Update main.py

main.py

@@ -47,6 +47,19 @@ else:
         logger.error(f"Failed to initialize Gemini AI Client with genai.Client(): {e}")
         gemini_client = None
 
+import resend
+# NEW: Initialize the Resend client using environment variables
+# This should be placed near your other initializations at the top of the file.
+if 'RESEND_API_KEY' in os.environ:
+    resend.api_key = os.environ["RESEND_API_KEY"]
+    SENDER_EMAIL = os.environ.get("SENDER_EMAIL")
+    if not SENDER_EMAIL:
+        logger.warning("RESEND_API_KEY is set, but SENDER_EMAIL is not. Emails will not be sent.")
+        resend.api_key = None # Disable client if sender is not configured
+else:
+    logger.info("RESEND_API_KEY environment variable not found. Email notifications will be disabled.")
+    resend.api_key = None
+
 #--- Firebase Initialization ---
 FIREBASE_CREDENTIALS_JSON_STRING = os.getenv("FIREBASE")
 FIREBASE_DB_URL = os.getenv("Firebase_DB")
@@ -223,14 +236,17 @@ def handle_route_errors(e, uid_context="unknown"): # Added uid_context for bette
         return jsonify({'error': f'An unexpected error occurred: {str(e)}', 'type': 'GenericError'}), 500
 
 #--- system notifications ---
-def _send_system_notification(user_id, message_content, notif_type, link=None): # Renamed message to message_content
+
+def _send_system_notification(user_id, message_content, notif_type, link=None, send_email=False, email_subject=None, email_body=None):
     if not FIREBASE_INITIALIZED:
         logger.error("_send_system_notification: Firebase not ready.")
         return False
     if not user_id or not message_content:
-        logger.warning(f"_send_system_notification: Called with missing user_id ('{user_id}') or message_content ('{message_content}').")
+        logger.warning(f"_send_system_notification: Called with missing user_id or message_content.")
         return False
 
+    # --- Primary Channel: Firebase In-App Notification ---
+    firebase_success = False
     notif_id = str(uuid.uuid4())
     notif_data = {
         "message": message_content,
@@ -241,14 +257,50 @@ def _send_system_notification(user_id, message_content, notif_type, link=None):
     }
     try:
         db.reference(f'notifications/{user_id}/{notif_id}', app=db_app).set(notif_data)
-        logger.info(f"Notification sent to {user_id}: {message_content[:50]}...")
-        return True
+        logger.info(f"Firebase notification sent to {user_id}: {message_content[:50]}...")
+        firebase_success = True
     except firebase_exceptions.FirebaseError as fe:
-        logger.error(f"Failed to send notification to {user_id} due to Firebase error: {fe}")
-        return False
+        logger.error(f"Failed to send Firebase notification to {user_id} due to Firebase error: {fe}")
     except Exception as e:
-        logger.error(f"Failed to send notification to {user_id} due to generic error: {e}")
-        return False
+        logger.error(f"Failed to send Firebase notification to {user_id} due to generic error: {e}")
+
+    # --- Secondary Channel: Email via Resend ---
+    if send_email:
+        if not resend.api_key or not SENDER_EMAIL:
+            logger.warning(f"Skipping email for user {user_id} because Resend is not configured.")
+            return firebase_success # Return status of primary channel
+
+        try:
+            user_profile = db.reference(f'users/{user_id}', app=db_app).get()
+            if not user_profile or not user_profile.get('email'):
+                logger.warning(f"Cannot send email to user {user_id}: no profile or email address found.")
+                return firebase_success
+
+            recipient_email = user_profile['email']
+            # Basic email validation
+            if '@' not in recipient_email or '.' not in recipient_email.split('@')[1]:
+                 logger.warning(f"Cannot send email to user {user_id}: invalid email format ('{recipient_email}').")
+                 return firebase_success
+
+            # Use message_content as fallback for email body if not provided
+            html_content = email_body if email_body else f"<p>{message_content}</p>"
+            
+            params = {
+                "from": SENDER_EMAIL,
+                "to": [recipient_email],
+                "subject": email_subject or "New Notification from Tunasonga Agri",
+                "html": html_content,
+            }
+            email_response = resend.Emails.send(params)
+            logger.info(f"Email dispatched to {recipient_email} via Resend. ID: {email_response['id']}")
+
+        except firebase_exceptions.FirebaseError as fe_db:
+            logger.error(f"Email dispatch failed for {user_id}: Could not fetch user profile from Firebase. Error: {fe_db}")
+        except Exception as e_resend:
+            # This catches errors from the resend.Emails.send() call
+            logger.error(f"Email dispatch failed for {user_id} ({recipient_email}). Resend API Error: {e_resend}")
+
+    return firebase_success
 
