from django.shortcuts import render, redirect, get_object_or_404
from django.contrib.auth import authenticate, login, logout
from django.contrib.auth.models import User
from django.contrib.auth.decorators import login_required

def login_view(request):
    if request.method == 'POST':
        username = request.POST['username']
        password = request.POST['password']
        user = authenticate(request, username=username, password=password)

        if user is not None and user.is_superuser:
            login(request, user)
            return redirect('dashboard')
        else:
            return render(request, 'Dashboard/login.html', {'error': 'Only superusers can log in.' if user is not None else 'Invalid credentials.'})
    return render(request, 'Dashboard/login.html')

@login_required
def dashboard(request):
    users = User.objects.all()
    return render(request, 'Dashboard/dashboard.html', {'users': users})

@login_required
def add_user(request):
    if request.method == 'POST':
        username = request.POST['username']
        password = request.POST['password']
        confirm_password = request.POST['confirm_password']
        email = request.POST['email']

        if password != confirm_password:
            return render(request, 'Dashboard/add_user.html', {
                'error': 'Passwords do not match.'
            })

        User.objects.create_user(username=username, password=password, email=email)
        return redirect('dashboard')
    return render(request, 'Dashboard/add_user.html')

@login_required
def edit_user(request, user_id):
    user = get_object_or_404(User, id=user_id)
    if request.method == 'POST':
        user.username = request.POST['username']
        user.email = request.POST['email']
        password = request.POST['password']
        confirm_password = request.POST['confirm_password']
        if (password is not None or confirm_password is not None) and (password == confirm_password):
            user.set_password(request.POST['password'])
        elif (password is not None or confirm_password is not None) and (password != confirm_password):
            return render(request, 'Dashboard/edit_user.html', {
                'error': 'Passwords do not match.'
            })
        user.save()
        return redirect('dashboard')
    return render(request, 'Dashboard/edit_user.html', {'user': user})

@login_required
def delete_user(request, user_id):
    user = get_object_or_404(User, id=user_id)
    user.delete()
    return redirect('dashboard')

def logout_view(request):
    logout(request)
    return redirect('login')