Spaces:

arshtech
/

Carwala

Sleeping

App Files Files Community

arshtech commited on Sep 26, 2025

Commit

63201f6

verified ·

1 Parent(s): 1a3f0c9

Update app.py

Browse files

Files changed (1) hide show

app.py +32 -220

app.py CHANGED Viewed

@@ -28,6 +28,29 @@ SMTP_PASSWORD = "wpiy tuxp pgpf wljz"
 ADMIN_EMAIL = "singharshbir76@gmail.com"
 ADMIN_PASSWORD = "arshbir"
 # Routes
 @app.route('/')
 def index():
@@ -40,15 +63,19 @@ def login():
     if request.method == 'POST':
         email = request.form.get('email')
         password = request.form.get('password')
         user = users.find_one({"email": email})
         if user:
-            # Check if user is admin
             if email == ADMIN_EMAIL and password == ADMIN_PASSWORD:
                 session['user_id'] = str(user['_id'])
                 session['role'] = 'admin'
                 session['email'] = email
                 return redirect(url_for('admin_dashboard'))
             # Check password for regular users
@@ -68,60 +95,17 @@ def login():
                     return redirect(url_for('seller_dashboard'))
             else:
                 flash('Invalid email or password')
         else:
             flash('User not found')
     return render_template('login.html')
-@app.route('/register', methods=['GET', 'POST'])
-def register():
-    if request.method == 'POST':
-        name = request.form.get('name')
-        email = request.form.get('email')
-        password = request.form.get('password')
-        role = request.form.get('role')
-        address = request.form.get('address')
-        phone = request.form.get('phone')
-        # Check if user already exists
-        if users.find_one({"email": email}):
-            flash('Email already registered')
-            return redirect(url_for('register'))
-        # Hash password
-        hashed_password = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt())
-        # Create user document
-        user_data = {
-            "name": name,
-            "email": email,
-            "password": hashed_password,
-            "role": role,
-            "address": address,
-            "phone": phone,
-            "approved": True if role == 'buyer' else False,
-            "created_at": datetime.now()
-        }
-        users.insert_one(user_data)
-        if role == 'buyer':
-            flash('Registration successful! Please login.')
-            return redirect(url_for('login'))
-        else:
-            flash('Registration submitted. Waiting for admin approval.')
-            return redirect(url_for('login'))
-    return render_template('register.html')
-@app.route('/logout')
-def logout():
-    session.clear()
-    return redirect(url_for('index'))
 @app.route('/admin')
 def admin_dashboard():
     if 'user_id' not in session or session.get('role') != 'admin':
         return redirect(url_for('login'))
     # Get pending seller approvals
@@ -134,179 +118,7 @@ def admin_dashboard():
                           pending_sellers=pending_sellers,
                           pending_cars=pending_cars)
-@app.route('/approve_seller/<user_id>')
-def approve_seller(user_id):
-    if 'user_id' not in session or session.get('role') != 'admin':
-        return redirect(url_for('login'))
-    users.update_one({"_id": user_id}, {"$set": {"approved": True}})
-    flash('Seller approved successfully')
-    return redirect(url_for('admin_dashboard'))
-@app.route('/seller')
-def seller_dashboard():
-    if 'user_id' not in session or session.get('role') != 'seller':
-        return redirect(url_for('login'))
-    # Check if seller is approved
-    user = users.find_one({"_id": session['user_id']})
-    if not user.get('approved', False):
-        flash('Your seller account is pending approval.')
-        return redirect(url_for('login'))
-    # Get seller's cars
-    seller_cars = list(cars.find({"seller_id": session['user_id']}))
-    return render_template('seller_dashboard.html', cars=seller_cars)
-@app.route('/add_car', methods=['POST'])
-def add_car():
-    if 'user_id' not in session or session.get('role') != 'seller':
-        return redirect(url_for('login'))
-    name = request.form.get('name')
-    year = request.form.get('year')
-    price = request.form.get('price')
-    description = request.form.get('description')
-    car_data = {
-        "name": name,
-        "year": year,
-        "price": price,
-        "description": description,
-        "seller_id": session['user_id'],
-        "seller_email": session['email'],
-        "status": "pending",
-        "created_at": datetime.now()
-    }
-    cars.insert_one(car_data)
-    flash('Car added successfully. Waiting for admin approval.')
-    return redirect(url_for('seller_dashboard'))
-@app.route('/approve_car/<car_id>')
-def approve_car(car_id):
-    if 'user_id' not in session or session.get('role') != 'admin':
-        return redirect(url_for('login'))
-    cars.update_one({"_id": car_id}, {"$set": {"status": "approved"}})
-    flash('Car approved successfully')
-    return redirect(url_for('admin_dashboard'))
-@app.route('/book_appointment/<car_id>', methods=['GET', 'POST'])
-def book_appointment(car_id):
-    if 'user_id' not in session or session.get('role') != 'buyer':
-        return redirect(url_for('login'))
-    car = cars.find_one({"_id": car_id})
-    if request.method == 'POST':
-        name = request.form.get('name')
-        email = request.form.get('email')
-        address = request.form.get('address')
-        phone = request.form.get('phone')
-        preferred_date = request.form.get('preferred_date')
-        preferred_time = request.form.get('preferred_time')
-        appointment_data = {
-            "car_id": car_id,
-            "car_name": car['name'],
-            "buyer_id": session['user_id'],
-            "buyer_name": name,
-            "buyer_email": email,
-            "buyer_address": address,
-            "buyer_phone": phone,
-            "preferred_date": preferred_date,
-            "preferred_time": preferred_time,
-            "status": "pending",
-            "created_at": datetime.now()
-        }
-        appointments.insert_one(appointment_data)
-        flash('Appointment booked successfully. Seller will contact you soon.')
-        return redirect(url_for('index'))
-    return render_template('appointment.html', car=car)
-@app.route('/seller_appointments/<car_id>')
-def seller_appointments(car_id):
-    if 'user_id' not in session or session.get('role') != 'seller':
-        return redirect(url_for('login'))
-    car_appointments = list(appointments.find({"car_id": car_id}))
-    car = cars.find_one({"_id": car_id})
-    return render_template('seller.html', appointments=car_appointments, car=car)
-@app.route('/approve_appointment/<appointment_id>', methods=['POST'])
-def approve_appointment(appointment_id):
-    if 'user_id' not in session or session.get('role') != 'seller':
-        return redirect(url_for('login'))
-    meeting_date = request.form.get('meeting_date')
-    meeting_time = request.form.get('meeting_time')
-    meeting_place = request.form.get('meeting_place')
-    appointment = appointments.find_one({"_id": appointment_id})
-    # Update appointment status
-    appointments.update_one(
-        {"_id": appointment_id},
-        {"$set": {
-            "status": "approved",
-            "meeting_date": meeting_date,
-            "meeting_time": meeting_time,
-            "meeting_place": meeting_place
-        }}
-    )
-    # Send email to buyer
-    send_meeting_email(
-        appointment['buyer_email'],
-        appointment['car_name'],
-        meeting_date,
-        meeting_time,
-        meeting_place
-    )
-    flash('Appointment approved and email sent to buyer')
-    return redirect(url_for('seller_appointments', car_id=appointment['car_id']))
-def send_meeting_email(buyer_email, car_name, date, time, place):
-    try:
-        subject = f"Appointment Confirmation for {car_name}"
-        body = f"""
-        Dear Buyer,
-        Your appointment for {car_name} has been approved.
-        Meeting Details:
-        Date: {date}
-        Time: {time}
-        Place: {place}
-        Please arrive on time for the test drive.
-        Best regards,
-        Carwala Team
-        """
-        msg = MIMEMultipart()
-        msg['From'] = SMTP_EMAIL
-        msg['To'] = buyer_email
-        msg['Subject'] = subject
-        msg.attach(MIMEText(body, 'plain'))
-        server = smtplib.SMTP('smtp.gmail.com', 587)
-        server.starttls()
-        server.login(SMTP_EMAIL, SMTP_PASSWORD)
-        text = msg.as_string()
-        server.sendmail(SMTP_EMAIL, buyer_email, text)
-        server.quit()
-        return True
-    except Exception as e:
-        print(f"Email error: {e}")
-        return False
 if __name__ == '__main__':
     app.run(host='0.0.0.0', port=7860, debug=False)

