From af7e24a94868b590215882d89d7c8e1d9caf1e50 Mon Sep 17 00:00:00 2001
From: Simon Cloutier <simon@qic.ca>
Date: Thu, 3 Apr 2025 15:58:07 -0400
Subject: [PATCH] working for the most part

---
 app/__pycache__/app.cpython-39.pyc            | Bin 1520 -> 1455 bytes
 app/app.py                                    |   6 +-
 app/db_connection.py                          |  11 +
 app/db_interface.py                           |  78 +++++--
 app/static/styles.css                         |  62 ++++-
 app/templates/base.html                       |   2 +-
 app/templates/group_list.html                 |   2 +-
 app/templates/index.html                      |  35 ++-
 app/templates/stats.html                      | 213 ++++++++++--------
 app/templates/user_list.html                  |   4 +-
 .../__pycache__/group_views.cpython-39.pyc    | Bin 1348 -> 1358 bytes
 .../__pycache__/index_views.cpython-39.pyc    | Bin 3136 -> 2084 bytes
 .../__pycache__/user_views.cpython-39.pyc     | Bin 1827 -> 1869 bytes
 app/views/group_views.py                      |   4 +-
 app/views/index_views.py                      |  30 +--
 app/views/stats_views.py                      |  82 +++++++
 app/views/user_views.py                       |   4 +-
 db/init/init-schema.sql                       |   2 +-
 18 files changed, 367 insertions(+), 168 deletions(-)
 create mode 100644 app/db_connection.py
 create mode 100644 app/views/stats_views.py

diff --git a/app/__pycache__/app.cpython-39.pyc b/app/__pycache__/app.cpython-39.pyc
index 48dca6f5ce18aea52e1716865a145fccaef281b7..03f42eee7c0ba9f9c81c93a4702c9cbfe7beac93 100644
GIT binary patch
delta 577
zcmY*VK}+LM5Y9{6w5Cm(q_I_N(^_4j2<ugl{Ra!OEG&{sshzQ;q$)3US1<OkUJJ@Q
z?9mj#t3P6I9`*<HH|&D!&6|_gD*9k%zWL_OH}l?O{yuMX3`1Aw+}-@^{kk@4?A!I$
zm(jrVO{RbX*|6vrWwd;YVlK1?j_)u98J2!B-$l1?#EWQ77;y<M!@`8|=^X2jpQwHX
zt^N|(a=e0-34;O{W0meZSOF7?V2x9L6|3<o7W*|)8YNO*T*vBM)_W~cC2pWL=Np&<
z8yqR-_8X`}=}lGu_a%$hV37uwp>nCv+D%efgC$~?VMQ|QlA(F93blfyHX!>|X?fy;
z?P-~4*cnFRf!$`c?HLZ$ea)ty<F<HEn}$a)Qj@P#c}YB}pLZ--eD54er*??FPWQas
z<Hx5b?J$UjO`>0#UGX=y`>Dlv=6$Q2CHu|b2=J`U5dx0g;pUs>GU3(-agaV}`u6t#
ze?%YUwrz>|0+pv)_xR{A=y6^ANw2fK_@BP2my%g-;t~Zud)F&+#9gK?erG&`nQD&d
HshK?k@!N&H

delta 624
zcmZ{gJ#X4j6o!3maKK<=3=SVLBn5_`NH9l?S*uo6he}=$<(yKG^Py{3YO`cW#necp
zSIU&ZjG40aA9U>x$k3&0hyH;|J-&q&sja1Z{rb7@dGGPL%YDz8Bhxe#dVYNRHhH%&
z8|=~I;K_w=f&zMA`4+vmg2J)w+e|@*#Y^Tp=*)6)3G+)vEYW4iEE)g2(pfN;s_&vT
z+on~CtLQEn<RE{glHW!bOt7GErTI0i#dS1iJF6rwZeWe{MH1_69>q=6SEeRrz=om>
zb7oC6z*&FAyHKL5%HY0LsL?%ih-?$7Kvj|llF$`UhaE{;l6XWK(3GSNdg`gt-4%28
zSbSlzn5)lpn?}TK@l|crJd&ZB%uMAD?dMzl2|s;x7K(-16Av}#s6dqes`#ynr0$CW
zPDbN5L+Kv|(=gg2ybddoKG*wUG>SrTqa7Sd)q5Eo2e*u;>GYqWX=&?h1i9i`8w_~)
ze-+mB1n~8cBTPAtqy3H23h8b~SgGg6y*@rYc`=>vtoV>>Gedk#z3(JH%#%jBn{0{w
Tucid1X?SU`pk|n%{aHT&IsA)9

diff --git a/app/app.py b/app/app.py
index 12ee52e..7510aac 100644
--- a/app/app.py
+++ b/app/app.py
@@ -2,6 +2,7 @@ from flask import Flask, redirect, url_for, render_template
 from views.index_views import index
 from views.user_views import user
 from views.group_views import group
+from views.stats_views import stats
 from config import app_config
 
 
@@ -24,6 +25,7 @@ app.logger.setLevel(logging.INFO)
 app.register_blueprint(index)
 app.register_blueprint(user, url_prefix='/user')
 app.register_blueprint(group, url_prefix='/group')
+app.register_blueprint(stats, url_prefix='/stats')
 
