import os
import psycopg2
from flask import Flask, render_template, request, redirect, session, url_for
from flask_session import Session
from functools import wraps
from dotenv import load_dotenv

load_dotenv()

app = Flask(__name__)
app.config['SECRET_KEY'] = os.urandom(24)
app.config['SESSION_TYPE'] = 'filesystem'
Session(app)

# Login decorator
def login_required(f):
    @wraps(f)
    def decorated_function(*args, **kwargs):
        if 'logged_in' not in session:
            return redirect(url_for('login'))
        return f(*args, **kwargs)
    return decorated_function

# DB-Verbindung
def get_connection():
    return psycopg2.connect(
        host=os.getenv("POSTGRES_HOST", "postgres"),
        port=os.getenv("POSTGRES_PORT", "5432"),
        dbname=os.getenv("POSTGRES_DB"),
        user=os.getenv("POSTGRES_USER"),
        password=os.getenv("POSTGRES_PASSWORD")
    )

@app.route("/login", methods=["GET", "POST"])
def login():
    if request.method == "POST":
        username = request.form.get("username")
        password = request.form.get("password")
        
        # Check gegen beide Admin-Accounts aus .env
        admin1_user = os.getenv("ADMIN1_USERNAME")
        admin1_pass = os.getenv("ADMIN1_PASSWORD")
        admin2_user = os.getenv("ADMIN2_USERNAME")
        admin2_pass = os.getenv("ADMIN2_PASSWORD")
        
        if ((username == admin1_user and password == admin1_pass) or 
            (username == admin2_user and password == admin2_pass)):
            session['logged_in'] = True
            session['username'] = username
            return redirect(url_for('dashboard'))
        else:
            return render_template("login.html", error="Ungültige Anmeldedaten")
    
    return render_template("login.html")

@app.route("/logout")
def logout():
    session.pop('logged_in', None)
    session.pop('username', None)
    return redirect(url_for('login'))

@app.route("/", methods=["GET", "POST"])
@login_required
def dashboard():
    if request.method == "POST":
        name = request.form["customer_name"]
        email = request.form["email"]
        license_key = request.form["license_key"]
        license_type = request.form["license_type"]
        valid_from = request.form["valid_from"]
        valid_until = request.form["valid_until"]

        conn = get_connection()
        cur = conn.cursor()

        # Kunde einfügen (falls nicht vorhanden)
        cur.execute("""
            INSERT INTO customers (name, email, created_at)
            VALUES (%s, %s, NOW())
            RETURNING id
        """, (name, email))
        customer_id = cur.fetchone()[0]

        # Lizenz hinzufügen
        cur.execute("""
            INSERT INTO licenses (license_key, customer_id, license_type, valid_from, valid_until, is_active)
            VALUES (%s, %s, %s, %s, %s, TRUE)
        """, (license_key, customer_id, license_type, valid_from, valid_until))

        conn.commit()
        cur.close()
        conn.close()

        return redirect("/")

    return render_template("index.html", username=session.get('username'))

if __name__ == "__main__":
    app.run(host="0.0.0.0", port=443, ssl_context='adhoc')