from flask import Flask, request, redirect, url_for, make_response, render_template
from flask_sqlalchemy import SQLAlchemy
from werkzeug.security import generate_password_hash, check_password_hash

app = Flask(__name__)

# Configure the SQLite database
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///users.db'
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
db = SQLAlchemy(app)

# Define the User model
class User(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    username = db.Column(db.String(80), unique=True, nullable=False)
    password = db.Column(db.String(200), nullable=False)

# Create the database and tables
@app.before_first_request
def create_tables():
    db.create_all()

# Landing page route
@app.route('/')
def landing_page():
    return render_template('index.html')  # Ensure index.html exists in the templates folder

# User registration route
@app.route('/register', methods=['POST'])
def register():
    username = request.form.get('username')
    password = request.form.get('password')

    # Check if the username already exists
    if User.query.filter_by(username=username).first():
        return "Username already exists. Please choose another.", 400

    # Hash the password and save the user to the database
    hashed_password = generate_password_hash(password)
    new_user = User(username=username, password=hashed_password)
    db.session.add(new_user)
    db.session.commit()

    return "User registered successfully!", 201

# User login route
@app.route('/login', methods=['POST'])
def login():
    username = request.form.get('username')
    password = request.form.get('password')

    # Look up the user in the database
    user = User.query.filter_by(username=username).first()
    if not user:
        return "Invalid username."

    # Verify the password
    if check_password_hash(user.password, password):
        response = make_response(redirect(url_for('landing_page')))
        response.set_cookie('logged_in', 'true', max_age=3600)  # Set session cookie for 1 hour
        response.set_cookie('username', username, max_age=3600)
        return response

    return "Invalid password!"

# User logout route
@app.route('/logout')
def logout():
    response = make_response(redirect(url_for('landing_page')))
    response.delete_cookie('logged_in')
    response.delete_cookie('username')
    return response

if __name__ == '__main__':
    app.run(debug=True)