app.py

from flask import Flask, request, jsonify
import requests
import json
import base64

app = Flask(__name__)

# GitHub credentials from environment variables
GITHUB_TOKEN = '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'  # Set your token in environment variables
REPO_OWNER = 'hussein2000-oo'
REPO_NAME = 'dbailloolloloolollhrthlnewrgnk'
USER_FILE_NAME = 'user.json'

# Function to fetch user data from GitHub
def fetch_user_data():
    url = f'https://api.github.com/repos/{REPO_OWNER}/{REPO_NAME}/contents/{USER_FILE_NAME}'
    headers = {'Authorization': f'token {GITHUB_TOKEN}'}
    response = requests.get(url, headers=headers)
    
    if response.status_code == 200:
        content = response.json()
        user_data = json.loads(base64.b64decode(content['content']).decode('utf-8'))
        
        # Ensure user_data is a dictionary
        if not isinstance(user_data, dict):
            print("User  data is not in the expected format. Initializing empty user data.")
            user_data = {}
        
        return user_data, content['sha']  # Return the SHA for updating the file
    else:
        print("Failed to fetch user data:", response.status_code, response.json())
        return {}, None  # Return an empty dict if fetching fails


# Function to update user data on GitHub
def update_user_data(user_data, sha):
    url = f'https://api.github.com/repos/{REPO_OWNER}/{REPO_NAME}/contents/{USER_FILE_NAME}'
    headers = {'Authorization': f'token {GITHUB_TOKEN}'}
    
    updated_content = base64.b64encode(json.dumps(user_data).encode('utf-8')).decode('utf-8')
    
    payload = {
        "message": "Update user.json with new user",
        "content": updated_content,
        "sha": sha
    }
    
    response = requests.put(url, headers=headers, json=payload)
    
    if response.status_code == 200:
        print("User  data updated successfully.")
    else:
        print("Failed to update user data:", response.status_code, response.json())


# API endpoint to create a user account
@app.route('/api/create_user', methods=['POST'])
def create_user():
    data = request.json
    username = data.get('username')
    password = data.get('password')
    first_name = data.get('first_name')
    last_name = data.get('last_name')
    birthday = data.get('birthday')
    security_questions = data.get('security_questions')

    user_data, sha = fetch_user_data()
    
    if user_data is not None:
        if username in user_data:
            return jsonify({"message": "User  already exists."}), 400
        else:
            user_data[username] = {
                "password": password,
                "first_name": first_name,
                "last_name": last_name,
                "birthday": birthday,
                "security_questions": security_questions  # Store security questions
            }
            update_user_data(user_data, sha)
            return jsonify({"message": f"User  {username} created successfully."}), 201
    else:
        return jsonify({"message": "Could not create user. User data fetch failed."}), 500


# API endpoint to sign in
@app.route('/api/sign_in', methods=['POST'])
def sign_in():
    data = request.json
    username = data.get('username')
    password = data.get('password')

    user_data, _ = fetch_user_data()
    
    if user_data is not None and isinstance(user_data, dict):
        if username in user_data:
            if user_data[username]['password'] == password:  # Corrected password check
                return jsonify({"message": "Signed in successfully!"}), 200
            else:
                return jsonify({"message": "Sign in failed."}), 401
        else:
            return jsonify({"message": "User  not found."}), 404
    else:
        return jsonify({"message": "Unexpected data format in user.json."}), 500


# API endpoint to reset password using security questions
@app.route('/api/reset_password', methods=['POST'])
def reset_password():
    data = request.json
    username = data.get('username')
    answers = data.get('answers')

    user_data, _ = fetch_user_data()
    
    if username in user_data:
        questions = user_data[username]['security_questions ']
        
        # Check if answers match
        if all(user_data[username]['security_questions'][q] == answers[q] for q in questions):
            new_password = data.get('new_password')
            user_data[username]['password'] = new_password
            update_user_data(user_data, _)
            return jsonify({"message": "Password reset successfully."}), 200
        else:
            return jsonify({"message": "Security answers do not match."}), 401
    else:
        return jsonify({"message": "User not found."}), 404



if __name__ == '__main__':
    app.run(host="0.0.0.0", port=7860)