Spaces:

Oranblock
/

Pomodoro

Sleeping

File size: 8,927 Bytes

import os
from flask import Flask, render_template, request, jsonify, session
import sqlite3
from datetime import datetime
import random
import string
import logging
import bcrypt

app = Flask(__name__)
app.secret_key = 'your_secret_key_here'  # Replace with a real secret key

logging.basicConfig(level=logging.DEBUG)

otp_code = None
otp_expiration = None

def get_db():
    db = sqlite3.connect('database.db')
    db.row_factory = sqlite3.Row
    return db

@app.route('/')
def index():
    return render_template('index.html')

@app.route('/start_session', methods=['POST'])
def start_session():
    start_time = datetime.now().isoformat()
    session_type = request.json.get('session_type')
    duration = request.json.get('duration')
    user_id = session.get('user_id')
    with get_db() as conn:
        cursor = conn.cursor()
        cursor.execute('INSERT INTO sessions (user_id, start_time, session_type, duration) VALUES (?, ?, ?, ?)', 
                       (user_id, start_time, session_type, duration))
        conn.commit()
        session_id = cursor.lastrowid
    return jsonify({'session_id': session_id})

@app.route('/end_session', methods=['POST'])
def end_session():
    session_id = request.json.get('session_id')
    end_time = datetime.now().isoformat()
    with get_db() as conn:
        cursor = conn.cursor()
        cursor.execute('UPDATE sessions SET end_time = ? WHERE id = ?', (end_time, session_id))
        conn.commit()
    return '', 204

@app.route('/save_script', methods=['POST'])
def save_script():
    session_id = request.json.get('session_id')
    script_code = request.json.get('script_code')
    with get_db() as conn:
        cursor = conn.cursor()
        cursor.execute('UPDATE sessions SET script_code = ? WHERE id = ?', (script_code, session_id))
        conn.commit()
    return '', 204

@app.route('/scripts', methods=['GET'])
def get_scripts():
    user_id = session.get('user_id')
    with get_db() as conn:
        cursor = conn.cursor()
        cursor.execute('SELECT id, start_time, end_time, script_code, rating, comments, session_type, duration FROM sessions WHERE user_id = ?', (user_id,))
        scripts = cursor.fetchall()
    return jsonify([dict(row) for row in scripts])

@app.route('/rate_script', methods=['POST'])
def rate_script():
    session_id = request.json.get('session_id')
    rating = request.json.get('rating')
    with get_db() as conn:
        cursor = conn.cursor()
        cursor.execute('UPDATE sessions SET rating = ? WHERE id = ?', (rating, session_id))
        conn.commit()
    return '', 204

@app.route('/comment_script', methods=['POST'])
def comment_script():
    session_id = request.json.get('session_id')
    comments = request.json.get('comments')
    with get_db() as conn:
        cursor = conn.cursor()
        cursor.execute('UPDATE sessions SET comments = ? WHERE id = ?', (comments, session_id))
        conn.commit()
    return '', 204

@app.route('/generate_otp', methods=['GET'])
def generate_otp_route():
    generate_otp()
    return '', 204

@app.route('/reset_database', methods=['POST'])
def reset_database():
    input_otp = request.json.get('otp')
    if validate_otp(input_otp):
        with get_db() as conn:
            cursor = conn.cursor()
            cursor.execute('DROP TABLE IF EXISTS sessions')
            cursor.execute('DROP TABLE IF EXISTS users')
            cursor.execute('DROP TABLE IF EXISTS tasks')
            cursor.execute('DROP TABLE IF EXISTS settings')
            cursor.execute('DROP TABLE IF EXISTS admin_settings')
            conn.commit()
        init_db()
        return '', 204
    else:
        return jsonify({'error': 'Invalid OTP'}), 403

@app.route('/register', methods=['POST'])
def register():
    username = request.json.get('username')
    password = request.json.get('password')
    hashed_password = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt())
    
    with get_db() as conn:
        cursor = conn.cursor()
        try:
            cursor.execute('INSERT INTO users (username, password) VALUES (?, ?)', (username, hashed_password))
            conn.commit()
            return jsonify({'message': 'User registered successfully'}), 201
        except sqlite3.IntegrityError:
            return jsonify({'error': 'Username already exists'}), 400

