from flask import Flask, request, jsonify
from flask_cors import CORS
import sqlite3
from urllib.parse import urlparse

app = Flask(__name__)
CORS(app)

# Open whitelist DB
db_conn = sqlite3.connect("whitelist.db", check_same_thread=False)

def is_whitelisted(url):
    cursor = db_conn.cursor()
    domain = urlparse(url).netloc.lower()
    if domain.startswith("www."):
        domain = domain[4:]
    cursor.execute("SELECT 1 FROM whitelist WHERE domain = ?", (domain,))
    return cursor.fetchone() is not None

@app.route("/scan", methods=["POST"])
def scan():
    data = request.get_json()
    url = data.get("text", "")

    if is_whitelisted(url):
        return jsonify({
            "label": "Safe (Whitelisted)",
            "confidence": 1.0
        })
    
    # Fake model response for testing
    return jsonify({
        "label": "Phishing",
        "confidence": 0.75
    })

if __name__ == "__main__":
    app.run(host="0.0.0.0", port=7860)