Update app.py

app.py

@@ -5,25 +5,21 @@ import smtplib
 from email.mime.text import MIMEText
 from email.mime.multipart import MIMEMultipart
 from datetime import datetime
-import os
 from bson.objectid import ObjectId
-import traceback
 
 app = Flask(__name__)
 app.secret_key = 'carwala_secret_key_2024'
 
-# MongoDB configuration - using carwala1 database
+# MongoDB configuration
 MONGODB_URI = "mongodb+srv://arshbir:arshbir123@arshbir.9pulohe.mongodb.net/carwala1?retryWrites=true&w=majority"
 
 try:
-    client = MongoClient(MONGODB_URI)
-    # Test the connection
+    client = MongoClient(MONGODB_URI, serverSelectionTimeoutMS=5000)
     client.admin.command('ping')
     db = client.carwala1
-    print("✅ MongoDB connection successful!")
+    print("✅ MongoDB connected successfully!")
 except Exception as e:
     print(f"❌ MongoDB connection failed: {e}")
-    # Create a dummy client to prevent crashes
     db = None
 
 # Email configuration
@@ -35,498 +31,330 @@ ADMIN_EMAIL = "singharshbir76@gmail.com"
 ADMIN_PASSWORD = "arshbir"
 
 def initialize_database():
-    """Initialize database and create collections if they don't exist"""
-    if db is None:
-        print("❌ Database not available")
+    """Initialize database and create collections"""
+    if not db:
         return
     
     try:
-        # Get or create collections
         users = db.users
         cars = db.cars
         appointments = db.appointments
         
-        # Create indexes
-        users.create_index("email", unique=True)
-        cars.create_index("seller_id")
-        appointments.create_index("car_id")
+        # Create admin user
+        if not users.find_one({"email": ADMIN_EMAIL}):
+            hashed = bcrypt.hashpw(ADMIN_PASSWORD.encode('utf-8'), bcrypt.gensalt())
+            users.insert_one({
+                "name": "Admin", "email": ADMIN_EMAIL, "password": hashed,
+                "role": "admin", "approved": True, "created_at": datetime.now()
+            })
+            print("✅ Admin user created")
         
-        # Create admin user if not exists
-        admin_user = users.find_one({"email": ADMIN_EMAIL})
-        if not admin_user:
-            hashed_password = bcrypt.hashpw(ADMIN_PASSWORD.encode('utf-8'), bcrypt.gensalt())
-            admin_data = {
-                "name": "Admin User",
-                "email": ADMIN_EMAIL,
-                "password": hashed_password,
-                "role": "admin",
-                "address": "Delhi, India",
-                "phone": "9876543210",
-                "approved": True,
-                "created_at": datetime.now()
-            }
-            users.insert_one(admin_data)
-            print("✅ Admin user created successfully!")
-        
-        # Add some sample cars with Indian prices if database is empty
+        # Add sample cars
         if cars.count_documents({}) == 0:
             sample_cars = [
-                {
-                    "name": "Maruti Suzuki Swift",
-                    "year": 2022,
-                    "price": 650000,
-                    "description": "Excellent condition, low mileage, fuel efficient. Petrol engine, 5-speed manual.",
-                    "seller_id": "admin",
-                    "seller_email": ADMIN_EMAIL,
-                    "status": "approved",
-                    "created_at": datetime.now()
-                },
-                {
-                    "name": "Hyundai Creta",
-                    "year": 2021,
-                    "price": 1250000,
-                    "description": "Well maintained, single owner, all services done. Diesel automatic, sunroof.",
-                    "seller_id": "admin",
-                    "seller_email": ADMIN_EMAIL,
-                    "status": "approved",
-                    "created_at": datetime.now()
-                },
-                {
-                    "name": "Toyota Fortuner",
-                    "year": 2020,
-                    "price": 3200000,
-                    "description": "Powerful engine, premium SUV, 4x4 drive. Leather seats, well maintained.",
-                    "seller_id": "admin",
-                    "seller_email": ADMIN_EMAIL,
-                    "status": "approved",
-                    "created_at": datetime.now()
-                }
+                {"name": "Maruti Swift", "year": 2022, "price": 650000, "status": "approved"},
+                {"name": "Hyundai Creta", "year": 2021, "price": 1250000, "status": "approved"}
             ]
             cars.insert_many(sample_cars)
-            print("✅ Sample cars added successfully!")
-        
-        print("✅ Database initialized successfully!")
+            print("✅ Sample cars added")
+            
     except Exception as e:
-        print(f"❌ Database initialization failed: {e}")
+        print(f"❌ Database init error: {e}")
 