 @app.route('/user_list')
 def legacy_user_list():
@@ -33,10 +35,6 @@ def legacy_user_list():
 def legacy_group_list():
     return redirect(url_for('group.group_list'))
 
-@app.route('/stats')
-def stats():
-    return render_template('stats.html')
-
 @app.route('/')
 def index_redirect():
     return render_template('index.html')
diff --git a/app/db_connection.py b/app/db_connection.py
new file mode 100644
index 0000000..5742f2c
--- /dev/null
+++ b/app/db_connection.py
@@ -0,0 +1,11 @@
+import mysql.connector
+import os
+
+def get_connection():
+    return mysql.connector.connect(
+        host=os.getenv('DB_HOST'),
+        port=int(os.getenv('DB_PORT', 3306)),
+        user=os.getenv('DB_USER'),
+        password=os.getenv('DB_PASSWORD'),
+        database=os.getenv('DB_NAME'),
+    )
diff --git a/app/db_interface.py b/app/db_interface.py
index b2a5eee..7af9983 100644
--- a/app/db_interface.py
+++ b/app/db_interface.py
@@ -4,14 +4,8 @@ import datetime
 import requests
 import time
 import os
-
-def get_connection():
-    return mysql.connector.connect(
-        host=current_app.config['DB_HOST'],
-        user=current_app.config['DB_USER'],
-        password=current_app.config['DB_PASSWORD'],
-        database=current_app.config['DB_NAME']
-    )
+import pytz
+from db_connection import get_connection
 
 
 def get_all_users():
@@ -45,10 +39,10 @@ def get_all_groups():
         FROM groups g
         ORDER BY g.vlan_id
     """)
-    groups = cursor.fetchall()
+    available_groups = cursor.fetchall()
     cursor.close()
     conn.close()
-    return groups
+    return available_groups
 
 
 
@@ -106,6 +100,7 @@ def duplicate_group(vlan_id):
 
 
 def add_user(mac_address, description, vlan_id):
+    print(f"→ Adding to DB: mac={mac_address}, desc={description}, vlan={vlan_id}")
     conn = get_connection()
     cursor = conn.cursor()
     cursor.execute(
@@ -144,19 +139,61 @@ def delete_user(mac_address):
     conn.close()
 
 
-def get_latest_auth_logs(result, limit=10):
+def get_latest_auth_logs(reply_type=None, limit=5, time_range=None):
     conn = get_connection()
     cursor = conn.cursor(dictionary=True)
-    cursor.execute(
-        "SELECT * FROM auth_logs WHERE result = %s ORDER BY timestamp DESC LIMIT %s",
-        (result, limit)
-    )
+
+    # Determine the time filter based on the time_range
+    if time_range:
+        now = datetime.now(pytz.timezone(current_app.config.get('APP_TIMEZONE', 'UTC')))
+        if time_range == 'last_minute':
+            time_filter = now - timedelta(minutes=1)
+        elif time_range == 'last_5_minutes':
+            time_filter = now - timedelta(minutes=5)
+        elif time_range == 'last_10_minutes':
+            time_filter = now - timedelta(minutes=10)
+        elif time_range == 'last_hour':
+            time_filter = now - timedelta(hours=1)
+        elif time_range == 'last_6_hours':
+            time_filter = now - timedelta(hours=6)
+        elif time_range == 'last_12_hours':
+            time_filter = now - timedelta(hours=12)
+        elif time_range == 'last_day':
+            time_filter = now - timedelta(days=1)
+        elif time_range == 'last_30_days':
+            time_filter = now - timedelta(days=30)
+        else:  # 'all' case
+            time_filter = None
+
+        if time_filter:
+            cursor.execute("""
+                SELECT * FROM auth_logs
+                WHERE reply = %s AND timestamp >= %s
+                ORDER BY timestamp DESC
+                LIMIT %s
+            """, (reply_type, time_filter, limit))
+        else:
+            cursor.execute("""
+                SELECT * FROM auth_logs
+                WHERE reply = %s
+                ORDER BY timestamp DESC
+                LIMIT %s
+            """, (reply_type, limit))
+    else:
+        cursor.execute("""
+            SELECT * FROM auth_logs
+            WHERE reply = %s
+            ORDER BY timestamp DESC
+            LIMIT %s
+        """, (reply_type, limit))
+
     logs = cursor.fetchall()
     cursor.close()
     conn.close()
     return logs
 
 
+
 def get_vendor_info(mac, insert_if_found=True):
     conn = get_connection()
     cursor = conn.cursor(dictionary=True)
@@ -410,3 +447,14 @@ def lookup_mac_verbose(mac):
     conn.close()
     return "\n".join(output)
 
+def get_user_by_mac(mac_address):
+    conn = get_connection()
+    cursor = conn.cursor(dictionary=True)
+
+    cursor.execute("""
+        SELECT * FROM users WHERE mac_address = %s
+    """, (mac_address,))
+    user = cursor.fetchone()
+    cursor.close()
+    conn.close()
+    return user
diff --git a/app/static/styles.css b/app/static/styles.css
index 2184883..39820b3 100644
--- a/app/static/styles.css
+++ b/app/static/styles.css
@@ -115,7 +115,12 @@ table.styled-table {
 .styled-table th {
   background-color: var(--header-bg);
   color: var(--fg);
-  text-align: left;
+  text-align: center;
+}
+
+/* 🧩 Fix: Remove right border from last column */
+.styled-table thead th:last-child {
+  border-right: none;
 }
 
