FEAT: Added backend admin functionality

web_server/blueprints/__init__.py

@@ -9,6 +9,7 @@ from blueprints.stripe import stripe_bp
 from blueprints.user import user_bp
 from blueprints.streams import stream_bp
 from blueprints.chat import chat_bp
+from blueprints.admin import admin_bp
 from blueprints.oauth import oauth_bp, init_oauth
 from blueprints.socket import socketio
 from celery import Celery
@@ -73,6 +74,7 @@ def create_app():
         app.register_blueprint(chat_bp)
         app.register_blueprint(oauth_bp)
         app.register_blueprint(search_bp)
+        app.register_blueprint(admin_bp)
 
         socketio.init_app(app)
 

web_server/blueprints/admin.py

@@ -1,9 +1,29 @@
-from flask import Blueprint
-from blueprints.middleware import admin_required
+from flask import Blueprint, session
+from database.database import Database
+from utils.utils import sanitize
 
 admin_bp = Blueprint("admin", __name__)
 
-@admin_required
-@admin_bp.route('admin/delete_user/<int:user_id>')
-def admin_delete_user(user_id):
-    return
+@admin_bp.route('/ban_user/<int:banned_user>')
+def admin_delete_user(banned_user):
+    # Sanitise the user input
+    banned_user = sanitize(banned_user)
+
+    # Create a connection to the database
+    db = Database()
+    db.create_connection()
+
+    # Check if the user is an admin
+    username = session.get("username")
+    is_admin = db.fetchone("""
+                        SELECT is_admin
+                        FROM users
+                        WHERE username = ?;
+                        """, (username,))
+    
+    # Check if the user exists
+    user_exists = db.fetchone("""SELECT user_id from users WHERE username = ?;""", (banned_user))
+
+    # If the user is an admin, try to delete the account
+    if is_admin and user_exists:
+        db.execute("""DELETE FROM users WHERE username = ?;""", (banned_user))