-# Initialize database when app starts
 initialize_database()
 
-# Format price in Indian Rupees
+# Safe price formatting function
 def format_price(price):
-    """Format price in Indian Rupees with comma separation"""
-    return f"₹{price:,.0f}"
+    """Format price safely - handle None and other types"""
+    try:
+        if price is None:
+            return "₹0"
+        return f"₹{int(price):,}"
+    except (ValueError, TypeError):
+        return "₹0"
 
-# Add the format_price function to Jinja2 templates
 app.jinja_env.filters['format_price'] = format_price
 
-# Routes
 @app.route('/')
 def index():
-    try:
-        if db is None:
-            flash('Database connection issue. Please try again later.')
-            return render_template('index.html', cars=[])
-        
-        # Get all approved cars
-        car_list = list(db.cars.find({"status": "approved"}))
-        return render_template('index.html', cars=car_list)
-    except Exception as e:
-        print(f"Error in index route: {e}")
-        flash('Error loading cars. Please try again.')
-        return render_template('index.html', cars=[])
+    cars = []
+    if db:
+        try:
+            cars = list(db.cars.find({"status": "approved"}))
+        except Exception as e:
+            print(f"Error fetching cars: {e}")
+            flash("Error loading cars")
+    
+    return render_template('index.html', cars=cars)
 
 @app.route('/login', methods=['GET', 'POST'])
 def login():
     if request.method == 'POST':
-        try:
-            if db is None:
-                flash('Database connection issue. Please try again later.')
-                return redirect(url_for('login'))
-            
-            email = request.form.get('email')
-            password = request.form.get('password')
-            
-            # First check if it's the admin login
-            if email == ADMIN_EMAIL and password == ADMIN_PASSWORD:
-                admin_user = db.users.find_one({"email": ADMIN_EMAIL})
-                if admin_user:
-                    session['user_id'] = str(admin_user['_id'])
-                    session['role'] = 'admin'
-                    session['email'] = ADMIN_EMAIL
-                    flash('Admin login successful!')
-                    return redirect(url_for('admin_dashboard'))
-            
-            # Regular user login
-            user = db.users.find_one({"email": email})
-            
-            if user:
-                # Check password
-                if bcrypt.checkpw(password.encode('utf-8'), user['password']):
-                    # Check if seller is approved
+        email = request.form.get('email', '').strip()
+        password = request.form.get('password', '')
+        
+        if not email or not password:
+            flash('Please fill all fields')
+            return render_template('login.html')
+        
+        # Admin login
+        if email == ADMIN_EMAIL and password == ADMIN_PASSWORD:
+            session['user_id'] = 'admin'
+            session['role'] = 'admin'
+            session['email'] = email
+            flash('Admin login successful!')
+            return redirect(url_for('admin_dashboard'))
+        
+        # Regular user login
+        if db:
+            try:
+                user = db.users.find_one({"email": email})
+                if user and bcrypt.checkpw(password.encode('utf-8'), user['password']):
                     if user['role'] == 'seller' and not user.get('approved', False):
-                        flash('Your seller account is pending approval by admin.')
+                        flash('Seller account pending approval')
                         return redirect(url_for('login'))
                     
                     session['user_id'] = str(user['_id'])
                     session['role'] = user['role']
                     session['email'] = email
                     
-                    flash(f'Welcome back, {user["name"]}!')
-                    
                     if user['role'] == 'buyer':
                         return redirect(url_for('index'))
-                    elif user['role'] == 'seller':
+                    else:
                         return redirect(url_for('seller_dashboard'))
                 else:
-                    flash('Invalid email or password')
-            else:
-                flash('User not found. Please register first.')
-        except Exception as e:
-            print(f"Error in login: {e}")
-            flash('Login failed. Please try again.')
+                    flash('Invalid credentials')
+            except Exception as e:
+                print(f"Login error: {e}")
+                flash('Login error occurred')
+        else:
+            flash('Database unavailable')
     
     return render_template('login.html')
 
