more changes

app/app.py

@@ -33,6 +33,9 @@ def legacy_user_list():
 def legacy_group_list():
     return redirect(url_for('group.group_list'))
 
+@app.route('/stats')
+def stats():
+    return render_template('stats.html')
 
 @app.route('/')
 def index_redirect():

app/db_interface.py

@@ -18,12 +18,14 @@ def get_all_users():
     conn = get_connection()
     cursor = conn.cursor(dictionary=True)
     cursor.execute("""
-        SELECT u.*, g.vlan_id AS group_vlan_id, g.description AS group_description,
+        SELECT 
-            mv.vendor_name
+            u.*, 
+            g.vlan_id AS group_vlan_id, 
+            g.description AS group_description,
+            COALESCE(m.vendor_name, '...') AS vendor
         FROM users u
         LEFT JOIN groups g ON u.vlan_id = g.vlan_id
-        LEFT JOIN mac_vendors mv
+        LEFT JOIN mac_vendors m ON LOWER(REPLACE(REPLACE(u.mac_address, ':', ''), '-', '')) LIKE CONCAT(m.mac_prefix, '%')
-        ON SUBSTRING(REPLACE(REPLACE(u.mac_address, ':', ''), '-', ''), 1, 6) = mv.mac_prefix
     """)
     users = cursor.fetchall()
     cursor.close()
@@ -32,6 +34,7 @@ def get_all_users():
 
 
 
+
 def get_all_groups():
     conn = get_connection()
     cursor = conn.cursor(dictionary=True)
@@ -71,7 +74,7 @@ def add_group(vlan_id, description):
 def update_group_description(vlan_id, description):
     conn = get_connection()
     cursor = conn.cursor()
-    cursor.execute("UPDATE groups SET description = %s WHERE id = %s", (description, vlan_id))
+    cursor.execute("UPDATE groups SET description = %s WHERE vlan_id = %s", (description, vlan_id))
     conn.commit()
     cursor.close()
     conn.close()
@@ -80,7 +83,7 @@ def update_group_description(vlan_id, description):
 def delete_group(vlan_id):
     conn = get_connection()
     cursor = conn.cursor()
-    cursor.execute("DELETE FROM groups WHERE id = %s", (vlan_id,))
+    cursor.execute("DELETE FROM groups WHERE vlan_id = %s", (vlan_id,))
     conn.commit()
     cursor.close()
     conn.close()
@@ -89,7 +92,7 @@ def delete_group(vlan_id):
 def duplicate_group(vlan_id):
     conn = get_connection()
     cursor = conn.cursor(dictionary=True)
-    cursor.execute("SELECT vlan_id, description FROM groups WHERE id = %s", (vlan_id,))
+    cursor.execute("SELECT vlan_id, description FROM groups WHERE vlan_id = %s", (vlan_id,))
     group = cursor.fetchone()
 
     if group:
@@ -154,18 +157,94 @@ def get_latest_auth_logs(result, limit=10):
     return logs
 
 
-def get_vendor_info(mac):
+def get_vendor_info(mac, insert_if_found=True):
     conn = get_connection()
     cursor = conn.cursor(dictionary=True)
     prefix = mac.lower().replace(":", "").replace("-", "")[:6]
 
-    cursor.execute("SELECT vendor FROM mac_vendors WHERE prefix = %s", (prefix,))
+    print(f">>> Looking up MAC: {mac} → Prefix: {prefix}")
+    print("→ Searching in local database...")
+    cursor.execute("SELECT vendor_name, status FROM mac_vendors WHERE mac_prefix = %s", (prefix,))
     row = cursor.fetchone()
-    cursor.close()
-    conn.close()
 
-    return row['vendor'] if row else "Unknown Vendor"
+    if row:
+        print(f"✓ Found locally: {row['vendor_name']} (Status: {row['status']})")
+        cursor.close()
+        conn.close()
+        return {
+            "mac": mac,
+            "vendor": row['vendor_name'],
+            "source": "local",
+            "status": row['status']
+        }
 
