from flask import Flask, request, jsonify import requests import json import base64 app = Flask(__name__) # GitHub credentials from environment variables GITHUB_TOKEN = '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' # Set your token in environment variables REPO_OWNER = 'hussein2000-oo' REPO_NAME = 'dbailloolloloolollhrthlnewrgnk' USER_FILE_NAME = 'user.json' # Function to fetch user data from GitHub def fetch_user_data(): url = f'https://api.github.com/repos/{REPO_OWNER}/{REPO_NAME}/contents/{USER_FILE_NAME}' headers = {'Authorization': f'token {GITHUB_TOKEN}'} response = requests.get(url, headers=headers) if response.status_code == 200: content = response.json() user_data = json.loads(base64.b64decode(content['content']).decode('utf-8')) # Ensure user_data is a dictionary if not isinstance(user_data, dict): print("User data is not in the expected format. Initializing empty user data.") user_data = {} return user_data, content['sha'] # Return the SHA for updating the file else: print("Failed to fetch user data:", response.status_code, response.json()) return {}, None # Return an empty dict if fetching fails # Function to update user data on GitHub def update_user_data(user_data, sha): url = f'https://api.github.com/repos/{REPO_OWNER}/{REPO_NAME}/contents/{USER_FILE_NAME}' headers = {'Authorization': f'token {GITHUB_TOKEN}'} updated_content = base64.b64encode(json.dumps(user_data).encode('utf-8')).decode('utf-8') payload = { "message": "Update user.json with new user", "content": updated_content, "sha": sha } response = requests.put(url, headers=headers, json=payload) if response.status_code == 200: print("User data updated successfully.") else: print("Failed to update user data:", response.status_code, response.json()) # API endpoint to create a user account @app.route('/api/create_user', methods=['POST']) def create_user(): data = request.json username = data.get('username') password = data.get('password') first_name = data.get('first_name') last_name = data.get('last_name') birthday = data.get('birthday') security_questions = data.get('security_questions') user_data, sha = fetch_user_data() if user_data is not None: if username in user_data: return jsonify({"message": "User already exists."}), 400 else: user_data[username] = { "password": password, "first_name": first_name, "last_name": last_name, "birthday": birthday, "security_questions": security_questions # Store security questions } update_user_data(user_data, sha) return jsonify({"message": f"User {username} created successfully."}), 201 else: return jsonify({"message": "Could not create user. User data fetch failed."}), 500 # API endpoint to sign in @app.route('/api/sign_in', methods=['POST']) def sign_in(): data = request.json username = data.get('username') password = data.get('password') user_data, _ = fetch_user_data() if user_data is not None and isinstance(user_data, dict): if username in user_data: if user_data[username]['password'] == password: # Corrected password check return jsonify({"message": "Signed in successfully!"}), 200 else: return jsonify({"message": "Sign in failed."}), 401 else: return jsonify({"message": "User not found."}), 404 else: return jsonify({"message": "Unexpected data format in user.json."}), 500 # API endpoint to reset password using security questions @app.route('/api/reset_password', methods=['POST']) def reset_password(): data = request.json username = data.get('username') answers = data.get('answers') user_data, _ = fetch_user_data() if username in user_data: questions = user_data[username]['security_questions '] # Check if answers match if all(user_data[username]['security_questions'][q] == answers[q] for q in questions): new_password = data.get('new_password') user_data[username]['password'] = new_password update_user_data(user_data, _) return jsonify({"message": "Password reset successfully."}), 200 else: return jsonify({"message": "Security answers do not match."}), 401 else: return jsonify({"message": "User not found."}), 404 if __name__ == '__main__': app.run(host="0.0.0.0", port=7860)