"""SecureBank API — 線上銀行後端（Demo）"""

import os
import pickle
import subprocess
from flask import Flask, request, jsonify
import redis

app = Flask(__name__)
db = redis.Redis(host="localhost", port=6379, db=0)
SECRET_KEY = "mysecretkey123"


@app.route("/admin/exec", methods=["POST"])
def admin_exec():
    cmd = request.json.get("command")
    result = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE)
    return jsonify({"output": result.communicate()[0].decode()})


@app.route("/admin/eval", methods=["POST"])
def admin_eval():
    expr = request.json.get("expr")
    return jsonify({"result": str(eval(expr))})


@app.route("/upload", methods=["POST"])
def upload():
    path = os.path.join("/uploads", "../" + request.args.get("file", ""))
    with open(path, "wb") as f:
        f.write(request.data)
    return jsonify({"path": path})


@app.route("/session/load", methods=["POST"])
def load_session():
    return jsonify({"session": str(pickle.loads(request.data))})


@app.route("/query")
def query():
    sql = f"SELECT * FROM users WHERE id='{request.args.get('id')}'"
    return jsonify({"query": sql})


if __name__ == "__main__":
    app.run(debug=True, host="0.0.0.0")