Multiuser system initiated with log recording

backend/database.py

@@ -2,12 +2,20 @@
 import sqlite3
 import os
 from werkzeug.security import generate_password_hash
+from datetime import datetime
 
 # Save the database in the backend folder
 DB_FILE = os.path.abspath(os.path.join(os.path.dirname(__file__), "..", "database", "mxpic_data.db"))
 
+def connect_db():
+    conn = sqlite3.connect(DB_FILE, timeout=20)
+    conn.execute("PRAGMA journal_mode=WAL")
+    conn.execute("PRAGMA busy_timeout=20000")
+    return conn
+
 def init_db():
-    conn = sqlite3.connect(DB_FILE)
+    os.makedirs(os.path.dirname(DB_FILE), exist_ok=True)
+    conn = connect_db()
     cursor = conn.cursor()
 
     # Create Users Table
@@ -18,25 +26,138 @@ def init_db():
             password_hash TEXT NOT NULL
         )
     ''')
+
+    cursor.execute('''
+        CREATE TABLE IF NOT EXISTS user_logs (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            user_id INTEGER NOT NULL,
+            username TEXT NOT NULL,
+            action TEXT NOT NULL,
+            project TEXT,
+            cell TEXT,
+            detail TEXT,
+            ip_address TEXT,
+            created_at TEXT NOT NULL,
+            FOREIGN KEY(user_id) REFERENCES users(id)
+        )
+    ''')
+
+    cursor.execute("PRAGMA table_info(users)")
+    existing_columns = {row[1] for row in cursor.fetchall()}
+    migrations = {
+        "created_at": "ALTER TABLE users ADD COLUMN created_at TEXT",
+        "credits": "ALTER TABLE users ADD COLUMN credits INTEGER NOT NULL DEFAULT 0",
+        "occupation": "ALTER TABLE users ADD COLUMN occupation TEXT NOT NULL DEFAULT 'intern'",
+    }
+    for column, statement in migrations.items():
+        if column not in existing_columns:
+            cursor.execute(statement)
+
+    now = datetime.utcnow().strftime("%Y-%m-%d")
+    cursor.execute("UPDATE users SET created_at = ? WHERE created_at IS NULL OR created_at = ''", (now,))
     
-    # Insert a test user if the table is empty
+    # Insert default users for local multi-account development.
     cursor.execute("SELECT * FROM users WHERE username = 'admin'")
     if not cursor.fetchone():
         test_hash = generate_password_hash("123456")
-        cursor.execute("INSERT INTO users (username, password_hash) VALUES (?, ?)", ("admin", test_hash))
+        cursor.execute(
+            "INSERT INTO users (username, password_hash, created_at, credits, occupation) VALUES (?, ?, ?, ?, ?)",
+            ("admin", test_hash, now, 0, "principle engineer")
+        )
         print("Test user created. Username: admin | Password: 123456")
 
+    cursor.execute("SELECT * FROM users WHERE username = 'engineer'")
+    if not cursor.fetchone():
+        test_hash = generate_password_hash("123456")
+        cursor.execute(
+            "INSERT INTO users (username, password_hash, created_at, credits, occupation) VALUES (?, ?, ?, ?, ?)",
+            ("engineer", test_hash, now, 0, "junior engineer")
+        )
+        print("Second test user created. Username: engineer | Password: 123456")
+
     conn.commit()
     conn.close()
 
 def get_user(username):
-    conn = sqlite3.connect(DB_FILE)
+    conn = connect_db()
     cursor = conn.cursor()
     cursor.execute("SELECT id, username, password_hash FROM users WHERE username = ?", (username,))
     user = cursor.fetchone()
     conn.close()
     return user
 
+def get_user_profile(user_id):
+    conn = connect_db()
+    cursor = conn.cursor()
+    cursor.execute(
+        "SELECT id, username, created_at, credits, occupation FROM users WHERE id = ?",
+        (user_id,)
+    )
+    user = cursor.fetchone()
+    conn.close()
+    return user
+
+def get_user_auth_by_id(user_id):
+    conn = connect_db()
+    cursor = conn.cursor()
+    cursor.execute("SELECT id, username, password_hash FROM users WHERE id = ?", (user_id,))
+    user = cursor.fetchone()
+    conn.close()
+    return user
+
+def update_user_occupation(user_id, occupation):
+    conn = connect_db()
+    cursor = conn.cursor()
+    cursor.execute("UPDATE users SET occupation = ? WHERE id = ?", (occupation, user_id))
+    conn.commit()
+    conn.close()
+
+def update_user_password(user_id, password):
+    conn = connect_db()
+    cursor = conn.cursor()
+    cursor.execute("UPDATE users SET password_hash = ? WHERE id = ?", (generate_password_hash(password), user_id))
+    conn.commit()
+    conn.close()
+
+def add_user_log(user_id, username, action, project=None, cell=None, detail=None, ip_address=None):
+    conn = connect_db()
+    cursor = conn.cursor()
+    cursor.execute(
+        '''
+        INSERT INTO user_logs (user_id, username, action, project, cell, detail, ip_address, created_at)
+        VALUES (?, ?, ?, ?, ?, ?, ?, ?)
+        ''',
+        (
+            user_id,
+            username,
+            action,
+            project,
+            cell,
+            detail,
+            ip_address,
+            datetime.utcnow().isoformat(timespec="seconds") + "Z"
+        )
+    )
+    conn.commit()
+    conn.close()
+
+def list_user_logs(user_id, limit=200):
+    conn = connect_db()
+    cursor = conn.cursor()
+    cursor.execute(
+        '''
+        SELECT id, action, project, cell, detail, ip_address, created_at
+        FROM user_logs
+        WHERE user_id = ?
+        ORDER BY id DESC
+        LIMIT ?
+        ''',
+        (user_id, limit)
+    )
+    rows = cursor.fetchall()
+    conn.close()
+    return rows
+
 if __name__ == "__main__":
     init_db()
     print("Database initialized successfully.")