from flask import Flask, render_template, request, redirect, url_for, session, make_response
import sqlite3
from datetime import timedelta

# Flask app setup
app = Flask(__name__)
app.secret_key = "supersecretkey"  # Change this to a secure key in production
app.permanent_session_lifetime = timedelta(days=7)


# Helper function to connect to SQLite database
def get_db_connection():
    conn = sqlite3.connect("users.db")
    conn.row_factory = sqlite3.Row
    return conn


# Initialize database with users table
def init_db():
    conn = get_db_connection()
    conn.execute("""
        CREATE TABLE IF NOT EXISTS users (
            id INTEGER PRIMARY KEY AUTOINCREMENT,
            username TEXT UNIQUE NOT NULL,
            password TEXT NOT NULL
        )
    """)
    conn.commit()
    conn.close()

# Initialize DB at startup
init_db()


# Home page — only accessible if logged in
@app.route("/")
def home():
    if "username" in session:
        username = session["username"]
        last_visit = request.cookies.get("last_visit", "First time visiting!")
        return render_template("home.html", username=username, last_visit=last_visit)
    return redirect(url_for("login"))


# Signup page
@app.route("/signup", methods=["GET", "POST"])
def signup():
    if request.method == "POST":
        username = request.form["username"]
        password = request.form["password"]

        conn = get_db_connection()
        try:
            conn.execute("INSERT INTO users (username, password) VALUES (?, ?)", (username, password))
            conn.commit()
            conn.close()
            return redirect(url_for("login"))
        except sqlite3.IntegrityError:
            return "Username already exists! Try another."

    return render_template("signup.html")


# Login page
@app.route("/login", methods=["GET", "POST"])
def login():
    if request.method == "POST":
        username = request.form["username"]
        password = request.form["password"]
        remember = request.form.get("remember")

        conn = get_db_connection()
        user = conn.execute(
            "SELECT * FROM users WHERE username=? AND password=?", 
            (username, password)
        ).fetchone()
        conn.close()

        if user:
            session.permanent = (remember == "on")
            session["username"] = username

            resp = make_response(redirect(url_for("portfolio")))
            resp.set_cookie("last_visit", "Welcome back, " + username,
                            max_age=(7*24*60*60 if remember == "on" else None))
            return resp
        else:
            return "Invalid username or password. Try again."
    return render_template("login.html")


# Portfolio page - accessible only if logged in
@app.route("/portfolio")
def portfolio():
    username = session.get("username")
    if not username:
        return redirect(url_for("login"))
    return render_template("portfolio.html", username=username)


# Logout route
@app.route("/logout")
def logout():
    session.pop("username", None)
    resp = make_response(redirect(url_for("login")))
    resp.set_cookie("last_visit", "", expires=0)
    return resp


# Run the app
if __name__ == "__main__":
    app.run(debug=True, host="0.0.0.0", port=5000)