PRIMARY KEY REFERENCES mods(id) ON DELETE CASCADE,
+	moderator_id BIGINT NOT NULL REFERENCES users(id) ON DELETE CASCADE,
+	locked_at TIMESTAMPTZ DEFAULT CURRENT_TIMESTAMP NOT NULL
+);
+
+CREATE INDEX idx_moderation_locks_moderator ON moderation_locks(moderator_id);
+CREATE INDEX idx_moderation_locks_locked_at ON moderation_locks(locked_at);
diff --git a/apps/labrinth/src/database/models/mod.rs b/apps/labrinth/src/database/models/mod.rs
index 6315fc45cf..10bd587381 100644
--- a/apps/labrinth/src/database/models/mod.rs
+++ b/apps/labrinth/src/database/models/mod.rs
@@ -11,6 +11,7 @@ pub mod ids;
 pub mod image_item;
 pub mod legacy_loader_fields;
 pub mod loader_fields;
+pub mod moderation_lock_item;
 pub mod notification_item;
 pub mod notifications_deliveries_item;
 pub mod notifications_template_item;
@@ -53,6 +54,8 @@ pub use thread_item::{DBThread, DBThreadMessage};
 pub use user_item::DBUser;
 pub use version_item::DBVersion;
 
+pub use moderation_lock_item::{DBModerationLock, ModerationLockWithUser};
+
 #[derive(Error, Debug)]
 pub enum DatabaseError {
     #[error("Error while interacting with the database: {0}")]
diff --git a/apps/labrinth/src/database/models/moderation_lock_item.rs b/apps/labrinth/src/database/models/moderation_lock_item.rs
new file mode 100644
index 0000000000..b8c1bd755f
--- /dev/null
+++ b/apps/labrinth/src/database/models/moderation_lock_item.rs
@@ -0,0 +1,150 @@
+use chrono::{DateTime, Utc};
+use serde::{Deserialize, Serialize};
+use sqlx::PgPool;
+
+use crate::database::models::{DBProjectId, DBUserId};
+
+const LOCK_EXPIRY_MINUTES: i64 = 15;
+
+#[derive(Debug, Clone, Serialize, Deserialize)]
+pub struct DBModerationLock {
+	pub project_id: DBProjectId,
+	pub moderator_id: DBUserId,
+	pub locked_at: DateTime<Utc>,
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize)]
+pub struct ModerationLockWithUser {
+	pub project_id: DBProjectId,
+	pub moderator_id: DBUserId,
+	pub moderator_username: String,
+	pub locked_at: DateTime<Utc>,
+	pub expired: bool,
+}
+
+impl DBModerationLock {
+	/// Check if a lock is expired (older than 15 minutes)
+	pub fn is_expired(&self) -> bool {
+		Utc::now()
+			.signed_duration_since(self.locked_at)
+			.num_minutes() >= LOCK_EXPIRY_MINUTES
+	}
+
+	/// Try to acquire or refresh a lock for a project.
+	/// Returns Ok(Ok(())) if lock acquired/refreshed, Ok(Err(lock)) if blocked by another moderator.
+	pub async fn acquire(
+		project_id: DBProjectId,
+		moderator_id: DBUserId,
+		pool: &PgPool,
+	) -> Result<Result<(), ModerationLockWithUser>, sqlx::Error> {
+		// First check if there's an existing lock
+		let existing = Self::get_with_user(project_id, pool).await?;
+
+		if let Some(lock) = existing {
+			// Same moderator - refresh the lock
+			if lock.moderator_id == moderator_id {
+				sqlx::query!(
+					"UPDATE moderation_locks SET locked_at = NOW() WHERE project_id = $1",
+					project_id as DBProjectId
+				)
+				.execute(pool)
+				.await?;
+				return Ok(Ok(()));
+			}
+
+			// Different moderator but lock expired - take over
+			if lock.expired {
+				sqlx::query!(
+					"UPDATE moderation_locks SET moderator_id = $1, locked_at = NOW() WHERE project_id = $2",
+					moderator_id as DBUserId,
+					project_id as DBProjectId
+				)
+				.execute(pool)
+				.await?;
+				return Ok(Ok(()));
+			}
+
+			// Different moderator, not expired - blocked
+			return Ok(Err(lock));
+		}
+
+		// No existing lock - create new one
+		sqlx::query!(
+			"INSERT INTO moderation_locks (project_id, moderator_id, locked_at)
+			VALUES ($1, $2, NOW())
+			ON CONFLICT (project_id) DO UPDATE
+			SET moderator_id = EXCLUDED.moderator_id, locked_at = EXCLUDED.locked_at",
+			project_id as DBProjectId,
+			moderator_id as DBUserId
+		)
+		.execute(pool)
+		.await?;
+
+		Ok(Ok(()))
+	}
+
+	/// Get lock status for a project, including moderator username
+	pub async fn get_with_user(
+		project_id: DBProjectId,
+		pool: &PgPool,
+	) -> Result<Option<ModerationLockWithUser>, sqlx::Error> {
+		let row = sqlx::query!(
+			r#"
+			SELECT
+				ml.project_id,
+				ml.moderator_id,
+				u.username as moderator_username,
+				ml.locked_at
+			FROM moderation_locks ml
+			INNER JOIN users u ON u.id = ml.moderator_id
+			WHERE ml.project_id = $1
+			"#,
+			project_id as DBProjectId
+		)
+		.fetch_optional(pool)
+		.await?;
+
+		Ok(row.map(|r| {
+			let locked_at: DateTime<Utc> = r.locked_at;
+			let expired = Utc::now()
+				.signed_duration_since(locked_at)
+				.num_minutes() >= LOCK_EXPIRY_MINUTES;
+
+			ModerationLockWithUser {
+				project_id: DBProjectId(r.project_id),
+				moderator_id: DBUserId(r.moderator_id),
+				moderator_username: r.moderator_username,
+				locked_at,
+				expired,
+			}
+		}))
+	}
+
+	/// Release a lock (only if held by the specified moderator)
+	pub async fn release(
+		project_id: DBProjectId,
+		moderator_id: DBUserId,
+		pool: &PgPool,
+	) -> Result<bool, sqlx::Error> {
+		let result = sqlx::query!(
+			"DELETE FROM moderation_locks WHERE project_id = $1 AND moderator_id = $2",
+			project_id as DBProjectId,
+			moderator_id as DBUserId
+		)
+		.execute(pool)
+		.await?;
+
+		Ok(result.rows_affected() > 0)
+	}
+
+	/// Clean up expired locks (can be called periodically)
+	pub async fn cleanup_expired(pool: &PgPool) -> Result<u64, sqlx::Error> {
+		let result = sqlx::query!(
+			"DELETE FROM moderation_locks WHERE locked_at < NOW() - INTERVAL '15 minutes'"
+		)
+		.execute(pool)
+		.await?;
+
+		Ok(result.rows_affected())
+	}
+}
diff --git a/apps/labrinth/src/routes/internal/moderation/mod.rs b/apps/labrinth/src/routes/internal/moderation/mod.rs
index 7be20fc407..cb9bde2e92 100644
--- a/apps/labrinth/src/routes/internal/moderation/mod.rs
+++ b/apps/labrinth/src/routes/internal/moderation/mod.rs
@@ -1,5 +1,6 @@
 use super::ApiError;
 use crate::database;
+use crate::database::models::DBModerationLock;
 use crate::database::redis::RedisPool;
 use crate::models::ids::OrganizationId;
 use crate::models::projects::{Project, ProjectStatus};
@@ -7,8 +8,9 @@ use crate::queue::moderation::{ApprovalType, IdentifiedFile, MissingMetadata};
 use crate::queue::session::AuthQueue;
 use crate::util::error::Context;
 use crate::{auth::check_is_moderator_from_headers, models::pats::Scopes};
-use actix_web::{HttpRequest, get, post, web};
+use actix_web::{HttpRequest, delete, get, post, web};
 use ariadne::ids::{UserId, random_base62};
+use chrono::{DateTime, Utc};
 use ownership::get_projects_ownership;
 use serde::{Deserialize, Serialize};
 use sqlx::PgPool;
@@ -21,6 +23,9 @@ pub fn config(cfg: &mut utoipa_actix_web::service_config::ServiceConfig) {
     cfg.service(get_projects)
         .service(get_project_meta)
         .service(set_project_meta)
+        .service(acquire_lock)
+        .service(get_lock_status)
+        .service(release_lock)
         .service(
             utoipa_actix_web::scope("/tech-review")
                 .configure(tech_review::config),
@@ -76,6 +81,51 @@ pub enum Ownership {
     },
 }
 
+/// Response for lock status check
+#[derive(Debug, Serialize, Deserialize, utoipa::ToSchema)]
+pub struct LockStatusResponse {
+    /// Whether the project is currently locked
+    pub locked: bool,
+    /// Information about who holds the lock (if locked)
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub locked_by: Option<LockedByUser>,
+    /// When the lock was acquired
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub locked_at: Option<DateTime<Utc>>,
+    /// Whether the lock has expired (>15 minutes old)
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub expired: Option<bool>,
+}
+
+/// Information about the moderator holding the lock
+#[derive(Debug, Serialize, Deserialize, utoipa::ToSchema)]
+pub struct LockedByUser {
+    /// User ID (base62 encoded)
+    pub id: String,
+    /// Username
+    pub username: String,
+}
+
+/// Response for successful lock acquisition
+#[derive(Debug, Serialize, Deserialize, utoipa::ToSchema)]
+pub struct LockAcquireResponse {
+    /// Whether lock was successfully acquired
+    pub success: bool,
+    /// If blocked, info about who holds the lock
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub locked_by: Option<LockedByUser>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub locked_at: Option<DateTime<Utc>>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub expired: Option<bool>,
+}
+
+/// Response for lock release
+#[derive(Debug, Serialize, Deserialize, utoipa::ToSchema)]
+pub struct LockReleaseResponse {
+    pub success: bool,
+}
+
 /// Fetch all projects which are in the moderation queue.
 #[utoipa::path(
     responses((status = OK, body = inline(Vec<FetchedProject>)))
@@ -420,3 +470,146 @@ async fn set_project_meta(
 
     Ok(())
 }
+
+/// Acquire or refresh a moderation lock on a project.
+/// Returns success if acquired, or info about who holds the lock if blocked.
+#[utoipa::path(
+    responses(
+        (status = OK, body = LockAcquireResponse),
+        (status = NOT_FOUND, description = "Project not found")
+    )
+)]
+#[post("/lock/{project_id}")]
+async fn acquire_lock(
+    req: HttpRequest,
+    pool: web::Data<PgPool>,
+    redis: web::Data<RedisPool>,
+    session_queue: web::Data<AuthQueue>,
+    path: web::Path<(String,)>,
+) -> Result<web::Json<LockAcquireResponse>, ApiError> {
+    let user = check_is_moderator_from_headers(
+        &req,
+        &**pool,
+        &redis,
+        &session_queue,
+        Scopes::PROJECT_WRITE,
+    )
+    .await?;
+
+    let project_id_str = path.into_inner().0;
+    let project =
+        database::models::DBProject::get(&project_id_str, &**pool, &redis)
+            .await?
+            .ok_or(ApiError::NotFound)?;
+
+    let db_project_id = project.inner.id;
+    let db_user_id = database::models::DBUserId::from(user.id);
+
+    match DBModerationLock::acquire(db_project_id, db_user_id, &pool).await? {
+        Ok(()) => Ok(web::Json(LockAcquireResponse {
+            success: true,
+            locked_by: None,
+            locked_at: None,
+            expired: None,
+        })),
+        Err(lock) => Ok(web::Json(LockAcquireResponse {
+            success: false,
+            locked_by: Some(LockedByUser {
+                id: UserId::from(lock.moderator_id).to_string(),
+                username: lock.moderator_username,
+            }),
+            locked_at: Some(lock.locked_at),
+            expired: Some(lock.expired),
+        })),
+    }
+}
+
+/// Check the lock status for a project
+#[utoipa::path(
+    responses(
+        (status = OK, body = LockStatusResponse),
+        (status = NOT_FOUND, description = "Project not found")
+    )
+)]
+#[get("/lock/{project_id}")]
+async fn get_lock_status(
+    req: HttpRequest,
+    pool: web::Data<PgPool>,
+    redis: web::Data<RedisPool>,
+    session_queue: web::Data<AuthQueue>,
+    path: web::Path<(String,)>,
+) -> Result<web::Json<LockStatusResponse>, ApiError> {
+    check_is_moderator_from_headers(
+        &req,
+        &**pool,
+        &redis,
+        &session_queue,
+        Scopes::PROJECT_READ,
+    )
+    .await?;
+
+    let project_id_str = path.into_inner().0;
+    let project =
+        database::models::DBProject::get(&project_id_str, &**pool, &redis)
+            .await?
+            .ok_or(ApiError::NotFound)?;
+
+    let db_project_id = project.inner.id;
+
+    match DBModerationLock::get_with_user(db_project_id, &pool).await? {
+        Some(lock) => Ok(web::Json(LockStatusResponse {
+            locked: true,
+            locked_by: Some(LockedByUser {
+                id: UserId::from(lock.moderator_id).to_string(),
+                username: lock.moderator_username,
+            }),
+            locked_at: Some(lock.locked_at),
+            expired: Some(lock.expired),
+        })),
+        None => Ok(web::Json(LockStatusResponse {
+            locked: false,
+            locked_by: None,
+            locked_at: None,
+            expired: None,
+        })),
+    }
+}
+
+/// Release a moderation lock on a project
+#[utoipa::path(
+    responses(
+        (status = OK, body = LockReleaseResponse),
+        (status = NOT_FOUND, description = "Project not found")
+    )
+)]
+#[delete("/lock/{project_id}")]
+async fn release_lock(
+    req: HttpRequest,
+    pool: web::Data<PgPool>,
+    redis: web::Data<RedisPool>,
+    session_queue: web::Data<AuthQueue>,
+    path: web::Path<(String,)>,
+) -> Result<web::Json<LockReleaseResponse>, ApiError> {
+    let user = check_is_moderator_from_headers(
+        &req,
+        &**pool,
+        &redis,
+        &session_queue,
+        Scopes::PROJECT_WRITE,
+    )
+    .await?;
+
+    let project_id_str = path.into_inner().0;
+    let project =
+        database::models::DBProject::get(&project_id_str, &**pool, &redis)
+            .await?
+            .ok_or(ApiError::NotFound)?;
+
+    let db_project_id = project.inner.id;
+    let db_user_id = database::models::DBUserId::from(user.id);
+
+    let released =
+        DBModerationLock::release(db_project_id, db_user_id, &pool).await?;
+
+    Ok(web::Json(LockReleaseResponse { success: released }))
+}

From 37ed727fbd7530f5442d166488011cc94e5266d1 Mon Sep 17 00:00:00 2001
From: "Calum H. (IMB11)" <contact@cal.engineer>
Date: Tue, 6 Jan 2026 19:30:20 -0500
Subject: [PATCH 02/16] feat: lock logic in place in rev endpoint + fetch rev

---
 .../src/routes/internal/moderation/mod.rs     |  2 ++
 apps/labrinth/src/routes/v3/projects.rs       | 21 ++++++++++++++++++-
 2 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/apps/labrinth/src/routes/internal/moderation/mod.rs b/apps/labrinth/src/routes/internal/moderation/mod.rs
index cb9bde2e92..279bed9be1 100644
--- a/apps/labrinth/src/routes/internal/moderation/mod.rs
+++ b/apps/labrinth/src/routes/internal/moderation/mod.rs
@@ -611,5 +611,7 @@ async fn release_lock(
     let released =
         DBModerationLock::release(db_project_id, db_user_id, &pool).await?;
 
+    let _ = DBModerationLock::cleanup_expired(&pool).await;
+
     Ok(web::Json(LockReleaseResponse { success: released }))
 }
diff --git a/apps/labrinth/src/routes/v3/projects.rs b/apps/labrinth/src/routes/v3/projects.rs
index 0b93d9896d..4f03ab2b6a 100644
--- a/apps/labrinth/src/routes/v3/projects.rs
+++ b/apps/labrinth/src/routes/v3/projects.rs
@@ -6,7 +6,9 @@ use crate::auth::{filter_visible_projects, get_user_from_headers};
 use crate::database::models::notification_item::NotificationBuilder;
 use crate::database::models::project_item::{DBGalleryItem, DBModCategory};
 use crate::database::models::thread_item::ThreadMessageBuilder;
-use crate::database::models::{DBTeamMember, ids as db_ids, image_item};
+use crate::database::models::{
+    DBModerationLock, DBTeamMember, ids as db_ids, image_item,
+};
 use crate::database::redis::RedisPool;
 use crate::database::{self, models as db_models};
 use crate::file_hosting::{FileHost, FileHostPublicity};
@@ -368,6 +370,23 @@ pub async fn project_edit(
             ));
         }
 