 ADMIN_EMAIL = "singharshbir76@gmail.com"
 ADMIN_PASSWORD = "arshbir"
+def create_admin_user():
+    """Create admin user if not exists"""
+    admin_user = users.find_one({"email": ADMIN_EMAIL})
+    if not admin_user:
+        hashed_password = bcrypt.hashpw(ADMIN_PASSWORD.encode('utf-8'), bcrypt.gensalt())
+        admin_data = {
+            "name": "Admin User",
+            "email": ADMIN_EMAIL,
+            "password": hashed_password,
+            "role": "admin",
+            "address": "Admin Address",
+            "phone": "0000000000",
+            "approved": True,
+            "created_at": datetime.now()
+        }
+        users.insert_one(admin_data)
+        print("Admin user created successfully!")
+    else:
+        print("Admin user already exists")
+# Create admin user when app starts
+create_admin_user()
 # Routes
 @app.route('/')
 def index():
     if request.method == 'POST':
         email = request.form.get('email')
         password = request.form.get('password')
+        print(f"Login attempt: {email}")  # Debug log
         user = users.find_one({"email": email})
         if user:
+            print(f"User found: {user['email']}, Role: {user.get('role')}")  # Debug log
+            # Check if user is admin using the special credentials
             if email == ADMIN_EMAIL and password == ADMIN_PASSWORD:
                 session['user_id'] = str(user['_id'])
                 session['role'] = 'admin'
                 session['email'] = email
+                print("Admin login successful")  # Debug log
                 return redirect(url_for('admin_dashboard'))
             # Check password for regular users
                     return redirect(url_for('seller_dashboard'))
             else:
                 flash('Invalid email or password')
+                print("Password check failed")  # Debug log
         else:
             flash('User not found')
+            print("User not found")  # Debug log
     return render_template('login.html')
 @app.route('/admin')
 def admin_dashboard():
     if 'user_id' not in session or session.get('role') != 'admin':
+        flash('Please login as admin to access this page.')
         return redirect(url_for('login'))
     # Get pending seller approvals
                           pending_sellers=pending_sellers,
                           pending_cars=pending_cars)
+# ... (rest of the routes remain the same)
 if __name__ == '__main__':
     app.run(host='0.0.0.0', port=7860, debug=False)