3 files changed, 49 insertions, 6 deletions

diff --git a/backend/__pycache__/main.cpython-314.pyc b/backend/__pycache__/main.cpython-314.pyc
index 53d8992..f65235c 100644
--- a/backend/__pycache__/main.cpython-314.pyc
+++ b/backend/__pycache__/main.cpython-314.pyc
diff --git a/backend/db.db-journal b/backend/db.db-journal
index c374f9b..e58d84d 100644
--- a/backend/db.db-journal
+++ b/backend/db.db-journal
diff --git a/backend/main.py b/backend/main.py
index cf3edb5..e242389 100644
--- a/backend/main.py
+++ b/backend/main.py
@@ -135,7 +135,7 @@ class FinishRequestData(BaseModel):
 class OverrideMachineData(BaseModel):
     block: int
     machine_id: int
-    status: int  # according to class Status
+    disabled: bool
 
 
 class Status(Enum):
@@ -492,6 +492,13 @@ def delete_cookie_scheduler(cookie):
     pass
 
 
+def authenticate_admin_check(cookie):
+    cursor.execute("SELECT * FROM admin_cookies WHERE cookie = ?", (cookie,))
+    rows = cursor.fetchall()
+
+    return len(rows) > 0
+
+
 # --- admin login
 @app.post("/admin_login", response_class=PlainTextResponse)
 def admin_login(data: PlaintextPasswordData, response: fastapi.Response):
@@ -505,7 +512,7 @@ def admin_login(data: PlaintextPasswordData, response: fastapi.Response):
 
         auth_cookie_str = secrets.token_hex(32)
         AUTH_MAX_AGE = 60 * 10  # 10 minutes
-        response.set_cookie(key="admin_auth", value=auth_cookie_str, secure=True, max_age=AUTH_MAX_AGE)
+        response.set_cookie(key="admin_auth", value=auth_cookie_str, secure=True, max_age=AUTH_MAX_AGE, domain="backend.laundryweb.altafcreator.com", samesite="none")
         cursor.execute("""INSERT INTO admin_cookies (cookie) VALUES (?);""", (auth_cookie_str,))
         conn.commit()
         cursor.execute("SELECT * FROM admin_cookies")
@@ -525,16 +532,15 @@ def admin_login(data: PlaintextPasswordData, response: fastapi.Response):
 @app.post("/admin_check", response_class=PlainTextResponse)
 def admin_check(response: fastapi.Response, admin_auth: Annotated[str | None, fastapi.Cookie()] = None):
     print("admin check request, ", admin_auth)
-    cursor.execute("SELECT * FROM admin_cookies WHERE cookie = ?", (admin_auth,))
-    rows = cursor.fetchall()
 
-    if len(rows) > 0:
+    if authenticate_admin_check(admin_auth):
         response.status_code = fastapi.status.HTTP_202_ACCEPTED
         return "Authorised."
     else:
         response.status_code = fastapi.status.HTTP_401_UNAUTHORIZED
         return "Get out."
 
+
 # --- override each machine status
 @app.post("/override_status", response_class=PlainTextResponse)
 def override_status(data: OverrideMachineData, response: fastapi.Response, admin_auth: Annotated[str | None, fastapi.Cookie()] = None):
@@ -542,6 +548,26 @@ def override_status(data: OverrideMachineData, response: fastapi.Response, admin
         response.status_code = fastapi.status.HTTP_401_UNAUTHORIZED
         return "Unauthorised."
 
+    if authenticate_admin_check(admin_auth):
+        if (data.disabled):
+            machine_status[data.block - 1][data.machine_id - 1] = Status.OUTOFSERVICE.name
+        else:
+            cursor.execute("SELECT * FROM timers WHERE ((block = ?) AND (machine = ?))", (data.block, data.machine_id))
+            rows = cursor.fetchall()
+
+            if len(rows) > 0:
+                machine_status[data.block - 1][data.machine_id - 1] = Status.RUNNING.name
+            else:
+                machine_status[data.block - 1][data.machine_id - 1] = Status.EMPTY.name
+
+            response.status_code = fastapi.status.HTTP_200_OK
+            return "Set!"
+
+        print("set machine", data.machine_id, "of block", data.block, ".", machine_status)
+    else:
+        response.status_code = fastapi.status.HTTP_403_FORBIDDEN
+        return "Forbidden."
+
 
 # --- change admin password
 @app.post("/admin_change_password", response_class=PlainTextResponse)
@@ -550,4 +576,21 @@ def admin_change_password(data: PlaintextPasswordData, response: fastapi.Respons
         response.status_code = fastapi.status.HTTP_401_UNAUTHORIZED
         return "Unauthorised."
 
-    pass
+    if authenticate_admin_check(admin_auth):
+        pass
+    else:
+        pass
+
+
+# --- get all blocks machine status for admin
+@app.post("/admin_machine_status")
+def admin_machine_status(response: fastapi.Response, admin_auth: Annotated[str | None, fastapi.Cookie()] = None):
+    if not admin_auth:
+        response.status_code = fastapi.status.HTTP_401_UNAUTHORIZED
+        return """{"reply": "Unauthorised."}"""
+
+    if authenticate_admin_check(admin_auth):
+        return machine_status
+    else:
+        response.status_code = fastapi.status.HTTP_403_FORBIDDEN
+        return """{"reply": "Forbidden."}"""