+    print("✗ Not found locally, querying API...")
+
+    url_template = current_app.config.get("OUI_API_URL", "https://api.maclookup.app/v2/macs/{}")
+    api_key = current_app.config.get("OUI_API_KEY", "")
+    headers = {"Authorization": f"Bearer {api_key}"} if api_key else {}
+
+    try:
+        url = url_template.format(prefix)
+        print(f"→ Querying API: {url}")
+        response = requests.get(url, headers=headers)
+
+        if response.status_code == 200:
+            data = response.json()
+            vendor = data.get("company", "").strip()
+            if vendor:
+                print(f"✓ Found from API: {vendor}")
+                if insert_if_found:
+                    cursor.execute("""
+                        INSERT INTO mac_vendors (mac_prefix, vendor_name, status, last_checked, last_updated)
+                        VALUES (%s, %s, 'found', NOW(), NOW())
+                        ON DUPLICATE KEY UPDATE
+                            vendor_name = VALUES(vendor_name),
+                            status = 'found',
+                            last_checked = NOW(),
+                            last_updated = NOW()
+                    """, (prefix, vendor))
+                    conn.commit()
+                    print("→ Inserted into database (found).")
+                return {
+                    "mac": mac,
+                    "vendor": vendor,
+                    "source": "api",
+                    "status": "found"
+                }
+
+        elif response.status_code == 404:
+            print("✗ API returned 404 - vendor not found.")
+            if insert_if_found:
+                cursor.execute("""
+                    INSERT INTO mac_vendors (mac_prefix, vendor_name, status, last_checked, last_updated)
+                    VALUES (%s, %s, 'not_found', NOW(), NOW())
+                    ON DUPLICATE KEY UPDATE
+                        vendor_name = VALUES(vendor_name),
+                        status = 'not_found',
+                        last_checked = NOW(),
+                        last_updated = NOW()
+                """, (prefix, "not found"))
+                conn.commit()
+                print("→ Inserted into database (not_found).")
+            return {
+                "mac": mac,
+                "vendor": "",
+                "source": "api",
+                "status": "not_found"
+            }
+
+        else:
+            print(f"✗ API error: {response.status_code}")
+            return {"mac": mac, "vendor": "", "error": f"API error: {response.status_code}"}
+
+    except Exception as e:
+        print(f"✗ Exception while querying API: {e}")
+        return {"mac": mac, "vendor": "", "error": str(e)}
+
+    finally:
+        cursor.close()
+        conn.close()
 
 def get_summary_counts():
     conn = get_connection()
@@ -239,16 +318,22 @@ def refresh_vendors():
         try:
             url = url_template.format(prefix)
             response = requests.get(url, headers=headers)
+
             if response.status_code == 200:
                 data = response.json()
-                vendor_name = data.get("company", "not found")
+                vendor_name = data.get("company", "").strip()
-                status = "found"
+                if vendor_name:
+                    status = "found"
+                else:
+                    # Empty "company" field — skip insert
+                    print(f"⚠️ Empty vendor for {prefix}, skipping.")
+                    continue
             elif response.status_code == 404:
                 vendor_name = "not found"
                 status = "not_found"
             else:
-                print(f"Error {response.status_code} for {prefix}")
+                print(f"❌ API error {response.status_code} for {prefix}, skipping.")
-                continue  # skip insert on unexpected status
+                continue
 
             cursor.execute("""
                 INSERT INTO mac_vendors (mac_prefix, vendor_name, status, last_checked, last_updated)
@@ -263,10 +348,65 @@ def refresh_vendors():
             inserted += 1
 
         except Exception as e:
-            print(f"Error fetching vendor for {prefix}: {e}")
+            print(f"🚨 Exception fetching vendor for {prefix}: {e}")
             continue
 
         time.sleep(1.0 / rate_limit)
 
     cursor.close()
     conn.close()
+
+def lookup_mac_verbose(mac):
+    conn = get_connection()
+    cursor = conn.cursor(dictionary=True)
+    output = []
+    prefix = mac.lower().replace(":", "").replace("-", "")[:6]
+
+    output.append(f"🔍 Searching local database for prefix: {prefix}...")
+
+    cursor.execute("SELECT vendor_name, status FROM mac_vendors WHERE mac_prefix = %s", (prefix,))
+    row = cursor.fetchone()
+
+    if row:
+        output.append(f"✅ Found locally: {row['vendor_name']} (status: {row['status']})")
+        cursor.close()
+        conn.close()
+        return "\n".join(output)
+
+    output.append("❌ Not found locally.")
+    output.append("🌐 Querying API...")
+
+    url_template = current_app.config.get("OUI_API_URL", "https://api.maclookup.app/v2/macs/{}")
+    api_key = current_app.config.get("OUI_API_KEY", "")
+    headers = {"Authorization": f"Bearer {api_key}"} if api_key else {}
+
+    try:
+        url = url_template.format(prefix)
+        response = requests.get(url, headers=headers)
+
+        if response.status_code == 200:
+            data = response.json()
+            vendor_name = data.get("company", "").strip()
+            if vendor_name:
+                output.append(f"✅ Found via API: {vendor_name}")
+                output.append("💾 Inserting into local database...")
+
+                cursor.execute("""
+                    INSERT INTO mac_vendors (mac_prefix, vendor_name, status, last_checked, last_updated)
+                    VALUES (%s, %s, 'found', NOW(), NOW())
+                """, (prefix, vendor_name))
+                conn.commit()
+            else:
+                output.append("⚠️ API responded but no vendor name found. Not inserting.")
+        elif response.status_code == 404:
+            output.append("❌ Not found via API (404). Not inserting.")
+        else:
+            output.append(f"❌ API returned unexpected status: {response.status_code}")
+
+    except Exception as e:
+        output.append(f"🚨 Exception during API request: {e}")
+
+    cursor.close()
+    conn.close()
+    return "\n".join(output)
+

