# app.py from flask import Flask, request, jsonify, session, redirect, url_for from flask_sqlalchemy import SQLAlchemy from sqlalchemy.exc import IntegrityError import bcrypt app = Flask(__name__) app.secret_key = 'supersecretkey' @app.route('/') def home(): return "Welcome to the Home Page!" # Configure PostgreSQL database app.config['SQLALCHEMY_DATABASE_URI'] = 'postgresql://app_user:your_password@localhost/app_db' app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False db = SQLAlchemy(app) # User model for SQLAlchemy class User(db.Model): id = db.Column(db.Integer, primary_key=True) username = db.Column(db.String(80), unique=True, nullable=False) password_hash = db.Column(db.String(120), nullable=False) def set_password(self, password): """Hash the password and store the hash.""" self.password_hash = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt()).decode('utf-8') def check_password(self, password): """Check if the password matches the stored hash.""" return bcrypt.checkpw(password.encode('utf-8'), self.password_hash.encode('utf-8')) # Routes @app.route('/login', methods=['GET', 'POST']) def login(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] # Authenticate user (add your logic here) user = User.query.filter_by(username=username).first() if user and user.password == password: session['user_id'] = user.id return redirect(url_for('welcome')) else: return 'Invalid username or password' return '''
''' @app.route('/welcome') def welcome(): if 'user_id' in session: return 'Welcome to the landing page!' else: return redirect(url_for('login')) @app.route('/admin/users', methods=['GET', 'POST', 'DELETE', 'PUT']) def manage_users(): if 'user_id' not in session: return redirect(url_for('login')) # 1. List all users (GET request) if request.method == 'GET': users = User.query.all() return jsonify([{'id': u.id, 'username': u.username} for u in users]) # 2. Create a new user (POST request) elif request.method == 'POST': data = request.form username = data.get('username') password = data.get('password') if username and password: new_user = User(username=username) new_user.set_password(password) # Hash the password before storing db.session.add(new_user) db.session.commit() return jsonify({'message': 'User created successfully'}), 201 return jsonify({'message': 'Username and password required'}), 400 # 3. Delete a user (DELETE request) elif request.method == 'DELETE': data = request.form username = data.get('username') user = User.query.filter_by(username=username).first() if user: db.session.delete(user) db.session.commit() return jsonify({'message': 'User deleted successfully'}), 200 return jsonify({'message': 'User not found'}), 404 # 4. Modify a user (PUT request) elif request.method == 'PUT': data = request.form username = data.get('username') new_username = data.get('new_username') new_password = data.get('new_password') user = User.query.filter_by(username=username).first() if user: if new_username: user.username = new_username if new_password: user.set_password(new_password) # Hash the new password before storing db.session.commit() return jsonify({'message': 'User updated successfully'}), 200 return jsonify({'message': 'User not found'}), 404 @app.route('/reset_user') def reset_user(): # Define the old username and the new user credentials old_username = 'old_username' # Change this to the current username new_username = 'newuser' new_password = 'newpassword123' # Find and delete the old user if they exist old_user = User.query.filter_by(username=old_username).first() if old_user: db.session.delete(old_user) db.session.commit() # Create a new user with the new username and hashed password new_user = User(username=new_username) new_user.set_password(new_password) # Hash the new password db.session.add(new_user) db.session.commit() return f"User '{new_username}' created with password '{new_password}'" if __name__ == '__main__': app.run(debug=True)