from flask import Flask, request, jsonify
import requests
import json
import base64

app = Flask(__name__)

# GitHub credentials from environment variables
GITHUB_TOKEN = 'your_github_token'  # Replace with your GitHub token
REPO_OWNER = 'hussein2000-oo'
REPO_NAME = 'dbailloolloloolollhrthlnewrgnk'
USER_FILE_NAME = 'user.json'

# Function to fetch user data from GitHub
def fetch_user_data():
    url = f'https://api.github.com/repos/{REPO_OWNER}/{REPO_NAME}/contents/{USER_FILE_NAME}'
    headers = {'Authorization': f'token {GITHUB_TOKEN}'}
    response = requests.get(url, headers=headers)
    
    if response.status_code == 200:
        content = response.json()
        user_data = json.loads(base64.b64decode(content['content']).decode('utf-8'))
        return user_data, content['sha']  # Return the SHA for updating the file
    else:
        return {}, None  # Return an empty dict if fetching fails

# Function to update user data on GitHub
def update_user_data(user_data, sha):
    url = f'https://api.github.com/repos/{REPO_OWNER}/{REPO_NAME}/contents/{USER_FILE_NAME}'
    headers = {'Authorization': f'token {GITHUB_TOKEN}'}
    
    updated_content = base64.b64encode(json.dumps(user_data).encode('utf-8')).decode('utf-8')
    
    payload = {
        "message": "Update user.json with new password",
        "content": updated_content,
        "sha": sha
    }
    
    response = requests.put(url, headers=headers, json=payload)
    return response.status_code == 200

@app.route('/reset_password', methods=['POST'])
def reset_password():
    data = request.json
    username = data.get('username')
    
    user_data, sha = fetch_user_data()
    
    if username in user_data:
        questions = user_data[username]['security_questions']
        answers = {}
        
        for question in questions:
            answer = input(f"{question}: ")
            answers[question] = answer
            
        # Check if answers match
        if all(user_data[username]['security_questions'][q] == answers[q] for q in questions):
            new_password = input("Enter your new password: ")
            user_data[username]['password'] = new_password
            if update_user_data(user_data, sha):
                return jsonify({"message": "Password reset successfully."}), 200
            else:
                return jsonify({"message": "Failed to update user data."}), 500
        else:
            return jsonify({"message": "Security answers do not match."}), 403
    else:
        return jsonify({"message": "User  not found."}), 404


if __name__ == '__main__':
    app.run(host="0.0.0.0", port=7860)