from flask import Flask, render_template, request, redirect, url_for, session, make_response
import sqlite3
from datetime import timedelta
from werkzeug.security import generate_password_hash, check_password_hash

# Flask App Setup
app = Flask(__name__)
app.secret_key = "supersecretkey"  # Secret key (keep it secret in production)
app.permanent_session_lifetime = timedelta(days=7)  # For "Remember Me"

# Helper function to connect to SQLite database
def get_db_connection():
    conn = sqlite3.connect("users.db")
    conn.row_factory = sqlite3.Row
    return conn

# Initialize database with a "users" table
def init_db():
    conn = get_db_connection()
    conn.execute("""
        CREATE TABLE IF NOT EXISTS users (
            id INTEGER PRIMARY KEY AUTOINCREMENT,
            username TEXT UNIQUE NOT NULL,
            password TEXT NOT NULL
        )
    """)
    conn.commit()
    conn.close()

# Call database initialization at startup
init_db()

# Home Page (only logged-in users can see this)
@app.route("/")
def home():
    if "username" in session:
        username = session["username"]
        last_visit = request.cookies.get("last_visit", "First time visiting!")
        return render_template("home.html", username=username, last_visit=last_visit)
    return redirect(url_for("login"))

# Signup Page
@app.route("/signup", methods=["GET", "POST"])
def signup():
    if request.method == "POST":
        username = request.form["username"]
        password = request.form["password"]

        print("Signup attempt:", username, password)

        hashed_password = generate_password_hash(password)

        conn = get_db_connection()
        try:
            conn.execute("INSERT INTO users (username, password) VALUES (?, ?)", (username, hashed_password))
            conn.commit()
            conn.close()
            return redirect(url_for("login"))
        except sqlite3.IntegrityError:
            return "❌ Username already exists! Try another."

    return render_template("signup.html")

# Login Page
@app.route("/login", methods=["GET", "POST"])
def login():
    if request.method == "POST":
        username = request.form["username"]
        password = request.form["password"]
        remember = request.form.get("remember")

        print("Login attempt:", username, password, "Remember:", remember)

        conn = get_db_connection()
        user = conn.execute("SELECT * FROM users WHERE username=?", (username,)).fetchone()
        conn.close()

        if user and check_password_hash(user["password"], password):
            session.permanent = True if remember == "on" else False
            session["username"] = username

            resp = make_response(redirect(url_for("home")))
            resp.set_cookie("last_visit", "Welcome back, " + username,
                            max_age=(7*24*60*60 if remember == "on" else None))
            return resp
        else:
            return "❌ Invalid username or password. Try again."

    return render_template("login.html")

# Logout Page
@app.route("/logout")
def logout():
    session.pop("username", None)
    resp = make_response(redirect(url_for("login")))
    resp.set_cookie("last_visit", "", expires=0)
    return resp

# Run the App
if __name__ == "__main__":
    app.run(debug=True, host="0.0.0.0", port=5000)