 #--- Authentication Endpoints ---
 @app.route('/api/auth/signup', methods=['POST'])
@@ -518,28 +570,45 @@ def admin_action_on_role(application_id, action):
         message_text = ""
         
         if action == 'approve':
-            app_ref.update({
-                'status': 'approved', 
-                'reviewed_by': admin_uid, 
-                'reviewed_at': update_time
-            })
+            app_ref.update({'status': 'approved', 'reviewed_by': admin_uid, 'reviewed_at': update_time})
             user_profile_ref.child('roles').update({role: True})
             user_profile_ref.child('role_applications').update({role: 'approved'})
             message_text = f"Role {role} for user {user_id} approved."
+            action_past_tense = "approved"
         else:  # reject
-            app_ref.update({
-                'status': 'rejected', 
-                'reviewed_by': admin_uid, 
-                'reviewed_at': update_time
-            })
+            app_ref.update({'status': 'rejected', 'reviewed_by': admin_uid, 'reviewed_at': update_time})
             user_profile_ref.child('role_applications').update({role: 'rejected'})
             message_text = f"Role {role} for user {user_id} rejected."
+            action_past_tense = "rejected"
+
+        # --- MODIFIED: Send a rich HTML email for this critical event ---
+        email_subject = f"Your Tunasonga Agri Application for the '{role.capitalize()}' Role"
+        email_body = f"""
+        <div style="font-family: sans-serif; padding: 20px; border: 1px solid #e0e0e0; border-radius: 8px;">
+            <h2 style="color: #333;">Application Status Update</h2>
+            <p>Hello,</p>
+            <p>This is an update regarding your application for the <strong>{role.capitalize()}</strong> role on the Tunasonga platform.</p>
+            <p>Your application has been <strong>{action_past_tense}</strong> by an administrator.</p>
+            <a href="https://tunasongaagri.co.zw/profile" style="display: inline-block; padding: 10px 15px; background-color: #28a745; color: #ffffff; text-decoration: none; border-radius: 5px; margin-top: 15px;">
+                View My Profile
+            </a>
+            <p style="margin-top: 20px; font-size: 0.9em; color: #777;">
+                If you have any questions, please contact our support team.
+            </p>
+            <p style="margin-top: 5px; font-size: 0.9em; color: #777;">
+                Thank you,<br>The Tunasonga Agri Team
+            </p>
+        </div>
+        """
         
         _send_system_notification(
-            user_id, 
-            f"Your application for the '{role}' role has been {action}d.", 
-            "role_status", 
-            f"/profile/roles"
+            user_id=user_id, 
+            message_content=f"Your application for the '{role}' role has been {action_past_tense}.", 
+            notif_type="role_status", 
+            link="/profile/roles",
+            send_email=True,
+            email_subject=email_subject,
+            email_body=email_body
         )
         
         return jsonify({'success': True, 'message': message_text}), 200
@@ -1905,25 +1974,55 @@ def admin_send_notification():
     try:
         admin_uid = verify_admin(auth_header)
         if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503
+        
         data = request.get_json()
-        message_content, target_group, target_users_list = data.get('message'), data.get('target_group', 'all'), data.get('target_users', [])
-        if not message_content: return jsonify({'error': 'Message is required'}), 400
+        message_content = data.get('message') # For the in-app notification
+        target_group = data.get('target_group', 'all')
+        target_users_list = data.get('target_users', [])
+        
+        # New email-specific fields from frontend
+        send_as_email = data.get('send_as_email', False)
+        email_subject = data.get('email_subject')
+        email_body_html = data.get('email_body_html')
+
+        if not message_content:
+            return jsonify({'error': 'In-app notification message is required'}), 400
+        if send_as_email and (not email_subject or not email_body_html):
+            return jsonify({'error': 'If sending as email, email_subject and email_body_html are required.'}), 400
+
         recipients_uids = set()
         all_users_data = db.reference('users', app=db_app).get() or {}
+        
         if target_users_list and isinstance(target_users_list, list):
             for uid_target in target_users_list:
                 if uid_target in all_users_data: recipients_uids.add(uid_target)
-        elif target_group == 'all': recipients_uids.update(all_users_data.keys())
+        elif target_group == 'all':
+            recipients_uids.update(all_users_data.keys())
         elif target_group in ['farmers', 'buyers', 'transporters']:
-            role_key = target_group[:-1]
+            role_key = target_group[:-1] # 'farmers' -> 'farmer'
             for uid_loop, u_data in all_users_data.items():
-                if u_data and u_data.get('roles', {}).get(role_key, False): recipients_uids.add(uid_loop)
-        else: return jsonify({'error': 'Invalid target_group or target_users not provided correctly'}), 400
+                if u_data and u_data.get('roles', {}).get(role_key, False):
+                    recipients_uids.add(uid_loop)
+        else:
+            return jsonify({'error': 'Invalid target_group or target_users not provided correctly'}), 400
+        
         sent_count = 0
         for uid_recipient in recipients_uids:
-            if _send_system_notification(uid_recipient, message_content, "admin_broadcast"): sent_count += 1
-        return jsonify({'success': True, 'message': f"Broadcast notification sent to {sent_count} user(s)."}), 200
-    except Exception as e: return handle_route_errors(e, uid_context=admin_uid)
+            # Call the upgraded notification function with all parameters
+            if _send_system_notification(
+                user_id=uid_recipient,
+                message_content=message_content,
+                notif_type="admin_broadcast",
+                send_email=send_as_email,
+                email_subject=email_subject,
+                email_body=email_body_html
+            ):
+                sent_count += 1
+                
+        return jsonify({'success': True, 'message': f"Broadcast notification dispatched for {sent_count} user(s)."}), 200
+        
+    except Exception as e:
+        return handle_route_errors(e, uid_context=admin_uid)
 
 @app.route('/api/user/notifications', methods=['GET'])
 def get_user_notifications():