from flask import Blueprint, render_template, request, jsonify, redirect, url_for from flask_login import login_required, current_user from supabase_client import get_supabase admin_bp = Blueprint('admin', __name__) supabase = get_supabase() def admin_only(f): def decorated_function(*args, **kwargs): if not current_user.is_authenticated or current_user.role != 'admin': return redirect(url_for('index')) return f(*args, **kwargs) decorated_function.__name__ = f.__name__ return decorated_function @admin_bp.route('/admin') @login_required @admin_only def dashboard(): response = supabase.table("profiles").select("*").execute() return render_template('admin.html', users=response.data) @admin_bp.route('/admin/update_limit', methods=['POST']) @login_required @admin_only def update_limit(): data = request.json user_id = data.get('user_id') new_limit = data.get('limit') supabase.table("profiles").update({"daily_limit": new_limit}).eq("id", user_id).execute() return jsonify({"status": "success"}) @admin_bp.route('/admin/delete_user/', methods=['DELETE']) @login_required @admin_only def delete_user(user_id): supabase.table("profiles").delete().eq("id", user_id).execute() return jsonify({"status": "success"})