 @app.route('/register', methods=['GET', 'POST'])
 def register():
     if request.method == 'POST':
+        name = request.form.get('name', '').strip()
+        email = request.form.get('email', '').strip()
+        password = request.form.get('password', '')
+        role = request.form.get('role', 'buyer')
+        phone = request.form.get('phone', '').strip()
+        address = request.form.get('address', '').strip()
+        
+        if not all([name, email, password, phone, address]):
+            flash('Please fill all fields')
+            return render_template('register.html')
+        
+        if not db:
+            flash('Database unavailable')
+            return render_template('register.html')
+        
         try:
-            if db is None:
-                flash('Database connection issue. Please try again later.')
-                return redirect(url_for('register'))
-            
-            name = request.form.get('name')
-            email = request.form.get('email')
-            password = request.form.get('password')
-            role = request.form.get('role')
-            address = request.form.get('address')
-            phone = request.form.get('phone')
-            
-            # Check if user already exists
             if db.users.find_one({"email": email}):
                 flash('Email already registered')
-                return redirect(url_for('register'))
-            
-            # Hash password
-            hashed_password = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt())
+                return render_template('register.html')
             
-            # Create user document
+            hashed = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt())
             user_data = {
-                "name": name,
-                "email": email,
-                "password": hashed_password,
-                "role": role,
-                "address": address,
-                "phone": phone,
-                "approved": True if role == 'buyer' else False,
+                "name": name, "email": email, "password": hashed, "role": role,
+                "phone": phone, "address": address, "approved": role == 'buyer',
                 "created_at": datetime.now()
             }
             
             db.users.insert_one(user_data)
+            flash('Registration successful! Please login.' if role == 'buyer' else 'Registration pending approval')
+            return redirect(url_for('login'))
             
-            if role == 'buyer':
-                flash('Registration successful! Please login.')
-                return redirect(url_for('login'))
-            else:
-                flash('Registration submitted. Waiting for admin approval.')
-                return redirect(url_for('login'))
         except Exception as e:
-            print(f"Error in register: {e}")
-            flash('Registration failed. Please try again.')
+            print(f"Registration error: {e}")
+            flash('Registration failed')
     
     return render_template('register.html')
 
 @app.route('/logout')
 def logout():
     session.clear()
-    flash('You have been logged out successfully.')
+    flash('Logged out successfully')
     return redirect(url_for('index'))
 
 @app.route('/admin')
 def admin_dashboard():
-    if 'user_id' not in session or session.get('role') != 'admin':
-        flash('Please login as admin to access this page.')
+    if session.get('role') != 'admin':
+        flash('Admin access required')
         return redirect(url_for('login'))
     
-    try:
-        if db is None:
-            flash('Database connection issue. Please try again later.')
-            return render_template('admin.html', pending_sellers=[], pending_cars=[], total_users=0, total_cars=0, total_appointments=0)
-        
-        # Get pending seller approvals
-        pending_sellers = list(db.users.find({"role": "seller", "approved": False}))
-        
-        # Get all cars for approval
-        pending_cars = list(db.cars.find({"status": "pending"}))
-        
-        # Get stats
-        total_users = db.users.count_documents({})
-        total_cars = db.cars.count_documents({})
-        total_appointments = db.appointments.count_documents({})
-        
-        return render_template('admin.html', 
-                              pending_sellers=pending_sellers, 
-                              pending_cars=pending_cars,
-                              total_users=total_users,
-                              total_cars=total_cars,
-                              total_appointments=total_appointments)
-    except Exception as e:
-        print(f"Error in admin dashboard: {e}")
-        flash('Error loading admin dashboard.')
-        return render_template('admin.html', pending_sellers=[], pending_cars=[], total_users=0, total_cars=0, total_appointments=0)
+    pending_sellers = []
+    pending_cars = []
+    
+    if db:
+        try:
+            pending_sellers = list(db.users.find({"role": "seller", "approved": False}))
+            pending_cars = list(db.cars.find({"status": "pending"}))
+        except Exception as e:
+            print(f"Admin dashboard error: {e}")
+    
+    return render_template('admin.html', 
+                         pending_sellers=pending_sellers, 
+                         pending_cars=pending_cars)
 
