From c59194e31022da5f98d9f7973f260b34fb64fd77 Mon Sep 17 00:00:00 2001 From: "XPS\\Micro" Date: Sun, 1 Feb 2026 17:04:58 +0100 Subject: [PATCH] feat: add list-users action to debug API Debug API now supports 'list-users' action to view all registered users without needing JWT authentication. Useful for quick debugging via X-Debug-Token header. --- admin_api.py | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/admin_api.py b/admin_api.py index e016cdb..0bfda10 100644 --- a/admin_api.py +++ b/admin_api.py @@ -465,6 +465,28 @@ def debug_management(): db.session.rollback() return jsonify({'error': f'Fehler: {str(e)}'}), 500 + # ===== list-users ===== + elif action == 'list-users': + users = User.query.all() + users_list = [] + for user in users: + users_list.append({ + 'id': user.id, + 'email': user.email, + 'slug': user.slug, + 'state': user.state, + 'is_admin': user.is_admin, + 'is_blocked': user.is_blocked, + 'created_at': user.created_at.isoformat() if user.created_at else None, + 'last_used': user.last_used.isoformat() if user.last_used else None + }) + + return jsonify({ + 'action': 'list-users', + 'users': users_list, + 'total': len(users_list) + }), 200 + # ===== info ===== elif action == 'info' or not action: return jsonify({ @@ -473,12 +495,14 @@ def debug_management(): 'actions': { 'view-logs': 'Zeigt letzte 100 Zeilen der Logs', 'clear-logs': 'Löscht alle Logs', + 'list-users': 'Listet alle registrierten User auf', 'delete-email': 'Löscht User (Parameter: email=...)', 'delete-token': 'Löscht Magic Link Tokens (Parameter: email=...)', 'info': 'Diese Hilfe' }, 'examples': [ 'GET /api/admin/debug?action=view-logs -H "X-Debug-Token: xxx"', + 'GET /api/admin/debug?action=list-users -H "X-Debug-Token: xxx"', 'GET /api/admin/debug?action=delete-email&email=test@example.com', 'GET /api/admin/debug?action=delete-token&email=test@example.com' ]