updated creation of the database for users

2025-09-12 21:24:22 +03:00
parent 6eab631604
commit 4597595db4
6 changed files with 266 additions and 96 deletions
--- a/py_app/app/routes.py
+++ b/py_app/app/routes.py
@@ -9,7 +9,14 @@ from reportlab.pdfgen import canvas
 from flask import Blueprint, render_template, request, redirect, url_for, flash
 import csv
 from .warehouse import add_location
-from .settings import settings_handler, edit_access_roles_handler
+from .settings import (
+    settings_handler, 
+    edit_access_roles_handler, 
+    create_user_handler, 
+    edit_user_handler, 
+    delete_user_handler, 
+    save_external_db_handler
+)

 bp = Blueprint('main', __name__)
 warehouse_bp = Blueprint('warehouse', __name__)
@@ -53,8 +60,18 @@ def get_db_connection():
 def login():
    import sqlite3
    if request.method == 'POST':
-        username = request.form['username']
-        password = request.form['password']
+        # Debug: print all form data received
+        print("All form data received:", dict(request.form))
+        
+        # Safely get username and password with fallback
+        username = request.form.get('username', '').strip()
+        password = request.form.get('password', '').strip()
+        
+        if not username or not password:
+            print("Missing username or password")
+            flash('Please enter both username and password.')
+            return render_template('login.html')
+            
        user = None
        print("Raw form input:", repr(username), repr(password))
        
@@ -233,98 +250,19 @@ def logout():

@bp.route('/create_user', methods=['POST'])
 def create_user():
-    if 'role' not in session or session['role'] != 'superadmin':
-        flash('Access denied: Superadmin only.')
-        return redirect(url_for('main.settings'))
-
-    username = request.form['username']
-    password = request.form['password']
-    role = request.form['role']
-
-    # Check if the username already exists
-    if User.query.filter_by(username=username).first():
-        flash('User already exists.')
-        return redirect(url_for('main.settings'))
-
-    # Create a new user
-    new_user = User(username=username, password=password, role=role)
-    db.session.add(new_user)
-    db.session.commit()
-
-    flash('User created successfully.')
-    return redirect(url_for('main.settings'))
+    return create_user_handler()

@bp.route('/edit_user', methods=['POST'])
 def edit_user():
-    if 'role' not in session or session['role'] != 'superadmin':
-        flash('Access denied: Superadmin only.')
-        return redirect(url_for('main.settings'))
-
-    user_id = request.form['user_id']
-    password = request.form['password']
-    role = request.form['role']
-
-    # Fetch the user from the database
-    user = User.query.get(user_id)
-    if not user:
-        flash('User not found.')
-        return redirect(url_for('main.settings'))
-
-    # Update the user's details
-    if password:
-        user.password = password
-    user.role = role
-    db.session.commit()
-
-    flash('User updated successfully.')
-    return redirect(url_for('main.settings'))
+    return edit_user_handler()

@bp.route('/delete_user', methods=['POST'])
 def delete_user():
-    if 'role' not in session or session['role'] != 'superadmin':
-        flash('Access denied: Superadmin only.')
-        return redirect(url_for('main.settings'))
-
-    user_id = request.form['user_id']
-
-    # Fetch the user from the database
-    user = User.query.get(user_id)
-    if not user:
-        flash('User not found.')
-        return redirect(url_for('main.settings'))
-
-    # Delete the user
-    db.session.delete(user)
-    db.session.commit()
-
-    flash('User deleted successfully.')
-    return redirect(url_for('main.settings'))
+    return delete_user_handler()

@bp.route('/save_external_db', methods=['POST'])
 def save_external_db():
-    if 'role' not in session or session['role'] != 'superadmin':
-        flash('Access denied: Superadmin only.')
-        return redirect(url_for('main.settings'))
-
-    # Get form data
-    server_domain = request.form['server_domain']
-    port = request.form['port']
-    database_name = request.form['database_name']
-    username = request.form['username']
-    password = request.form['password']
-
-    # Save data to a file in the instance folder
-    settings_file = os.path.join(current_app.instance_path, 'external_server.conf')
-    os.makedirs(os.path.dirname(settings_file), exist_ok=True)
-    with open(settings_file, 'w') as f:
-        f.write(f"server_domain={server_domain}\n")
-        f.write(f"port={port}\n")
-        f.write(f"database_name={database_name}\n")
-        f.write(f"username={username}\n")
-        f.write(f"password={password}\n")
-
-    flash('External database settings saved/updated successfully.')
-    return redirect(url_for('main.settings'))
+    return save_external_db_handler()

@bp.route('/get_report_data', methods=['GET'])
 def get_report_data():