+        // If a moderator is completing a review (changing from Processing to another status),
+        // check if another moderator holds an active lock on this project
+        if user.role.is_mod()
+            && project_item.inner.status == ProjectStatus::Processing
+            && status != &ProjectStatus::Processing
+            && let Some(lock) =
+                DBModerationLock::get_with_user(project_item.inner.id, &pool)
+                    .await?
+            && lock.moderator_id != db_ids::DBUserId::from(user.id)
+            && !lock.expired
+        {
+            return Err(ApiError::CustomAuthentication(format!(
+                "This project is currently being moderated by @{}. Please wait for them to finish or for the lock to expire.",
+                lock.moderator_username
+            )));
+        }
+
         if status == &ProjectStatus::Processing {
             if project_item.versions.is_empty() {
                 return Err(ApiError::InvalidInput(String::from(

From c0eec3c54d55182bf3bdf454c6beb1963a604c50 Mon Sep 17 00:00:00 2001
From: "Calum H. (IMB11)" <contact@cal.engineer>
Date: Thu, 8 Jan 2026 06:13:05 -0500
Subject: [PATCH 03/16] feat: frontend impl and finalize

---
 .../checklist/ModerationChecklist.vue         | 738 +++++++++++-------
 apps/frontend/src/store/moderation.ts         |  66 ++
 ...a2de7f5b8b742c0196e71ab2139174fcc12f.json} |  10 +-
 .../database/models/moderation_lock_item.rs   |   3 +
 .../src/routes/internal/moderation/mod.rs     |   4 +
 5 files changed, 557 insertions(+), 264 deletions(-)
 rename apps/labrinth/.sqlx/{query-298ae84addf1c6cc6df2aa265bd82d8c484c3154f45ef0fbafc0380de9bba4f0.json => query-15ce2cf3154ba3358461b375504ca2de7f5b8b742c0196e71ab2139174fcc12f.json} (66%)

diff --git a/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue b/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
index d3dece98c7..59769bfce4 100644
--- a/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
+++ b/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
@@ -3,7 +3,7 @@
 	<div
 		tabindex="0"
 		class="moderation-checklist flex w-[600px] max-w-full flex-col rounded-2xl border-[1px] border-solid border-orange bg-bg-raised p-4 transition-all delay-200 duration-200 ease-in-out"
-		:class="collapsed ? '!w-fit' : ''"
+		:class="{ '!w-fit': collapsed, locked: lockStatus?.locked && !lockStatus?.isOwnLock }"
 	>
 		<div class="flex grow-0 items-center gap-2">
 			<h1 class="m-0 mr-auto flex items-center gap-2 text-2xl font-extrabold text-contrast">
@@ -25,7 +25,7 @@
 				</button>
 			</ButtonStyled>
 			<ButtonStyled circular color="red" color-fill="none" hover-color-fill="background">
-				<button v-tooltip="`Exit moderation`" @click="emit('exit')">
+				<button v-tooltip="`Exit moderation`" @click="handleExit">
 					<XIcon />
 				</button>
 			</ButtonStyled>
@@ -38,298 +38,348 @@
 
 		<Collapsible base-class="grow" class="flex grow flex-col" :collapsed="collapsed">
 			<div class="my-4 h-[1px] w-full bg-divider" />
-			<div class="flex-1">
-				<div v-if="done">
-					<p>
-						You are done moderating this project!
-						<template v-if="moderationStore.hasItems">
-							There are
-							{{ moderationStore.queueLength }} left.
-						</template>
-					</p>
-				</div>
-				<div v-else-if="generatedMessage">
-					<div>
-						<ButtonStyled>
-							<button class="mb-2" @click="useSimpleEditor = !useSimpleEditor">
-								<template v-if="!useSimpleEditor">
-									<ToggleLeftIcon aria-hidden="true" />
-									Use simple mode
-								</template>
-								<template v-else>
-									<ToggleRightIcon aria-hidden="true" />
-									Use advanced mode
-								</template>
-							</button>
-						</ButtonStyled>
-						<MarkdownEditor
-							v-if="!useSimpleEditor"
-							v-model="message"
-							:max-height="400"
-							placeholder="No message generated."
-							:disabled="false"
-							:heading-buttons="false"
-						/>
-						<textarea
-							v-else
-							v-model="message"
-							type="text"
-							class="bg-bg-input h-[400px] w-full rounded-lg border border-solid border-divider px-3 py-2 font-mono text-base"
-							placeholder="No message generated."
-							autocomplete="off"
-							@input="persistState"
-						/>
-					</div>
-				</div>
-				<div v-else-if="isModpackPermissionsStage">
-					<ModpackPermissionsFlow
-						v-model="modpackJudgements"
-						:project-id="projectV2.id"
-						:project-updated="projectV2.updated"
-						@complete="handleModpackPermissionsComplete"
-					/>
-				</div>
-				<div v-else>
-					<h2 class="m-0 mb-2 text-lg font-extrabold">
-						{{ currentStageObj.title }}
-					</h2>
-
-					<div v-if="currentStageObj.text" class="mb-4">
-						<div v-if="stageTextExpanded" class="markdown-body" v-html="stageTextExpanded"></div>
-						<div v-else class="markdown-body">Loading stage content...</div>
-					</div>
 
-					<!-- Action components grouped by type -->
-					<div class="space-y-4">
-						<!-- Button actions group -->
-						<div v-if="buttonActions.length > 0" class="button-actions-group">
-							<div class="flex flex-wrap gap-2">
-								<template v-for="action in buttonActions" :key="getActionKey(action)">
-									<ButtonStyled
-										:color="isActionSelected(action) ? 'brand' : 'standard'"
-										@click="toggleAction(action)"
-									>
-										<button>
-											{{ action.label }}
-										</button>
-									</ButtonStyled>
-								</template>
-							</div>
-						</div>
+			<!-- Locked state -->
+			<div
+				v-if="lockStatus?.locked && !lockStatus?.isOwnLock"
+				class="flex flex-1 flex-col items-center justify-center gap-4 py-8 text-center"
+			>
+				<LockIcon class="size-8 text-orange" />
+				<span class="text-secondary">
+					This project
+					{{
+						lockStatus.expired
+							? "was locked, it's was in the middle of being"
+							: "is locked, it's already being"
+					}}
+					moderated by
+				</span>
+				<span class="inline-flex items-center gap-1">
+					<Avatar :src="lockStatus.lockedBy?.avatar_url" size="2rem" circle />
+					<strong class="text-contrast">@{{ lockStatus.lockedBy?.username }}</strong>
+				</span>
+				<span v-if="lockTimeRemaining && !lockStatus.expired" class="text-secondary">
+					Lock expires in {{ lockTimeRemaining }}
+				</span>
+				<div class="flex gap-2">
+					<ButtonStyled v-if="lockStatus.expired" color="brand" @click="retryAcquireLock">
+						<button>
+							<LockIcon aria-hidden="true" />
+							Take Over
+						</button>
+					</ButtonStyled>
+					<ButtonStyled v-if="moderationStore.hasItems" color="brand" @click="skipToNextProject">
+						<button>
+							<RightArrowIcon aria-hidden="true" />
+							Next Project ({{ moderationStore.queueLength }} left)
+						</button>
+					</ButtonStyled>
+					<ButtonStyled @click="emit('exit')">
+						<button>
+							<XIcon aria-hidden="true" />
+							Exit
+						</button>
+					</ButtonStyled>
+				</div>
+			</div>
 
-						<!-- Toggle actions group -->
-						<div v-if="toggleActions.length > 0" class="toggle-actions-group space-y-3">
-							<template v-for="action in toggleActions" :key="getActionKey(action)">
-								<Checkbox
-									:model-value="isActionSelected(action)"
-									:label="action.label"
-									:description="action.description"
-									:disabled="false"
-									@update:model-value="toggleAction(action)"
-								/>
+			<template v-else>
+				<div class="flex-1">
+					<div v-if="done">
+						<p>
+							You are done moderating this project!
+							<template v-if="moderationStore.hasItems">
+								There are
+								{{ moderationStore.queueLength }} left.
 							</template>
+						</p>
+					</div>
+					<div v-else-if="generatedMessage">
+						<div>
+							<ButtonStyled>
+								<button class="mb-2" @click="useSimpleEditor = !useSimpleEditor">
+									<template v-if="!useSimpleEditor">
+										<ToggleLeftIcon aria-hidden="true" />
+										Use simple mode
+									</template>
+									<template v-else>
+										<ToggleRightIcon aria-hidden="true" />
+										Use advanced mode
+									</template>
+								</button>
+							</ButtonStyled>
+							<MarkdownEditor
+								v-if="!useSimpleEditor"
+								v-model="message"
+								:max-height="400"
+								placeholder="No message generated."
+								:disabled="false"
+								:heading-buttons="false"
+							/>
+							<textarea
+								v-else
+								v-model="message"
+								type="text"
+								class="bg-bg-input h-[400px] w-full rounded-lg border border-solid border-divider px-3 py-2 font-mono text-base"
+								placeholder="No message generated."
+								autocomplete="off"
+								@input="persistState"
+							/>
 						</div>
-
-						<!-- Dropdown actions group -->
-						<div v-if="dropdownActions.length > 0" class="dropdown-actions-group space-y-3">
-							<template v-for="action in dropdownActions" :key="getActionKey(action)">
-								<div class="inputs universal-labels">
-									<div>
-										<label :for="`dropdown-${getActionId(action)}`">
-											<span class="label__title">{{ action.label }}</span>
-										</label>
-										<DropdownSelect
-											:max-visible-options="3"
-											render-up
-											:name="`dropdown-${getActionId(action)}`"
-											:options="getVisibleDropdownOptions(action)"
-											:model-value="getDropdownValue(action)"
-											:placeholder="'Select an option'"
-											:disabled="false"
-											:display-name="(opt: any) => opt?.label || 'Unknown option'"
-											@update:model-value="
-												(selected: any) => selectDropdownOption(action, selected)
-											"
-										/>
-									</div>
-								</div>
-							</template>
+					</div>
+					<div v-else-if="isModpackPermissionsStage">
+						<ModpackPermissionsFlow
+							v-model="modpackJudgements"
+							:project-id="projectV2.id"
+							:project-updated="projectV2.updated"
+							@complete="handleModpackPermissionsComplete"
+						/>
+					</div>
+					<div v-else>
+						<h2 class="m-0 mb-2 text-lg font-extrabold">
+							{{ currentStageObj.title }}
+						</h2>
+
+						<div v-if="currentStageObj.text" class="mb-4">
+							<div v-if="stageTextExpanded" class="markdown-body" v-html="stageTextExpanded"></div>
+							<div v-else class="markdown-body">Loading stage content...</div>
 						</div>
 
-						<!-- Multi-select chips actions group -->
-						<div v-if="multiSelectActions.length > 0" class="multi-select-actions-group space-y-3">
-							<template v-for="action in multiSelectActions" :key="getActionKey(action)">
-								<div>
-									<div class="mb-2 font-semibold">{{ action.label }}</div>
-									<div class="flex flex-wrap gap-2">
+						<!-- Action components grouped by type -->
+						<div class="space-y-4">
+							<!-- Button actions group -->
+							<div v-if="buttonActions.length > 0" class="button-actions-group">
+								<div class="flex flex-wrap gap-2">
+									<template v-for="action in buttonActions" :key="getActionKey(action)">
 										<ButtonStyled
-											v-for="(option, optIndex) in getVisibleMultiSelectOptions(action)"
-											:key="`${getActionId(action)}-chip-${optIndex}`"
-											:color="isChipSelected(action, optIndex) ? 'brand' : 'standard'"
-											@click="toggleChip(action, optIndex)"
+											:color="isActionSelected(action) ? 'brand' : 'standard'"
+											@click="toggleAction(action)"
 										>
 											<button>
-												{{ option.label }}
+												{{ action.label }}
 											</button>
 										</ButtonStyled>
-									</div>
+									</template>
 								</div>
-							</template>
-						</div>
-					</div>
+							</div>
 
-					<div v-if="isAnyVisibleInputs" class="my-4 h-[1px] w-full bg-divider" />
+							<!-- Toggle actions group -->
+							<div v-if="toggleActions.length > 0" class="toggle-actions-group space-y-3">
+								<template v-for="action in toggleActions" :key="getActionKey(action)">
+									<Checkbox
+										:model-value="isActionSelected(action)"
+										:label="action.label"
+										:description="action.description"
+										:disabled="false"
+										@update:model-value="toggleAction(action)"
+									/>
+								</template>
+							</div>
+
+							<!-- Dropdown actions group -->
+							<div v-if="dropdownActions.length > 0" class="dropdown-actions-group space-y-3">
+								<template v-for="action in dropdownActions" :key="getActionKey(action)">
+									<div class="inputs universal-labels">
+										<div>
+											<label :for="`dropdown-${getActionId(action)}`">
+												<span class="label__title">{{ action.label }}</span>
+											</label>
+											<DropdownSelect
+												:max-visible-options="3"
+												render-up
+												:name="`dropdown-${getActionId(action)}`"
+												:options="getVisibleDropdownOptions(action)"
+												:model-value="getDropdownValue(action)"
+												:placeholder="'Select an option'"
+												:disabled="false"
+												:display-name="(opt: any) => opt?.label || 'Unknown option'"
+												@update:model-value="
+													(selected: any) => selectDropdownOption(action, selected)
+												"
+											/>
+										</div>
+									</div>
+								</template>
+							</div>
 
-					<!-- Additional text inputs -->
-					<div class="space-y-4">
-						<template v-for="action in visibleActions" :key="`inputs-${getActionKey(action)}`">
+							<!-- Multi-select chips actions group -->
 							<div
-								v-if="action.relevantExtraInput && isActionSelected(action)"
-								class="inputs universal-labels"
+								v-if="multiSelectActions.length > 0"
+								class="multi-select-actions-group space-y-3"
 							>
+								<template v-for="action in multiSelectActions" :key="getActionKey(action)">
+									<div>
+										<div class="mb-2 font-semibold">{{ action.label }}</div>
+										<div class="flex flex-wrap gap-2">
+											<ButtonStyled
+												v-for="(option, optIndex) in getVisibleMultiSelectOptions(action)"
+												:key="`${getActionId(action)}-chip-${optIndex}`"
+												:color="isChipSelected(action, optIndex) ? 'brand' : 'standard'"
+												@click="toggleChip(action, optIndex)"
+											>
+												<button>
+													{{ option.label }}
+												</button>
+											</ButtonStyled>
+										</div>
+									</div>
+								</template>
+							</div>
+						</div>
+
+						<div v-if="isAnyVisibleInputs" class="my-4 h-[1px] w-full bg-divider" />
+
+						<!-- Additional text inputs -->
+						<div class="space-y-4">
+							<template v-for="action in visibleActions" :key="`inputs-${getActionKey(action)}`">
 								<div
-									v-for="(input, inputIndex) in getVisibleInputs(action, actionStates)"
-									:key="`input-${getActionId(action)}-${inputIndex}`"
-									class="mt-2"
+									v-if="action.relevantExtraInput && isActionSelected(action)"
+									class="inputs universal-labels"
 								>
-									<template v-if="input.large">
-										<label :for="`input-${getActionId(action)}-${inputIndex}`">
-											<span class="label__title">
-												{{ input.label }}
-												<span v-if="input.required" class="required">*</span>
-											</span>
-										</label>
-										<MarkdownEditor
-											:id="`input-${getActionId(action)}-${inputIndex}`"
-											v-model="textInputValues[`${getActionId(action)}-${inputIndex}`]"
-											:placeholder="input.placeholder"
-											:max-height="300"
-											:disabled="false"
-											:heading-buttons="false"
-											@input="persistState"
-										/>
-									</template>
-									<template v-else>
-										<label :for="`input-${getActionId(action)}-${inputIndex}`">
-											<span class="label__title">
-												{{ input.label }}
-												<span v-if="input.required" class="required">*</span>
-											</span>
-										</label>
-										<input
-											:id="`input-${getActionId(action)}-${inputIndex}`"
-											v-model="textInputValues[`${getActionId(action)}-${inputIndex}`]"
-											type="text"
-											:placeholder="input.placeholder"
-											autocomplete="off"
-											@input="persistState"
-										/>
-									</template>
+									<div
+										v-for="(input, inputIndex) in getVisibleInputs(action, actionStates)"
+										:key="`input-${getActionId(action)}-${inputIndex}`"
+										class="mt-2"
+									>
+										<template v-if="input.large">
+											<label :for="`input-${getActionId(action)}-${inputIndex}`">
+												<span class="label__title">
+													{{ input.label }}
+													<span v-if="input.required" class="required">*</span>
+												</span>
+											</label>
+											<MarkdownEditor
+												:id="`input-${getActionId(action)}-${inputIndex}`"
+												v-model="textInputValues[`${getActionId(action)}-${inputIndex}`]"
+												:placeholder="input.placeholder"
+												:max-height="300"
+												:disabled="false"
+												:heading-buttons="false"
+												@input="persistState"
+											/>
+										</template>
+										<template v-else>
+											<label :for="`input-${getActionId(action)}-${inputIndex}`">
+												<span class="label__title">
+													{{ input.label }}
+													<span v-if="input.required" class="required">*</span>
+												</span>
+											</label>
+											<input
+												:id="`input-${getActionId(action)}-${inputIndex}`"
+												v-model="textInputValues[`${getActionId(action)}-${inputIndex}`]"
+												type="text"
+												:placeholder="input.placeholder"
+												autocomplete="off"
+												@input="persistState"
+											/>
+										</template>
+									</div>
 								</div>
-							</div>
-						</template>
+							</template>
+						</div>
 					</div>
 				</div>
-			</div>
 