 .styled-table input[type="text"],
@@ -235,4 +240,57 @@ form.inline-form {
   font-size: 0.9rem;
   white-space: pre-wrap;
   margin-top: 1em;
-}
\ No newline at end of file
+}
+
+.stats-page .stats-container {
+  display: flex;
+  flex-wrap: wrap;
+  gap: 2rem;
+}
+
+.stats-page .card {
+  flex: 1;
+  min-width: 45%;
+  padding: 1rem;
+  border-radius: 8px;
+  background-color: var(--card-bg);
+  color: var(--fg);
+  box-shadow: 0 0 10px rgba(0,0,0,0.2);
+}
+
+.stats-page .success-card {
+  border-left: 6px solid limegreen;
+}
+
+.stats-page .error-card {
+  border-left: 6px solid crimson;
+}
+
+.stats-page .fallback-card {
+  border-left: 6px solid orange;
+}
+
+.stats-page .styled-table.small-table td,
+.stats-page .styled-table.small-table th {
+  padding: 6px;
+  font-size: 0.9rem;
+}
+
+.stats-page form.inline-form {
+  display: flex;
+  align-items: center;
+  gap: 6px;
+  flex-wrap: nowrap;
+  white-space: nowrap;
+}
+
+.stats-page form.inline-form select {
+  flex: 1;
+  min-width: 140px;
+  max-width: 100%;
+}
+
+.stats-page form.inline-form button {
+  flex: 0 0 auto;
+  padding: 6px;
+}
diff --git a/app/templates/base.html b/app/templates/base.html
index e058767..c28eebb 100644
--- a/app/templates/base.html
+++ b/app/templates/base.html
@@ -12,7 +12,7 @@
       <a href="{{ url_for('index_redirect') }}">Home</a>
       <a href="{{ url_for('user.user_list') }}">Users</a>
       <a href="{{ url_for('group.group_list') }}">Groups</a>
-      <a href="{{ url_for('stats') }}">Stats</a>
+      <a href="{{ url_for('stats.stats_page') }}">Stats</a>
     </div>
     <div class="right">
       <button id="theme-toggle">🌓 Theme</button>
diff --git a/app/templates/group_list.html b/app/templates/group_list.html
index 0af8c34..3835df2 100644
--- a/app/templates/group_list.html
+++ b/app/templates/group_list.html
@@ -20,7 +20,7 @@
     </tr>
   </thead>
   <tbody>
-    {% for group in groups %}
+    {% for group in available_groups %}
     <tr>
       <td>{{ group.vlan_id }}</td>
       <td>
diff --git a/app/templates/index.html b/app/templates/index.html
index df15bbe..cc02df1 100644
--- a/app/templates/index.html
+++ b/app/templates/index.html
@@ -15,30 +15,27 @@
   </div>
 </div>
 
-<h2>Recent Access-Accept</h2>
-<ul class="event-list green">
-  {% for entry in latest_accept %}
+<h2>Recent Access Logs</h2>
+<ul class="event-list">
+  <li><strong>Access-Accept Logs</strong></li>
+  {% for log in latest_accept %}
     <li>
-      <strong>{{ entry.mac_address }}</strong>
-      {% if entry.description %} ({{ entry.description }}){% endif %}
-      — {{ entry.ago }}
+      <strong>{{ log.mac_address }}</strong> - {{ log.reply }}
+      <br>
+      <small>{{ log.timestamp }} - {{ log.result }}</small>
+    </li>
+  {% endfor %}
+  
+  <li><strong>Access-Reject Logs</strong></li>
+  {% for log in latest_reject %}
+    <li>
+      <strong>{{ log.mac_address }}</strong> - {{ log.reply }}
+      <br>
+      <small>{{ log.timestamp }} - {{ log.result }}</small>
     </li>
   {% endfor %}
 </ul>
 
-<h2>Recent Access-Reject</h2>
-<ul class="event-list red">
-  {% for entry in latest_reject %}
-    <li>
-      <strong>{{ entry.mac_address }}</strong>
-      {% if entry.description %} ({{ entry.description }}){% endif %}
-      — {{ entry.ago }}
-    </li>
-  {% endfor %}
-</ul>
-
-<hr>
-
 <h2>MAC Vendor Lookup</h2>
 <form id="mac-lookup-form" method="POST" action="/lookup_mac">
   <input type="text" name="mac" id="mac-input" placeholder="Enter MAC address" required>
diff --git a/app/templates/stats.html b/app/templates/stats.html
index c83deeb..50a9849 100644
--- a/app/templates/stats.html
+++ b/app/templates/stats.html
@@ -2,99 +2,132 @@
 {% block title %}Authentication Stats{% endblock %}
 
 {% block content %}
+<div class="stats-page">
+
 <h1 class="page-title">Authentication Stats</h1>
 