app/requirements.txt

@@ -4,4 +4,5 @@ requests
 BeautifulSoup4
 lxml
 gunicorn
-pytz
+pytz
+humanize

app/static/styles.css

@@ -0,0 +1,238 @@
+:root {
+  --bg: #121212;
+  --fg: #f0f0f0;
+  --accent: #ffdd57; /* Soft yellow */
+  --error: crimson;
+  --cell-bg: #1e1e1e;
+  --card-bg: #2c2c2c;
+  --header-bg: #2a2a2a;
+}
+
+[data-theme="light"] {
+  --bg: #f8f9fa;
+  --fg: #212529;
+  --accent: #4a90e2; /* Softer blue */
+  --error: red;
+  --cell-bg: #ffffff;
+  --card-bg: #e9ecef;
+  --header-bg: #dee2e6;
+}
+
+body {
+  background-color: var(--bg);
+  color: var(--fg);
+  font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
+  margin: 0;
+  padding: 1rem 2rem;
+}
+
+nav {
+  background-color: var(--card-bg);
+  padding: 1rem;
+  border-bottom: 1px solid #666;
+  display: flex;
+  justify-content: space-between;
+  align-items: center;
+}
+
+nav .links a {
+  margin-right: 1rem;
+  color: var(--fg);
+  text-decoration: none;
+  font-weight: bold;
+}
+
+nav .links a:hover {
+  text-decoration: underline;
+}
+
+button#theme-toggle {
+  background: none;
+  border: 1px solid var(--fg);
+  padding: 4px 8px;
+  color: var(--fg);
+  cursor: pointer;
+  border-radius: 4px;
+}
+
+h1, h2, h3 {
+  color: var(--fg);
+}
+
+.toast {
+  position: fixed;
+  bottom: 20px;
+  right: 20px;
+  background-color: var(--accent);
+  color: black;
+  padding: 10px 16px;
+  border-radius: 6px;
+  box-shadow: 0 2px 10px rgba(0, 0, 0, 0.4);
+  opacity: 0;
+  transition: opacity 0.5s ease;
+  z-index: 9999;
+}
+
+.toast.show {
+  opacity: 1;
+}
+
+#scrollTopBtn {
+  display: none;
+  position: fixed;
+  bottom: 30px;
+  left: 30px;
+  z-index: 1000;
+  font-size: 1.2rem;
+  background-color: var(--accent);
+  border: none;
+  border-radius: 50%;
+  padding: 10px 14px;
+  cursor: pointer;
+  color: black;
+}
+
+table.styled-table {
+  border-collapse: collapse;
+  width: 100%;
+  margin-top: 1rem;
+  background-color: var(--cell-bg);
+}
+
+.styled-table thead {
+  position: sticky;
+  top: 0;
+  background-color: var(--header-bg);
+  z-index: 5;
+}
+
+.styled-table th,
+.styled-table td {
+  padding: 10px 14px;
+  border: 1px solid #999;
+}
+
+.styled-table th {
+  background-color: var(--header-bg);
+  color: var(--fg);
+  text-align: left;
+}
+
+.styled-table input[type="text"],
+.styled-table select {
+  width: 100%;
+  box-sizing: border-box;
+  padding: 6px;
+  color: var(--fg);
+  background-color: var(--cell-bg);
+  border: 1px solid #ccc;
+  border-radius: 4px;
+}
+
+.styled-table input[type="text"]:focus,
+.styled-table select:focus {
+  outline: none;
+  border-color: var(--accent);
+}
+
+form.inline-form {
+  display: inline-flex;
+  gap: 4px;
+  align-items: center;
+}
+
+.styled-table button {
+  background: none;
+  border: none;
+  cursor: pointer;
+  padding: 4px;
+  font-size: 1rem;
+  color: inherit;
+}
+
+[data-theme="light"] .styled-table button {
+  background: transparent;
+}
+
+.styled-table button[title="Save"] {
+  color: var(--accent);
+}
+
+#refresh-vendors {
+  background: none;
+  color: var(--accent);
+  border: none;
+  padding: 0;
+  font-size: 1rem;
+  cursor: pointer;
+}
+
+.styled-table button[onclick*="Delete"] {
+  color: var(--error);
+  background: none;
+}
+
+.styled-table td form {
+  margin: 0;
+}
+
+.stats-cards {
+  display: flex;
+  gap: 1rem;
+  margin-bottom: 1.5rem;
+}
+
+.card {
+  background: var(--cell-bg);
+  border: 1px solid #666;
+  padding: 1rem;
+  border-radius: 8px;
+  flex: 1;
+  text-align: center;
+}
+
+.card.neutral {
+  background-color: var(--card-bg);
+}
+
+.event-list {
+  list-style: none;
+  padding: 0;
+}
+
+.event-list li {
+  padding: 4px 0;
+  border-bottom: 1px dashed #666;
+}
+
+.event-list.green li { color: #4caf50; }
+.event-list.red li { color: #ff4d4d; }
+
+#mac-lookup-form input {
+  padding: 6px;
+  border-radius: 4px;
+  border: 1px solid #999;
+  width: 250px;
+  color: var(--fg);
+  background-color: var(--cell-bg);
+}
+
+#mac-lookup-form button {
+  padding: 6px 12px;
+  margin-left: 10px;
+  cursor: pointer;
+  border: none;
+  border-radius: 4px;
+  background-color: var(--accent);
+  color: black;
+}
+
+.debug-output {
+  background-color: #222;
+  color: #b6fcd5;
+  border: 1px solid #333;
+  padding: 1em;
+  font-size: 0.9rem;
+  white-space: pre-wrap;
+  margin-top: 1em;
+}

