Cleaned things up and created some addition admin functionality

CodeConfidant · CodeConfidant · commit 7dcddcb418ad · 2020-12-22T18:20:27.000-05:00
diff --git a/app/routes.py b/app/routes.py
@@ -51,10 +51,15 @@ def login_user():
         row = user_db.get_row("Username", username)
 
         try:
-            if (row["Username"] == username and sha512_crypt.verify(password, row["Password"]) == True):
+            if (row["Username"] == username and sha512_crypt.verify(password, row["Password"]) == True and row["Type"] != "Admin"):
                 user_db.close_db()
-                flash(str("Welcome {0}!").format(username))
+                flash(str("Welcome User {0}!").format(username))
                 return render_template("account.html", title='Account', email=row["Email"], username=row["Username"], type=row["Type"])
+            elif (row["Username"] == username and sha512_crypt.verify(password, row["Password"]) == True and row["Type"] == "Admin"):
+                users = user_db.get_table()
+                user_db.close_db()
+                flash(str("Welcome Admin {0}!").format(username))
+                return render_template("admin.html", title='Admin Account', email=row["Email"], username=row["Username"], type=row["Type"], users=users)
             else:
                 user_db.close_db()
                 flash("Login failed! Either the Username or Password was incorrect!")
@@ -71,15 +76,34 @@ def del_user():
         username = request.form['username']
         user_db.open_db()
         row = user_db.get_row("Username", username)
+
         if (row["Type"] == "Admin"):
+            users = user_db.get_table()
             user_db.close_db()
             flash("Error! Can't delete an Admin account!")
-            return render_template("account.html", title='Account', email=row["Email"], username=row["Username"], type=row["Type"])
+            return render_template("admin.html", title='Admin Account', email=row["Email"], username=row["Username"], type=row["Type"], users=users)
         else:
             user_db.drop_row("Username", username)
+            users = user_db.get_table()
             user_db.close_db()
             flash(str("User {0} successfully deleted!").format(username))
             return render_template("index.html", title='Home')
+    else:
+        username = request.args.get('id')
+        user_db.open_db()
+        row = user_db.get_row("Username", username)
+
+        if (row["Type"] == "Admin"):
+            users = user_db.get_table()
+            user_db.close_db()
+            flash("Error! Can't delete an Admin account!")
+            return render_template("admin.html", title='Admin Account', email=row["Email"], username=row["Username"], type=row["Type"], users=users)
+        else:
+            user_db.drop_row("Username", username)
+            users = user_db.get_table()
+            user_db.close_db()
+            flash(str("User {0} successfully deleted!").format(username))
+            return render_template("admin.html", title='Admin Account', email=row["Email"], username=row["Username"], type=row["Type"], users=users)
 
 @app.route('/change_password', methods = ['POST', 'GET'])
 def change_password():
@@ -88,14 +112,20 @@ def change_password():
         password = request.form['password']
         new_password = request.form['new_password']
         user_db.open_db()
+        users = user_db.get_table()
         row = user_db.get_row("Username", username)
 
         try:
-            if (row != None and row["Username"] == username and sha512_crypt.verify(password, row["Password"]) == True):
+            if (row != None and row["Username"] == username and sha512_crypt.verify(password, row["Password"]) == True and row["Type"] != "Admin"):
                 user_db.update_row("Password", sha512_crypt.hash(new_password), "Username", username)
                 user_db.close_db()
                 flash("Password changed successfully!")
                 return render_template("account.html", title='Account', email=row["Email"], username=row["Username"], type=row["Type"])
+            elif (row != None and row["Username"] == username and sha512_crypt.verify(password, row["Password"]) == True and row["Type"] == "Admin"):
+                user_db.update_row("Password", sha512_crypt.hash(new_password), "Username", username)
+                user_db.close_db()
+                flash("Password changed successfully!")
+                return render_template("admin.html", title='Admin Account', email=row["Email"], username=row["Username"], type=row["Type"], users=users)
             else:
                 user_db.close_db()
                 flash("Password change failed! The current password provided is incorrect!")
@@ -112,12 +142,19 @@ def change_username():
         new_username = request.form['new_username']
         user_db.open_db()
 