-			<!-- Stage control buttons -->
-			<div class="mt-auto">
-				<div
-					class="mt-4 flex grow justify-between gap-2 border-0 border-t-[1px] border-solid border-divider pt-4"
-				>
-					<div class="flex items-center gap-2">
-						<ButtonStyled v-if="!done && !generatedMessage && moderationStore.hasItems">
-							<button @click="skipCurrentProject">
-								<XIcon aria-hidden="true" />
-								Skip ({{ moderationStore.queueLength }} left)
-							</button>
-						</ButtonStyled>
-					</div>
-
-					<div class="flex items-center gap-2">
-						<div v-if="done">
-							<ButtonStyled color="brand">
-								<button @click="endChecklist(undefined)">
-									<template v-if="hasNextProject">
-										<RightArrowIcon aria-hidden="true" />
-										Next Project ({{ moderationStore.queueLength }} left)
-									</template>
-									<template v-else>
-										<CheckIcon aria-hidden="true" />
-										All Done!
-									</template>
-								</button>
-							</ButtonStyled>
-						</div>
-
-						<div v-else-if="generatedMessage" class="flex items-center gap-2">
-							<ButtonStyled>
-								<button @click="goBackToStages">
-									<LeftArrowIcon aria-hidden="true" />
-									Edit
-								</button>
-							</ButtonStyled>
-							<ButtonStyled color="red">
-								<button @click="sendMessage('rejected')">
+				<!-- Stage control buttons -->
+				<div class="mt-auto">
+					<div
+						class="mt-4 flex grow justify-between gap-2 border-0 border-t-[1px] border-solid border-divider pt-4"
+					>
+						<div class="flex items-center gap-2">
+							<ButtonStyled v-if="!done && !generatedMessage && moderationStore.hasItems">
+								<button @click="skipCurrentProject">
 									<XIcon aria-hidden="true" />
-									Reject
-								</button>
-							</ButtonStyled>
-							<ButtonStyled color="orange">
-								<button @click="sendMessage('withheld')">
-									<EyeOffIcon aria-hidden="true" />
-									Withhold
-								</button>
-							</ButtonStyled>
-							<ButtonStyled color="green">
-								<button @click="sendMessage(projectV2.requested_status ?? 'approved')">
-									<CheckIcon aria-hidden="true" />
-									Approve
+									Skip ({{ moderationStore.queueLength }} left)
 								</button>
 							</ButtonStyled>
 						</div>
 
-						<div v-else class="flex items-center gap-2">
-							<OverflowMenu
-								v-if="!generatedMessage"
-								:options="stageOptions"
-								class="bg-transparent p-0"
-							>
-								<ButtonStyled circular>
-									<button v-tooltip="`Stages`">
-										<ListBulletedIcon />
+						<div class="flex items-center gap-2">
+							<div v-if="done">
+								<ButtonStyled color="brand">
+									<button @click="endChecklist(undefined)">
+										<template v-if="hasNextProject">
+											<RightArrowIcon aria-hidden="true" />
+											Next Project ({{ moderationStore.queueLength }} left)
+										</template>
+										<template v-else>
+											<CheckIcon aria-hidden="true" />
+											All Done!
+										</template>
+									</button>
+								</ButtonStyled>
+							</div>
+
+							<div v-else-if="generatedMessage" class="flex items-center gap-2">
+								<ButtonStyled>
+									<button @click="goBackToStages">
+										<LeftArrowIcon aria-hidden="true" />
+										Edit
+									</button>
+								</ButtonStyled>
+								<ButtonStyled color="red">
+									<button @click="sendMessage('rejected')">
+										<XIcon aria-hidden="true" />
+										Reject
+									</button>
+								</ButtonStyled>
+								<ButtonStyled color="orange">
+									<button @click="sendMessage('withheld')">
+										<EyeOffIcon aria-hidden="true" />
+										Withhold
 									</button>
 								</ButtonStyled>
+								<ButtonStyled color="green">
+									<button @click="sendMessage(projectV2.requested_status ?? 'approved')">
+										<CheckIcon aria-hidden="true" />
+										Approve
+									</button>
+								</ButtonStyled>
+							</div>
 
-								<template
-									v-for="opt in stageOptions.filter(
-										(opt) => 'id' in opt && 'text' in opt && 'icon' in opt,
-									)"
-									#[opt.id]
-									:key="opt.id"
+							<div v-else class="flex items-center gap-2">
+								<OverflowMenu
+									v-if="!generatedMessage"
+									:options="stageOptions"
+									class="bg-transparent p-0"
 								>
-									<component :is="opt.icon" v-if="opt.icon" class="mr-2" />
-									{{ opt.text }}
-								</template>
-							</OverflowMenu>
-							<ButtonStyled>
-								<button :disabled="!hasValidPreviousStage" @click="previousStage">
-									<LeftArrowIcon aria-hidden="true" /> Previous
-								</button>
-							</ButtonStyled>
-							<ButtonStyled v-if="!isLastVisibleStage" color="brand">
-								<button @click="nextStage"><RightArrowIcon aria-hidden="true" /> Next</button>
-							</ButtonStyled>
-							<ButtonStyled v-else color="brand" :disabled="loadingMessage">
-								<button @click="generateMessage">
-									<CheckIcon aria-hidden="true" />
-									{{ loadingMessage ? 'Generating...' : 'Generate Message' }}
-								</button>
-							</ButtonStyled>
+									<ButtonStyled circular>
+										<button v-tooltip="`Stages`">
+											<ListBulletedIcon />
+										</button>
+									</ButtonStyled>
+
+									<template
+										v-for="opt in stageOptions.filter(
+											(opt) => 'id' in opt && 'text' in opt && 'icon' in opt,
+										)"
+										#[opt.id]
+										:key="opt.id"
+									>
+										<component :is="opt.icon" v-if="opt.icon" class="mr-2" />
+										{{ opt.text }}
+									</template>
+								</OverflowMenu>
+								<ButtonStyled>
+									<button :disabled="!hasValidPreviousStage" @click="previousStage">
+										<LeftArrowIcon aria-hidden="true" /> Previous
+									</button>
+								</ButtonStyled>
+								<ButtonStyled v-if="!isLastVisibleStage" color="brand">
+									<button @click="nextStage"><RightArrowIcon aria-hidden="true" /> Next</button>
+								</ButtonStyled>
+								<ButtonStyled v-else color="brand" :disabled="loadingMessage">
+									<button @click="generateMessage">
+										<CheckIcon aria-hidden="true" />
+										{{ loadingMessage ? 'Generating...' : 'Generate Message' }}
+									</button>
+								</ButtonStyled>
+							</div>
 						</div>
 					</div>
 				</div>
-			</div>
+			</template>
 		</Collapsible>
 	</div>
 </template>
@@ -344,6 +394,7 @@ import {
 	KeyboardIcon,
 	LeftArrowIcon,
 	ListBulletedIcon,
+	LockIcon,
 	RightArrowIcon,
 	ScaleIcon,
 	ToggleLeftIcon,
@@ -377,6 +428,7 @@ import {
 	type ToggleAction,
 } from '@modrinth/moderation'
 import {
+	Avatar,
 	ButtonStyled,
 	Checkbox,
 	Collapsible,
@@ -413,6 +465,45 @@ const { projectV2, projectV3 } = injectProjectPageContext()
 
 const moderationStore = useModerationStore()
 
+const lockStatus = ref<{
+	locked: boolean
+	lockedBy?: { id: string; username: string; avatar_url?: string }
+	lockedAt?: Date
+	expired?: boolean
+	isOwnLock: boolean
+} | null>(null)
+const lockCheckInterval = ref<ReturnType<typeof setInterval> | null>(null)
+const lockCountdownInterval = ref<ReturnType<typeof setInterval> | null>(null)
+const lockTimeRemaining = ref<string | null>(null)
+
+const LOCK_EXPIRY_MINUTES = 15
+
+function updateLockCountdown() {
+	if (!lockStatus.value?.lockedAt || lockStatus.value?.isOwnLock) {
+		lockTimeRemaining.value = null
+		return
+	}
+
+	const lockedAt = new Date(lockStatus.value.lockedAt)
+	const expiresAt = new Date(lockedAt.getTime() + LOCK_EXPIRY_MINUTES * 60 * 1000)
+	const now = new Date()
+	const remainingMs = expiresAt.getTime() - now.getTime()
+
+	if (remainingMs <= 0) {
+		lockTimeRemaining.value = null
+		lockStatus.value.expired = true
+		if (lockCountdownInterval.value) {
+			clearInterval(lockCountdownInterval.value)
+			lockCountdownInterval.value = null
+		}
+		return
+	}
+
+	const minutes = Math.floor(remainingMs / 60000)
+	const seconds = Math.floor((remainingMs % 60000) / 1000)
+	lockTimeRemaining.value = `${minutes}:${seconds.toString().padStart(2, '0')}`
+}
+
 const variables = computed(() => {
 	return {
 		...flattenStaticVariables(),
@@ -442,6 +533,72 @@ const emit = defineEmits<{
 	toggleCollapsed: []
 }>()
 
+async function handleExit() {
+	await moderationStore.releaseLock(projectV2.value.id)
+	emit('exit')
+}
+
+async function retryAcquireLock() {
+	const result = await moderationStore.acquireLock(projectV2.value.id)
+
+	if (result.success) {
+		lockStatus.value = {
+			locked: false,
+			isOwnLock: true,
+		}
+		initializeAllStages()
+
+		// Clear countdown interval
+		if (lockCountdownInterval.value) {
+			clearInterval(lockCountdownInterval.value)
+			lockCountdownInterval.value = null
+		}
+		lockTimeRemaining.value = null
+
+		// Set up heartbeat
+		lockCheckInterval.value = setInterval(
+			async () => {
+				await moderationStore.refreshLock()
+			},
+			5 * 60 * 1000,
+		)
+	} else {
+		// Still locked, update status
+		lockStatus.value = {
+			locked: true,
+			lockedBy: result.locked_by,
+			lockedAt: result.locked_at ? new Date(result.locked_at) : undefined,
+			expired: result.expired,
+			isOwnLock: false,
+		}
+
+		// Restart countdown timer
+		updateLockCountdown()
+		if (!lockCountdownInterval.value) {
+			lockCountdownInterval.value = setInterval(updateLockCountdown, 1000)
+		}
+	}
+}
+
+async function skipToNextProject() {
+	const hasNext = moderationStore.completeCurrentProject(projectV2.value.id, 'skipped')
+
+	if (hasNext) {
+		navigateTo({
+			name: 'type-id',
+			params: {
+				type: 'project',
+				id: moderationStore.getCurrentProjectId(),
+			},
+			state: {
+				showChecklist: true,
+			},
+		})
+	} else {
+		emit('exit')
+	}
+}
+
 function resetProgress() {
 	currentStage.value = findFirstValidStage()
 	actionStates.value = {}
@@ -642,15 +799,55 @@ function handleKeybinds(event: KeyboardEvent) {
 	)
 }
 
-onMounted(() => {
+onMounted(async () => {
 	window.addEventListener('keydown', handleKeybinds)
-	initializeAllStages()
 	notifications.setNotificationLocation('left')
+
+	// Try to acquire lock
+	const result = await moderationStore.acquireLock(projectV2.value.id)
+
+	if (result.success) {
+		lockStatus.value = {
+			locked: false,
+			isOwnLock: true,
+		}
+		initializeAllStages()
+
+		// Set up heartbeat to refresh lock every 5 minutes
+		lockCheckInterval.value = setInterval(
+			async () => {
+				await moderationStore.refreshLock()
+			},
+			5 * 60 * 1000,
+		)
+	} else {
+		lockStatus.value = {
+			locked: true,
+			lockedBy: result.locked_by,
+			lockedAt: result.locked_at ? new Date(result.locked_at) : undefined,
+			expired: result.expired,
+			isOwnLock: false,
+		}
+
+		// Start countdown timer
+		updateLockCountdown()
+		lockCountdownInterval.value = setInterval(updateLockCountdown, 1000)
+	}
 })
 
 onUnmounted(() => {
 	window.removeEventListener('keydown', handleKeybinds)
 	notifications.setNotificationLocation('right')
+
+	// Clear heartbeat interval
+	if (lockCheckInterval.value) {
+		clearInterval(lockCheckInterval.value)
+	}
+
+	// Clear countdown interval
+	if (lockCountdownInterval.value) {
+		clearInterval(lockCountdownInterval.value)
+	}
 })
 
 function initializeAllStages() {
@@ -1284,6 +1481,9 @@ async function sendMessage(status: ProjectStatus) {
 
 		done.value = true
 
+		// Release the lock after successful submission
+		await moderationStore.releaseLock(projectV2.value.id)
+
 		hasNextProject.value = await moderationStore.completeCurrentProject(
 			projectV2.value.id,
 			'completed',
@@ -1411,6 +1611,20 @@ const stageOptions = computed<OverflowMenuOption[]>(() => {
 		transition: none !important;
 	}
 
+	&.locked {
+		animation: pulse-border 2s ease-in-out infinite;
+	}
+
+	@keyframes pulse-border {
+		0%,
+		100% {
+			border-color: var(--color-orange);
+		}
+		50% {
+			border-color: color-mix(in srgb, var(--color-orange) 40%, transparent);
+		}
+	}
+
 	.button-actions-group,
 	.toggle-actions-group,
 	.dropdown-actions-group,
diff --git a/apps/frontend/src/store/moderation.ts b/apps/frontend/src/store/moderation.ts
index e1a11629d3..b1fafa0a11 100644
--- a/apps/frontend/src/store/moderation.ts
+++ b/apps/frontend/src/store/moderation.ts
@@ -9,6 +9,26 @@ export interface ModerationQueue {
 	lastUpdated: Date
 }
 
+export interface LockedByUser {
+	id: string
+	username: string
+	avatar_url?: string
+}
+
+export interface LockStatusResponse {
+	locked: boolean
+	locked_by?: LockedByUser
+	locked_at?: string
+	expired?: boolean
+}
+
+export interface LockAcquireResponse {
+	success: boolean
+	locked_by?: LockedByUser
+	locked_at?: string
+	expired?: boolean
+}
+
 const EMPTY_QUEUE: Partial<ModerationQueue> = {
 	items: [],
 
