Update app.py

app.py

@@ -10,26 +10,28 @@ import os
 app = Flask(__name__)
 app.secret_key = 'carwala_secret_key_2024'
 
-# MongoDB configuration
-MONGODB_URI = "mongodb+srv://arshbir:arshbir123@arshbir.9pulohe.mongodb.net/carwala?retryWrites=true&w=majority"
+# MongoDB configuration - using carwala1 database
+MONGODB_URI = "mongodb+srv://arshbir:arshbir123@arshbir.9pulohe.mongodb.net/carwala1?retryWrites=true&w=majority"
 client = MongoClient(MONGODB_URI)
-db = client.carwala
-
-# Collections
-users = db.users
-cars = db.cars
-appointments = db.appointments
-
-# Email configuration
-SMTP_EMAIL = "singharshbir76@gmail.com"
-SMTP_PASSWORD = "wpiy tuxp pgpf wljz"
+db = client.carwala1
 
 # Admin credentials
 ADMIN_EMAIL = "singharshbir76@gmail.com"
 ADMIN_PASSWORD = "arshbir"
 
-def create_admin_user():
-    """Create admin user if not exists"""
+def initialize_database():
+    """Initialize database and create collections if they don't exist"""
+    # Get or create collections
+    users = db.users
+    cars = db.cars
+    appointments = db.appointments
+    
+    # Create indexes
+    users.create_index("email", unique=True)
+    cars.create_index("seller_id")
+    appointments.create_index("car_id")
+    
+    # Create admin user if not exists
     admin_user = users.find_one({"email": ADMIN_EMAIL})
     if not admin_user:
         hashed_password = bcrypt.hashpw(ADMIN_PASSWORD.encode('utf-8'), bcrypt.gensalt())
@@ -44,18 +46,55 @@ def create_admin_user():
             "created_at": datetime.now()
         }
         users.insert_one(admin_data)
-        print("Admin user created successfully!")
-    else:
-        print("Admin user already exists")
+        print("✅ Admin user created successfully!")
+    
+    # Add some sample cars if database is empty
+    if cars.count_documents({}) == 0:
+        sample_cars = [
+            {
+                "name": "Toyota Camry",
+                "year": 2020,
+                "price": 25000,
+                "description": "Excellent condition, low mileage, fuel efficient",
+                "seller_id": "admin",
+                "seller_email": ADMIN_EMAIL,
+                "status": "approved",
+                "created_at": datetime.now()
+            },
+            {
+                "name": "Honda Civic",
+                "year": 2019,
+                "price": 22000,
+                "description": "Well maintained, single owner, all services done",
+                "seller_id": "admin",
+                "seller_email": ADMIN_EMAIL,
+                "status": "approved",
+                "created_at": datetime.now()
+            },
+            {
+                "name": "Ford Mustang",
+                "year": 2021,
+                "price": 35000,
+                "description": "Powerful engine, sporty look, premium features",
+                "seller_id": "admin",
+                "seller_email": ADMIN_EMAIL,
+                "status": "approved",
+                "created_at": datetime.now()
+            }
+        ]
+        cars.insert_many(sample_cars)
+        print("✅ Sample cars added successfully!")
+    
+    print("✅ Database initialized successfully!")
 
-# Create admin user when app starts
-create_admin_user()
+# Initialize database when app starts
+initialize_database()
 
 # Routes
 @app.route('/')
 def index():
     # Get all approved cars
-    car_list = list(cars.find({"status": "approved"}))
+    car_list = list(db.cars.find({"status": "approved"}))
     return render_template('index.html', cars=car_list)
 
 @app.route('/login', methods=['GET', 'POST'])
@@ -63,22 +102,22 @@ def login():
     if request.method == 'POST':
         email = request.form.get('email')
         password = request.form.get('password')
-        print(f"Login attempt: {email}")  # Debug log
-        
-        user = users.find_one({"email": email})
         
-        if user:
-            print(f"User found: {user['email']}, Role: {user.get('role')}")  # Debug log
-            
-            # Check if user is admin using the special credentials
-            if email == ADMIN_EMAIL and password == ADMIN_PASSWORD:
-                session['user_id'] = str(user['_id'])
+        # First check if it's the admin login
+        if email == ADMIN_EMAIL and password == ADMIN_PASSWORD:
+            admin_user = db.users.find_one({"email": ADMIN_EMAIL})
+            if admin_user:
+                session['user_id'] = str(admin_user['_id'])
                 session['role'] = 'admin'
-                session['email'] = email
-                print("Admin login successful")  # Debug log
+                session['email'] = ADMIN_EMAIL
+                flash('Admin login successful!')
                 return redirect(url_for('admin_dashboard'))
-            
-            # Check password for regular users
+        
+        # Regular user login
+        user = db.users.find_one({"email": email})
+        
+        if user:
+            # Check password
             if bcrypt.checkpw(password.encode('utf-8'), user['password']):
                 # Check if seller is approved
                 if user['role'] == 'seller' and not user.get('approved', False):
@@ -89,19 +128,66 @@ def login():
                 session['role'] = user['role']
                 session['email'] = email
                 