-        if (user_db.get_row("Username", new_username) == None):
+        if (user_db.get_row("Username", new_username) == None and user_db.get_row("Username", username)["Type"] != "Admin"):
             user_db.update_row("Username", new_username, "Username", username)
             row = user_db.get_row("Username", new_username)
             user_db.close_db()
             flash("Username changed successfully!")
             return render_template("account.html", title='Account', email=row["Email"], username=row["Username"], type=row["Type"])
+        elif (user_db.get_row("Username", new_username) == None and user_db.get_row("Username", username)["Type"] == "Admin"):
+            user_db.update_row("Username", new_username, "Username", username)
+            row = user_db.get_row("Username", new_username)
+            users = user_db.get_table()
+            user_db.close_db()
+            flash("Username changed successfully!")
+            return render_template("admin.html", title='Admin Account', email=row["Email"], username=row["Username"], type=row["Type"], users=users)
         else:
             row = user_db.get_row("Username", username)
             user_db.close_db()
diff --git a/app/static/styles/flask-auth.css b/app/static/styles/flask-auth.css
@@ -26,11 +26,10 @@ ol {
 
 a {
     text-decoration: none;
-    color: whitesmoke;
+    color: black;
     padding: 2px;
     display: inline-block;
-    border: 4px solid #14A76C;
-    border-radius: 2px;
+    border: transparent;
     font-style: normal;
     font-weight: lighter;
     font-size: 1.2rem;   
@@ -58,6 +57,32 @@ form {
     align-items: center;
 }
 
+table {
+    padding: 1%;
+    opacity: 60%;
+    margin: auto;
+    width: 50%;
+    background-color: whitesmoke;
+}
+
+th {
+    border: thin solid black;
+    border-radius: 2px;
+    padding: 1%;
+    font-style: normal;
+    font-weight: normal;
+    font-size: 1.2rem;
+}
+
+td {
+    border: thin solid black;
+    border-radius: 2px;
+    padding: 1%;
+    font-style: normal;
+    font-weight: normal;
+    font-size: 1rem;
+}
+
 .box {
     opacity: 70%;
     padding: 1%;
@@ -71,4 +96,10 @@ form {
 
 .title {
     font-size: 3rem;
+}
+
+@media only screen and (max-width: 1010px) {
+    table {
+        width: 100%;
+    }
 }
diff --git a/app/templates/account.html b/app/templates/account.html
@@ -6,7 +6,7 @@ <h1>Account Info</h1>
         <ol>
             <li><strong>Username: </strong>{{ username }}</li>
             <li><strong>Email: </strong>{{ email }}</li>
-            <li><strong>Type: </strong>{{ type }}</li>
+            <li><strong>Account Type: </strong>{{ type }}</li>
         </ol>
         <form action="{{ url_for('del_user') }}" method="POST">
             <input type="hidden" id="username" name="username" value="{{ username }}">
diff --git a/app/templates/admin.html b/app/templates/admin.html
@@ -0,0 +1,50 @@
+{% extends "base.html" %}
+
+{% block content %}
+    <div class="box">
+        <h1>Account Info</h1>
+        <ol>
+            <li><strong>Username: </strong>{{ username }}</li>
+            <li><strong>Email: </strong>{{ email }}</li>
+            <li><strong>Account Type: </strong>{{ type }}</li>
+        </ol>
+        <form action="{{ url_for('del_user') }}" method="POST">
+            <input type="hidden" id="username" name="username" value="{{ username }}">
+            <input type="submit" value="Delete Account">
+        </form>
+   
+        <form action="{{ url_for('change_username') }}" method="POST" accept-charset="UTF-8" autocomplete="off" autofocus="off" enctype="multipart/form-data">
+            <h2>Change Username</h2><br/>
+            <input type="hidden" id="username" name="username" value="{{ username }}" required/></br>
+            <label for="new_username">New Username</label>
+            <input type="text" id="new_username" name="new_username" size="32" minlength="8" maxlength="32" required/></br>
+            <input type="submit" value="Submit"/>
+        </form>
+        <form action="{{ url_for('change_password') }}" method="POST" accept-charset="UTF-8" autocomplete="off" autofocus="off" enctype="multipart/form-data">
+            <h2>Change Password</h2><br/>
+            <input type="hidden" id="username" name="username" value="{{ username }}" required/></br>
+            <label for="password">Password</label>
+            <input type="password" id="password" name="password" size="32" minlength="8" maxlength="32" required/></br>
+            <label for="new_password">New Password</label>
+            <input type="password" id="new_password" name="new_password" size="32" minlength="8" maxlength="32" required/></br>
+            <input type="submit" value="Submit"/>
+        </form>
+
+        <h2>Users</h2>
+        <table>
+            <tr>
+                <th>Email</th>
+                <th>Username</th>
+                <th>Account Type</th>
+            </tr>
+            {% for user in users %}
+                <tr>
+                    <td>{{ user.Email }}</td>
+                    <td>{{ user.Username }}</td>
+                    <td>{{ user.Type }}</td>
+                    <td><a href="/del_user?id={{ user.Username }}">Delete Account</a></td>
+                </tr>
+            {% endfor %}
+        </table>
+    </div>
+{% endblock %}
