Login Admin - AquilaSoft

import sqlite3, uuid, random import atexit from datetime import datetime, timedelta from flask import Flask, request, jsonify, render_template_string, session, redirect, send_from_directory from apscheduler.schedulers.background import BackgroundScheduler from helpers.send_email import send_gmail from flask_cors import CORS app = Flask(__name__, static_folder='static', static_url_path='/static') CORS(app, resources={r"/api/*": {"origins": "*"}}) app.secret_key = "83380d04a906b9830e7ddd341aba35a6" DB_FILE = "data/aquila_forms.db" ADMIN_EMAIL = "macamete.robert@gmail.com" # --- LOGICA BAZĂ DE DATE --- def init_db(): with sqlite3.connect(DB_FILE) as conn: cursor = conn.cursor() cursor.execute('''CREATE TABLE IF NOT EXISTS clients (id TEXT PRIMARY KEY, nume TEXT, email_destinatie TEXT, creat_la DATETIME, data_expirare DATETIME)''') cursor.execute('''CREATE TABLE IF NOT EXISTS otps (cod TEXT, expira_la DATETIME)''') conn.commit() # --- RUTE ADMIN --- @app.route('/admin') def admin_home(): if not session.get('logged_in'): return render_template_string(LOGIN_HTML) with sqlite3.connect(DB_FILE) as conn: conn.row_factory = sqlite3.Row clients = conn.execute("SELECT * FROM clients").fetchall() return render_template_string(DASHBOARD_HTML, clients=clients) @app.route('/admin/login', methods=['POST']) def do_login(): email = request.form.get('email') if email == ADMIN_EMAIL: otp = str(random.randint(100000, 999999)) expira = datetime.now() + timedelta(minutes=10) with sqlite3.connect(DB_FILE) as conn: conn.execute("INSERT INTO otps VALUES (?, ?)", (otp, expira)) send_gmail(ADMIN_EMAIL, "Cod Acces Panou", f"Codul tau: {otp}") return render_template_string(VERIFY_HTML) return "Acces interzis", 403 @app.route('/admin/verify', methods=['POST']) def do_verify(): cod = request.form.get('cod') with sqlite3.connect(DB_FILE) as conn: res = conn.execute("SELECT * FROM otps WHERE cod=? AND expira_la > ?", (cod, datetime.now())).fetchone() if res: session['logged_in'] = True conn.execute("DELETE FROM otps") # Curățăm codurile folosite return redirect('/admin') return "Cod invalid", 401 @app.route('/admin/add', methods=['POST']) def add_client(): if not session.get('logged_in'): return "No", 401 uid = str(uuid.uuid4())[:8] nume = request.form.get('nume') email = request.form.get('email') acum = datetime.now().isoformat() # Calculăm data de expirare (peste 365 zile) data_expirare = (datetime.now() + timedelta(days=365)).isoformat() with sqlite3.connect(DB_FILE) as conn: conn.execute("INSERT INTO clients VALUES (?, ?, ?, ?, ?)", (uid, nume, email, acum, data_expirare)) return redirect('/admin') @app.route('/admin/delete/') def delete_client(id): if not session.get('logged_in'): return "No", 401 with sqlite3.connect(DB_FILE) as conn: conn.execute("DELETE FROM clients WHERE id=?", (id,)) return redirect('/admin') # --- ENDPOINT PUBLIC PENTRU SITE-URI --- @app.route('/api/v1/send', methods=['POST', 'OPTIONS']) def public_api(): if request.method == 'OPTIONS': return '', 200 cid = request.form.get('client_id') with sqlite3.connect(DB_FILE) as conn: conn.row_factory = sqlite3.Row client = conn.execute("SELECT * FROM clients WHERE id=?", (cid,)).fetchone() if client: body = f"Mesaj nou de la {request.form.get('nume')}
Email: {request.form.get('email')}

{request.form.get('mesaj')}" send_gmail(client['email_destinatie'], f"Contact: {client['nume']}", body) return jsonify({"status": "ok"}), 200 return jsonify({"status": "error"}), 404 # --- LOGICA DE VERIFICARE BILLING --- def check_billing_reminders(): print(f"[{datetime.now()}] Se verifică termenele de facturare...") # Calculăm data de peste fix 30 de zile (doar data, fără oră) tinta = (datetime.now() + timedelta(days=30)).strftime('%Y-%m-%d') try: with sqlite3.connect(DB_FILE) as conn: conn.row_factory = sqlite3.Row # Verificăm cine expiră în fereastra de 30 de zile query = "SELECT * FROM clients WHERE date(data_expirare) = ?" clienti = conn.execute(query, (tinta,)).fetchall() for client in clienti: subiect = f"💰 Facturare: {client['nume']}" corp = f"""

Reminder Facturare

Clientul {client['nume']} are data de expirare pe {client['data_expirare']}.

Trebuie emisă factura pentru reînnoire.

ID Intern: {client['id']} """ send_gmail(ADMIN_EMAIL, subiect, corp) print(f"Notificare trimisă pentru {client['nume']}") except Exception as e: print(f"Eroare la verificarea billing-ului: {e}") # --- CONFIGURARE SCHEDULER --- scheduler = BackgroundScheduler() # Setează ora la care vrei să primești mail-ul (ex: ora 09:00 dimineața) scheduler.add_job(func=check_billing_reminders, trigger="cron", hour=9, minute=0) scheduler.start() # Închide scheduler-ul când aplicația se oprește atexit.register(lambda: scheduler.shutdown()) @app.route('/logo.png') def serve_logo(): return send_from_directory(app.static_folder, 'logo.png') # --- TEMPLATE-URI HTML (Simplificate) --- LOGIN_HTML = """ Login Admin - AquilaSoft

Admin Access

""" VERIFY_HTML = """ Verificare Cod - AquilaSoft

Verificare Cod

Introdu codul primit pe email.

""" DASHBOARD_HTML = """ Dashboard - AquilaSoft

Adaugă Client Nou

Clienți Activi

{{ clients|length }} înregistrați

{% for c in clients %} {% endfor %}

ID (client_id)	Nume Site	Email Notificări	Expirare	Acțiuni
`{{ c['id'] }}`	{{ c['nume'] }}	{{ c['email_destinatie'] }}	{{ c['data_expirare'] }}	Şterge

{% if not clients %}

Nu există clienți înregistrați. Adaugă primul client folosind formularul de mai sus.

{% endif %}

""" if __name__ == '__main__': init_db() app.run(host='0.0.0.0', port=5000)