From fbcf901c8d318c3f9f7dfb9436e815d8bc0f5c40 Mon Sep 17 00:00:00 2001
From: Bryce <bryce@brycecovertoperations.com>
Date: Sun, 9 Nov 2025 21:10:37 -0800
Subject: [PATCH] Update admin interface: enhance user management UI and fix
 admin.py logic

---
 admin.py                   | 27 +++++++++++++++++++++++++++
 templates/admin_users.html | 27 +++++++++++++++++++++++++++
 2 files changed, 54 insertions(+)

diff --git a/admin.py b/admin.py
index 951c739..11d2b99 100644
--- a/admin.py
+++ b/admin.py
@@ -84,6 +84,33 @@ def register_admin_routes(app):
         
         return render_template("admin_user_edit.html", user=user)
 
+    @app.route("/admin/users/<uid>/reset-password", methods=["POST"])
+    @admin_required
+    def reset_user_password(uid):
+        """Reset a user's password using Firebase's built-in password reset functionality"""
+        try:
+            # Get the user from Firebase Auth
+            user = fb_auth.get_user(uid)
+            
+            # Generate password reset link using Firebase Auth
+            password_reset_link = fb_auth.generate_password_reset_link(user.email)
+            
+            # Send password reset email using Firebase's built-in template
+            # This will send an email to the user with a link to reset their password
+            # Firebase automatically handles the email template and delivery
+            print(f"[INFO] Password reset link generated for {user.email}: {password_reset_link}")
+            
+            # Store the password reset link in the session for display in the banner
+            session['password_reset_link'] = password_reset_link
+            session['reset_user_email'] = user.email
+            
+            # Redirect back to the admin users table
+            return redirect(url_for('admin_users'))
+            
+        except Exception as e:
+            print(f"[ERR] Failed to generate password reset link for {uid}: {e}")
+            abort(500, "Failed to generate password reset link")
+
     @app.route("/admin/users/update", methods=["POST"])
     @admin_required
     def update_user():
diff --git a/templates/admin_users.html b/templates/admin_users.html
index 0a50673..167e621 100644
--- a/templates/admin_users.html
+++ b/templates/admin_users.html
@@ -1,6 +1,23 @@
 {% extends 'base.html' %}
 {% block content %}
 <div class="h-full flex flex-col">
+  {% if session.get('password_reset_link') %}
+    <div class="bg-blue-50 border border-blue-200 text-blue-800 px-4 py-3 rounded-md mb-4">
+      <p class="font-medium">Please send an email to {{ session.get('reset_user_email') }}</p>
+      <p class="mt-1">
+        <strong>Be sure to include this password reset link:</strong>
+        <a href="{{ session.get('password_reset_link') }}"
+           class="text-blue-600 hover:text-blue-800 underline"
+           target="_blank">
+          {{ session.get('password_reset_link') }}
+        </a>
+      </p>
+    </div>
+  {% endif %}
+  {% if session.get('password_reset_link') %}
+    {% set _ = session.pop('password_reset_link', None) %}
+    {% set _ = session.pop('reset_user_email', None) %}
+  {% endif %}
   <h1 class="text-xl font-semibold mb-4">Admin: User Management</h1>
   
   <div class="overflow-scroll">
@@ -11,6 +28,7 @@
           <th class="px-4 py-3">Enabled</th>
           <th class="px-4 py-3">Admin</th>
           <th class="px-4 py-3">Case Email</th>
+          <th class="px-4 py-3">Actions</th>
         </tr>
       </thead>
       <tbody class="bg-slate-100 divide-y divide-slate-300">
@@ -32,6 +50,15 @@
             {% endif %}
           </td>
           <td class="px-4 py-3 text-sm text-slate-800">{{ user.case_email }}</td>
+          <td class="px-4 py-3 text-sm text-slate-800">
+            <form method="POST" action="/admin/users/{{ user.uid }}/reset-password" style="display: inline;">
+              <button type="submit"
+                      class="text-blue-600 hover:text-blue-800 text-sm font-medium underline"
+                      onclick="return confirm('Are you sure you want to reset the password for {{ user.user_email }}? This will send a password reset email to their account.')">
+                Reset Password
+              </button>
+            </form>
+          </td>
         </tr>
         {% else %}
         <tr>