-<div class="stats-container">
-  <div class="card success-card">
-    <h2>Recent Access-Accept</h2>
-    <table class="styled-table small-table">
-      <thead>
-        <tr>
-          <th>MAC Address</th>
-          <th>Description</th>
-          <th>Vendor</th>
-          <th>Time</th>
-        </tr>
-      </thead>
-      <tbody>
-        {% for entry in accept_entries %}
-        <tr>
-          <td>{{ entry.mac_address }}</td>
-          <td>{{ entry.description or '' }}</td>
-          <td>{{ entry.vendor }}</td>
-          <td>{{ entry.ago }}</td>
-        </tr>
-        {% endfor %}
-      </tbody>
-    </table>
-  </div>
+<form method="POST" action="/stats/stats">
+    <label for="time_range">Select Time Range:</label>
+    <select name="time_range" id="time_range">
+        <option value="last_minute" {% if time_range == 'last_minute' %}selected{% endif %}>Last 1 Minute</option>
+        <option value="last_5_minutes" {% if time_range == 'last_5_minutes' %}selected{% endif %}>Last 5 Minutes</option>
+        <option value="last_10_minutes" {% if time_range == 'last_10_minutes' %}selected{% endif %}>Last 10 Minutes</option>
+        <option value="last_hour" {% if time_range == 'last_hour' %}selected{% endif %}>Last Hour</option>
+        <option value="last_6_hours" {% if time_range == 'last_6_hours' %}selected{% endif %}>Last 6 Hours</option>
+        <option value="last_12_hours" {% if time_range == 'last_12_hours' %}selected{% endif %}>Last 12 Hours</option>
+        <option value="last_day" {% if time_range == 'last_day' %}selected{% endif %}>Last Day</option>
+        <option value="last_30_days" {% if time_range == 'last_30_days' %}selected{% endif %}>Last 30 Days</option>
+        <option value="all" {% if time_range == 'all' %}selected{% endif %}>All Time</option>
+    </select>
+    <button type="submit">Update</button>
+</form>
 
-  <div class="card error-card">
-    <h2>Recent Access-Reject</h2>
-    <table class="styled-table small-table">
-      <thead>
-        <tr>
-          <th>MAC Address</th>
-          <th>Description</th>
-          <th>Vendor</th>
-          <th>Time</th>
-          <th>Actions</th>
-        </tr>
-      </thead>
-      <tbody>
-        {% for entry in reject_entries %}
-        <tr>
-          <td>{{ entry.mac_address }}</td>
-          <td>{{ entry.description or '' }}</td>
-          <td>{{ entry.vendor }}</td>
-          <td>{{ entry.ago }}</td>
-          <td>
-            {% if entry.already_exists %}
-              <span style="color: limegreen;">Already exists in VLAN {{ entry.existing_vlan or 'unknown' }}</span>
-            {% else %}
-              <form method="POST" action="/user/add_from_reject" style="display: flex; gap: 4px;">
-                <input type="hidden" name="mac_address" value="{{ entry.mac_address }}">
-                <select name="group_id" required>
-                  <option value="">Select VLAN</option>
-                  {% for group in available_groups %}
-                  <option value="{{ group.id }}">VLAN {{ group.vlan_id }}</option>
-                  {% endfor %}
-                </select>
-                <button type="submit" title="Add User">💾</button>
-              </form>
-            {% endif %}
-          </td>
-        </tr>
-        {% endfor %}
-      </tbody>
-    </table>
-  </div>
+<div class="stats-container">
+    <!-- Access-Accept Card -->
+    <div class="card success-card">
+        <h2>Recent Access-Accept</h2>
+        <table class="styled-table small-table">
+            <thead>
+                <tr>
+                    <th>MAC Address</th>
+                    <th>Description</th>
+                    <th>Vendor</th>
+                    <th>Time</th>
+                </tr>
+            </thead>
+            <tbody>
+                {% for entry in accept_entries %}
+                <tr>
+                    <td>{{ entry.mac_address }}</td>
+                    <td>{{ entry.description or '' }}</td>
+                    <td>{{ entry.vendor }}</td>
+                    <td>{{ entry.ago }}</td>
+                </tr>
+                {% endfor %}
+            </tbody>
+        </table>
+    </div>
+
+    <!-- Access-Reject Card -->
+    <div class="card error-card">
+        <h2>Recent Access-Reject</h2>
+        <table class="styled-table small-table">
+            <thead>
+                <tr>
+                    <th>MAC Address</th>
+                    <th>Description</th>
+                    <th>Vendor</th>
+                    <th>Time</th>
+                </tr>
+            </thead>
+            <tbody>
+                {% for entry in reject_entries %}
+                <tr>
+                    <td>{{ entry.mac_address }}</td>
+                    <td>{{ entry.description or '' }}</td>
+                    <td>{{ entry.vendor }}</td>
+                    <td>{{ entry.ago }}</td>
+                </tr>
+                {% endfor %}
+            </tbody>
+        </table>
+    </div>
+
+    <!-- Access-Fallback Card -->
+    <div class="card fallback-card">
+        <h2>Recent Access-Fallback</h2>
+        <table class="styled-table small-table">
+            <thead>
+                <tr>
+                    <th>MAC Address</th>
+                    <th>Description</th>
+                    <th>Vendor</th>
+                    <th>Time</th>
+                    <th>Actions</th>
+                </tr>
+            </thead>
+            <tbody>
+                {% if fallback_entries %}
+                {% for entry in fallback_entries %}
+                <tr>
+                    <td>{{ entry.mac_address }}</td>
+                
+                    <td>
+                        {% if not entry.already_exists %}
+                            <input type="text" name="description" value="{{ entry.description or '' }}" placeholder="Description (optional)" form="form-{{ loop.index }}">
+                        {% else %}
+                            {{ entry.description or '' }}
+                        {% endif %}
+                    </td>
+                
+                    <td>{{ entry.vendor }}</td>
+                    <td>{{ entry.ago }}</td>
+                
+                    <td>
+                        {% if not entry.already_exists %}
+                            <form method="POST" action="{{ url_for('stats.add') }}" class="inline-form" id="form-{{ loop.index }}">
+                                <input type="hidden" name="mac_address" value="{{ entry.mac_address }}">
+                                <select name="group_id" required>
+                                    <option value="">Assign to VLAN</option>
+                                    {% for group in available_groups %}
+                                    <option value="{{ group.vlan_id }}">VLAN {{ group.vlan_id }}</option>
+                                    {% endfor %}
+                                </select>
+                                <button type="submit" title="Add">💾</button>
+                            </form>
+                        {% else %}
+                            <span style="color: limegreen;">Already exists in VLAN {{ entry.existing_vlan or 'unknown' }}</span>
+                        {% endif %}
+                    </td>
+                </tr>
+                {% endfor %}
+                {% else %}
+                    <tr><td colspan="5">No data available.</td></tr>
+                {% endif %}
+            </tbody>
+        </table>
+    </div>
 </div>
 
