app.py

from flask import Flask, render_template, request, redirect, url_for, session, send_file
import sqlite3
import os
import logging

app = Flask(__name__)
app.secret_key = "supersecretkey"
DB_PATH = "temp.db"

# Enable debug logs
logging.basicConfig(level=logging.DEBUG)


def init_db():
    """Create DB and users table if not exists"""
    try:
        conn = sqlite3.connect(DB_PATH)
        cursor = conn.cursor()
        cursor.execute("""
            CREATE TABLE IF NOT EXISTS users (
                id INTEGER PRIMARY KEY AUTOINCREMENT,
                username TEXT UNIQUE,
                password TEXT
            )
        """)
        conn.commit()
        conn.close()
    except Exception as e:
        app.logger.error(f"DB init failed: {e}")


@app.before_request
def before_request():
    """Ensure DB exists before each request"""
    init_db()


@app.route("/")
def home():
    try:
        username = session.get("username", None)
        return render_template("home.html", username=username)
    except Exception as e:
        app.logger.error(f"Home page error: {e}")
        return f"✅ Flask is running, but template error: {e}"


@app.route("/signup", methods=["GET", "POST"])
def signup():
    if request.method == "POST":
        username = request.form["username"].strip()
        password = request.form["password"].strip()

        try:
            conn = sqlite3.connect(DB_PATH)
            cursor = conn.cursor()
            cursor.execute(
                "INSERT INTO users (username, password) VALUES (?, ?)", (username, password)
            )
            conn.commit()
            conn.close()
            return redirect(url_for("login"))
        except sqlite3.IntegrityError:
            return render_template("signup.html", error="⚠️ Username already exists")
        except Exception as e:
            app.logger.error(f"Signup error: {e}")
            return f"❌ Signup failed: {e}"

    return render_template("signup.html")


@app.route("/login", methods=["GET", "POST"])
def login():
    if request.method == "POST":
        username = request.form["username"].strip()
        password = request.form["password"].strip()

        # Special admin login
        if username == "1234" and password == "1234":
            session["username"] = "Admin"
            return redirect(url_for("download_db"))

        try:
            conn = sqlite3.connect(DB_PATH)
            cursor = conn.cursor()
            cursor.execute(
                "SELECT * FROM users WHERE username=? AND password=?", (username, password)
            )
            user = cursor.fetchone()
            conn.close()
        except Exception as e:
            app.logger.error(f"Login error: {e}")
            return f"❌ Login failed: {e}"

        if user:
            session["username"] = username
            return redirect(url_for("home"))
        else:
            return render_template("login.html", error="❌ Invalid username or password")

    return render_template("login.html")


@app.route("/logout")
def logout():
    session.pop("username", None)
    return redirect(url_for("home"))


@app.route("/download-db")
def download_db():
    if "username" in session and session["username"] == "Admin":
        if os.path.exists(DB_PATH):
            return send_file(DB_PATH, as_attachment=True)
        return "No DB found."
    return redirect(url_for("home"))


if __name__ == "__main__":
    init_db()
    app.run(host="0.0.0.0", port=7860, debug=True)