 @app.route('/approve_seller/<user_id>')
 def approve_seller(user_id):
-    if 'user_id' not in session or session.get('role') != 'admin':
+    if session.get('role') != 'admin':
         return redirect(url_for('login'))
     
-    try:
-        if db is None:
-            flash('Database connection issue.')
-            return redirect(url_for('admin_dashboard'))
-        
-        db.users.update_one({"_id": ObjectId(user_id)}, {"$set": {"approved": True}})
-        flash('Seller approved successfully')
-    except Exception as e:
-        print(f"Error approving seller: {e}")
-        flash('Error approving seller.')
+    if db:
+        try:
+            db.users.update_one({"_id": ObjectId(user_id)}, {"$set": {"approved": True}})
+            flash('Seller approved')
+        except Exception as e:
+            print(f"Approve seller error: {e}")
+            flash('Approval failed')
     
     return redirect(url_for('admin_dashboard'))
 
 @app.route('/seller')
 def seller_dashboard():
-    if 'user_id' not in session or session.get('role') != 'seller':
+    if session.get('role') != 'seller':
         return redirect(url_for('login'))
     
-    try:
-        if db is None:
-            flash('Database connection issue. Please try again later.')
-            return render_template('seller_dashboard.html', cars=[])
-        
-        # Check if seller is approved
-        user = db.users.find_one({"_id": ObjectId(session['user_id'])})
-        if not user.get('approved', False):
-            flash('Your seller account is pending approval.')
-            return redirect(url_for('login'))
-        
-        # Get seller's cars
-        seller_cars = list(db.cars.find({"seller_id": session['user_id']}))
-        return render_template('seller_dashboard.html', cars=seller_cars)
-    except Exception as e:
-        print(f"Error in seller dashboard: {e}")
-        flash('Error loading seller dashboard.')
-        return render_template('seller_dashboard.html', cars=[])
+    cars = []
+    if db:
+        try:
+            user = db.users.find_one({"_id": ObjectId(session['user_id'])})
+            if not user.get('approved', False):
+                flash('Account pending approval')
+                return redirect(url_for('login'))
+            
+            cars = list(db.cars.find({"seller_id": session['user_id']}))
+        except Exception as e:
+            print(f"Seller dashboard error: {e}")
+    
+    return render_template('seller_dashboard.html', cars=cars)
 
 @app.route('/add_car', methods=['POST'])
 def add_car():
-    if 'user_id' not in session or session.get('role') != 'seller':
+    if session.get('role') != 'seller':
         return redirect(url_for('login'))
     
-    try:
-        if db is None:
-            flash('Database connection issue.')
-            return redirect(url_for('seller_dashboard'))
-        
-        name = request.form.get('name')
-        year = request.form.get('year')
-        price = request.form.get('price')
-        description = request.form.get('description')
-        
-        car_data = {
-            "name": name,
-            "year": int(year),
-            "price": int(price),
-            "description": description,
-            "seller_id": session['user_id'],
-            "seller_email": session['email'],
-            "status": "pending",
-            "created_at": datetime.now()
-        }
-        
-        db.cars.insert_one(car_data)
-        flash('Car added successfully. Waiting for admin approval.')
-    except Exception as e:
-        print(f"Error adding car: {e}")
-        flash('Error adding car. Please try again.')
+    name = request.form.get('name', '').strip()
+    year = request.form.get('year', '0')
+    price = request.form.get('price', '0')
+    description = request.form.get('description', '').strip()
+    
+    if not name:
+        flash('Car name required')
+        return redirect(url_for('seller_dashboard'))
+    
+    if db:
+        try:
+            car_data = {
+                "name": name, "year": int(year), "price": int(price),
+                "description": description, "seller_id": session['user_id'],
+                "seller_email": session['email'], "status": "pending",
+                "created_at": datetime.now()
+            }
+            db.cars.insert_one(car_data)
+            flash('Car added - pending approval')
+        except Exception as e:
+            print(f"Add car error: {e}")
+            flash('Error adding car')
     
     return redirect(url_for('seller_dashboard'))
 