-<style>
-.stats-container {
-  display: flex;
-  flex-wrap: wrap;
-  gap: 2rem;
-}
-.card {
-  flex: 1;
-  min-width: 45%;
-  padding: 1rem;
-  border-radius: 8px;
-  background-color: var(--card-bg);
-  color: var(--fg);
-  box-shadow: 0 0 10px rgba(0,0,0,0.2);
-}
-.success-card {
-  border-left: 6px solid limegreen;
-}
-.error-card {
-  border-left: 6px solid crimson;
-}
-.styled-table.small-table td, .styled-table.small-table th {
-  padding: 6px;
-  font-size: 0.9rem;
-}
-</style>
+</div> {# closes .stats-page #}
 {% endblock %}
diff --git a/app/templates/user_list.html b/app/templates/user_list.html
index 94b70c7..95fe078 100644
--- a/app/templates/user_list.html
+++ b/app/templates/user_list.html
@@ -9,7 +9,7 @@
   <input type="text" name="description" placeholder="Description (optional)">
   <select name="group_id" required>
     <option value="">Assign to VLAN</option>
-    {% for group in groups %}
+    {% for group in available_groups %}
     <option value="{{ group.vlan_id }}">VLAN {{ group.vlan_id }}</option>
     {% endfor %}
   </select>
@@ -44,7 +44,7 @@
         <form method="POST" action="{{ url_for('user.update_vlan_route') }}" class="inline-form">
           <input type="hidden" name="mac_address" value="{{ entry.mac_address }}">
           <select name="group_id" onchange="this.form.submit()">
-            {% for group in groups %}
+            {% for group in available_groups %}
             <option value="{{ group.vlan_id }}" {% if group.vlan_id == entry.vlan_id %}selected{% endif %}>
               VLAN {{ group.vlan_id }}
             </option>
diff --git a/app/views/__pycache__/group_views.cpython-39.pyc b/app/views/__pycache__/group_views.cpython-39.pyc
index 698c73c1e576ad4748d85962511c929e1996a97a..258d8bf26cdf2e011c68e4449d75a5ff01b1107e 100644
GIT binary patch
delta 39
tcmX@Yb&iWSk(ZZ?0SI0{e3!1Vk#`*<w?JZ9VrEWaQci08<~@uZ%mDJQ4Fv!I

delta 29
jcmX@db%cvIk(ZZ?0SNYOc$3bxk#`*<BirU<j2+AXdYK4)

diff --git a/app/views/__pycache__/index_views.cpython-39.pyc b/app/views/__pycache__/index_views.cpython-39.pyc
index 1171870936ae103dd186ae5aab7999e16010710d..207988115add0de86a93f6e97f4349dfad05bcf0 100644
GIT binary patch
delta 646
zcmZ9JF>ljA6vzGSbLu#@<Axwo6ck#N64OdBAS5I}AjF6mfW^zn$(`L$CuiN+MX*$;
zosf`-Zeaw8g@LIOGoOONAA*gYJ2MdQ@YDbP&+pxP@4gQ{he6`|uA#pBtDjlwtb!rD
zU+q131_m(*%Dvd5Ky2!tm~lW_WaHF`yEOP166X_;HgQjl6Nooy@FFA~;$=YmcP0r)
zxAA)<B%3PZ96?WwsJHs@1d!Z?opC>-CC-zQiV`PPd4O}4i8|13lIJ+%tSZFW8xR12
z{AE7Ba8Y#_BQj6ZdPC3|TN3fb;3Jt>ldi8~Vn@#a2#_g1SeIa1ezRV|Yk30=6(6H5
zh-HSR5A~>gTf<U_Y`&}YRgH;8q)=O&z2qZ(Y;ak7&H-D{BFX4jdiDtR<)r=f__~g?
zSXCBP8MQdlN0c(Y;C(G^QSy1gZKdO0&e&m9;6*aSN0d*QppnV{6yQ`;dHMg1?%#}?
zs)A@<$?T~aL(>6%%P`I!xfWcxt%7S~{M$FbrlNP{VP~tQRn(VnJLBWnBU3zImXxQ-
zjB-a;Xlpd<>1cIcp>{A{CJTx&_q3<?R@>@rRN}riR1ZdT!&>iaE4#B`q{`_%P`?Si
Vks)|6XgR*=n$ExhHweIWego|ykU{_e