+                flash(f'Welcome back, {user["name"]}!')
+                
                 if user['role'] == 'buyer':
                     return redirect(url_for('index'))
                 elif user['role'] == 'seller':
                     return redirect(url_for('seller_dashboard'))
             else:
                 flash('Invalid email or password')
-                print("Password check failed")  # Debug log
         else:
-            flash('User not found')
-            print("User not found")  # Debug log
+            flash('User not found. Please register first.')
     
     return render_template('login.html')
 
+@app.route('/register', methods=['GET', 'POST'])
+def register():
+    if request.method == 'POST':
+        name = request.form.get('name')
+        email = request.form.get('email')
+        password = request.form.get('password')
+        role = request.form.get('role')
+        address = request.form.get('address')
+        phone = request.form.get('phone')
+        
+        # Check if user already exists
+        if db.users.find_one({"email": email}):
+            flash('Email already registered')
+            return redirect(url_for('register'))
+        
+        # Hash password
+        hashed_password = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt())
+        
+        # Create user document
+        user_data = {
+            "name": name,
+            "email": email,
+            "password": hashed_password,
+            "role": role,
+            "address": address,
+            "phone": phone,
+            "approved": True if role == 'buyer' else False,
+            "created_at": datetime.now()
+        }
+        
+        db.users.insert_one(user_data)
+        
+        if role == 'buyer':
+            flash('Registration successful! Please login.')
+            return redirect(url_for('login'))
+        else:
+            flash('Registration submitted. Waiting for admin approval.')
+            return redirect(url_for('login'))
+    
+    return render_template('register.html')
+
+@app.route('/logout')
+def logout():
+    session.clear()
+    flash('You have been logged out successfully.')
+    return redirect(url_for('index'))
+
 @app.route('/admin')
 def admin_dashboard():
     if 'user_id' not in session or session.get('role') != 'admin':
@@ -109,16 +195,202 @@ def admin_dashboard():
         return redirect(url_for('login'))
     
     # Get pending seller approvals
-    pending_sellers = list(users.find({"role": "seller", "approved": False}))
+    pending_sellers = list(db.users.find({"role": "seller", "approved": False}))
     
     # Get all cars for approval
-    pending_cars = list(cars.find({"status": "pending"}))
+    pending_cars = list(db.cars.find({"status": "pending"}))
+    
+    # Get stats
+    total_users = db.users.count_documents({})
+    total_cars = db.cars.count_documents({})
+    total_appointments = db.appointments.count_documents({})
     
     return render_template('admin.html', 
                           pending_sellers=pending_sellers, 
-                          pending_cars=pending_cars)
+                          pending_cars=pending_cars,
+                          total_users=total_users,
+                          total_cars=total_cars,
+                          total_appointments=total_appointments)
+
+@app.route('/approve_seller/<user_id>')
+def approve_seller(user_id):
+    if 'user_id' not in session or session.get('role') != 'admin':
+        return redirect(url_for('login'))
+    
+    from bson.objectid import ObjectId
+    db.users.update_one({"_id": ObjectId(user_id)}, {"$set": {"approved": True}})
+    flash('Seller approved successfully')
+    return redirect(url_for('admin_dashboard'))
+
+@app.route('/seller')
+def seller_dashboard():
+    if 'user_id' not in session or session.get('role') != 'seller':
+        return redirect(url_for('login'))
+    
+    # Check if seller is approved
+    from bson.objectid import ObjectId
+    user = db.users.find_one({"_id": ObjectId(session['user_id'])})
+    if not user.get('approved', False):
+        flash('Your seller account is pending approval.')
+        return redirect(url_for('login'))
+    
+    # Get seller's cars
+    seller_cars = list(db.cars.find({"seller_id": session['user_id']}))
+    return render_template('seller_dashboard.html', cars=seller_cars)
 