@@ -28,6 +48,7 @@ pinia.use(piniaPluginPersistedstate)
 export const useModerationStore = defineStore('moderation', {
 	state: () => ({
 		currentQueue: createEmptyQueue(),
+		currentLock: null as { projectId: string; lockedAt: Date } | null,
 	}),
 
 	getters: {
@@ -80,6 +101,51 @@ export const useModerationStore = defineStore('moderation', {
 		resetQueue() {
 			this.currentQueue = createEmptyQueue()
 		},
+
+		async acquireLock(projectId: string): Promise<LockAcquireResponse> {
+			const response = (await useBaseFetch(`moderation/lock/${projectId}`, {
+				method: 'POST',
+				internal: true,
+			})) as LockAcquireResponse
+
+			if (response.success) {
+				this.currentLock = { projectId, lockedAt: new Date() }
+			}
+
+			return response
+		},
+
+		async releaseLock(projectId: string): Promise<boolean> {
+			try {
+				const response = (await useBaseFetch(`moderation/lock/${projectId}`, {
+					method: 'DELETE',
+					internal: true,
+				})) as { success: boolean }
+
+				if (this.currentLock?.projectId === projectId) {
+					this.currentLock = null
+				}
+
+				return response.success
+			} catch {
+				return false
+			}
+		},
+
+		async checkLock(projectId: string): Promise<LockStatusResponse> {
+			const response = (await useBaseFetch(`moderation/lock/${projectId}`, {
+				method: 'GET',
+				internal: true,
+			})) as LockStatusResponse
+			return response
+		},
+
+		async refreshLock(): Promise<boolean> {
+			if (!this.currentLock) return false
+
+			const response = await this.acquireLock(this.currentLock.projectId)
+			return response.success
+		},
 	},
 
 	persist: {
diff --git a/apps/labrinth/.sqlx/query-298ae84addf1c6cc6df2aa265bd82d8c484c3154f45ef0fbafc0380de9bba4f0.json b/apps/labrinth/.sqlx/query-15ce2cf3154ba3358461b375504ca2de7f5b8b742c0196e71ab2139174fcc12f.json
similarity index 66%
rename from apps/labrinth/.sqlx/query-298ae84addf1c6cc6df2aa265bd82d8c484c3154f45ef0fbafc0380de9bba4f0.json
rename to apps/labrinth/.sqlx/query-15ce2cf3154ba3358461b375504ca2de7f5b8b742c0196e71ab2139174fcc12f.json
index b7806d340c..a35c5f41fd 100644
--- a/apps/labrinth/.sqlx/query-298ae84addf1c6cc6df2aa265bd82d8c484c3154f45ef0fbafc0380de9bba4f0.json
+++ b/apps/labrinth/.sqlx/query-15ce2cf3154ba3358461b375504ca2de7f5b8b742c0196e71ab2139174fcc12f.json
@@ -1,6 +1,6 @@
 {
   "db_name": "PostgreSQL",
-  "query": "\n\t\t\tSELECT\n\t\t\t\tml.project_id,\n\t\t\t\tml.moderator_id,\n\t\t\t\tu.username as moderator_username,\n\t\t\t\tml.locked_at\n\t\t\tFROM moderation_locks ml\n\t\t\tINNER JOIN users u ON u.id = ml.moderator_id\n\t\t\tWHERE ml.project_id = $1\n\t\t\t",
+  "query": "\n\t\t\tSELECT\n\t\t\t\tml.project_id,\n\t\t\t\tml.moderator_id,\n\t\t\t\tu.username as moderator_username,\n\t\t\t\tu.avatar_url as moderator_avatar_url,\n\t\t\t\tml.locked_at\n\t\t\tFROM moderation_locks ml\n\t\t\tINNER JOIN users u ON u.id = ml.moderator_id\n\t\t\tWHERE ml.project_id = $1\n\t\t\t",
   "describe": {
     "columns": [
       {
@@ -20,6 +20,11 @@
       },
       {
         "ordinal": 3,
+        "name": "moderator_avatar_url",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 4,
         "name": "locked_at",
         "type_info": "Timestamptz"
       }
@@ -33,8 +38,9 @@
       false,
       false,
       false,
+      true,
       false
     ]
   },
-  "hash": "298ae84addf1c6cc6df2aa265bd82d8c484c3154f45ef0fbafc0380de9bba4f0"
+  "hash": "15ce2cf3154ba3358461b375504ca2de7f5b8b742c0196e71ab2139174fcc12f"
 }
diff --git a/apps/labrinth/src/database/models/moderation_lock_item.rs b/apps/labrinth/src/database/models/moderation_lock_item.rs
index b8c1bd755f..a5e2047e02 100644
--- a/apps/labrinth/src/database/models/moderation_lock_item.rs
+++ b/apps/labrinth/src/database/models/moderation_lock_item.rs
@@ -18,6 +18,7 @@ pub struct ModerationLockWithUser {
 	pub project_id: DBProjectId,
 	pub moderator_id: DBUserId,
 	pub moderator_username: String,
+	pub moderator_avatar_url: Option<String>,
 	pub locked_at: DateTime<Utc>,
 	pub expired: bool,
 }
@@ -94,6 +95,7 @@ impl DBModerationLock {
 				ml.project_id,
 				ml.moderator_id,
 				u.username as moderator_username,
+				u.avatar_url as moderator_avatar_url,
 				ml.locked_at
 			FROM moderation_locks ml
 			INNER JOIN users u ON u.id = ml.moderator_id
@@ -114,6 +116,7 @@ impl DBModerationLock {
 				project_id: DBProjectId(r.project_id),
 				moderator_id: DBUserId(r.moderator_id),
 				moderator_username: r.moderator_username,
+				moderator_avatar_url: r.moderator_avatar_url,
 				locked_at,
 				expired,
 			}
diff --git a/apps/labrinth/src/routes/internal/moderation/mod.rs b/apps/labrinth/src/routes/internal/moderation/mod.rs
index 279bed9be1..d6fcc29d29 100644
--- a/apps/labrinth/src/routes/internal/moderation/mod.rs
+++ b/apps/labrinth/src/routes/internal/moderation/mod.rs
@@ -104,6 +104,8 @@ pub struct LockedByUser {
     pub id: String,
     /// Username
     pub username: String,
+    /// Avatar URL
+    pub avatar_url: Option<String>,
 }
 
 /// Response for successful lock acquisition
@@ -517,6 +519,7 @@ async fn acquire_lock(
             locked_by: Some(LockedByUser {
                 id: UserId::from(lock.moderator_id).to_string(),
                 username: lock.moderator_username,
+                avatar_url: lock.moderator_avatar_url,
             }),
             locked_at: Some(lock.locked_at),
             expired: Some(lock.expired),
@@ -562,6 +565,7 @@ async fn get_lock_status(
             locked_by: Some(LockedByUser {
                 id: UserId::from(lock.moderator_id).to_string(),
                 username: lock.moderator_username,
+                avatar_url: lock.moderator_avatar_url,
             }),
             locked_at: Some(lock.locked_at),
             expired: Some(lock.expired),

From 16a6ea47c2896199fd7c5292bab5aee103496469 Mon Sep 17 00:00:00 2001
From: "Calum H. (IMB11)" <contact@cal.engineer>
Date: Thu, 8 Jan 2026 15:20:59 -0500
Subject: [PATCH 04/16] feat: auto skip if using the moderation queue page

---
 .../checklist/ModerationChecklist.vue         | 147 +++++++++++++-----
 apps/frontend/src/pages/moderation/index.vue  |  60 ++++++-
 2 files changed, 161 insertions(+), 46 deletions(-)

diff --git a/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue b/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
index 59769bfce4..b94db7f788 100644
--- a/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
+++ b/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
@@ -39,47 +39,96 @@
 		<Collapsible base-class="grow" class="flex grow flex-col" :collapsed="collapsed">
 			<div class="my-4 h-[1px] w-full bg-divider" />
 
-			<!-- Locked state -->
-			<div
-				v-if="lockStatus?.locked && !lockStatus?.isOwnLock"
-				class="flex flex-1 flex-col items-center justify-center gap-4 py-8 text-center"
-			>
-				<LockIcon class="size-8 text-orange" />
-				<span class="text-secondary">
-					This project
-					{{
-						lockStatus.expired
-							? "was locked, it's was in the middle of being"
-							: "is locked, it's already being"
-					}}
-					moderated by
-				</span>
-				<span class="inline-flex items-center gap-1">
-					<Avatar :src="lockStatus.lockedBy?.avatar_url" size="2rem" circle />
-					<strong class="text-contrast">@{{ lockStatus.lockedBy?.username }}</strong>
-				</span>
-				<span v-if="lockTimeRemaining && !lockStatus.expired" class="text-secondary">
-					Lock expires in {{ lockTimeRemaining }}
-				</span>
-				<div class="flex gap-2">
-					<ButtonStyled v-if="lockStatus.expired" color="brand" @click="retryAcquireLock">
-						<button>
-							<LockIcon aria-hidden="true" />
-							Take Over
-						</button>
-					</ButtonStyled>
-					<ButtonStyled v-if="moderationStore.hasItems" color="brand" @click="skipToNextProject">
-						<button>
-							<RightArrowIcon aria-hidden="true" />
-							Next Project ({{ moderationStore.queueLength }} left)
-						</button>
-					</ButtonStyled>
-					<ButtonStyled @click="emit('exit')">
-						<button>
-							<XIcon aria-hidden="true" />
-							Exit
-						</button>
-					</ButtonStyled>
+			<div v-if="lockStatus?.locked && !lockStatus?.isOwnLock" class="flex flex-1 flex-col">
+				<div class="flex flex-1 flex-col items-center justify-center gap-4 py-8 text-center">
+					<LockIcon class="size-8 text-orange" />
+					<span class="text-secondary">
+						This project
+						{{
+							lockStatus.expired
+								? "was locked, it's was in the middle of being"
+								: "is locked, it's already being"
+						}}
+						moderated by
+					</span>
+					<span class="inline-flex items-center gap-1">
+						<Avatar :src="lockStatus.lockedBy?.avatar_url" size="2rem" circle />
+						<strong class="text-contrast">@{{ lockStatus.lockedBy?.username }}</strong>
+					</span>
+					<span v-if="lockTimeRemaining && !lockStatus.expired" class="text-secondary">
+						Lock expires in {{ lockTimeRemaining }}
+					</span>
+				</div>
+				<div class="mt-auto">
+					<div
+						class="mt-4 flex grow justify-between gap-2 border-0 border-t-[1px] border-solid border-divider pt-4"
+					>
+						<div class="flex items-center gap-2">
+							<ButtonStyled v-if="lockStatus.expired" @click="retryAcquireLock">
+								<button>
+									<LockIcon aria-hidden="true" />
+									Take over
+								</button>
+							</ButtonStyled>
+						</div>
+						<div class="flex items-center gap-2">
+							<ButtonStyled
+								v-if="moderationStore.hasItems"
+								color="brand"
+								@click="skipToNextProject"
+							>
+								<button>
+									<RightArrowIcon aria-hidden="true" />
+									Next project ({{ moderationStore.queueLength }} left)
+								</button>
+							</ButtonStyled>
+							<ButtonStyled v-else color="brand" @click="emit('exit')">
+								<button>
+									<CheckIcon aria-hidden="true" />
+									All done!
+								</button>
+							</ButtonStyled>
+						</div>
+					</div>
+				</div>
+			</div>
+
+			<div v-else-if="alreadyReviewed" class="flex flex-1 flex-col">
+				<div class="flex flex-1 flex-col items-center justify-center gap-4 py-8 text-center">
+					<CheckIcon class="size-8 text-green" />
+					<span class="text-secondary"> This project was already moderated. </span>
+				</div>
+				<div class="mt-auto">
+					<div
+						class="mt-4 flex grow justify-between gap-2 border-0 border-t-[1px] border-solid border-divider pt-4"
+					>
+						<div class="flex items-center gap-2">
+							<ButtonStyled @click="reviewAnyway">
+								<button>
+									<ScaleIcon aria-hidden="true" />
+									Review anyway
+								</button>
+							</ButtonStyled>
+						</div>
+						<div class="flex items-center gap-2">
+							<ButtonStyled
+								v-if="moderationStore.hasItems"
+								color="brand"
+								@click="skipToNextProject"
+							>
+								<button>
+									<RightArrowIcon aria-hidden="true" />
+									Next project ({{ moderationStore.queueLength }} left)
+								</button>
+							</ButtonStyled>
+							<ButtonStyled v-else color="brand" @click="emit('exit')">
+								<button>
+									<CheckIcon aria-hidden="true" />
+									All done!
+								</button>
+							</ButtonStyled>
+						</div>
+					</div>
 				</div>
 			</div>
 
@@ -301,11 +350,11 @@
 									<button @click="endChecklist(undefined)">
 										<template v-if="hasNextProject">
 											<RightArrowIcon aria-hidden="true" />
-											Next Project ({{ moderationStore.queueLength }} left)
+											Next project ({{ moderationStore.queueLength }} left)
 										</template>
 										<template v-else>
 											<CheckIcon aria-hidden="true" />
-											All Done!
+											All done!
 										</template>
 									</button>
 								</ButtonStyled>
@@ -475,6 +524,7 @@ const lockStatus = ref<{
 const lockCheckInterval = ref<ReturnType<typeof setInterval> | null>(null)
 const lockCountdownInterval = ref<ReturnType<typeof setInterval> | null>(null)
 const lockTimeRemaining = ref<string | null>(null)
+const alreadyReviewed = ref(false)
 
 const LOCK_EXPIRY_MINUTES = 15
 
@@ -580,6 +630,11 @@ async function retryAcquireLock() {
 	}
 }
 
+function reviewAnyway() {
+	alreadyReviewed.value = false
+	initializeAllStages()
+}
+
 async function skipToNextProject() {
 	const hasNext = moderationStore.completeCurrentProject(projectV2.value.id, 'skipped')
 
@@ -803,6 +858,12 @@ onMounted(async () => {
 	window.addEventListener('keydown', handleKeybinds)
 	notifications.setNotificationLocation('left')
 
+	// Check if project has already been reviewed (not in processing status)
+	if (projectV2.value.status !== 'processing') {
+		alreadyReviewed.value = true
+		return
+	}
+
 	// Try to acquire lock
 	const result = await moderationStore.acquireLock(projectV2.value.id)
 
diff --git a/apps/frontend/src/pages/moderation/index.vue b/apps/frontend/src/pages/moderation/index.vue
index 7a6350517d..cdf95abb96 100644
--- a/apps/frontend/src/pages/moderation/index.vue
+++ b/apps/frontend/src/pages/moderation/index.vue
@@ -112,6 +112,7 @@ import {
 	Combobox,
 	type ComboboxOption,
 	defineMessages,
+	injectNotificationManager,
 	Pagination,
 	useVIntl,
 } from '@modrinth/ui'
@@ -123,6 +124,7 @@ import { enrichProjectBatch, type ModerationProject } from '~/helpers/moderation
 import { useModerationStore } from '~/store/moderation.ts'
 
 const { formatMessage } = useVIntl()
+const { addNotification } = injectNotificationManager()
 const moderationStore = useModerationStore()
 const route = useRoute()
 const router = useRouter()
@@ -342,13 +344,65 @@ function goToPage(page: number) {
 	currentPage.value = page
 }
 
-function moderateAllInFilter() {
-	moderationStore.setQueue(filteredProjects.value.map((queueItem) => queueItem.project.id))
+async function findFirstUnlockedProject(): Promise<ModerationProject | null> {
+	let skippedCount = 0
+
+	while (moderationStore.hasItems) {
+		const currentId = moderationStore.getCurrentProjectId()
+		if (!currentId) return null
+
+		const project = filteredProjects.value.find((p) => p.project.id === currentId)
+		if (!project) {
+			moderationStore.completeCurrentProject(currentId, 'skipped')
+			continue
+		}
+
+		try {
+			const lockStatus = await moderationStore.checkLock(currentId)
+
+			if (!lockStatus.locked || lockStatus.expired) {
+				if (skippedCount > 0) {
+					addNotification({
+						title: 'Skipped locked projects',
+						text: `Skipped ${skippedCount} project(s) being moderated by others.`,
+						type: 'info',
+					})
+				}
+				return project
+			}
+
+			// Project is locked, skip it
+			moderationStore.completeCurrentProject(currentId, 'skipped')
+			skippedCount++
+		} catch {
+			return project
+		}
+	}
+
+	return null
+}
+
+async function moderateAllInFilter() {
+	const projectIds = filteredProjects.value.map((queueItem) => queueItem.project.id)
+	moderationStore.setQueue(projectIds)
+
+	// Find first unlocked project
+	const targetProject = await findFirstUnlockedProject()
+
+	if (!targetProject) {
+		addNotification({
+			title: 'All projects locked',
+			text: 'All projects in queue are currently being moderated by others.',
+			type: 'warning',
+		})
+		return
+	}
+
 	navigateTo({
 		name: 'type-id',
 		params: {
 			type: 'project',
-			id: moderationStore.getCurrentProjectId(),
+			id: targetProject.project.slug,
 		},
 		state: {
 			showChecklist: true,

From 950013049533af91cba16edff2b0e3e839ddbecd Mon Sep 17 00:00:00 2001
From: "Calum H. (IMB11)" <contact@cal.engineer>
Date: Sun, 11 Jan 2026 19:07:57 +0000
Subject: [PATCH 05/16] fix: qa issues

---
 .../ui/moderation/ModerationQueueCard.vue     | 18 ++-----
 .../checklist/ModerationChecklist.vue         |  7 ++-
 apps/frontend/src/pages/moderation/index.vue  | 43 ++++++++++++++++-
 apps/frontend/src/store/moderation.ts         | 47 +++++++++++++------
 4 files changed, 84 insertions(+), 31 deletions(-)

diff --git a/apps/frontend/src/components/ui/moderation/ModerationQueueCard.vue b/apps/frontend/src/components/ui/moderation/ModerationQueueCard.vue
index 2c8ecbb83e..b013bbca9a 100644
--- a/apps/frontend/src/components/ui/moderation/ModerationQueueCard.vue
+++ b/apps/frontend/src/components/ui/moderation/ModerationQueueCard.vue
@@ -127,11 +127,9 @@ import dayjs from 'dayjs'
 import { computed } from 'vue'
 
 import type { ModerationProject } from '~/helpers/moderation'
-import { useModerationStore } from '~/store/moderation.ts'
 
 const { addNotification } = injectNotificationManager()
 const formatRelativeTime = useRelativeTime()
-const moderationStore = useModerationStore()
 
 const baseId = useId()
 
