from flask import Flask, request, jsonify
from flask_sqlalchemy import SQLAlchemy
from flask_jwt_extended import JWTManager, create_access_token, jwt_required, get_jwt_identity
from werkzeug.security import generate_password_hash, check_password_hash
import datetime
import os
from flask_migrate import Migrate
from flask_mail import Mail, Message
import pyotp
from werkzeug.utils import secure_filename

app = Flask(__name__)
app.config[‘SQLALCHEMY_DATABASE_URI’] = ‘sqlite:///law_firm.db’
app.config[‘SQLALCHEMY_TRACK_MODIFICATIONS’] = False
app.config[‘JWT_SECRET_KEY’] = ‘supersecretkey’
app.config[‘UPLOAD_FOLDER’] = ‘uploads’
os.makedirs(app.config[‘UPLOAD_FOLDER’], exist_ok=True)
app.config[‘MAIL_SERVER’] = ‘smtp.example.com’
app.config[‘MAIL_PORT’] = 587
app.config[‘MAIL_USE_TLS’] = True
app.config[‘MAIL_USERNAME’] = ‘your_email@example.com’
app.config[‘MAIL_PASSWORD’] = ‘your_email_password’

db = SQLAlchemy(app)
migrate = Migrate(app, db)
jwt = JWTManager(app)
mail = Mail(app)

# Models
class User(db.Model):
id = db.Column(db.Integer, primary_key=True)
username = db.Column(db.String(50), unique=True, nullable=False)
password = db.Column(db.String(255), nullable=False)
role = db.Column(db.String(20), nullable=False, default=’lawyer’)
email = db.Column(db.String(100), unique=True, nullable=False)
otp_secret = db.Column(db.String(16), nullable=False, default=pyotp.random_base32())

class Case(db.Model):
id = db.Column(db.Integer, primary_key=True)
case_number = db.Column(db.String(50), unique=True, nullable=False)
client_name = db.Column(db.String(100), nullable=False)
status = db.Column(db.String(20), nullable=False, default=’Open’)
hearing_date = db.Column(db.DateTime, nullable=True)

class Session(db.Model):
id = db.Column(db.Integer, primary_key=True)
case_id = db.Column(db.Integer, db.ForeignKey(‘case.id’), nullable=False)
date = db.Column(db.DateTime, nullable=False)
notes = db.Column(db.Text, nullable=True)

class Invoice(db.Model):
id = db.Column(db.Integer, primary_key=True)
case_id = db.Column(db.Integer, db.ForeignKey(‘case.id’), nullable=False)
amount = db.Column(db.Float, nullable=False)
status = db.Column(db.String(20), nullable=False, default=’Pending’)

# Routes
@app.route(‘/register’, methods=[‘POST’])
def register():
data = request.get_json()
hashed_password = generate_password_hash(data[‘password’])
new_user = User(username=data[‘username’], password=hashed_password, email=data[’email’])
db.session.add(new_user)
db.session.commit()
return jsonify({‘message’: ‘User registered successfully’}), 201

@app.route(‘/login’, methods=[‘POST’])
def login():
data = request.get_json()
user = User.query.filter_by(username=data[‘username’]).first()
if user and check_password_hash(user.password, data[‘password’]):
otp = pyotp.TOTP(user.otp_secret).now()
msg = Message(‘Your OTP Code’, sender=’your_email@example.com’, recipients=[user.email])
msg.body = f’Your OTP code is {otp}’
mail.send(msg)
return jsonify({‘message’: ‘OTP sent to email’}), 200
return jsonify({‘message’: ‘Invalid credentials’}), 401

@app.route(‘/verify-otp’, methods=[‘POST’])
def verify_otp():
data = request.get_json()
user = User.query.filter_by(username=data[‘username’]).first()
if user and pyotp.TOTP(user.otp_secret).verify(data[‘otp’]):
access_token = create_access_token(identity={‘username’: user.username, ‘role’: user.role})
return jsonify({‘access_token’: access_token}), 200
return jsonify({‘message’: ‘Invalid OTP’}), 401

@app.route(‘/cases’, methods=[‘GET’])
@jwt_required()
def get_cases():
cases = Case.query.all()
return jsonify([{‘id’: case.id, ‘case_number’: case.case_number, ‘client_name’: case.client_name, ‘status’: case.status, ‘hearing_date’: case.hearing_date} for case in cases])

@app.route(‘/upload’, methods=[‘POST’])
@jwt_required()
def upload_file():
if ‘file’ not in request.files:
return jsonify({‘message’: ‘No file part’}), 400
file = request.files[‘file’] if file.filename == ”:
return jsonify({‘message’: ‘No selected file’}), 400
filename = secure_filename(file.filename)
file.save(os.path.join(app.config[‘UPLOAD_FOLDER’], filename))
return jsonify({‘message’: ‘File uploaded successfully’, ‘filename’: filename}), 200

if __name__ == ‘__main__’:
db.create_all()
app.run(debug=True)