delta 1763
zcmah}&2Jk;6rVTy;m!IpPSVCSAU6V0_akj3M2qBxmU1ehL9`XZ5?XCM6KBJ&ZD!Yj
zShg&YNJ%7mh%D}@gphJW>Oass2k!eH^uUQ5;=p_3e1VYI)%^C&@4bEV=FOY;Q|Z-w
z!O!PihR?H=-&?=s4hjqK^TD+T8&R&2116X-!+awzL0Gb|%^O8wi_8vdlw|R6S~xF2
zObK^~Z9}81nJh9nk=M+OEN)DTf+)5?l%8`jEy|jo6*FQMeas2-39HQ=yjlTkT!O`7
zp(PW~4@0k|I=yZ@z6}>=%3-JTb+7A1e$(5OYPA!~mtQ~(P#pitpTVW^Wn&Ji<2%Nc
zVgYv%FVbGX1k)I|jW=O&{DZM|_s{%;W>d!T4f=GG*B08;Ahp6E3X)Uh=W;_flXNNx
zA{i%s)J@0t%+*mAjTO072K{EKt0Z3|xK3~bAvILzTUDj0hReh`>zzn;{g!+eXYmCD
z#$Cukj_07vP2iLFFLetwefuV^nZ!*pJ9%iqk&Qq?tPm0=U>k<?<@kjJw%L#i1CNPE
ze4j<ezJbSP2o{?Ae3$L=U1QA<mauo6eb|LH5E<d@I0N=E9@>y;W=b=l8AvSQ4%h$&
zTx6f)0gY<8$LeidTG2KXAk?_ZkbDuLNyN!xqCmNw!4ZFtAVBbtMHpzrhaAW)23NtQ
z@oU!E9vm8b?9klf8`cZrtO}cFTC(eGz>yhg^Pw@oJ@v>Wg9<~f;@qjQHWv)JDa~yn
z=bmydatsSB`}id2DU2vBQjzsysl3%Ks;WkoO3N2QVS%LfrfiFjQdiJa)est^f*&gB
zi!D!n7sN^2$ZUpw+Y1EV3L=7b%OfVu3K=(5&`p9)yJn|3vFZiwM5;BvDHScPZj--k
z+fRDR52?!3C88?`H8ZtjJ5gI_mZ?cm)<%X-Hda$F^4mdQ>a?FLGh4P*&|JTdUg8o0
zgA%@PQK7*szWq5}SWES=)AYl5d1+$*kAvg*8y%iLxLFihn7glXL)c@Z0T$c={{~B8
zvS=06M?B?Aw^EQtpzh-QTsUq$#H=(sQFr+fYW~2%`jvl$aAxzrVT_LB_^&Y32efvb
zph`g3PTfQJgoI^;zB^fYJ&D32qfzj61Mn!-fs7jkrSJUdyyS2CLFliB^0)`p?2*z9
zfO_Ov)vG%+rCX^!B&Z_P%!yv-L+j~&=$KMVNAW(+<1zx{4me;NC2)AjEn_!O_mS;q
zZ=Q9#)ckDa$<rE)->`m!hvQ$Y%F{WtAy-&rimsW;A>d_vNW6{p+Y6IPBC4d-O~^g-
zxPoL%`(V6`9kPT$s7Eia+ZKHEDcN5o(0#2+k_Mg8C7gbV<G8$R>|of(^gtJ+tz8($
znRiC&J(QJ0pbK6nO{b3{Rn!7g$Mf2LBt1{%iKE7vTG;RLrcfW$iBOM7BFE>pQ>Cfi
jlT(j6q8G|#Kq{U`Sio9e$dn!Ka;M^eTfi}20C(zdpv`y2

diff --git a/app/views/__pycache__/user_views.cpython-39.pyc b/app/views/__pycache__/user_views.cpython-39.pyc
index 0ce664ae48b96dca7625b555940109f5d261fca9..f6f19ed3590c97d1e0ced14c463d1230bc268cea 100644
GIT binary patch
delta 740
zcmZXPJ#Q015QcB=e0%4!@58>>=frk!AYTUs1x<u#D3SOmOtlD|ob1L4@&;+`6ch*v
zXefeY?H>S9K~IImKcJy>ML|P@#6MtXiB3j2X&=qJGw;mYhv-`rj>0go^w<6Ld;Db{
z_TlIJTK|P0lz_!7W=}lfQ(shRRRlB;HChvOS{ES=MMNVJ(-<rc%;5>EF!#)%4c>Uy
zWaK?CkNK~yS3pzVc+zB57L0+_&TLj^q0v{29+i5`5~H{HLo_tXLX)MY&^CsZQg5-g
z(KDlGrQTtyM(?n-p_O-k;s51CrLb3BxQCO`^eFe$JvdI{F`pHuQ!b1BXN4FYsL${`
z^L4kZA{<1j@zIiPb;sU=j(TZ-g+SeQy2(0L+a)qJaeA<+-Z)1aT~vFBKH`!_PGkk+
z0b)b_sI*#_F}#9Uo^q>l9k$e@@;Eb7%oa1iJs+UvZkpNBxG&rgxVx~eZn$@c#{HiW
zH-!inK{RssH)d(SRu_cv37_#D9Z#{%vIFoz?x^qXuodZi>0o2c)J?MHUDcKQ`Ko$E
z2C4LPvZ%BD;`n67<>BantG8tRfi(6Qi+)j@j07(VnPBS5r>DBJqhq;=*g|Y0@DPd9
ZFYf(A+Pwkn+L7Z!Kq3fy{k-$1^S|BqjL!f7