@@ -139,6 +137,10 @@ const props = defineProps<{
 	queueEntry: ModerationProject
 }>()
 
+const emit = defineEmits<{
+	startFromProject: [projectId: string]
+}>()
+
 function getDaysQueued(date: Date): number {
 	const now = new Date()
 	const diff = now.getTime() - date.getTime()
@@ -201,16 +203,6 @@ const quickActions: OverflowMenuOption[] = [
 ]
 
 function openProjectForReview() {
-	moderationStore.setSingleProject(props.queueEntry.project.id)
-	navigateTo({
-		name: 'type-id',
-		params: {
-			type: 'project',
-			id: props.queueEntry.project.slug || props.queueEntry.project.id,
-		},
-		state: {
-			showChecklist: true,
-		},
-	})
+	emit('startFromProject', props.queueEntry.project.id)
 }
 </script>
diff --git a/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue b/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
index b94db7f788..9e76e5732d 100644
--- a/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
+++ b/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
@@ -46,7 +46,7 @@
 						This project
 						{{
 							lockStatus.expired
-								? "was locked, it's was in the middle of being"
+								? "was locked, it was in the middle of being"
 								: "is locked, it's already being"
 						}}
 						moderated by
@@ -1600,7 +1600,10 @@ async function endChecklist(status?: string) {
 }
 
 async function skipCurrentProject() {
-	hasNextProject.value = await moderationStore.completeCurrentProject(projectV2.value.id, 'skipped')
+	// Release the lock before skipping
+	await moderationStore.releaseLock(projectV2.value.id)
+
+	hasNextProject.value = moderationStore.completeCurrentProject(projectV2.value.id, 'skipped')
 
 	await endChecklist('skipped')
 }
diff --git a/apps/frontend/src/pages/moderation/index.vue b/apps/frontend/src/pages/moderation/index.vue
index cdf95abb96..5fe85b9d06 100644
--- a/apps/frontend/src/pages/moderation/index.vue
+++ b/apps/frontend/src/pages/moderation/index.vue
@@ -89,6 +89,7 @@
 				:queue-entry="item"
 				:owner="item.owner"
 				:org="item.org"
+				@start-from-project="startFromProject"
 			/>
 		</div>
 
@@ -383,7 +384,10 @@ async function findFirstUnlockedProject(): Promise<ModerationProject | null> {
 }
 
 async function moderateAllInFilter() {
-	const projectIds = filteredProjects.value.map((queueItem) => queueItem.project.id)
+	// Start from the current page - get projects from current page onwards
+	const startIndex = (currentPage.value - 1) * itemsPerPage
+	const projectsFromCurrentPage = filteredProjects.value.slice(startIndex)
+	const projectIds = projectsFromCurrentPage.map((queueItem) => queueItem.project.id)
 	moderationStore.setQueue(projectIds)
 
 	// Find first unlocked project
@@ -409,4 +413,41 @@ async function moderateAllInFilter() {
 		},
 	})
 }
+
+async function startFromProject(projectId: string) {
+	// Find the index of the clicked project in the filtered list
+	const projectIndex = filteredProjects.value.findIndex((p) => p.project.id === projectId)
+	if (projectIndex === -1) {
+		// Project not found in filtered list, just moderate it alone
+		moderationStore.setSingleProject(projectId)
+	} else {
+		// Start queue from this project onwards
+		const projectsFromHere = filteredProjects.value.slice(projectIndex)
+		const projectIds = projectsFromHere.map((queueItem) => queueItem.project.id)
+		moderationStore.setQueue(projectIds)
+	}
+
+	// Find first unlocked project
+	const targetProject = await findFirstUnlockedProject()
+
+	if (!targetProject) {
+		addNotification({
+			title: 'All projects locked',
+			text: 'All projects in queue are currently being moderated by others.',
+			type: 'warning',
+		})
+		return
+	}
+
+	navigateTo({
+		name: 'type-id',
+		params: {
+			type: 'project',
+			id: targetProject.project.slug,
+		},
+		state: {
+			showChecklist: true,
+		},
+	})
+}
 </script>
diff --git a/apps/frontend/src/store/moderation.ts b/apps/frontend/src/store/moderation.ts
index b1fafa0a11..4235c4340b 100644
--- a/apps/frontend/src/store/moderation.ts
+++ b/apps/frontend/src/store/moderation.ts
@@ -103,16 +103,22 @@ export const useModerationStore = defineStore('moderation', {
 		},
 
 		async acquireLock(projectId: string): Promise<LockAcquireResponse> {
-			const response = (await useBaseFetch(`moderation/lock/${projectId}`, {
-				method: 'POST',
-				internal: true,
-			})) as LockAcquireResponse
+			try {
+				const response = (await useBaseFetch(`moderation/lock/${projectId}`, {
+					method: 'POST',
+					internal: true,
+				})) as LockAcquireResponse
 
-			if (response.success) {
-				this.currentLock = { projectId, lockedAt: new Date() }
-			}
+				if (response.success) {
+					this.currentLock = { projectId, lockedAt: new Date() }
+				}
 
-			return response
+				return response
+			} catch (error) {
+				console.error('Failed to acquire moderation lock:', error)
+				// Return a failed response so the UI can handle it gracefully
+				return { success: false }
+			}
 		},
 
 		async releaseLock(projectId: string): Promise<boolean> {
@@ -133,18 +139,29 @@ export const useModerationStore = defineStore('moderation', {
 		},
 
 		async checkLock(projectId: string): Promise<LockStatusResponse> {
-			const response = (await useBaseFetch(`moderation/lock/${projectId}`, {
-				method: 'GET',
-				internal: true,
-			})) as LockStatusResponse
-			return response
+			try {
+				const response = (await useBaseFetch(`moderation/lock/${projectId}`, {
+					method: 'GET',
+					internal: true,
+				})) as LockStatusResponse
+				return response
+			} catch (error) {
+				console.error('Failed to check moderation lock:', error)
+				// Return unlocked status on error so moderation can proceed
+				return { locked: false }
+			}
 		},
 
 		async refreshLock(): Promise<boolean> {
 			if (!this.currentLock) return false
 
-			const response = await this.acquireLock(this.currentLock.projectId)
-			return response.success
+			try {
+				const response = await this.acquireLock(this.currentLock.projectId)
+				return response.success
+			} catch (error) {
+				console.error('Failed to refresh moderation lock:', error)
+				return false
+			}
 		},
 	},
 

From 868b60b2ee25701dd889b3478e6999bdf0a184b7 Mon Sep 17 00:00:00 2001
From: "Calum H. (IMB11)" <contact@cal.engineer>
Date: Sun, 11 Jan 2026 19:41:09 +0000
Subject: [PATCH 06/16] fix: async state + locking fix

---
 apps/frontend/nuxt.config.ts                  |   2 +-
 .../checklist/ModerationChecklist.vue         | 133 +++++++++++++++---
 2 files changed, 114 insertions(+), 21 deletions(-)

diff --git a/apps/frontend/nuxt.config.ts b/apps/frontend/nuxt.config.ts
index 770a1039b9..031d7e3330 100644
--- a/apps/frontend/nuxt.config.ts
+++ b/apps/frontend/nuxt.config.ts
@@ -301,7 +301,7 @@ export default defineNuxtConfig({
 	compatibilityDate: '2025-01-01',
 	telemetry: false,
 	experimental: {
-		asyncContext: true,
+		asyncContext: isProduction(),
 	},
 })
 
diff --git a/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue b/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
index 9e76e5732d..d7eec5f0a4 100644
--- a/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
+++ b/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
@@ -49,11 +49,11 @@
 								? "was locked, it was in the middle of being"
 								: "is locked, it's already being"
 						}}
-						moderated by
+						moderated<template v-if="lockStatus.lockedBy?.username"> by</template>
 					</span>
-					<span class="inline-flex items-center gap-1">
+					<span v-if="lockStatus.lockedBy?.username" class="inline-flex items-center gap-1">
 						<Avatar :src="lockStatus.lockedBy?.avatar_url" size="2rem" circle />
-						<strong class="text-contrast">@{{ lockStatus.lockedBy?.username }}</strong>
+						<strong class="text-contrast">@{{ lockStatus.lockedBy.username }}</strong>
 					</span>
 					<span v-if="lockTimeRemaining && !lockStatus.expired" class="text-secondary">
 						Lock expires in {{ lockTimeRemaining }}
@@ -521,6 +521,7 @@ const lockStatus = ref<{
 	expired?: boolean
 	isOwnLock: boolean
 } | null>(null)
+const lockError = ref(false)
 const lockCheckInterval = ref<ReturnType<typeof setInterval> | null>(null)
 const lockCountdownInterval = ref<ReturnType<typeof setInterval> | null>(null)
 const lockTimeRemaining = ref<string | null>(null)
@@ -584,7 +585,13 @@ const emit = defineEmits<{
 }>()
 
 async function handleExit() {
-	await moderationStore.releaseLock(projectV2.value.id)
+	// Release if we own the lock, or if there was an error checking (we might still own it)
+	if (lockStatus.value?.isOwnLock || lockError.value) {
+		const released = await moderationStore.releaseLock(projectV2.value.id)
+		if (!released && lockStatus.value?.isOwnLock) {
+			console.warn('Failed to release moderation lock for project:', projectV2.value.id)
+		}
+	}
 	emit('exit')
 }
 
@@ -596,6 +603,7 @@ async function retryAcquireLock() {
 			locked: false,
 			isOwnLock: true,
 		}
+		lockError.value = false
 		initializeAllStages()
 
 		// Clear countdown interval
@@ -612,8 +620,8 @@ async function retryAcquireLock() {
 			},
 			5 * 60 * 1000,
 		)
-	} else {
-		// Still locked, update status
+	} else if (result.locked_by) {
+		// Still locked by another moderator, update status
 		lockStatus.value = {
 			locked: true,
 			lockedBy: result.locked_by,
@@ -621,12 +629,34 @@ async function retryAcquireLock() {
 			expired: result.expired,
 			isOwnLock: false,
 		}
+		lockError.value = false
 
 		// Restart countdown timer
 		updateLockCountdown()
 		if (!lockCountdownInterval.value) {
 			lockCountdownInterval.value = setInterval(updateLockCountdown, 1000)
 		}
+	} else {
+		// Lock acquisition failed - proceed anyway
+		lockError.value = true
+		lockStatus.value = {
+			locked: false,
+			isOwnLock: false,
+		}
+		initializeAllStages()
+
+		// Clear countdown interval
+		if (lockCountdownInterval.value) {
+			clearInterval(lockCountdownInterval.value)
+			lockCountdownInterval.value = null
+		}
+		lockTimeRemaining.value = null
+
+		addNotification({
+			title: 'Lock unavailable',
+			text: 'Could not acquire moderation lock. Others may also be moderating this project.',
+			type: 'warning',
+		})
 	}
 }
 
@@ -636,22 +666,68 @@ function reviewAnyway() {
 }
 
 async function skipToNextProject() {
-	const hasNext = moderationStore.completeCurrentProject(projectV2.value.id, 'skipped')
+	// Skip the current project
+	moderationStore.completeCurrentProject(projectV2.value.id, 'skipped')
+
+	// Find the next unlocked project
+	let skippedCount = 0
+	while (moderationStore.hasItems) {
+		const nextId = moderationStore.getCurrentProjectId()
+		if (!nextId) break
+
+		try {
+			const lockStatus = await moderationStore.checkLock(nextId)
+
+			if (!lockStatus.locked || lockStatus.expired) {
+				// Found an unlocked project
+				if (skippedCount > 0) {
+					addNotification({
+						title: 'Skipped locked projects',
+						text: `Skipped ${skippedCount} project(s) being moderated by others.`,
+						type: 'info',
+					})
+				}
+				navigateTo({
+					name: 'type-id',
+					params: {
+						type: 'project',
+						id: nextId,
+					},
+					state: {
+						showChecklist: true,
+					},
+				})
+				return
+			}
 
-	if (hasNext) {
-		navigateTo({
-			name: 'type-id',
-			params: {
-				type: 'project',
-				id: moderationStore.getCurrentProjectId(),
-			},
-			state: {
-				showChecklist: true,
-			},
+			// Project is locked, skip it and try the next one
+			moderationStore.completeCurrentProject(nextId, 'skipped')
+			skippedCount++
+		} catch {
+			// On error, just try to navigate to the project
+			navigateTo({
+				name: 'type-id',
+				params: {
+					type: 'project',
+					id: nextId,
+				},
+				state: {
+					showChecklist: true,
+				},
+			})
+			return
+		}
+	}
+
+	// No unlocked projects found
+	if (skippedCount > 0) {
+		addNotification({
+			title: 'All projects locked',
+			text: 'All remaining projects are currently being moderated by others.',
+			type: 'warning',
 		})
-	} else {
-		emit('exit')
 	}
+	emit('exit')
 }
 
 function resetProgress() {
@@ -872,6 +948,7 @@ onMounted(async () => {
 			locked: false,
 			isOwnLock: true,
 		}
+		lockError.value = false
 		initializeAllStages()
 
 		// Set up heartbeat to refresh lock every 5 minutes
@@ -881,7 +958,8 @@ onMounted(async () => {
 			},
 			5 * 60 * 1000,
 		)
-	} else {
+	} else if (result.locked_by) {
+		// Actually locked by another moderator
 		lockStatus.value = {
 			locked: true,
 			lockedBy: result.locked_by,
@@ -889,10 +967,25 @@ onMounted(async () => {
 			expired: result.expired,
 			isOwnLock: false,
 		}
+		lockError.value = false
 
 		// Start countdown timer
 		updateLockCountdown()
 		lockCountdownInterval.value = setInterval(updateLockCountdown, 1000)
+	} else {
+		// Lock acquisition failed (network error, etc.) - proceed anyway
+		lockError.value = true
+		lockStatus.value = {
+			locked: false,
+			isOwnLock: false,
+		}
+		initializeAllStages()
+
+		addNotification({
+			title: 'Lock unavailable',
+			text: 'Could not acquire moderation lock. Others may also be moderating this project.',
+			type: 'warning',
+		})
 	}
 })
 

From 074ea548220634ef00a2cdc99b052366e1761aff Mon Sep 17 00:00:00 2001
From: "Calum H. (IMB11)" <contact@cal.engineer>
Date: Sun, 11 Jan 2026 19:53:53 +0000
Subject: [PATCH 07/16] fix: lint

---
 .../components/ui/moderation/checklist/ModerationChecklist.vue  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue b/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
index d7eec5f0a4..41ee8940bb 100644
--- a/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
+++ b/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
@@ -46,7 +46,7 @@
 						This project
 						{{
 							lockStatus.expired
-								? "was locked, it was in the middle of being"
+								? 'was locked, it was in the middle of being'
 								: "is locked, it's already being"
 						}}
 						moderated<template v-if="lockStatus.lockedBy?.username"> by</template>

From e928060a8f4a9398a8061c083005355aaf098632 Mon Sep 17 00:00:00 2001
From: "Calum H. (IMB11)" <contact@cal.engineer>
Date: Sun, 11 Jan 2026 21:26:06 +0000
Subject: [PATCH 08/16] fix: fmt

---
 .../database/models/moderation_lock_item.rs   | 191 +++++++++---------
 1 file changed, 96 insertions(+), 95 deletions(-)

diff --git a/apps/labrinth/src/database/models/moderation_lock_item.rs b/apps/labrinth/src/database/models/moderation_lock_item.rs
index a5e2047e02..10a075d356 100644
--- a/apps/labrinth/src/database/models/moderation_lock_item.rs
+++ b/apps/labrinth/src/database/models/moderation_lock_item.rs
@@ -8,89 +8,90 @@ const LOCK_EXPIRY_MINUTES: i64 = 15;
 
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct DBModerationLock {
-	pub project_id: DBProjectId,
-	pub moderator_id: DBUserId,
-	pub locked_at: DateTime<Utc>,
+    pub project_id: DBProjectId,
+    pub moderator_id: DBUserId,
+    pub locked_at: DateTime<Utc>,
 }
 
