v1 - zumindest der adminpanel ist erreichbar

v2_adminpanel/app.py

@@ -0,0 +1,99 @@
+import os
+import psycopg2
+from flask import Flask, render_template, request, redirect, session, url_for
+from flask_session import Session
+from functools import wraps
+from dotenv import load_dotenv
+
+load_dotenv()
+
+app = Flask(__name__)
+app.config['SECRET_KEY'] = os.urandom(24)
+app.config['SESSION_TYPE'] = 'filesystem'
+Session(app)
+
+# Login decorator
+def login_required(f):
+    @wraps(f)
+    def decorated_function(*args, **kwargs):
+        if 'logged_in' not in session:
+            return redirect(url_for('login'))
+        return f(*args, **kwargs)
+    return decorated_function
+
+# DB-Verbindung
+def get_connection():
+    return psycopg2.connect(
+        host=os.getenv("POSTGRES_HOST", "postgres"),
+        port=os.getenv("POSTGRES_PORT", "5432"),
+        dbname=os.getenv("POSTGRES_DB"),
+        user=os.getenv("POSTGRES_USER"),
+        password=os.getenv("POSTGRES_PASSWORD")
+    )
+
+@app.route("/login", methods=["GET", "POST"])
+def login():
+    if request.method == "POST":
+        username = request.form.get("username")
+        password = request.form.get("password")
+        
+        # Check gegen beide Admin-Accounts aus .env
+        admin1_user = os.getenv("ADMIN1_USERNAME")
+        admin1_pass = os.getenv("ADMIN1_PASSWORD")
+        admin2_user = os.getenv("ADMIN2_USERNAME")
+        admin2_pass = os.getenv("ADMIN2_PASSWORD")
+        
+        if ((username == admin1_user and password == admin1_pass) or 
+            (username == admin2_user and password == admin2_pass)):
+            session['logged_in'] = True
+            session['username'] = username
+            return redirect(url_for('dashboard'))
+        else:
+            return render_template("login.html", error="Ungültige Anmeldedaten")
+    
+    return render_template("login.html")
+
+@app.route("/logout")
+def logout():
+    session.pop('logged_in', None)
+    session.pop('username', None)
+    return redirect(url_for('login'))
+
+@app.route("/", methods=["GET", "POST"])
+@login_required
+def dashboard():
+    if request.method == "POST":
+        name = request.form["customer_name"]
+        email = request.form["email"]
+        license_key = request.form["license_key"]
+        license_type = request.form["license_type"]
+        valid_from = request.form["valid_from"]
+        valid_until = request.form["valid_until"]
+
+        conn = get_connection()
+        cur = conn.cursor()
+
+        # Kunde einfügen (falls nicht vorhanden)
+        cur.execute("""
+            INSERT INTO customers (name, email, created_at)
+            VALUES (%s, %s, NOW())
+            RETURNING id
+        """, (name, email))
+        customer_id = cur.fetchone()[0]
+
+        # Lizenz hinzufügen
+        cur.execute("""
+            INSERT INTO licenses (license_key, customer_id, license_type, valid_from, valid_until, is_active)
+            VALUES (%s, %s, %s, %s, %s, TRUE)
+        """, (license_key, customer_id, license_type, valid_from, valid_until))
+
+        conn.commit()
+        cur.close()
+        conn.close()
+
+        return redirect("/")
+
+    return render_template("index.html", username=session.get('username'))
+
+if __name__ == "__main__":
+    app.run(host="0.0.0.0", port=443, ssl_context='adhoc')