 @app.route('/approve_car/<car_id>')
 def approve_car(car_id):
-    if 'user_id' not in session or session.get('role') != 'admin':
+    if session.get('role') != 'admin':
         return redirect(url_for('login'))
     
-    try:
-        if db is None:
-            flash('Database connection issue.')
-            return redirect(url_for('admin_dashboard'))
-        
-        db.cars.update_one({"_id": ObjectId(car_id)}, {"$set": {"status": "approved"}})
-        flash('Car approved successfully')
-    except Exception as e:
-        print(f"Error approving car: {e}")
-        flash('Error approving car.')
+    if db:
+        try:
+            db.cars.update_one({"_id": ObjectId(car_id)}, {"$set": {"status": "approved"}})
+            flash('Car approved')
+        except Exception as e:
+            print(f"Approve car error: {e}")
     
     return redirect(url_for('admin_dashboard'))
 
 @app.route('/book_appointment/<car_id>', methods=['GET', 'POST'])
 def book_appointment(car_id):
-    if 'user_id' not in session or session.get('role') != 'buyer':
+    if session.get('role') != 'buyer':
         return redirect(url_for('login'))
     
+    if not db:
+        flash('Database unavailable')
+        return redirect(url_for('index'))
+    
     try:
-        if db is None:
-            flash('Database connection issue. Please try again later.')
-            return redirect(url_for('index'))
-        
         car = db.cars.find_one({"_id": ObjectId(car_id)})
+        if not car:
+            flash('Car not found')
+            return redirect(url_for('index'))
         
         if request.method == 'POST':
-            name = request.form.get('name')
-            email = request.form.get('email')
-            address = request.form.get('address')
-            phone = request.form.get('phone')
-            preferred_date = request.form.get('preferred_date')
-            preferred_time = request.form.get('preferred_time')
+            name = request.form.get('name', '').strip()
+            email = request.form.get('email', '').strip()
+            address = request.form.get('address', '').strip()
+            phone = request.form.get('phone', '').strip()
+            
+            if not all([name, email, address, phone]):
+                flash('Please fill all fields')
+                return render_template('appointment.html', car=car)
             
             appointment_data = {
-                "car_id": car_id,
-                "car_name": car['name'],
-                "buyer_id": session['user_id'],
-                "buyer_name": name,
-                "buyer_email": email,
-                "buyer_address": address,
-                "buyer_phone": phone,
-                "preferred_date": preferred_date,
-                "preferred_time": preferred_time,
-                "status": "pending",
-                "created_at": datetime.now()
+                "car_id": car_id, "car_name": car['name'], "buyer_id": session['user_id'],
+                "buyer_name": name, "buyer_email": email, "buyer_address": address,
+                "buyer_phone": phone, "status": "pending", "created_at": datetime.now()
             }
             
             db.appointments.insert_one(appointment_data)
-            flash('Appointment booked successfully. Seller will contact you soon.')
+            flash('Appointment booked successfully!')
             return redirect(url_for('index'))
         
         return render_template('appointment.html', car=car)
+        
     except Exception as e:
-        print(f"Error booking appointment: {e}")
-        flash('Error booking appointment. Please try again.')
+        print(f"Appointment error: {e}")
+        flash('Error processing appointment')
         return redirect(url_for('index'))
 
 @app.route('/seller_appointments/<car_id>')
 def seller_appointments(car_id):
-    if 'user_id' not in session or session.get('role') != 'seller':
+    if session.get('role') != 'seller':
         return redirect(url_for('login'))
     