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct ModerationLockWithUser {
-	pub project_id: DBProjectId,
-	pub moderator_id: DBUserId,
-	pub moderator_username: String,
-	pub moderator_avatar_url: Option<String>,
-	pub locked_at: DateTime<Utc>,
-	pub expired: bool,
+    pub project_id: DBProjectId,
+    pub moderator_id: DBUserId,
+    pub moderator_username: String,
+    pub moderator_avatar_url: Option<String>,
+    pub locked_at: DateTime<Utc>,
+    pub expired: bool,
 }
 
 impl DBModerationLock {
-	/// Check if a lock is expired (older than 15 minutes)
-	pub fn is_expired(&self) -> bool {
-		Utc::now()
-			.signed_duration_since(self.locked_at)
-			.num_minutes() >= LOCK_EXPIRY_MINUTES
-	}
-
-	/// Try to acquire or refresh a lock for a project.
-	/// Returns Ok(Ok(())) if lock acquired/refreshed, Ok(Err(lock)) if blocked by another moderator.
-	pub async fn acquire(
-		project_id: DBProjectId,
-		moderator_id: DBUserId,
-		pool: &PgPool,
-	) -> Result<Result<(), ModerationLockWithUser>, sqlx::Error> {
-		// First check if there's an existing lock
-		let existing = Self::get_with_user(project_id, pool).await?;
-
-		if let Some(lock) = existing {
-			// Same moderator - refresh the lock
-			if lock.moderator_id == moderator_id {
-				sqlx::query!(
+    /// Check if a lock is expired (older than 15 minutes)
+    pub fn is_expired(&self) -> bool {
+        Utc::now()
+            .signed_duration_since(self.locked_at)
+            .num_minutes()
+            >= LOCK_EXPIRY_MINUTES
+    }
+
+    /// Try to acquire or refresh a lock for a project.
+    /// Returns Ok(Ok(())) if lock acquired/refreshed, Ok(Err(lock)) if blocked by another moderator.
+    pub async fn acquire(
+        project_id: DBProjectId,
+        moderator_id: DBUserId,
+        pool: &PgPool,
+    ) -> Result<Result<(), ModerationLockWithUser>, sqlx::Error> {
+        // First check if there's an existing lock
+        let existing = Self::get_with_user(project_id, pool).await?;
+
+        if let Some(lock) = existing {
+            // Same moderator - refresh the lock
+            if lock.moderator_id == moderator_id {
+                sqlx::query!(
 					"UPDATE moderation_locks SET locked_at = NOW() WHERE project_id = $1",
 					project_id as DBProjectId
 				)
 				.execute(pool)
 				.await?;
-				return Ok(Ok(()));
-			}
+                return Ok(Ok(()));
+            }
 
-			// Different moderator but lock expired - take over
-			if lock.expired {
-				sqlx::query!(
+            // Different moderator but lock expired - take over
+            if lock.expired {
+                sqlx::query!(
 					"UPDATE moderation_locks SET moderator_id = $1, locked_at = NOW() WHERE project_id = $2",
 					moderator_id as DBUserId,
 					project_id as DBProjectId
 				)
 				.execute(pool)
 				.await?;
-				return Ok(Ok(()));
-			}
+                return Ok(Ok(()));
+            }
 
-			// Different moderator, not expired - blocked
-			return Ok(Err(lock));
-		}
+            // Different moderator, not expired - blocked
+            return Ok(Err(lock));
+        }
 
-		// No existing lock - create new one
-		sqlx::query!(
-			"INSERT INTO moderation_locks (project_id, moderator_id, locked_at)
+        // No existing lock - create new one
+        sqlx::query!(
+            "INSERT INTO moderation_locks (project_id, moderator_id, locked_at)
 			VALUES ($1, $2, NOW())
 			ON CONFLICT (project_id) DO UPDATE
 			SET moderator_id = EXCLUDED.moderator_id, locked_at = EXCLUDED.locked_at",
-			project_id as DBProjectId,
-			moderator_id as DBUserId
-		)
-		.execute(pool)
-		.await?;
-
-		Ok(Ok(()))
-	}
-
-	/// Get lock status for a project, including moderator username
-	pub async fn get_with_user(
-		project_id: DBProjectId,
-		pool: &PgPool,
-	) -> Result<Option<ModerationLockWithUser>, sqlx::Error> {
-		let row = sqlx::query!(
-			r#"
+            project_id as DBProjectId,
+            moderator_id as DBUserId
+        )
+        .execute(pool)
+        .await?;
+
+        Ok(Ok(()))
+    }
+
+    /// Get lock status for a project, including moderator username
+    pub async fn get_with_user(
+        project_id: DBProjectId,
+        pool: &PgPool,
+    ) -> Result<Option<ModerationLockWithUser>, sqlx::Error> {
+        let row = sqlx::query!(
+            r#"
 			SELECT
 				ml.project_id,
 				ml.moderator_id,
@@ -101,35 +102,35 @@ impl DBModerationLock {
 			INNER JOIN users u ON u.id = ml.moderator_id
 			WHERE ml.project_id = $1
 			"#,
-			project_id as DBProjectId
-		)
-		.fetch_optional(pool)
-		.await?;
-
-		Ok(row.map(|r| {
-			let locked_at: DateTime<Utc> = r.locked_at;
-			let expired = Utc::now()
-				.signed_duration_since(locked_at)
-				.num_minutes() >= LOCK_EXPIRY_MINUTES;
-
-			ModerationLockWithUser {
-				project_id: DBProjectId(r.project_id),
-				moderator_id: DBUserId(r.moderator_id),
-				moderator_username: r.moderator_username,
-				moderator_avatar_url: r.moderator_avatar_url,
-				locked_at,
-				expired,
-			}
-		}))
-	}
-
-	/// Release a lock (only if held by the specified moderator)
-	pub async fn release(
-		project_id: DBProjectId,
-		moderator_id: DBUserId,
-		pool: &PgPool,
-	) -> Result<bool, sqlx::Error> {
-		let result = sqlx::query!(
+            project_id as DBProjectId
+        )
+        .fetch_optional(pool)
+        .await?;
+
+        Ok(row.map(|r| {
+            let locked_at: DateTime<Utc> = r.locked_at;
+            let expired =
+                Utc::now().signed_duration_since(locked_at).num_minutes()
+                    >= LOCK_EXPIRY_MINUTES;
+
+            ModerationLockWithUser {
+                project_id: DBProjectId(r.project_id),
+                moderator_id: DBUserId(r.moderator_id),
+                moderator_username: r.moderator_username,
+                moderator_avatar_url: r.moderator_avatar_url,
+                locked_at,
+                expired,
+            }
+        }))
+    }
+
+    /// Release a lock (only if held by the specified moderator)
+    pub async fn release(
+        project_id: DBProjectId,
+        moderator_id: DBUserId,
+        pool: &PgPool,
+    ) -> Result<bool, sqlx::Error> {
+        let result = sqlx::query!(
 			"DELETE FROM moderation_locks WHERE project_id = $1 AND moderator_id = $2",
 			project_id as DBProjectId,
 			moderator_id as DBUserId
@@ -137,17 +138,17 @@ impl DBModerationLock {
 		.execute(pool)
 		.await?;
 
-		Ok(result.rows_affected() > 0)
-	}
+        Ok(result.rows_affected() > 0)
+    }
 
-	/// Clean up expired locks (can be called periodically)
-	pub async fn cleanup_expired(pool: &PgPool) -> Result<u64, sqlx::Error> {
-		let result = sqlx::query!(
+    /// Clean up expired locks (can be called periodically)
+    pub async fn cleanup_expired(pool: &PgPool) -> Result<u64, sqlx::Error> {
+        let result = sqlx::query!(
 			"DELETE FROM moderation_locks WHERE locked_at < NOW() - INTERVAL '15 minutes'"
 		)
 		.execute(pool)
 		.await?;
 
-		Ok(result.rows_affected())
-	}
+        Ok(result.rows_affected())
+    }
 }

From 616b963beaccbdecab94458e8798203d50f571c4 Mon Sep 17 00:00:00 2001
From: "Calum H. (IMB11)" <contact@cal.engineer>
Date: Mon, 12 Jan 2026 14:44:04 +0000
Subject: [PATCH 09/16] fix: qa issue

---
 apps/frontend/.prettierignore                 |  1 +
 .../checklist/ModerationChecklist.vue         | 31 ++++++++++---------
 apps/frontend/src/store/moderation.ts         |  4 +++
 3 files changed, 21 insertions(+), 15 deletions(-)

diff --git a/apps/frontend/.prettierignore b/apps/frontend/.prettierignore
index b16cc9509d..85ab0202e9 100644
--- a/apps/frontend/.prettierignore
+++ b/apps/frontend/.prettierignore
@@ -6,3 +6,4 @@ src/generated/**
 src/locales/**
 src/public/news/feed
 src/assets/**/*.svg
+**/.wrangler
diff --git a/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue b/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
index 41ee8940bb..2b79cdad6a 100644
--- a/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
+++ b/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
@@ -73,7 +73,7 @@
 						</div>
 						<div class="flex items-center gap-2">
 							<ButtonStyled
-								v-if="moderationStore.hasItems"
+								v-if="moderationStore.isQueueMode && moderationStore.queueLength > 1"
 								color="brand"
 								@click="skipToNextProject"
 							>
@@ -82,12 +82,6 @@
 									Next project ({{ moderationStore.queueLength }} left)
 								</button>
 							</ButtonStyled>
-							<ButtonStyled v-else color="brand" @click="emit('exit')">
-								<button>
-									<CheckIcon aria-hidden="true" />
-									All done!
-								</button>
-							</ButtonStyled>
 						</div>
 					</div>
 				</div>
@@ -112,7 +106,7 @@
 						</div>
 						<div class="flex items-center gap-2">
 							<ButtonStyled
-								v-if="moderationStore.hasItems"
+								v-if="moderationStore.isQueueMode && moderationStore.queueLength > 1"
 								color="brand"
 								@click="skipToNextProject"
 							>
@@ -121,12 +115,6 @@
 									Next project ({{ moderationStore.queueLength }} left)
 								</button>
 							</ButtonStyled>
-							<ButtonStyled v-else color="brand" @click="emit('exit')">
-								<button>
-									<CheckIcon aria-hidden="true" />
-									All done!
-								</button>
-							</ButtonStyled>
 						</div>
 					</div>
 				</div>
@@ -960,6 +948,19 @@ onMounted(async () => {
 		)
 	} else if (result.locked_by) {
 		// Actually locked by another moderator
+		// In queue mode with more projects - auto-skip to next project
+		if (moderationStore.isQueueMode && moderationStore.queueLength > 1) {
+			moderationStore.completeCurrentProject(projectV2.value.id, 'skipped')
+			addNotification({
+				title: 'Project locked',
+				text: `Skipped project locked by @${result.locked_by.username}.`,
+				type: 'info',
+			})
+			await skipToNextProject()
+			return
+		}
+
+		// Single project mode or last in queue - show locked UI
 		lockStatus.value = {
 			locked: true,
 			lockedBy: result.locked_by,
@@ -1638,7 +1639,7 @@ async function sendMessage(status: ProjectStatus) {
 		// Release the lock after successful submission
 		await moderationStore.releaseLock(projectV2.value.id)
 
-		hasNextProject.value = await moderationStore.completeCurrentProject(
+		hasNextProject.value = moderationStore.completeCurrentProject(
 			projectV2.value.id,
 			'completed',
 		)
diff --git a/apps/frontend/src/store/moderation.ts b/apps/frontend/src/store/moderation.ts
index 4235c4340b..fb0b5f654e 100644
--- a/apps/frontend/src/store/moderation.ts
+++ b/apps/frontend/src/store/moderation.ts
@@ -49,6 +49,7 @@ export const useModerationStore = defineStore('moderation', {
 	state: () => ({
 		currentQueue: createEmptyQueue(),
 		currentLock: null as { projectId: string; lockedAt: Date } | null,
+		isQueueMode: false,
 	}),
 
 	getters: {
@@ -62,6 +63,7 @@ export const useModerationStore = defineStore('moderation', {
 
 	actions: {
 		setQueue(projectIDs: string[]) {
+			this.isQueueMode = true
 			this.currentQueue = {
 				items: [...projectIDs],
 				total: projectIDs.length,
@@ -72,6 +74,7 @@ export const useModerationStore = defineStore('moderation', {
 		},
 
 		setSingleProject(projectId: string) {
+			this.isQueueMode = false
 			this.currentQueue = {
 				items: [projectId],
 				total: 1,
@@ -99,6 +102,7 @@ export const useModerationStore = defineStore('moderation', {
 		},
 
 		resetQueue() {
+			this.isQueueMode = false
 			this.currentQueue = createEmptyQueue()
 		},
 

From da7b5419c2d8b92f812bc1e7c9fc419fce7a96c8 Mon Sep 17 00:00:00 2001
From: "Calum H. (IMB11)" <contact@cal.engineer>
Date: Mon, 12 Jan 2026 15:32:21 +0000
Subject: [PATCH 10/16] fix: qa + redirect bug

---
 .../checklist/ModerationChecklist.vue         | 34 ++++++++++++++-----
 apps/frontend/src/pages/[type]/[id].vue       |  4 +++
 2 files changed, 30 insertions(+), 8 deletions(-)

diff --git a/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue b/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
index 2b79cdad6a..8f8390a02b 100644
--- a/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
+++ b/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
@@ -46,8 +46,8 @@
 						This project
 						{{
 							lockStatus.expired
-								? 'was locked, it was in the middle of being'
-								: "is locked, it's already being"
+								? 'was being'
+								: "is currently being"
 						}}
 						moderated<template v-if="lockStatus.lockedBy?.username"> by</template>
 					</span>
@@ -517,6 +517,14 @@ const alreadyReviewed = ref(false)
 
 const LOCK_EXPIRY_MINUTES = 15
 
+function handleVisibilityChange() {
+	if (document.visibilityState === 'visible' && lockStatus.value?.isOwnLock) {
+		// Immediately refresh the lock when returning to the tab
+		// This handles cases where the heartbeat was throttled while backgrounded
+		moderationStore.refreshLock()
+	}
+}
+
 function updateLockCountdown() {
 	if (!lockStatus.value?.lockedAt || lockStatus.value?.isOwnLock) {
 		lockTimeRemaining.value = null
@@ -653,16 +661,21 @@ function reviewAnyway() {
 	initializeAllStages()
 }
 
+const MAX_SKIP_ATTEMPTS = 10
+
 async function skipToNextProject() {
 	// Skip the current project
 	moderationStore.completeCurrentProject(projectV2.value.id, 'skipped')
 
-	// Find the next unlocked project
+	// Find the next unlocked project (with a limit to prevent excessive API calls)
 	let skippedCount = 0
-	while (moderationStore.hasItems) {
+	let attempts = 0
+	while (moderationStore.hasItems && attempts < MAX_SKIP_ATTEMPTS) {
 		const nextId = moderationStore.getCurrentProjectId()
 		if (!nextId) break
 
+		attempts++
+
 		try {
 			const lockStatus = await moderationStore.checkLock(nextId)
 
@@ -707,11 +720,14 @@ async function skipToNextProject() {
 		}
 	}
 
-	// No unlocked projects found
-	if (skippedCount > 0) {
+	// No unlocked projects found (or hit attempt limit)
+	if (skippedCount > 0 || attempts >= MAX_SKIP_ATTEMPTS) {
 		addNotification({
 			title: 'All projects locked',
-			text: 'All remaining projects are currently being moderated by others.',
+			text:
+				attempts >= MAX_SKIP_ATTEMPTS
+					? 'Many projects are currently locked. Try again later.'
+					: 'All remaining projects are currently being moderated by others.',
 			type: 'warning',
 		})
 	}
@@ -920,6 +936,7 @@ function handleKeybinds(event: KeyboardEvent) {
 
 onMounted(async () => {
 	window.addEventListener('keydown', handleKeybinds)
+	document.addEventListener('visibilitychange', handleVisibilityChange)
 	notifications.setNotificationLocation('left')
 
 	// Check if project has already been reviewed (not in processing status)
@@ -950,12 +967,12 @@ onMounted(async () => {
 		// Actually locked by another moderator
 		// In queue mode with more projects - auto-skip to next project
 		if (moderationStore.isQueueMode && moderationStore.queueLength > 1) {
-			moderationStore.completeCurrentProject(projectV2.value.id, 'skipped')
 			addNotification({
 				title: 'Project locked',
 				text: `Skipped project locked by @${result.locked_by.username}.`,
 				type: 'info',
 			})
+			// skipToNextProject already calls completeCurrentProject
 			await skipToNextProject()
 			return
 		}
@@ -992,6 +1009,7 @@ onMounted(async () => {
 
 onUnmounted(() => {
 	window.removeEventListener('keydown', handleKeybinds)
+	document.removeEventListener('visibilitychange', handleVisibilityChange)
 	notifications.setNotificationLocation('right')
 
 	// Clear heartbeat interval
diff --git a/apps/frontend/src/pages/[type]/[id].vue b/apps/frontend/src/pages/[type]/[id].vue
index 11e72a7a65..69fc0fbcd7 100644
--- a/apps/frontend/src/pages/[type]/[id].vue
+++ b/apps/frontend/src/pages/[type]/[id].vue
@@ -1019,6 +1019,10 @@ import { userCollectProject, userFollowProject } from '~/composables/user.js'
 import { useModerationStore } from '~/store/moderation.ts'
 import { reportProject } from '~/utils/report-helpers.ts'
 