@app.route('/login', methods=['POST'])
def login():
    username = request.json.get('username')
    password = request.json.get('password')
    
    with get_db() as conn:
        cursor = conn.cursor()
        cursor.execute('SELECT id, password, is_admin FROM users WHERE username = ?', (username,))
        user = cursor.fetchone()
        
        if user and bcrypt.checkpw(password.encode('utf-8'), user['password']):
            session['user_id'] = user['id']
            session['is_admin'] = user['is_admin']
            return jsonify({'message': 'Login successful', 'is_admin': user['is_admin']}), 200
        else:
            return jsonify({'error': 'Invalid username or password'}), 401

@app.route('/logout', methods=['POST'])
def logout():
    session.clear()
    return jsonify({'message': 'Logout successful'}), 200

@app.route('/add_task', methods=['POST'])
def add_task():
    user_id = session.get('user_id')
    description = request.json.get('description')
    
    with get_db() as conn:
        cursor = conn.cursor()
        cursor.execute('INSERT INTO tasks (user_id, description) VALUES (?, ?)', (user_id, description))
        conn.commit()
        task_id = cursor.lastrowid
    
    return jsonify({'task_id': task_id, 'message': 'Task added successfully'}), 201

@app.route('/get_tasks', methods=['GET'])
def get_tasks():
    user_id = session.get('user_id')
    
    with get_db() as conn:
        cursor = conn.cursor()
        cursor.execute('SELECT id, description, completed FROM tasks WHERE user_id = ?', (user_id,))
        tasks = cursor.fetchall()
    
    return jsonify([dict(row) for row in tasks])

@app.route('/update_task', methods=['POST'])
def update_task():
    task_id = request.json.get('task_id')
    completed = request.json.get('completed')
    
    with get_db() as conn:
        cursor = conn.cursor()
        cursor.execute('UPDATE tasks SET completed = ? WHERE id = ?', (completed, task_id))
        conn.commit()
    
    return jsonify({'message': 'Task updated successfully'}), 200

@app.route('/get_settings', methods=['GET'])
def get_settings():
    user_id = session.get('user_id')
    with get_db() as conn:
        cursor = conn.cursor()
        cursor.execute('SELECT setting_name, setting_value FROM settings WHERE user_id = ?', (user_id,))
        settings = dict(cursor.fetchall())
    
    return jsonify(settings)

@app.route('/update_settings', methods=['POST'])
def update_settings():
    user_id = session.get('user_id')
    new_settings = request.json
    
    with get_db() as conn:
        cursor = conn.cursor()
        for setting, value in new_settings.items():
            cursor.execute('INSERT OR REPLACE INTO settings (user_id, setting_name, setting_value) VALUES (?, ?, ?)', 
                           (user_id, setting, str(value)))
        conn.commit()
    
    return jsonify({'message': 'Settings updated successfully'}), 200

@app.route('/get_statistics', methods=['GET'])
def get_statistics():
    user_id = session.get('user_id')
    
    with get_db() as conn:
        cursor = conn.cursor()
        cursor.execute('''
            SELECT 
                COUNT(*) as total_sessions,
                SUM(CASE WHEN session_type = 'work' THEN duration ELSE 0 END) as total_work_time,
                AVG(rating) as average_rating
            FROM sessions
            WHERE user_id = ?
        ''', (user_id,))
        stats = cursor.fetchone()
    
    return jsonify({
        'total_sessions': stats['total_sessions'],
        'total_work_time': stats['total_work_time'],
        'average_rating': stats['average_rating']
    })

@app.route('/update_admin_settings', methods=['POST'])
def update_admin_settings():
    if not session.get('is_admin'):
        return jsonify({'error': 'Unauthorized'}), 403
    
    settings = request.json
    
    with get_db() as conn:
        cursor = conn.cursor()
        for setting, value in settings.items():
            cursor.execute('INSERT OR REPLACE INTO admin_settings (setting_name, setting_value) VALUES (?, ?)', (setting, int(value)))
        conn.commit()
    
    return jsonify({'success': True}), 200

@app.route('/get_admin_settings', methods=['GET'])
def get_admin_settings():
    if not session.get('is_admin'):
        return jsonify({'error': 'Unauthorized'}), 403
    
    with get_db() as conn:
        cursor = conn.cursor()
        cursor.execute('SELECT setting_name, setting_value FROM admin_settings')
        settings = dict(cursor.fetchall())
    
    return jsonify(settings)

if __name__ == '__main__':
    init_db()
    app.run(debug=True)