-    try:
-        if db is None:
-            flash('Database connection issue. Please try again later.')
-            return render_template('seller.html', appointments=[], car={})
-        
-        car_appointments = list(db.appointments.find({"car_id": car_id}))
-        car = db.cars.find_one({"_id": ObjectId(car_id)})
-        return render_template('seller.html', appointments=car_appointments, car=car)
-    except Exception as e:
-        print(f"Error loading appointments: {e}")
-        flash('Error loading appointments.')
-        return render_template('seller.html', appointments=[], car={})
+    appointments = []
+    car = {}
+    
+    if db:
+        try:
+            appointments = list(db.appointments.find({"car_id": car_id}))
+            car = db.cars.find_one({"_id": ObjectId(car_id)}) or {}
+        except Exception as e:
+            print(f"Appointments error: {e}")
+    
+    return render_template('seller.html', appointments=appointments, car=car)
 
 @app.route('/approve_appointment/<appointment_id>', methods=['POST'])
 def approve_appointment(appointment_id):
-    if 'user_id' not in session or session.get('role') != 'seller':
+    if session.get('role') != 'seller':
         return redirect(url_for('login'))
     
-    try:
-        if db is None:
-            flash('Database connection issue.')
-            return redirect(url_for('seller_dashboard'))
-        
-        meeting_date = request.form.get('meeting_date')
-        meeting_time = request.form.get('meeting_time')
-        meeting_place = request.form.get('meeting_place')
-        
-        appointment = db.appointments.find_one({"_id": ObjectId(appointment_id)})
-        
-        # Update appointment status
-        db.appointments.update_one(
-            {"_id": ObjectId(appointment_id)}, 
-            {"$set": {
+    if db:
+        try:
+            meeting_data = {
                 "status": "approved",
-                "meeting_date": meeting_date,
-                "meeting_time": meeting_time,
-                "meeting_place": meeting_place
-            }}
-        )
-        
-        # Send email to buyer
-        send_meeting_email(
-            appointment['buyer_email'],
-            appointment['car_name'],
-            meeting_date,
-            meeting_time,
-            meeting_place
-        )
-        
-        flash('Appointment approved and email sent to buyer')
-    except Exception as e:
-        print(f"Error approving appointment: {e}")
-        flash('Error approving appointment.')
+                "meeting_date": request.form.get('meeting_date', ''),
+                "meeting_time": request.form.get('meeting_time', ''),
+                "meeting_place": request.form.get('meeting_place', '')
+            }
+            db.appointments.update_one({"_id": ObjectId(appointment_id)}, {"$set": meeting_data})
+            flash('Appointment approved')
+        except Exception as e:
+            print(f"Approve appointment error: {e}")
+            flash('Approval failed')
     
-    return redirect(url_for('seller_appointments', car_id=appointment['car_id']))
-
-def send_meeting_email(buyer_email, car_name, date, time, place):
-    try:
-        subject = f"Carwala - Appointment Confirmation for {car_name}"
-        body = f"""
-        Dear Valued Customer,
-
-        Your appointment for {car_name} has been approved by the seller.
-
-        Meeting Details:
-        - Car: {car_name}
-        - Date: {date}
-        - Time: {time}
-        - Location: {place}
-
-        Please arrive on time for the test drive. Don't forget to bring your driving license.
-
-        If you have any questions, please contact the seller directly.
-
-        Thank you for choosing Carwala!
-
-        Best regards,
-        Carwala Team
-        Car Buying & Selling Platform
-        """
-        
-        msg = MIMEMultipart()
-        msg['From'] = SMTP_EMAIL
-        msg['To'] = buyer_email
-        msg['Subject'] = subject
-        
-        msg.attach(MIMEText(body, 'plain'))
-        
-        server = smtplib.SMTP('smtp.gmail.com', 587)
-        server.starttls()
-        server.login(SMTP_EMAIL, SMTP_PASSWORD)
-        text = msg.as_string()
-        server.sendmail(SMTP_EMAIL, buyer_email, text)
-        server.quit()
-        
-        return True
-    except Exception as e:
-        print(f"Email error: {e}")
-        return False
-
-# Error handler
-@app.errorhandler(500)
-def internal_error(error):
-    return render_template('error.html'), 500
-
-@app.errorhandler(404)
-def not_found_error(error):
-    return render_template('error.html'), 404
+    return redirect(url_for('seller_dashboard'))
 
 if __name__ == '__main__':
     app.run(host='0.0.0.0', port=7860, debug=False)