from flask import Blueprint, request, jsonify, render_template, session from .forms.order_form import OrderForm from .database import save_order from shared.utils import get_wp_user_context, validate_jwt_token wp_orders_routes = Blueprint("wp_orders", __name__, template_folder="templates", static_folder="static") @wp_orders_routes.route('/order', methods=['GET', 'POST']) def order(): print("📍 Ruta: /order") token = request.cookies.get("wpflask_jwt") or session.get("jwt_token") or request.headers.get("Authorization", "").replace("Bearer ", "") if not token: print("❌ Token JWT no encontrado") return "No autorizado", 401 user_context = get_wp_user_context(token) if not user_context: print("❌ JWT inválido o expirado") return "Token inválido", 401 if request.method == 'POST': user_id = request.form.get("user") item = request.form.get("item") if not user_id or not item: return jsonify({"success": False, "message": "❌ Datos incompletos"}), 400 save_order(user_id, item) return jsonify({"success": True, "message": "✅ Pedido guardado correctamente"}) user = user_context.get("user") employees = user_context.get("employees", []) print(f"✅ Renderizando HTML con usuario: {user.get('username')} y {len(employees)} empleados.") return render_template("order.html", user=user, employees=employees) @wp_orders_routes.route('/order/users', methods=['GET']) def order_users(): print("📥 Petición de usuarios para pedidos") token = request.headers.get("Authorization", "").replace("Bearer ", "") if not token: return jsonify({"error": "Falta token"}), 401 allowed_roles = request.args.get("roles", "").split(",") user_context = get_wp_user_context(token) if not user_context: return jsonify({"error": "Token inválido"}), 401 employees = user_context.get("employees", []) filtered = [emp for emp in employees if any(role in emp.get("roles", []) for role in allowed_roles)] print(f"✅ Usuarios filtrados por roles ({allowed_roles}): {len(filtered)}") return jsonify(filtered)