delta 745
zcmZXQ&u-H|5QjZ>Y;PRfNt!sJ`BO@piW&}Fdq7B>skr2}DzXBzl%Q-YZCi1mQV(!!
z57oW^&{Ho+yZ~>&4RNq|0VGa50Xth11;x^S+Wp4!^LW3dS7|aylE^X7_b<QquP&1z
z{JgwBJOc+EbZ3DKc_<lYvdXJ6;*qTJnv8iY6P|!006mdn1^o+;*G2t91A~u%A+q<*
zJK#-Gf8D?;M*D!Z3m0QdtY5J{o%=dAtZ!N0G=BG{VFg>Z(6)v4ydlGm^_lhExxa<0
z)_1TscJlr&`mfyAeb{mHQ18K1|A5nOXsluckI*!@c2rwW-5u!YPwrQ!>WSBH45-?k
zBh%;J05<fs_v*<i*&d-!7#ie(s?dIoaGOBas(eCVkh^M~_IC)2se6?Nu&K{0&mP-U
z`&Aq0F9g=8Ybk4K!h8NUjP%&w9owv>nE3w~xEX0-8dEO=6f<!w?wb7(P42i6Fi>0i
zk3Y^5b6yzVwq}|Ky>Q!9p5|TsHdt?!F+MM*2ggFaoV*Z<Zd`v3*4~t?C=Mo46opES
zD}8l%VqWS{=muevFd}RbD0As+#+B@$Jj9ckcm(EjME5X&k(+u9q9BEcnHBz9=KL2V
Cu7+;_

diff --git a/app/views/group_views.py b/app/views/group_views.py
index 8fbfcf2..0c263e8 100644
--- a/app/views/group_views.py
+++ b/app/views/group_views.py
@@ -6,8 +6,8 @@ group = Blueprint('group', __name__, url_prefix='/group')
 
 @group.route('/')
 def group_list():
-    groups = get_all_groups()
-    return render_template('group_list.html', groups=groups)
+    available_groups = get_all_groups()
+    return render_template('group_list.html', available_groups=available_groups)
 
 
 @group.route('/add', methods=['POST'])
diff --git a/app/views/index_views.py b/app/views/index_views.py
index 0350419..0e4865f 100644
--- a/app/views/index_views.py
+++ b/app/views/index_views.py
@@ -3,9 +3,8 @@ from datetime import datetime
 from db_interface import (
     get_connection,
     get_vendor_info,
-    get_all_groups,
     get_latest_auth_logs,
-    lookup_mac_verbose
+    get_all_groups,
 )
 import pytz
 
@@ -15,7 +14,6 @@ def time_ago(dt):
     if not dt:
         return "n/a"
 
-    # Use configured timezone
     tz_name = current_app.config.get('APP_TIMEZONE', 'UTC')
     local_tz = pytz.timezone(tz_name)
 
@@ -51,31 +49,6 @@ def homepage():
                            latest_accept=latest_accept,
                            latest_reject=latest_reject)
 
-@index.route('/stats')
-def stats():
-    accept_entries = get_latest_auth_logs('Access-Accept')
-    reject_entries = get_latest_auth_logs('Access-Reject')
-    available_groups = get_all_groups()
-    
-    # Process entries to add vendor and time-ago
-    from datetime import datetime, timezone
-    import humanize
-
-    def enrich(entry):
-        from db_interface import get_vendor_info, get_user_by_mac
-        entry['vendor'] = get_vendor_info(entry['mac_address'])
-        entry['ago'] = humanize.naturaltime(datetime.now(timezone.utc) - entry['timestamp'])
-        user = get_user_by_mac(entry['mac_address'])
-        entry['already_exists'] = user is not None
-        entry['existing_vlan'] = user['vlan_id'] if user else None
-        entry['description'] = user['description'] if user else None
-        return entry
-
-    accept_entries = [enrich(e) for e in accept_entries]
-    reject_entries = [enrich(e) for e in reject_entries]
-
-    return render_template("stats.html", accept_entries=accept_entries, reject_entries=reject_entries, available_groups=available_groups)
-
 @index.route('/lookup_mac', methods=['POST'])
 def lookup_mac():
     mac = request.form.get('mac', '').strip()
@@ -85,7 +58,6 @@ def lookup_mac():
     result = lookup_mac_verbose(mac)
     return jsonify({"mac": mac, "output": result})
 
