notid/rothbard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update admin interface: enhance user management UI and fix admin.py logic

Browse Source
This commit is contained in:
Bryce
2025-11-09 21:10:37 -08:00
parent 6c3ad7b18d
commit fbcf901c8d
2 changed files with 54 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
admin.py
View File

@@ -84,6 +84,33 @@ def register_admin_routes(app):
return render_template("admin_user_edit.html", user=user) return render_template("admin_user_edit.html", user=user)
@app.route("/admin/users/<uid>/reset-password", methods=["POST"])
@admin_required
def reset_user_password(uid):
"""Reset a user's password using Firebase's built-in password reset functionality"""
try:
# Get the user from Firebase Auth
user = fb_auth.get_user(uid)
# Generate password reset link using Firebase Auth
password_reset_link = fb_auth.generate_password_reset_link(user.email)
# Send password reset email using Firebase's built-in template
# This will send an email to the user with a link to reset their password
# Firebase automatically handles the email template and delivery
print(f"[INFO] Password reset link generated for {user.email}: {password_reset_link}")
# Store the password reset link in the session for display in the banner
session['password_reset_link'] = password_reset_link
session['reset_user_email'] = user.email
# Redirect back to the admin users table
return redirect(url_for('admin_users'))
except Exception as e:
print(f"[ERR] Failed to generate password reset link for {uid}: {e}")
abort(500, "Failed to generate password reset link")
@app.route("/admin/users/update", methods=["POST"]) @app.route("/admin/users/update", methods=["POST"])
@admin_required @admin_required
def update_user(): def update_user():

27
templates/admin_users.html
View File

@@ -1,6 +1,23 @@
{% extends 'base.html' %} {% extends 'base.html' %}
{% block content %} {% block content %}
<div class="h-full flex flex-col"> <div class="h-full flex flex-col">
{% if session.get('password_reset_link') %}
<div class="bg-blue-50 border border-blue-200 text-blue-800 px-4 py-3 rounded-md mb-4">
<p class="font-medium">Please send an email to {{ session.get('reset_user_email') }}</p>
<p class="mt-1">
<strong>Be sure to include this password reset link:</strong>
<a href="{{ session.get('password_reset_link') }}"
class="text-blue-600 hover:text-blue-800 underline"
target="_blank">
{{ session.get('password_reset_link') }}
</a>
</p>
</div>
{% endif %}
{% if session.get('password_reset_link') %}
{% set _ = session.pop('password_reset_link', None) %}
{% set _ = session.pop('reset_user_email', None) %}
{% endif %}
<h1 class="text-xl font-semibold mb-4">Admin: User Management</h1> <h1 class="text-xl font-semibold mb-4">Admin: User Management</h1>
<div class="overflow-scroll"> <div class="overflow-scroll">
@@ -11,6 +28,7 @@
<th class="px-4 py-3">Enabled</th> <th class="px-4 py-3">Enabled</th>
<th class="px-4 py-3">Admin</th> <th class="px-4 py-3">Admin</th>
<th class="px-4 py-3">Case Email</th> <th class="px-4 py-3">Case Email</th>
<th class="px-4 py-3">Actions</th>
</tr> </tr>
</thead> </thead>
<tbody class="bg-slate-100 divide-y divide-slate-300"> <tbody class="bg-slate-100 divide-y divide-slate-300">
@@ -32,6 +50,15 @@
{% endif %} {% endif %}
</td> </td>
<td class="px-4 py-3 text-sm text-slate-800">{{ user.case_email }}</td> <td class="px-4 py-3 text-sm text-slate-800">{{ user.case_email }}</td>
<td class="px-4 py-3 text-sm text-slate-800">
<form method="POST" action="/admin/users/{{ user.uid }}/reset-password" style="display: inline;">
<button type="submit"
class="text-blue-600 hover:text-blue-800 text-sm font-medium underline"
onclick="return confirm('Are you sure you want to reset the password for {{ user.user_email }}? This will send a password reset email to their account.')">
Reset Password
</button>
</form>
</td>
</tr> </tr>
{% else %} {% else %}
<tr> <tr>