From f4d2f64e75ea782441d2512717d9ad26c8c21ecc Mon Sep 17 00:00:00 2001
From: altaf-creator <dev@altafcreator.com>
Date: Fri, 23 Jan 2026 22:02:56 +0800
Subject: admin machine status

---
 backend/main.py | 35 +++++++++++++++++++++++++++--------
 1 file changed, 27 insertions(+), 8 deletions(-)

(limited to 'backend/main.py')

diff --git a/backend/main.py b/backend/main.py
index 6d47fe3..e242389 100644
--- a/backend/main.py
+++ b/backend/main.py
@@ -492,6 +492,13 @@ def delete_cookie_scheduler(cookie):
     pass
 
 
+def authenticate_admin_check(cookie):
+    cursor.execute("SELECT * FROM admin_cookies WHERE cookie = ?", (cookie,))
+    rows = cursor.fetchall()
+
+    return len(rows) > 0
+
+
 # --- admin login
 @app.post("/admin_login", response_class=PlainTextResponse)
 def admin_login(data: PlaintextPasswordData, response: fastapi.Response):
@@ -525,10 +532,8 @@ def admin_login(data: PlaintextPasswordData, response: fastapi.Response):
 @app.post("/admin_check", response_class=PlainTextResponse)
 def admin_check(response: fastapi.Response, admin_auth: Annotated[str | None, fastapi.Cookie()] = None):
     print("admin check request, ", admin_auth)
-    cursor.execute("SELECT * FROM admin_cookies WHERE cookie = ?", (admin_auth,))
-    rows = cursor.fetchall()
 
-    if len(rows) > 0:
+    if authenticate_admin_check(admin_auth):
         response.status_code = fastapi.status.HTTP_202_ACCEPTED
         return "Authorised."
     else:
@@ -543,10 +548,7 @@ def override_status(data: OverrideMachineData, response: fastapi.Response, admin
         response.status_code = fastapi.status.HTTP_401_UNAUTHORIZED
         return "Unauthorised."
 
-    cursor.execute("SELECT * FROM admin_cookies WHERE cookie = ?", (admin_auth,))
-    rows = cursor.fetchall()
-
-    if len(rows) > 0:
+    if authenticate_admin_check(admin_auth):
         if (data.disabled):
             machine_status[data.block - 1][data.machine_id - 1] = Status.OUTOFSERVICE.name
         else:
@@ -574,4 +576,21 @@ def admin_change_password(data: PlaintextPasswordData, response: fastapi.Respons
         response.status_code = fastapi.status.HTTP_401_UNAUTHORIZED
         return "Unauthorised."
 
-    pass
+    if authenticate_admin_check(admin_auth):
+        pass
+    else:
+        pass
+
+
+# --- get all blocks machine status for admin
+@app.post("/admin_machine_status")
+def admin_machine_status(response: fastapi.Response, admin_auth: Annotated[str | None, fastapi.Cookie()] = None):
+    if not admin_auth:
+        response.status_code = fastapi.status.HTTP_401_UNAUTHORIZED
+        return """{"reply": "Unauthorised."}"""
+
+    if authenticate_admin_check(admin_auth):
+        return machine_status
+    else:
+        response.status_code = fastapi.status.HTTP_403_FORBIDDEN
+        return """{"reply": "Forbidden."}"""
-- 
cgit v1.2.3