-
 def get_summary_counts():
     conn = get_connection()
     cursor = conn.cursor(dictionary=True)
diff --git a/app/views/stats_views.py b/app/views/stats_views.py
new file mode 100644
index 0000000..5cb8d98
--- /dev/null
+++ b/app/views/stats_views.py
@@ -0,0 +1,82 @@
+from flask import Blueprint, render_template, request, current_app, redirect, url_for
+from db_interface import get_latest_auth_logs, get_all_groups, get_vendor_info, get_user_by_mac, add_user
+import pytz
+import humanize
+from datetime import datetime, timezone, timedelta
+
+stats = Blueprint('stats', __name__)
+
+def get_time_filter_delta(time_range):
+    return {
+        "last_minute": timedelta(minutes=1),
+        "last_5_minutes": timedelta(minutes=5),
+        "last_10_minutes": timedelta(minutes=10),
+        "last_hour": timedelta(hours=1),
+        "last_6_hours": timedelta(hours=6),
+        "last_12_hours": timedelta(hours=12),
+        "last_day": timedelta(days=1),
+        "last_30_days": timedelta(days=30),
+    }.get(time_range)
+
+@stats.route('/stats', methods=['GET', 'POST'])
+def stats_page():
+    time_range = request.form.get('time_range') or request.args.get('time_range') or 'last_minute'
+    limit = 1000  # Fetch enough to allow filtering by time later
+
+    # Timezone setup
+    tz_name = current_app.config.get('APP_TIMEZONE', 'UTC')
+    local_tz = pytz.timezone(tz_name)
+
+    def is_within_selected_range(ts):
+        if time_range == "all":
+            return True
+        delta = get_time_filter_delta(time_range)
+        if not delta or not ts:
+            return True
+        now = datetime.now(timezone.utc)
+        if ts.tzinfo is None:
+            ts = ts.replace(tzinfo=timezone.utc)
+        return (now - ts) <= delta
+
+    def enrich(entry):
+        if entry.get('timestamp') and entry['timestamp'].tzinfo is None:
+            entry['timestamp'] = entry['timestamp'].replace(tzinfo=timezone.utc)
+
+        local_time = entry['timestamp'].astimezone(local_tz)
+        entry['ago'] = humanize.naturaltime(datetime.now(local_tz) - local_time)
+
+        vendor_info = get_vendor_info(entry['mac_address']) or {}
+        entry['vendor'] = vendor_info.get('vendor', 'Unknown Vendor')
+
+        user = get_user_by_mac(entry['mac_address'])
+        entry['already_exists'] = user is not None
+        entry['existing_vlan'] = user['vlan_id'] if user else None
+        entry['description'] = user['description'] if user else None
+
+        return entry
+
+    # Get and enrich logs after filtering
+    accept_entries = [enrich(e) for e in get_latest_auth_logs('Access-Accept', limit) if is_within_selected_range(e.get('timestamp'))]
+    reject_entries = [enrich(e) for e in get_latest_auth_logs('Access-Reject', limit) if is_within_selected_range(e.get('timestamp'))]
+    fallback_entries = [enrich(e) for e in get_latest_auth_logs('Accept-Fallback', limit) if is_within_selected_range(e.get('timestamp'))]
+
+    available_groups = get_all_groups()
+
+    return render_template(
+        "stats.html",
+        accept_entries=accept_entries,
+        reject_entries=reject_entries,
+        fallback_entries=fallback_entries,
+        available_groups=available_groups,
+        time_range=time_range
+    )
+
+@stats.route('/add', methods=['POST'])
+def add():
+    mac = request.form['mac_address']
+    desc = request.form.get('description', '')
+    group_id = request.form.get('group_id')  # keep as string since VARCHAR
+    current_app.logger.info(f"Received MAC={mac}, DESC={desc}, VLAN={group_id}")
+
+    add_user(mac, desc, group_id)
+    return redirect(url_for('stats.stats_page'))
diff --git a/app/views/user_views.py b/app/views/user_views.py
index 3a14334..f166e2a 100644
--- a/app/views/user_views.py
+++ b/app/views/user_views.py
@@ -1,5 +1,5 @@
-from flask import Blueprint, render_template, request, redirect, url_for
-from db_interface import get_all_users, get_all_groups, add_user, update_description, update_vlan, delete_user, refresh_vendors
+from flask import Blueprint, render_template, request, redirect, url_for, flash
+from db_interface import get_all_users, get_all_groups, add_user, update_description, update_vlan, delete_user, refresh_vendors, get_user_by_mac
 
 user = Blueprint('user', __name__, url_prefix='/user')
 
diff --git a/db/init/init-schema.sql b/db/init/init-schema.sql
index ee82c84..7f6c1f9 100644
--- a/db/init/init-schema.sql
+++ b/db/init/init-schema.sql
@@ -4,7 +4,7 @@
 CREATE TABLE IF NOT EXISTS users (
     mac_address CHAR(12) NOT NULL PRIMARY KEY CHECK (mac_address REGEXP '^[0-9A-Fa-f]{12}$'),
     description VARCHAR(200),
-    vlan_id VARCHAR(64)
+    vlan_id VARCHAR(64) NOT NULL
 );
 
 -- Table for auth logs