Create app.py

app.py

@@ -0,0 +1,313 @@
+from flask import Flask, render_template, request, redirect, url_for, session, flash, jsonify
+from flask_pymongo import PyMongo
+from pymongo import MongoClient
+import bcrypt
+import smtplib
+from email.mime.text import MimeText
+from email.mime.multipart import MimeMultipart
+import os
+from datetime import datetime
+import uuid
+
+app = Flask(__name__)
+app.secret_key = 'carwala_secret_key_2024'
+
+# MongoDB configuration
+app.config["MONGO_URI"] = "mongodb+srv://arshbir:arshbir123@arshbir.9pulohe.mongodb.net/carwala?retryWrites=true&w=majority"
+mongo = PyMongo(app)
+
+# Email configuration
+SMTP_EMAIL = "singharshbir76@gmail.com"
+SMTP_PASSWORD = "wpiy tuxp pgpf wljz"
+
+# Initialize collections
+users = mongo.db.users
+cars = mongo.db.cars
+appointments = mongo.db.appointments
+
+# Admin credentials
+ADMIN_EMAIL = "singharshbir76@gmail.com"
+ADMIN_PASSWORD = "arshbir"
+
+# Routes
+@app.route('/')
+def index():
+    # Get all approved cars
+    car_list = list(cars.find({"status": "approved"}))
+    return render_template('index.html', cars=car_list)
+
+@app.route('/login', methods=['GET', 'POST'])
+def login():
+    if request.method == 'POST':
+        email = request.form.get('email')
+        password = request.form.get('password')
+        
+        user = users.find_one({"email": email})
+        
+        if user:
+            # Check if user is admin
+            if email == ADMIN_EMAIL and password == ADMIN_PASSWORD:
+                session['user_id'] = str(user['_id'])
+                session['role'] = 'admin'
+                session['email'] = email
+                return redirect(url_for('admin_dashboard'))
+            
+            # Check password for regular users
+            if bcrypt.checkpw(password.encode('utf-8'), user['password']):
+                # Check if seller is approved
+                if user['role'] == 'seller' and not user.get('approved', False):
+                    flash('Your seller account is pending approval by admin.')
+                    return redirect(url_for('login'))
+                
+                session['user_id'] = str(user['_id'])
+                session['role'] = user['role']
+                session['email'] = email
+                
+                if user['role'] == 'buyer':
+                    return redirect(url_for('index'))
+                elif user['role'] == 'seller':
+                    return redirect(url_for('seller_dashboard'))
+            else:
+                flash('Invalid email or password')
+        else:
+            flash('User not found')
+    
+    return render_template('login.html')
+
+@app.route('/register', methods=['GET', 'POST'])
+def register():
+    if request.method == 'POST':
+        name = request.form.get('name')
+        email = request.form.get('email')
+        password = request.form.get('password')
+        role = request.form.get('role')
+        address = request.form.get('address')
+        phone = request.form.get('phone')
+        
+        # Check if user already exists
+        if users.find_one({"email": email}):
+            flash('Email already registered')
+            return redirect(url_for('register'))
+        
+        # Hash password
+        hashed_password = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt())
+        
+        # Create user document
+        user_data = {
+            "name": name,
+            "email": email,
+            "password": hashed_password,
+            "role": role,
+            "address": address,
+            "phone": phone,
+            "approved": True if role == 'buyer' else False,
+            "created_at": datetime.now()
+        }
+        
+        users.insert_one(user_data)
+        
+        if role == 'buyer':
+            flash('Registration successful! Please login.')
+            return redirect(url_for('login'))
+        else:
+            flash('Registration submitted. Waiting for admin approval.')
+            return redirect(url_for('login'))
+    
+    return render_template('register.html')
+
+@app.route('/logout')
+def logout():
+    session.clear()
+    return redirect(url_for('index'))
+
+@app.route('/admin')
+def admin_dashboard():
+    if 'user_id' not in session or session.get('role') != 'admin':
+        return redirect(url_for('login'))
+    
+    # Get pending seller approvals
+    pending_sellers = list(users.find({"role": "seller", "approved": False}))
+    
+    # Get all cars for approval
+    pending_cars = list(cars.find({"status": "pending"}))
+    
+    return render_template('admin.html', 
+                          pending_sellers=pending_sellers, 
+                          pending_cars=pending_cars)
+
+@app.route('/approve_seller/<user_id>')
+def approve_seller(user_id):
+    if 'user_id' not in session or session.get('role') != 'admin':
+        return redirect(url_for('login'))
+    
+    users.update_one({"_id": user_id}, {"$set": {"approved": True}})
+    flash('Seller approved successfully')
+    return redirect(url_for('admin_dashboard'))
+
+@app.route('/seller')
+def seller_dashboard():
+    if 'user_id' not in session or session.get('role') != 'seller':
+        return redirect(url_for('login'))
+    
+    # Check if seller is approved
+    user = users.find_one({"_id": session['user_id']})
+    if not user.get('approved', False):
+        flash('Your seller account is pending approval.')
