From fe6f5eccac01180f7984088e402509baa8728577 Mon Sep 17 00:00:00 2001
From: Juni Kim <junikimm717@gmail.com>
Date: Sat, 20 May 2023 18:30:38 -0400
Subject: [PATCH] dashboard ui's changed

---
 app.py                  | 15 +++++++++++++--
 templates/admin.html    | 19 ++++++++++++++-----
 templates/login.html    |  4 ++--
 templates/register.html |  2 +-
 templates/user.html     |  3 +--
 5 files changed, 31 insertions(+), 12 deletions(-)

diff --git a/app.py b/app.py
index 06d50c2..eb33b28 100755
--- a/app.py
+++ b/app.py
@@ -142,10 +142,11 @@ def handler_403(msg):
 # Admin routes
 @app.route('/dashboard')
 def admin_root():
+    user = User.query.filter_by(username=session.get('user')).one_or_404()
     if 'admin' in session:
-        return render_template("admin.html", user=session.get("admin"))
+        return render_template("admin.html", user=user)
     if 'user' in session:
-        return render_template("user.html", user=session.get("user"))
+        return render_template("user.html", user=user)
     return User.authorize_or_redirect(admin=False) or ""
 
 
@@ -192,6 +193,16 @@ def accounts_edit():
         return render_template("account_edit.html", user=object_as_dict(user), success=True)
 
 
+@app.route('/accounts/view')
+def accounts_all():
+    if "admin" not in session:
+        abort(403)
+    users = [object_as_dict(u) for u in User.query.all()]
+    for u in users:
+        u.pop("password")
+    return jsonify(users)
+
+
 @app.route('/accounts/view/<int:id>')
 def accounts_view(id):
     user = User.query.filter_by(id=id).one_or_404()
diff --git a/templates/admin.html b/templates/admin.html
index 2ea4d67..0b9b0fe 100644
--- a/templates/admin.html
+++ b/templates/admin.html
@@ -4,9 +4,8 @@
           href="//cdnjs.cloudflare.com/ajax/libs/highlight.js/11.7.0/styles/default.min.css">
     <script src="//cdnjs.cloudflare.com/ajax/libs/highlight.js/11.7.0/highlight.min.js"></script>
     <script>hljs.highlightAll();</script>
-    <h1>Admin Dashboard</h1>
+    <h1>Welcome, {{user.name | safe}} (Admin)</h1>
     <article>
-        <p>Logged in as {{user}}</p>
         <a href="{{url_for('accounts_edit')}}">
             <button>
                 Edit your profile
@@ -27,10 +26,20 @@
                 Batch Search Chemicals
             </button>
         </a>
-        <h2>Admin Authentication</h2>
+        <h2>Authentication-Related</h2>
         <p>
-            Since there is now an admin, only admins can create new admin accounts. You can do so through the <code>/admin/create</code>
-            route.
+        Only Admins are capable of creating new admins.
+        <br>
+        <a href="{{url_for('accounts_create')}}">
+            <button>
+              Add a new user
+            </button>
+        </a>
+        <a href="{{url_for('accounts_all')}}">
+            <button>
+              JSON of all users
+            </button>
+        </a>
         </p>
         <h2>API Routes</h2>
         <ul>
diff --git a/templates/login.html b/templates/login.html
index 9b36f38..4a7ab7b 100644
--- a/templates/login.html
+++ b/templates/login.html
@@ -1,6 +1,6 @@
 {% extends "base.html" %}
 {% block content %}
-    <h1>Admin Login</h1>
+    <h1>Login</h1>
     <form method="post">
         <label for="username">Username:</label>
         <input id="username" name="username" type="text" required="required">
@@ -15,4 +15,4 @@
         {% elif fail %}
             <p style="color:darkred">Login Failed. Please try again.</p>
         {% endif %}
-{% endblock %}
\ No newline at end of file
+{% endblock %}
diff --git a/templates/register.html b/templates/register.html
index f6a0565..de3d431 100644
--- a/templates/register.html
+++ b/templates/register.html
@@ -1,6 +1,6 @@
 {% extends "base.html" %}
 {% block content %}
-    <h1>Admin Login</h1>
+    <h1>Add New User</h1>
     <script defer>
     window.onload = () => {
         const uname_el = document.getElementById("username")
diff --git a/templates/user.html b/templates/user.html
index 9a1fd3c..badeb1f 100644
--- a/templates/user.html
+++ b/templates/user.html
@@ -1,8 +1,7 @@
 {% extends "base.html" %}
 {% block content %}
-<h1>Regular User Dashboard</h1>
+<h1>Welcome, {{user.name | safe}}</h1>
 <article>
-  <p>Logged in as {{user}}</p>
   <a href="{{url_for('batch_query_request')}}">
     <button>
       Batch Search Chemicals