modified: app.py

new file: templates/admin_dashboard.html new file: templates/user_dashboard.html
2024-09-06 11:55:06 +02:00
parent 9d1c67d025
commit 3d4d0499fa
3 changed files with 129 additions and 1 deletions
--- a/app.py
+++ b/app.py
@@ -126,7 +126,65 @@ def callback():
    # Speichere die Benutzerinformationen in der Session
    session['discord_user'] = user_info

-    return redirect(url_for("dashboard"))
+    # Hole Benutzerrollen und andere Daten aus der Datenbank
+    connection = get_db_connection()
+    cursor = connection.cursor(dictionary=True)
+    
+    cursor.execute("SELECT permission FROM user_data WHERE user_id = %s", (user_info["id"],))
+    user_data = cursor.fetchone()
+    
+    cursor.close()
+    connection.close()
+
+    # Weiterleiten basierend auf den Berechtigungen
+    if user_data and user_data["permission"] >= 8:
+        return redirect(url_for("admin_dashboard"))
+    else:
+        return redirect(url_for("user_dashboard"))
+    
+@app.route("/admin_dashboard")
+def admin_dashboard():
+    """Zeigt das Admin-Dashboard an (nur für Admins)."""
+    if "discord_user" in session:
+        user_info = session["discord_user"]
+        user_id = user_info["id"]
+        
+        # Überprüfe, ob der Benutzer Admin-Rechte hat
+        connection = get_db_connection()
+        cursor = connection.cursor(dictionary=True)
+        
+        cursor.execute("SELECT permission FROM user_data WHERE user_id = %s", (user_id,))
+        user_data = cursor.fetchone()
+        
+        cursor.close()
+        connection.close()
+        
+        if user_data and user_data["permission"] >= 8:
+            return render_template("admin_dashboard.html", user_info=user_info)
+        else:
+            return redirect(url_for("user_dashboard"))
+    return redirect(url_for("login"))
+
+@app.route("/user_dashboard")
+def user_dashboard():
+    """Zeigt das User-Dashboard an."""
+    if "discord_user" in session:
+        user_info = session["discord_user"]
+        user_id = user_info["id"]
+        connection = get_db_connection()
+        cursor = connection.cursor(dictionary=True)
+        
+        cursor.execute("SELECT points, ban FROM user_data WHERE user_id = %s", (user_id,))
+        user_data = cursor.fetchone()
+        
+        cursor.close()
+        connection.close()
+
+        if user_data:
+            return render_template("user_dashboard.html", user_info=user_info, user_data=user_data)
+        else:
+            return "User data not found", 404
+    return redirect(url_for("login"))

@app.route("/dashboard")
 def dashboard():