"""
Authentication routes for QR Code Manager
"""

from flask import Blueprint, request, render_template, session, redirect, url_for, flash
from app.utils.auth import get_admin_credentials, verify_password

bp = Blueprint('auth', __name__)

@bp.route('/login', methods=['GET', 'POST'])
def login():
    """Login page"""
    if request.method == 'POST':
        username = request.form.get('username')
        password = request.form.get('password')
        
        admin_username, admin_password_hash = get_admin_credentials()
        
        if username == admin_username and verify_password(password, admin_password_hash):
            session['logged_in'] = True
            session['username'] = username
            flash('Successfully logged in!', 'success')
            return redirect(url_for('main.index'))
        else:
            flash('Invalid username or password!', 'error')
    
    return render_template('login.html')

@bp.route('/logout')
def logout():
    """Logout and clear session"""
    session.clear()
    flash('You have been logged out!', 'info')
    return redirect(url_for('auth.login'))