+        return redirect(url_for('login'))
+    
+    # Get seller's cars
+    seller_cars = list(cars.find({"seller_id": session['user_id']}))
+    return render_template('seller_dashboard.html', cars=seller_cars)
+
+@app.route('/add_car', methods=['POST'])
+def add_car():
+    if 'user_id' not in session or session.get('role') != 'seller':
+        return redirect(url_for('login'))
+    
+    name = request.form.get('name')
+    year = request.form.get('year')
+    price = request.form.get('price')
+    description = request.form.get('description')
+    
+    car_data = {
+        "name": name,
+        "year": year,
+        "price": price,
+        "description": description,
+        "seller_id": session['user_id'],
+        "seller_email": session['email'],
+        "status": "pending",
+        "created_at": datetime.now()
+    }
+    
+    cars.insert_one(car_data)
+    flash('Car added successfully. Waiting for admin approval.')
+    return redirect(url_for('seller_dashboard'))
+
+@app.route('/approve_car/<car_id>')
+def approve_car(car_id):
+    if 'user_id' not in session or session.get('role') != 'admin':
+        return redirect(url_for('login'))
+    
+    cars.update_one({"_id": car_id}, {"$set": {"status": "approved"}})
+    flash('Car approved successfully')
+    return redirect(url_for('admin_dashboard'))
+
+@app.route('/book_appointment/<car_id>', methods=['GET', 'POST'])
+def book_appointment(car_id):
+    if 'user_id' not in session or session.get('role') != 'buyer':
+        return redirect(url_for('login'))
+    
+    car = cars.find_one({"_id": car_id})
+    
+    if request.method == 'POST':
+        name = request.form.get('name')
+        email = request.form.get('email')
+        address = request.form.get('address')
+        phone = request.form.get('phone')
+        preferred_date = request.form.get('preferred_date')
+        preferred_time = request.form.get('preferred_time')
+        
+        appointment_data = {
+            "car_id": car_id,
+            "car_name": car['name'],
+            "buyer_id": session['user_id'],
+            "buyer_name": name,
+            "buyer_email": email,
+            "buyer_address": address,
+            "buyer_phone": phone,
+            "preferred_date": preferred_date,
+            "preferred_time": preferred_time,
+            "status": "pending",
+            "created_at": datetime.now()
+        }
+        
+        appointments.insert_one(appointment_data)
+        flash('Appointment booked successfully. Seller will contact you soon.')
+        return redirect(url_for('index'))
+    
+    return render_template('appointment.html', car=car)
+
+@app.route('/seller_appointments/<car_id>')
+def seller_appointments(car_id):
+    if 'user_id' not in session or session.get('role') != 'seller':
+        return redirect(url_for('login'))
+    
+    car_appointments = list(appointments.find({"car_id": car_id}))
+    car = cars.find_one({"_id": car_id})
+    return render_template('seller.html', appointments=car_appointments, car=car)
+
+@app.route('/approve_appointment/<appointment_id>', methods=['POST'])
+def approve_appointment(appointment_id):
+    if 'user_id' not in session or session.get('role') != 'seller':
+        return redirect(url_for('login'))
+    
+    meeting_date = request.form.get('meeting_date')
+    meeting_time = request.form.get('meeting_time')
+    meeting_place = request.form.get('meeting_place')
+    
+    appointment = appointments.find_one({"_id": appointment_id})
+    
+    # Update appointment status
+    appointments.update_one(
+        {"_id": appointment_id}, 
+        {"$set": {
+            "status": "approved",
+            "meeting_date": meeting_date,
+            "meeting_time": meeting_time,
+            "meeting_place": meeting_place
+        }}
+    )
+    
+    # Send email to buyer
+    send_meeting_email(
+        appointment['buyer_email'],
+        appointment['car_name'],
+        meeting_date,
+        meeting_time,
+        meeting_place
+    )
+    
+    flash('Appointment approved and email sent to buyer')
+    return redirect(url_for('seller_appointments', car_id=appointment['car_id']))
+
+def send_meeting_email(buyer_email, car_name, date, time, place):
+    try:
+        subject = f"Appointment Confirmation for {car_name}"
+        body = f"""
+        Dear Buyer,
+        
+        Your appointment for {car_name} has been approved.
+        
+        Meeting Details:
+        Date: {date}
+        Time: {time}
+        Place: {place}
+        
+        Please arrive on time for the test drive.
+        
+        Best regards,
+        Carwala Team
+        """
+        
+        msg = MimeMultipart()
+        msg['From'] = SMTP_EMAIL
+        msg['To'] = buyer_email
+        msg['Subject'] = subject
+        
+        msg.attach(MimeText(body, 'plain'))
+        
+        server = smtplib.SMTP('smtp.gmail.com', 587)
+        server.starttls()
+        server.login(SMTP_EMAIL, SMTP_PASSWORD)
+        text = msg.as_string()
+        server.sendmail(SMTP_EMAIL, buyer_email, text)
+        server.quit()
+        
+        return True
+    except Exception as e:
+        print(f"Email error: {e}")
+        return False
+
+if __name__ == '__main__':
+    app.run(host='0.0.0.0', port=5000, debug=True)