Add health check endpoint and enhance admin verification logic

- Introduced a new public `/health` endpoint to verify database connectivity and list active admin users. - Updated `verify_admin` function to return the actual username on successful verification and handle various password hashing schemes, including legacy formats. - Modified login logic to use the returned username for session management. - Updated `login.html` form to support file uploads by adding `enctype` attribute.
2026-02-18 09:01:52 +02:00
parent 9193f2a7b1
commit 0c9494da56
5 changed files with 183 additions and 18 deletions
--- a/app.py
+++ b/app.py
@@ -9,6 +9,34 @@ app = Flask(__name__)
 app.secret_key = config.SECRET_KEY


+@app.route("/health")
+def health():
+    """Public endpoint to verify database connection (no login required)."""
+    try:
+        with get_cursor() as cur:
+            cur.execute("SELECT current_database() AS db")
+            row = cur.fetchone()
+            db_name = row["db"] if row else "?"
+            cur.execute("SELECT username, role, is_active FROM users WHERE role = 'admin' AND is_active = TRUE")
+            admins = [r["username"] for r in cur.fetchall()]
+        return {
+            "status": "ok",
+            "database": "connected",
+            "db_name": db_name,
+            "db_host": config.DB_AUTH_HOST,
+            "admin_users": admins,
+            "message": "Portal is connected to the database. Admin users (for login): " + ", ".join(admins) if admins else "Portal is connected. No admin users in database.",
+        }, 200
+    except Exception as e:
+        return {
+            "status": "error",
+            "database": "disconnected",
+            "error": str(e),
+            "db_host": config.DB_AUTH_HOST,
+            "db_name": config.DB_AUTH_NAME,
+        }, 503
+
+
@app.errorhandler(500)
 def handle_500(e):
    tb = traceback.format_exc()
@@ -45,10 +73,11 @@ def login():
    if not username or not password:
        flash("Username and password required.", "error")
        return render_template("login.html")
-    if not verify_admin(username, password):
+    admin_username = verify_admin(username, password)
+    if not admin_username:
        flash("Invalid credentials or not an admin user.", "error")
        return render_template("login.html")
-    session["admin_username"] = username
+    session["admin_username"] = admin_username
    session.permanent = True
    return redirect(url_for("index"))