from flask import Blueprint, render_template, redirect, url_for, flash
from flask_login import login_required, current_user
from models import Order

user_bp = Blueprint('user', __name__)

@user_bp.route('/profile')
@login_required
def profile():

  orders = Order.query.filter_by(user_id=current_user.id).all()
  return render_template('user_profile.html', orders=orders)

@user_bp.route('/orders/<int:order_id>')
@login_required
def order_details(order_id):
  order = Order.query.get_or_404(order_id)

  if order.user_id != current_user.id:
    flash("Access denied", "danger")
    return redirect(url_for('user.profile'))
  return render_template('order_details.html', order=order)