+definePageMeta({
+	key: (route) => route.fullPath,
+})
+
 const data = useNuxtApp()
 const route = useNativeRoute()
 const config = useRuntimeConfig()

From 3e4c9196c68becd5be2b81b6704b7a5f115b6ffc Mon Sep 17 00:00:00 2001
From: "Calum H. (IMB11)" <contact@cal.engineer>
Date: Mon, 12 Jan 2026 15:32:58 +0000
Subject: [PATCH 11/16] fix: lint

---
 .../ui/moderation/checklist/ModerationChecklist.vue   | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue b/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
index 8f8390a02b..807705246f 100644
--- a/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
+++ b/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
@@ -44,11 +44,7 @@
 					<LockIcon class="size-8 text-orange" />
 					<span class="text-secondary">
 						This project
-						{{
-							lockStatus.expired
-								? 'was being'
-								: "is currently being"
-						}}
+						{{ lockStatus.expired ? 'was being' : 'is currently being' }}
 						moderated<template v-if="lockStatus.lockedBy?.username"> by</template>
 					</span>
 					<span v-if="lockStatus.lockedBy?.username" class="inline-flex items-center gap-1">
@@ -1657,10 +1653,7 @@ async function sendMessage(status: ProjectStatus) {
 		// Release the lock after successful submission
 		await moderationStore.releaseLock(projectV2.value.id)
 
-		hasNextProject.value = moderationStore.completeCurrentProject(
-			projectV2.value.id,
-			'completed',
-		)
+		hasNextProject.value = moderationStore.completeCurrentProject(projectV2.value.id, 'completed')
 	} catch (error) {
 		console.error('Error submitting moderation:', error)
 		addNotification({

From 36469395654faeceff0d18d95cd01522e50dc32f Mon Sep 17 00:00:00 2001
From: "Calum H. (IMB11)" <contact@cal.engineer>
Date: Mon, 12 Jan 2026 15:39:22 +0000
Subject: [PATCH 12/16] feat: delete all locks endpoint for admins

---
 ...cb8b78a9b5d935097391247b0c14fa25f1118.json | 12 ++++++
 .../database/models/moderation_lock_item.rs   |  9 ++++
 .../src/routes/internal/moderation/mod.rs     | 43 +++++++++++++++++++
 3 files changed, 64 insertions(+)
 create mode 100644 apps/labrinth/.sqlx/query-60ee89bff8241dd00a1aa33d072cb8b78a9b5d935097391247b0c14fa25f1118.json

diff --git a/apps/labrinth/.sqlx/query-60ee89bff8241dd00a1aa33d072cb8b78a9b5d935097391247b0c14fa25f1118.json b/apps/labrinth/.sqlx/query-60ee89bff8241dd00a1aa33d072cb8b78a9b5d935097391247b0c14fa25f1118.json
new file mode 100644
index 0000000000..ea420adaf1
--- /dev/null
+++ b/apps/labrinth/.sqlx/query-60ee89bff8241dd00a1aa33d072cb8b78a9b5d935097391247b0c14fa25f1118.json
@@ -0,0 +1,12 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "DELETE FROM moderation_locks",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": []
+    },
+    "nullable": []
+  },
+  "hash": "60ee89bff8241dd00a1aa33d072cb8b78a9b5d935097391247b0c14fa25f1118"
+}
diff --git a/apps/labrinth/src/database/models/moderation_lock_item.rs b/apps/labrinth/src/database/models/moderation_lock_item.rs
index 10a075d356..45634d7459 100644
--- a/apps/labrinth/src/database/models/moderation_lock_item.rs
+++ b/apps/labrinth/src/database/models/moderation_lock_item.rs
@@ -151,4 +151,13 @@ impl DBModerationLock {
 
         Ok(result.rows_affected())
     }
+
+    /// Delete all moderation locks (admin only)
+    pub async fn delete_all(pool: &PgPool) -> Result<u64, sqlx::Error> {
+        let result = sqlx::query!("DELETE FROM moderation_locks")
+            .execute(pool)
+            .await?;
+
+        Ok(result.rows_affected())
+    }
 }
diff --git a/apps/labrinth/src/routes/internal/moderation/mod.rs b/apps/labrinth/src/routes/internal/moderation/mod.rs
index 4f1c096913..8921cb7613 100644
--- a/apps/labrinth/src/routes/internal/moderation/mod.rs
+++ b/apps/labrinth/src/routes/internal/moderation/mod.rs
@@ -7,6 +7,7 @@ use crate::models::projects::{Project, ProjectStatus};
 use crate::queue::moderation::{ApprovalType, IdentifiedFile, MissingMetadata};
 use crate::queue::session::AuthQueue;
 use crate::util::error::Context;
+use crate::auth::get_user_from_headers;
 use crate::{auth::check_is_moderator_from_headers, models::pats::Scopes};
 use actix_web::{HttpRequest, delete, get, post, web};
 use ariadne::ids::{UserId, random_base62};
@@ -26,6 +27,7 @@ pub fn config(cfg: &mut utoipa_actix_web::service_config::ServiceConfig) {
         .service(acquire_lock)
         .service(get_lock_status)
         .service(release_lock)
+        .service(delete_all_locks)
         .service(
             utoipa_actix_web::scope("/tech-review")
                 .configure(tech_review::config),
@@ -128,6 +130,12 @@ pub struct LockReleaseResponse {
     pub success: bool,
 }
 
+/// Response for deleting all locks
+#[derive(Debug, Serialize, Deserialize, utoipa::ToSchema)]
+pub struct DeleteAllLocksResponse {
+    pub deleted_count: u64,
+}
+
 /// Fetch all projects which are in the moderation queue.
 #[utoipa::path(
     responses((status = OK, body = inline(Vec<FetchedProject>)))
@@ -621,3 +629,38 @@ async fn release_lock(
 
     Ok(web::Json(LockReleaseResponse { success: released }))
 }
+
+/// Delete all moderation locks (admin only)
+#[utoipa::path(
+    responses(
+        (status = OK, body = DeleteAllLocksResponse),
+        (status = UNAUTHORIZED, description = "Not an admin")
+    )
+)]
+#[delete("/locks")]
+async fn delete_all_locks(
+    req: HttpRequest,
+    pool: web::Data<PgPool>,
+    redis: web::Data<RedisPool>,
+    session_queue: web::Data<AuthQueue>,
+) -> Result<web::Json<DeleteAllLocksResponse>, ApiError> {
+    let user = get_user_from_headers(
+        &req,
+        &**pool,
+        &redis,
+        &session_queue,
+        Scopes::PROJECT_WRITE,
+    )
+    .await?
+    .1;
+
+    if !user.role.is_admin() {
+        return Err(ApiError::CustomAuthentication(
+            "You must be an admin to delete all locks".to_string(),
+        ));
+    }
+
+    let deleted_count = DBModerationLock::delete_all(&pool).await?;
+
+    Ok(web::Json(DeleteAllLocksResponse { deleted_count }))
+}

From e9dcf30c912acb02182ac71b49f5aecdf1c5f3d8 Mon Sep 17 00:00:00 2001
From: "Calum H. (IMB11)" <contact@cal.engineer>
Date: Mon, 12 Jan 2026 15:52:21 +0000
Subject: [PATCH 13/16] fix: dedupe

---
 .../checklist/ModerationChecklist.vue         | 241 +++++++++++-------
 1 file changed, 150 insertions(+), 91 deletions(-)

diff --git a/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue b/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
index 807705246f..bc94ac56d4 100644
--- a/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
+++ b/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
@@ -511,6 +511,14 @@ const lockCountdownInterval = ref<ReturnType<typeof setInterval> | null>(null)
 const lockTimeRemaining = ref<string | null>(null)
 const alreadyReviewed = ref(false)
 
+// Prefetched next project data for instant navigation
+const prefetchedNextProject = ref<{
+	projectId: string
+	skippedCount: number
+	skippedIds: string[]
+} | null>(null)
+const isPrefetching = ref(false)
+
 const LOCK_EXPIRY_MINUTES = 15
 
 function handleVisibilityChange() {
@@ -535,10 +543,7 @@ function updateLockCountdown() {
 	if (remainingMs <= 0) {
 		lockTimeRemaining.value = null
 		lockStatus.value.expired = true
-		if (lockCountdownInterval.value) {
-			clearInterval(lockCountdownInterval.value)
-			lockCountdownInterval.value = null
-		}
+		clearLockCountdown()
 		return
 	}
 
@@ -547,6 +552,67 @@ function updateLockCountdown() {
 	lockTimeRemaining.value = `${minutes}:${seconds.toString().padStart(2, '0')}`
 }
 
+function clearLockCountdown() {
+	if (lockCountdownInterval.value) {
+		clearInterval(lockCountdownInterval.value)
+		lockCountdownInterval.value = null
+	}
+	lockTimeRemaining.value = null
+}
+
+function startLockHeartbeat() {
+	lockCheckInterval.value = setInterval(
+		async () => {
+			await moderationStore.refreshLock()
+		},
+		5 * 60 * 1000,
+	)
+}
+
+function handleLockAcquired() {
+	lockStatus.value = { locked: false, isOwnLock: true }
+	lockError.value = false
+	initializeAllStages()
+	clearLockCountdown()
+	startLockHeartbeat()
+	prefetchNextProject()
+}
+
+function handleLockUnavailable() {
+	lockError.value = true
+	lockStatus.value = { locked: false, isOwnLock: false }
+	initializeAllStages()
+	clearLockCountdown()
+	addNotification({
+		title: 'Lock unavailable',
+		text: 'Could not acquire moderation lock. Others may also be moderating this project.',
+		type: 'warning',
+	})
+}
+
+function navigateToNextUnlockedProject(): boolean {
+	if (!prefetchedNextProject.value) return false
+
+	const { projectId, skippedCount, skippedIds } = prefetchedNextProject.value
+	skippedIds.forEach((id) => moderationStore.completeCurrentProject(id, 'skipped'))
+
+	if (skippedCount > 0) {
+		addNotification({
+			title: 'Skipped locked projects',
+			text: `Skipped ${skippedCount} project(s) being moderated by others.`,
+			type: 'info',
+		})
+	}
+
+	prefetchedNextProject.value = null
+	navigateTo({
+		name: 'type-id',
+		params: { type: 'project', id: projectId },
+		state: { showChecklist: true },
+	})
+	return true
+}
+
 const variables = computed(() => {
 	return {
 		...flattenStaticVariables(),
@@ -591,27 +657,7 @@ async function retryAcquireLock() {
 	const result = await moderationStore.acquireLock(projectV2.value.id)
 
 	if (result.success) {
-		lockStatus.value = {
-			locked: false,
-			isOwnLock: true,
-		}
-		lockError.value = false
-		initializeAllStages()
-
-		// Clear countdown interval
-		if (lockCountdownInterval.value) {
-			clearInterval(lockCountdownInterval.value)
-			lockCountdownInterval.value = null
-		}
-		lockTimeRemaining.value = null
-
-		// Set up heartbeat
-		lockCheckInterval.value = setInterval(
-			async () => {
-				await moderationStore.refreshLock()
-			},
-			5 * 60 * 1000,
-		)
+		handleLockAcquired()
 	} else if (result.locked_by) {
 		// Still locked by another moderator, update status
 		lockStatus.value = {
@@ -629,32 +675,69 @@ async function retryAcquireLock() {
 			lockCountdownInterval.value = setInterval(updateLockCountdown, 1000)
 		}
 	} else {
-		// Lock acquisition failed - proceed anyway
-		lockError.value = true
-		lockStatus.value = {
-			locked: false,
-			isOwnLock: false,
-		}
-		initializeAllStages()
-
-		// Clear countdown interval
-		if (lockCountdownInterval.value) {
-			clearInterval(lockCountdownInterval.value)
-			lockCountdownInterval.value = null
-		}
-		lockTimeRemaining.value = null
-
-		addNotification({
-			title: 'Lock unavailable',
-			text: 'Could not acquire moderation lock. Others may also be moderating this project.',
-			type: 'warning',
-		})
+		handleLockUnavailable()
 	}
 }
 
 function reviewAnyway() {
 	alreadyReviewed.value = false
 	initializeAllStages()
+	// Start prefetching the next project in the background
+	prefetchNextProject()
+}
+
+// Prefetch the next unlocked project in the background
+async function prefetchNextProject() {
+	if (isPrefetching.value || !moderationStore.isQueueMode || moderationStore.queueLength <= 1) {
+		return
+	}
+
+	isPrefetching.value = true
+	prefetchedNextProject.value = null
+
+	const skippedIds: string[] = []
+	let attempts = 0
+
+	// Get queue items excluding current project
+	const queueItems = [...moderationStore.currentQueue.items]
+	const currentIndex = queueItems.indexOf(projectV2.value.id)
+	const remainingItems =
+		currentIndex >= 0 ? queueItems.slice(currentIndex + 1) : queueItems.slice(1)
+
+	for (const nextId of remainingItems) {
+		if (attempts >= MAX_SKIP_ATTEMPTS) break
+		attempts++
+
+		try {
+			const lockStatusResult = await moderationStore.checkLock(nextId)
+
+			if (!lockStatusResult.locked || lockStatusResult.expired) {
+				// Found an unlocked project
+				prefetchedNextProject.value = {
+					projectId: nextId,
+					skippedCount: skippedIds.length,
+					skippedIds,
+				}
+				isPrefetching.value = false
+				return
+			}
+
+			// Project is locked, add to skipped list
+			skippedIds.push(nextId)
+		} catch {
+			// On error, assume unlocked and let navigation handle it
+			prefetchedNextProject.value = {
+				projectId: nextId,
+				skippedCount: skippedIds.length,
+				skippedIds,
+			}
+			isPrefetching.value = false
+			return
+		}
+	}
+
+	// No unlocked projects found
+	isPrefetching.value = false
 }
 
 const MAX_SKIP_ATTEMPTS = 10
@@ -663,7 +746,10 @@ async function skipToNextProject() {
 	// Skip the current project
 	moderationStore.completeCurrentProject(projectV2.value.id, 'skipped')
 
-	// Find the next unlocked project (with a limit to prevent excessive API calls)
+	// Use prefetched data if available
+	if (navigateToNextUnlockedProject()) return
+
+	// Fallback: find the next unlocked project (with a limit to prevent excessive API calls)
 	let skippedCount = 0
 	let attempts = 0
 	while (moderationStore.hasItems && attempts < MAX_SKIP_ATTEMPTS) {
@@ -673,9 +759,9 @@ async function skipToNextProject() {
 		attempts++
 
 		try {
-			const lockStatus = await moderationStore.checkLock(nextId)
+			const lockStatusResult = await moderationStore.checkLock(nextId)
 
-			if (!lockStatus.locked || lockStatus.expired) {
+			if (!lockStatusResult.locked || lockStatusResult.expired) {
 				// Found an unlocked project
 				if (skippedCount > 0) {
 					addNotification({
@@ -945,20 +1031,7 @@ onMounted(async () => {
 	const result = await moderationStore.acquireLock(projectV2.value.id)
 
 	if (result.success) {
-		lockStatus.value = {
-			locked: false,
-			isOwnLock: true,
-		}
-		lockError.value = false
-		initializeAllStages()
-
-		// Set up heartbeat to refresh lock every 5 minutes
-		lockCheckInterval.value = setInterval(
-			async () => {
-				await moderationStore.refreshLock()
-			},
-			5 * 60 * 1000,
-		)
+		handleLockAcquired()
 	} else if (result.locked_by) {
 		// Actually locked by another moderator
 		// In queue mode with more projects - auto-skip to next project
@@ -987,19 +1060,7 @@ onMounted(async () => {
 		updateLockCountdown()
 		lockCountdownInterval.value = setInterval(updateLockCountdown, 1000)
 	} else {
-		// Lock acquisition failed (network error, etc.) - proceed anyway
-		lockError.value = true
-		lockStatus.value = {
-			locked: false,
-			isOwnLock: false,
-		}
-		initializeAllStages()
-
-		addNotification({
-			title: 'Lock unavailable',
-			text: 'Could not acquire moderation lock. Others may also be moderating this project.',
-			type: 'warning',
-		})
+		handleLockUnavailable()
 	}
 })
 
@@ -1008,15 +1069,10 @@ onUnmounted(() => {
 	document.removeEventListener('visibilitychange', handleVisibilityChange)
 	notifications.setNotificationLocation('right')
 
