Started adding the edit form for the admin users.

app.py

@@ -150,6 +150,8 @@ def send_email(to, subject, body):
     # Call the send_email method
     emailer.send_email(to, subject, body)
 
+# send_email('aday@twinfallspubliclibrary.org', 'TEST', 'This is a test email')
+
 
 def shutdown_session(exception=None):
     print('Stopping HTTP Service...')
@@ -183,6 +185,7 @@ def requires_auth():
     if 'username' in session:
         username = session['username']
         user = User.get(User.username == username)
+
         if user.logged_in is True:
             return True
         else:
@@ -191,6 +194,12 @@ def requires_auth():
         return False
 
 
+def admin_password_check():
+    admin_user = User.get(User.username == 'admin')
+    if admin_user.password == encrypt_password('admin'):
+       return True
+
+
 db.close()
 
 app = Flask(__name__)
@@ -238,10 +247,35 @@ def after_request(response):
     return response
 
 
+@app.route('/admin/password/reset', methods=['GET', 'POST'])
+def admin_password_reset():
+    message = None
+    if request.method == 'POST':
+        password = request.form.get('password')
+        password_confirm = request.form.get('password_confirm')
+        if password != password_confirm:
+            message = 'Passwords do not match'
+        else:
+            try:
+                user = User.get(User.username == 'admin')
+                user.password = encrypt_password(password)
+                user.logged_in = True
+                user.save()
+                session['username'] = 'admin'
+                return redirect(url_for('admin'))
+            except Exception as e:
+                print(e)
+                message = 'Username not found'
+
+    context = {
+        'message': message,
+    }
+    return render_template('admin_password_reset.html', context=context)
+
+
 # Create a route for the home page
 @app.route('/', methods=['GET', 'POST'])
 def index():
-    # send_email('aday@twinfallspubliclibrary.org', 'TEST', 'This is a test email')
     error = None
     reset = False
     reset_url = is_valid_url(password_reset_url)
@@ -287,6 +321,9 @@ def index():
 # Create a route for admin page
 @app.route('/admin/')
 def admin():
+    if admin_password_check():
+        return redirect(url_for('admin_password_reset'))
+
     # Check to see if user is logged in
     if not requires_auth():
         return redirect(url_for('login'))
@@ -334,6 +371,49 @@ def admin_users():
     return render_template('admin_users.html', context=context)
 
 
+@app.route('/admin/users/edit/<int:id>', methods=['GET', 'POST'])
+def admin_users_edit(id):
+    # Check to see if user is logged in
+    if not requires_auth():
+        return redirect(url_for('login'))
+
+    # Get the user from the DB
+    user = User.get(User.id == id)
+
+    message = None
+    if request.method == 'POST':
+        username = request.form.get('username')
+        password = request.form.get('password')
+        confirm_password = request.form.get('confirm_password')
+
+        # Check to see if username already exists
+        try:
+            user = User.filter(User.username == username).first()
+        except Exception as e:
+            print(e)
+            user = None
+
+        if user.username != username:
+            message = 'Username already exists'
+        else:
+            user.username = username
+            if password is not None or password != '':
+                if password == confirm_password:
+                    user.password = encrypt_password(password)
+                else:
+                    message = 'Passwords do not match'
+            user.save()
+            message = 'User updated successfully'
+            Log.create(username=session['username'], action='Updated admin user: %s' % username, ).save()
+
+    context = {
+        'user': user,
+        'message': message,
+    }
+
+    return render_template('admin_user_edit.html', context=context)
+
+
 @app.route('/admin/users/delete/<int:id>', methods=['GET', 'POST'])
 def admin_users_delete(id):
     # Check to see if user is logged in

templates/admin_password_reset.html

@@ -0,0 +1,26 @@
+
+{% extends "layout.html" %}
+{% block content %}
+    <div class="row mt-5 justify-content-center">
+        <div class="col-sm-12 col-md-6 col-lg-4">
+            <h3 class="text-center">Admin Password Reset</h3>
+            <p class="text-center">Please enter a new password for the admin account.</p>
+            <form action="" method="post">
+                {% if context.error %}
+                    <div class="text-danger text-center p-4">
+                        {{ context.error }}
+                    </div>
+                {% endif %}
+                <div class="mb-3">
+                    <input type="password" class="form-control" id="password" name="password" placeholder="Password">
+                </div>
+                <div class="mb-3">
+                    <input type="password" class="form-control" id="password_confirm" name="password_confirm" placeholder="Confirm Password">
+                </div>
+                <div class="text-center">
+                    <button type="submit" class="btn btn-lg btn-primary w-100">Save</button>
+                </div>
+            </form>
+        </div>
+    </div>
+{% endblock %}

templates/admin_user_edit.html

@@ -0,0 +1,34 @@
+{% extends 'auth_layout.html' %}
+{% block content %}
+{% if context.message %}
+    <div class="row">
+        <div class="col text-center text-primary">
+            <i class="ri-error-warning-fill"></i> {{ context.message }}
+        </div>
+    </div>
+{% endif %}
+<div class="row">
+    <div class="col">
+        <a href="{{ url_for('admin_users') }}" class="btn btn-secondary float-end">Back</a>
+        <h3><i class="ri-shield-user-line"></i> Edit Admin User</h3>
+    </div>
+</div>
+<div class="row">
+    <div class="col-sm-12 col-md-6 col-lg-4">
+        <form action="" method="post">
+            <div class="mb-3">
+                <input type="text" class="form-control" value="{{ context.user.username }}" id="username" name="username" placeholder="Username" required>
+            </div>
+            <div class="mb-3">
+                <input type="password" class="form-control" id="password" name="password" placeholder="New Password">
+            </div>
+            <div class="mb-3">
+                <input type="password" class="form-control" id="confirm_password" name="confirm_password" placeholder="Confirm New Password">
+            </div>
+            <div class="mb-3 text-center">
+                <input type="submit" class="btn btn-primary w-100" value="Save">
+            </div>
+        </form>
+    </div>
+</div>
+{% endblock %}

templates/admin_users.html

@@ -20,7 +20,6 @@
             <thead>
                 <tr>
                     <th scope="col">Username</th>
-                    <th scope="col">Email</th>
                     <th scope="col">Create Date</th>
                     <th scope="col">Login Status</th>
                     <th scope="col">Actions</th>
@@ -30,11 +29,10 @@
                 {% for user in context.users %}
                 <tr>
                     <td>{{ user.username }}</td>
-                    <td>{{ user.email }}</td>
                     <td>{{ user.date_created }}</td>
                     <td>{{ user.logged_in }}</td>
                     <td>
-                        <a href="" class="btn btn-primary">Edit</a>
+                        <a href="{{ url_for('admin_users_edit', id=user.id) }}" class="btn btn-primary">Edit</a>
                         <a href="#!" class="btn btn-danger" data-bs-toggle="modal" data-bs-target="#remove-user-{{ loop.index0 }}">Delete</a>
                     </td>
                 </tr>