| from flask import Blueprint, render_template, request, jsonify, redirect, url_for |
| from flask_login import login_required, current_user |
| from supabase_client import get_supabase |
|
|
| admin_bp = Blueprint('admin', __name__) |
| supabase = get_supabase() |
|
|
| def admin_only(f): |
| def decorated_function(*args, **kwargs): |
| if not current_user.is_authenticated or current_user.role != 'admin': |
| return redirect(url_for('index')) |
| return f(*args, **kwargs) |
| decorated_function.__name__ = f.__name__ |
| return decorated_function |
|
|
| @admin_bp.route('/admin') |
| @login_required |
| @admin_only |
| def dashboard(): |
| response = supabase.table("profiles").select("*").execute() |
| return render_template('admin.html', users=response.data) |
|
|
| @admin_bp.route('/admin/update_limit', methods=['POST']) |
| @login_required |
| @admin_only |
| def update_limit(): |
| data = request.json |
| user_id = data.get('user_id') |
| new_limit = data.get('limit') |
| supabase.table("profiles").update({"daily_limit": new_limit}).eq("id", user_id).execute() |
| return jsonify({"status": "success"}) |
|
|
| @admin_bp.route('/admin/delete_user/<user_id>', methods=['DELETE']) |
| @login_required |
| @admin_only |
| def delete_user(user_id): |
| supabase.table("profiles").delete().eq("id", user_id).execute() |
| return jsonify({"status": "success"}) |
|
|