-	// Clear heartbeat interval
 	if (lockCheckInterval.value) {
 		clearInterval(lockCheckInterval.value)
 	}
-
-	// Clear countdown interval
-	if (lockCountdownInterval.value) {
-		clearInterval(lockCountdownInterval.value)
-	}
+	clearLockCountdown()
 })
 
 function initializeAllStages() {
@@ -1691,16 +1747,19 @@ async function endChecklist(status?: string) {
 			})
 		}
 	} else {
-		navigateTo({
-			name: 'type-id',
-			params: {
-				type: 'project',
-				id: moderationStore.getCurrentProjectId(),
-			},
-			state: {
-				showChecklist: true,
-			},
-		})
+		// Use prefetched data if available for instant navigation
+		if (!navigateToNextUnlockedProject()) {
+			navigateTo({
+				name: 'type-id',
+				params: {
+					type: 'project',
+					id: moderationStore.getCurrentProjectId(),
+				},
+				state: {
+					showChecklist: true,
+				},
+			})
+		}
 	}
 }
 

From a4adaa36b4b3b27b8969a3c0ee78bcee56207666 Mon Sep 17 00:00:00 2001
From: "Calum H. (IMB11)" <contact@cal.engineer>
Date: Mon, 12 Jan 2026 15:52:54 +0000
Subject: [PATCH 14/16] fix: fmt

---
 apps/labrinth/src/routes/internal/moderation/mod.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apps/labrinth/src/routes/internal/moderation/mod.rs b/apps/labrinth/src/routes/internal/moderation/mod.rs
index 8921cb7613..9721453255 100644
--- a/apps/labrinth/src/routes/internal/moderation/mod.rs
+++ b/apps/labrinth/src/routes/internal/moderation/mod.rs
@@ -1,4 +1,5 @@
 use super::ApiError;
+use crate::auth::get_user_from_headers;
 use crate::database;
 use crate::database::models::DBModerationLock;
 use crate::database::redis::RedisPool;
@@ -7,7 +8,6 @@ use crate::models::projects::{Project, ProjectStatus};
 use crate::queue::moderation::{ApprovalType, IdentifiedFile, MissingMetadata};
 use crate::queue::session::AuthQueue;
 use crate::util::error::Context;
-use crate::auth::get_user_from_headers;
 use crate::{auth::check_is_moderator_from_headers, models::pats::Scopes};
 use actix_web::{HttpRequest, delete, get, post, web};
 use ariadne::ids::{UserId, random_base62};

From 5ad325d97e93c3aeeeb3c228648d573e63a3cc15 Mon Sep 17 00:00:00 2001
From: "Calum H. (IMB11)" <contact@cal.engineer>
Date: Mon, 12 Jan 2026 16:59:40 +0000
Subject: [PATCH 15/16] fix: project redirect move to middleware

---
 .../checklist/ModerationChecklist.vue         | 102 +++++++++++++++---
 .../middleware/project-canonicalize.global.ts |  53 +++++++++
 apps/frontend/src/pages/[type]/[id].vue       |  20 +---
 .../server/routes/api/tags/game-versions.ts   |   2 +-
 apps/frontend/src/server/utils/api-client.ts  |  24 ++++-
 5 files changed, 165 insertions(+), 36 deletions(-)
 create mode 100644 apps/frontend/src/middleware/project-canonicalize.global.ts

diff --git a/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue b/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
index bc94ac56d4..84393f6916 100644
--- a/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
+++ b/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
@@ -471,6 +471,7 @@ import {
 	MarkdownEditor,
 	OverflowMenu,
 	type OverflowMenuOption,
+	useDebugLogger,
 } from '@modrinth/ui'
 import {
 	type ModerationJudgements,
@@ -487,6 +488,7 @@ import ModpackPermissionsFlow from './ModpackPermissionsFlow.vue'
 
 const notifications = injectNotificationManager()
 const { addNotification } = notifications
+const debug = useDebugLogger('ModerationChecklist')
 
 const keybindsModal = ref<InstanceType<typeof KeybindsModal>>()
 
@@ -744,22 +746,36 @@ const MAX_SKIP_ATTEMPTS = 10
 
 async function skipToNextProject() {
 	// Skip the current project
-	moderationStore.completeCurrentProject(projectV2.value.id, 'skipped')
+	const currentProjectId = projectV2.value.id
+	debug('[skipToNextProject] Starting. Current project:', currentProjectId)
+	debug('[skipToNextProject] Queue before complete:', [...moderationStore.currentQueue.items])
+
+	moderationStore.completeCurrentProject(currentProjectId, 'skipped')
+
+	debug('[skipToNextProject] Queue after complete:', [...moderationStore.currentQueue.items])
+	debug('[skipToNextProject] hasItems:', moderationStore.hasItems)
 
 	// Use prefetched data if available
-	if (navigateToNextUnlockedProject()) return
+	if (navigateToNextUnlockedProject()) {
+		debug('[skipToNextProject] Used prefetch, returning')
+		return
+	}
+
+	debug('[skipToNextProject] No prefetch, entering fallback loop')
 
 	// Fallback: find the next unlocked project (with a limit to prevent excessive API calls)
 	let skippedCount = 0
 	let attempts = 0
 	while (moderationStore.hasItems && attempts < MAX_SKIP_ATTEMPTS) {
 		const nextId = moderationStore.getCurrentProjectId()
+		debug('[skipToNextProject] Loop iteration. nextId:', nextId, 'attempts:', attempts)
 		if (!nextId) break
 
 		attempts++
 
 		try {
 			const lockStatusResult = await moderationStore.checkLock(nextId)
+			debug('[skipToNextProject] Lock check for', nextId, ':', lockStatusResult)
 
 			if (!lockStatusResult.locked || lockStatusResult.expired) {
 				// Found an unlocked project
@@ -803,7 +819,9 @@ async function skipToNextProject() {
 	}
 
 	// No unlocked projects found (or hit attempt limit)
+	debug('[skipToNextProject] Loop exited. skippedCount:', skippedCount, 'attempts:', attempts, 'hasItems:', moderationStore.hasItems)
 	if (skippedCount > 0 || attempts >= MAX_SKIP_ATTEMPTS) {
+		debug('[skipToNextProject] Showing "All projects locked" notification')
 		addNotification({
 			title: 'All projects locked',
 			text:
@@ -813,6 +831,7 @@ async function skipToNextProject() {
 			type: 'warning',
 		})
 	}
+	debug('[skipToNextProject] Emitting exit')
 	emit('exit')
 }
 
@@ -1749,16 +1768,75 @@ async function endChecklist(status?: string) {
 	} else {
 		// Use prefetched data if available for instant navigation
 		if (!navigateToNextUnlockedProject()) {
-			navigateTo({
-				name: 'type-id',
-				params: {
-					type: 'project',
-					id: moderationStore.getCurrentProjectId(),
-				},
-				state: {
-					showChecklist: true,
-				},
-			})
+			// Fallback: find next unlocked project with lock checking
+			let foundUnlocked = false
+			let skippedCount = 0
+			let attempts = 0
+
+			while (moderationStore.hasItems && attempts < MAX_SKIP_ATTEMPTS) {
+				attempts++
+				const nextId = moderationStore.getCurrentProjectId()
+				if (!nextId) break
+
+				try {
+					const lockStatus = await moderationStore.checkLock(nextId)
+
+					if (!lockStatus.locked || lockStatus.expired) {
+						// Found an unlocked project
+						if (skippedCount > 0) {
+							addNotification({
+								title: 'Skipped locked projects',
+								text: `Skipped ${skippedCount} project(s) being moderated by others.`,
+								type: 'info',
+							})
+						}
+						navigateTo({
+							name: 'type-id',
+							params: {
+								type: 'project',
+								id: nextId,
+							},
+							state: {
+								showChecklist: true,
+							},
+						})
+						foundUnlocked = true
+						break
+					}
+
+					// Project is locked, skip it
+					moderationStore.completeCurrentProject(nextId, 'skipped')
+					skippedCount++
+				} catch {
+					// On error, try to navigate anyway
+					navigateTo({
+						name: 'type-id',
+						params: {
+							type: 'project',
+							id: nextId,
+						},
+						state: {
+							showChecklist: true,
+						},
+					})
+					foundUnlocked = true
+					break
+				}
+			}
+
+			// If no unlocked projects found, go back to moderation queue
+			if (!foundUnlocked) {
+				if (skippedCount > 0) {
+					addNotification({
+						title: 'All projects locked',
+						text: 'All remaining projects are currently being moderated by others.',
+						type: 'warning',
+					})
+				}
+				await navigateTo({
+					name: 'moderation',
+				})
+			}
 		}
 	}
 }
diff --git a/apps/frontend/src/middleware/project-canonicalize.global.ts b/apps/frontend/src/middleware/project-canonicalize.global.ts
new file mode 100644
index 0000000000..294bddb6a9
--- /dev/null
+++ b/apps/frontend/src/middleware/project-canonicalize.global.ts
@@ -0,0 +1,53 @@
+import { getProjectTypeForUrlShorthand } from '~/helpers/projects.js'
+import { useServerModrinthClient } from '~/server/utils/api-client'
+
+// All valid project type URL segments
+const PROJECT_TYPES = ['project', 'mod', 'plugin', 'datapack', 'shader', 'resourcepack', 'modpack']
+
+export default defineNuxtRouteMiddleware(async (to) => {
+	// Only handle project routes
+	if (!to.params.id || !PROJECT_TYPES.includes(to.params.type as string)) {
+		return
+	}
+
+	const authToken = useCookie('auth-token')
+	const client = useServerModrinthClient({ authToken: authToken.value || undefined })
+	const tags = useGeneratedState()
+
+	try {
+		const project = await client.labrinth.projects_v2.get(to.params.id as string)
+
+		if (!project) {
+			return
+		}
+
+		// Determine the correct URL type
+		const correctType = getProjectTypeForUrlShorthand(
+			project.project_type,
+			project.loaders,
+			tags.value,
+		)
+
+		// Preserve the rest of the path (subpages like /versions, /settings, etc.)
+		const pathParts = to.path.split('/')
+		pathParts.splice(0, 3) // Remove '', type, and id
+		const remainder = pathParts.filter((x) => x).join('/')
+
+		// Build the canonical path
+		const canonicalPath = `/${correctType}/${project.slug}${remainder ? `/${remainder}` : ''}`
+
+		// Only redirect if the path actually changed
+		if (to.path !== canonicalPath) {
+			return navigateTo({
+				path: canonicalPath,
+				query: to.query,
+				hash: to.hash,
+			}, {
+				redirectCode: 301,
+				replace: true,
+			})
+		}
+	} catch (error) {
+		// Let the page handle 404s and other errors
+	}
+})
diff --git a/apps/frontend/src/pages/[type]/[id].vue b/apps/frontend/src/pages/[type]/[id].vue
index 69fc0fbcd7..b239b466dd 100644
--- a/apps/frontend/src/pages/[type]/[id].vue
+++ b/apps/frontend/src/pages/[type]/[id].vue
@@ -1024,7 +1024,7 @@ definePageMeta({
 })
 
 const data = useNuxtApp()
-const route = useNativeRoute()
+const route = useRoute()
 const config = useRuntimeConfig()
 const moderationStore = useModerationStore()
 const notifications = injectNotificationManager()
@@ -1543,8 +1543,6 @@ try {
 		),
 	])
 
-	await updateProjectRoute()
-
 	versions = shallowRef(toRaw(versions))
 	versionsV3 = shallowRef(toRaw(versionsV3))
 	versions.value = (versions.value ?? []).map((v) => ({
@@ -1625,22 +1623,6 @@ if (!project.value) {
 	})
 }
 
-if (
-	project.value.project_type !== route.params.type ||
-	(route.params.id !== project.value.slug && !flags.value.disablePrettyProjectUrlRedirects)
-) {
-	let path = route.fullPath.split('/')
-	path.splice(0, 3)
-	path = path.filter((x) => x)
-
-	await navigateTo(
-		`/${project.value.project_type}/${project.value.slug}${
-			path.length > 0 ? `/${path.join('/')}` : ''
-		}`,
-		{ redirectCode: 301, replace: true },
-	)
-}
-
 // Members should be an array of all members, without the accepted ones, and with the user with the Owner role at the start
 // The rest of the members should be sorted by role, then by name
 const members = computed(() => {
diff --git a/apps/frontend/src/server/routes/api/tags/game-versions.ts b/apps/frontend/src/server/routes/api/tags/game-versions.ts
index 0ff557b5c1..5821090436 100644
--- a/apps/frontend/src/server/routes/api/tags/game-versions.ts
+++ b/apps/frontend/src/server/routes/api/tags/game-versions.ts
@@ -6,7 +6,7 @@ const CACHE_MAX_AGE = 60 * 10 // 10 minutes
 
 export default defineCachedEventHandler(
 	async (event) => {
-		const client = useServerModrinthClient(event)
+		const client = useServerModrinthClient({ event })
 
 		const response = await client.request<Labrinth.Tags.v2.GameVersion[]>('/tag/game_version', {
 			api: 'labrinth',
diff --git a/apps/frontend/src/server/utils/api-client.ts b/apps/frontend/src/server/utils/api-client.ts
index 87df75d276..f5666a70f5 100644
--- a/apps/frontend/src/server/utils/api-client.ts
+++ b/apps/frontend/src/server/utils/api-client.ts
@@ -1,4 +1,4 @@
-import { type NuxtClientConfig, NuxtModrinthClient } from '@modrinth/api-client'
+import { AuthFeature, type NuxtClientConfig, NuxtModrinthClient } from '@modrinth/api-client'
 import type { H3Event } from 'h3'
 
 async function getRateLimitKeyFromSecretsStore(): Promise<string | undefined> {
@@ -11,14 +11,30 @@ async function getRateLimitKeyFromSecretsStore(): Promise<string | undefined> {
 	}
 }
 
-export function useServerModrinthClient(event: H3Event): NuxtModrinthClient {
-	const config = useRuntimeConfig(event)
+export interface ServerModrinthClientOptions {
+	event?: H3Event
+	authToken?: string
+}
+
+export function useServerModrinthClient(options?: ServerModrinthClientOptions): NuxtModrinthClient {
+	const config = useRuntimeConfig(options?.event)
 	const apiBaseUrl = (config.apiBaseUrl || config.public.apiBaseUrl).replace('/v2/', '/')
 
+	const features = []
+
+	if (options?.authToken) {
+		features.push(
+			new AuthFeature({
+				token: options.authToken,
+				tokenPrefix: '',
+			}),
+		)
+	}
+
 	const clientConfig: NuxtClientConfig = {
 		labrinthBaseUrl: apiBaseUrl,
 		rateLimitKey: config.rateLimitKey || getRateLimitKeyFromSecretsStore,
-		features: [],
+		features,
 	}
 
 	return new NuxtModrinthClient(clientConfig)

From 5be9a23facdd39a083c8de12f77abaa588e0606d Mon Sep 17 00:00:00 2001
From: "Calum H. (IMB11)" <contact@cal.engineer>
Date: Mon, 12 Jan 2026 17:00:48 +0000
Subject: [PATCH 16/16] fix: lint

---
 .../checklist/ModerationChecklist.vue         |  9 +++++++-
 .../middleware/project-canonicalize.global.ts | 21 +++++++++++--------
 2 files changed, 20 insertions(+), 10 deletions(-)

diff --git a/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue b/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
index 84393f6916..449dc3aa03 100644
--- a/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
+++ b/apps/frontend/src/components/ui/moderation/checklist/ModerationChecklist.vue
@@ -819,7 +819,14 @@ async function skipToNextProject() {
 	}
 
 	// No unlocked projects found (or hit attempt limit)
-	debug('[skipToNextProject] Loop exited. skippedCount:', skippedCount, 'attempts:', attempts, 'hasItems:', moderationStore.hasItems)
+	debug(
+		'[skipToNextProject] Loop exited. skippedCount:',
+		skippedCount,
+		'attempts:',
+		attempts,
+		'hasItems:',
+		moderationStore.hasItems,
+	)
 	if (skippedCount > 0 || attempts >= MAX_SKIP_ATTEMPTS) {
 		debug('[skipToNextProject] Showing "All projects locked" notification')
 		addNotification({
diff --git a/apps/frontend/src/middleware/project-canonicalize.global.ts b/apps/frontend/src/middleware/project-canonicalize.global.ts
index 294bddb6a9..7106c9d3fb 100644
--- a/apps/frontend/src/middleware/project-canonicalize.global.ts
+++ b/apps/frontend/src/middleware/project-canonicalize.global.ts
@@ -38,16 +38,19 @@ export default defineNuxtRouteMiddleware(async (to) => {
 
 		// Only redirect if the path actually changed
 		if (to.path !== canonicalPath) {
-			return navigateTo({
-				path: canonicalPath,
-				query: to.query,
-				hash: to.hash,
-			}, {
-				redirectCode: 301,
-				replace: true,
-			})
+			return navigateTo(
+				{
+					path: canonicalPath,
+					query: to.query,
+					hash: to.hash,
+				},
+				{
+					redirectCode: 301,
+					replace: true,
+				},
+			)
 		}
-	} catch (error) {
+	} catch {
 		// Let the page handle 404s and other errors
 	}
 })