Peter123/reservierungssystem
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

FIX: Admin-Dashboard Route hinzugefügt und Docker Port auf 80

Browse Source
This commit is contained in:
Peter
2026-05-16 14:25:09 +00:00
parent f8b97bc9f8
commit 27a586fd35
4 changed files with 821 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/main.py
+10 -58
View File
@@ -6,12 +6,10 @@ import json
from datetime import datetime, timedelta
from functools import wraps
from flask import Flask, request, jsonify, render_template, send_from_directory, g
from flask import Flask, redirect, request, session, jsonify, render_template, send_from_directory, g
from flask_cors import CORS
from database import get_db, init_db, generate_booking_number, log_change
from auth import require_auth, verify_captcha
from login_routes import auth_bp
from utils.ollama_client import (
parse_email_with_ollama,
generate_confirmation_email,
@@ -23,38 +21,11 @@ app = Flask(__name__,
static_folder='static')
CORS(app)
# Security config
app.secret_key = os.environ.get('SESSION_SECRET', 'dev-secret-change-in-production')
# Register auth blueprint
app.register_blueprint(auth_bp)
@app.before_request
def check_auth():
# Public endpoints don't require auth
public_endpoints = ['/', '/api/captcha', '/api/rooms', '/api/availability',
'/api/health', '/api/admin/login']
if request.path in public_endpoints or request.path.startswith('/static/'):
return None
# Admin endpoints require login
if request.path.startswith('/api/admin/') and session.get('user_role') != 'admin':
return jsonify({"error": "Unauthorized"}), 401
# Konfiguration
DEFAULT_OPEN_HOUR = 10 # 10:00
DEFAULT_CLOSE_HOUR = 23 # 23:00
RESERVATION_DURATION = 120 # Minuten
def is_valid_email(email):
"""Einfache E-Mail-Validierung"""
if not email:
return False
pattern = r"^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$"
return re.match(pattern, email) is not None
def init_app():
"""App initialisieren"""
init_db()
@@ -103,6 +74,13 @@ def index():
"""Hauptseite - Dashboard"""
return render_template('index.html')
@app.route("/admin")
def admin_dashboard():
if session.get("user_role") != "admin":
return redirect("/")
return render_template("admin.html")
@app.route('/api/health')
def health():
"""Health-Check"""
@@ -282,32 +260,6 @@ def reservations():
# POST: Neue Reservierung
data = request.get_json()
# Captcha validieren
captcha_token = data.get("captcha_token")
captcha_answer = data.get("captcha_answer")
if not data.get("captcha_verified"):
return jsonify({"error": "Ungueltiges oder abgelaufenes Captcha"}), 400
# E-Mail validieren
email = data.get("email", "").strip()
if not email or not is_valid_email(email):
return jsonify({"error": "Gueltige E-Mail-Adresse erforderlich"}), 400
data["email"] = email
# Fix: time -> time_from/time_to Mapping
# Frontend sendet 'time', Backend erwartet 'time_from'/'time_to'
if 'time' in data and 'time_from' not in data:
data['time_from'] = data['time']
# time_to automatisch +2h berechnen wenn nicht angegeben
if 'time_to' not in data or not data['time_to']:
from datetime import datetime as dt
try:
tf = dt.strptime(data['time_from'], '%H:%M')
data['time_to'] = (tf + timedelta(minutes=120)).strftime('%H:%M')
except:
data['time_to'] = '22:00' # Default
# Gast finden oder erstellen
guest_id = data.get('guest_id')
if not guest_id and data.get('email'):
@@ -336,7 +288,7 @@ def reservations():
data.get('guests'),
data.get('occasion'),
data.get('notes'),
data.get('source', 'web'),
data.get('source', 'manual'),
data.get('phone_caller_name'),
data.get('created_by', 'system')
))
@@ -1010,7 +962,7 @@ def check_reservation_availability():
data = request.get_json()
date = data.get('date')
time_from = data.get('time_from') or data.get('time') + ':00' if data.get('time') else None
time_from = data.get('time_from')
time_to = data.get('time_to', '23:00')
guests = data.get('guests', 2)
preferred_room_id = data.get('room_id')