-# ... (rest of the routes remain the same)
+@app.route('/add_car', methods=['POST'])
+def add_car():
+    if 'user_id' not in session or session.get('role') != 'seller':
+        return redirect(url_for('login'))
+    
+    name = request.form.get('name')
+    year = request.form.get('year')
+    price = request.form.get('price')
+    description = request.form.get('description')
+    
+    car_data = {
+        "name": name,
+        "year": year,
+        "price": price,
+        "description": description,
+        "seller_id": session['user_id'],
+        "seller_email": session['email'],
+        "status": "pending",
+        "created_at": datetime.now()
+    }
+    
+    db.cars.insert_one(car_data)
+    flash('Car added successfully. Waiting for admin approval.')
+    return redirect(url_for('seller_dashboard'))
+
+@app.route('/approve_car/<car_id>')
+def approve_car(car_id):
+    if 'user_id' not in session or session.get('role') != 'admin':
+        return redirect(url_for('login'))
+    
+    from bson.objectid import ObjectId
+    db.cars.update_one({"_id": ObjectId(car_id)}, {"$set": {"status": "approved"}})
+    flash('Car approved successfully')
+    return redirect(url_for('admin_dashboard'))
+
+@app.route('/book_appointment/<car_id>', methods=['GET', 'POST'])
+def book_appointment(car_id):
+    if 'user_id' not in session or session.get('role') != 'buyer':
+        return redirect(url_for('login'))
+    
+    from bson.objectid import ObjectId
+    car = db.cars.find_one({"_id": ObjectId(car_id)})
+    
+    if request.method == 'POST':
+        name = request.form.get('name')
+        email = request.form.get('email')
+        address = request.form.get('address')
+        phone = request.form.get('phone')
+        preferred_date = request.form.get('preferred_date')
+        preferred_time = request.form.get('preferred_time')
+        
+        appointment_data = {
+            "car_id": car_id,
+            "car_name": car['name'],
+            "buyer_id": session['user_id'],
+            "buyer_name": name,
+            "buyer_email": email,
+            "buyer_address": address,
+            "buyer_phone": phone,
+            "preferred_date": preferred_date,
+            "preferred_time": preferred_time,
+            "status": "pending",
+            "created_at": datetime.now()
+        }
+        
+        db.appointments.insert_one(appointment_data)
+        flash('Appointment booked successfully. Seller will contact you soon.')
+        return redirect(url_for('index'))
+    
+    return render_template('appointment.html', car=car)
+
+@app.route('/seller_appointments/<car_id>')
+def seller_appointments(car_id):
+    if 'user_id' not in session or session.get('role') != 'seller':
+        return redirect(url_for('login'))
+    
+    car_appointments = list(db.appointments.find({"car_id": car_id}))
+    from bson.objectid import ObjectId
+    car = db.cars.find_one({"_id": ObjectId(car_id)})
+    return render_template('seller.html', appointments=car_appointments, car=car)
+
+@app.route('/approve_appointment/<appointment_id>', methods=['POST'])
+def approve_appointment(appointment_id):
+    if 'user_id' not in session or session.get('role') != 'seller':
+        return redirect(url_for('login'))
+    
+    meeting_date = request.form.get('meeting_date')
+    meeting_time = request.form.get('meeting_time')
+    meeting_place = request.form.get('meeting_place')
+    
+    from bson.objectid import ObjectId
+    appointment = db.appointments.find_one({"_id": ObjectId(appointment_id)})
+    
+    # Update appointment status
+    db.appointments.update_one(
+        {"_id": ObjectId(appointment_id)}, 
+        {"$set": {
+            "status": "approved",
+            "meeting_date": meeting_date,
+            "meeting_time": meeting_time,
+            "meeting_place": meeting_place
+        }}
+    )
+    
+    # Send email to buyer
+    send_meeting_email(
+        appointment['buyer_email'],
+        appointment['car_name'],
+        meeting_date,
+        meeting_time,
+        meeting_place
+    )
+    
+    flash('Appointment approved and email sent to buyer')
+    return redirect(url_for('seller_appointments', car_id=appointment['car_id']))
+
+def send_meeting_email(buyer_email, car_name, date, time, place):
+    try:
+        subject = f"Appointment Confirmation for {car_name}"
+        body = f"""
+        Dear Buyer,
+        
+        Your appointment for {car_name} has been approved.
+        
+        Meeting Details:
+        Date: {date}
+        Time: {time}
+        Place: {place}
+        
+        Please arrive on time for the test drive.
+        
+        Best regards,
+        Carwala Team
+        """
+        
+        msg = MIMEMultipart()
+        msg['From'] = SMTP_EMAIL
+        msg['To'] = buyer_email
+        msg['Subject'] = subject
+        
+        msg.attach(MIMEText(body, 'plain'))
+        
+        server = smtplib.SMTP('smtp.gmail.com', 587)
+        server.starttls()
+        server.login(SMTP_EMAIL, SMTP_PASSWORD)
+        text = msg.as_string()
+        server.sendmail(SMTP_EMAIL, buyer_email, text)
+        server.quit()
+        
+        return True
+    except Exception as e:
+        print(f"Email error: {e}")
+        return False
 
 if __name__ == '__main__':
     app.run(host='0.0.0.0', port=7860, debug=False)