app/templates/base.html

@@ -1,152 +1,69 @@
 <!DOCTYPE html>
 <html lang="en">
 <head>
-    <meta charset="UTF-8">
+  <meta charset="UTF-8" />
-    <title>{% block title %}RadMac{% endblock %}</title>
+  <title>{% block title %}RadMac{% endblock %}</title>
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <style>
+  <link rel="stylesheet" href="{{ url_for('static', filename='styles.css') }}">
-        :root {
-            --bg: #121212;
-            --fg: #f0f0f0;
-            --accent: #4caf50;
-            --cell-bg: #1e1e1e;
-            --card-bg: #2c2c2c;
-        }
-
-        [data-theme="light"] {
-            --bg: #f8f9fa;
-            --fg: #212529;
-            --accent: #28a745;
-            --cell-bg: #ffffff;
-            --card-bg: #e9ecef;
-        }
-
-        body {
-            background-color: var(--bg);
-            color: var(--fg);
-            font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
-            margin: 0;
-            padding: 1rem 2rem;
-        }
-
-        nav {
-            background-color: var(--card-bg);
-            padding: 1rem;
-            border-bottom: 1px solid #666;
-            display: flex;
-            justify-content: space-between;
-            align-items: center;
-        }
-
-        nav .links a {
-            margin-right: 1rem;
-            color: var(--fg);
-            text-decoration: none;
-            font-weight: bold;
-        }
-
-        nav .links a:hover {
-            text-decoration: underline;
-        }
-
-        nav .right {
-            display: flex;
-            align-items: center;
-        }
-
-        button#theme-toggle {
-            background: none;
-            border: 1px solid var(--fg);
-            padding: 4px 8px;
-            color: var(--fg);
-            cursor: pointer;
-            border-radius: 4px;
-        }
-
-        h1, h2, h3 {
-            color: var(--fg);
-        }
-
-        .toast {
-            position: fixed;
-            bottom: 20px;
-            right: 20px;
-            background-color: var(--accent);
-            color: white;
-            padding: 10px 16px;
-            border-radius: 6px;
-            box-shadow: 0 2px 10px rgba(0, 0, 0, 0.4);
-            opacity: 0;
-            transition: opacity 0.5s ease;
-            z-index: 9999;
-        }
-
-        .toast.show {
-            opacity: 1;
-        }
-
-        table.styled-table {
-            border-collapse: collapse;
-            width: 100%;
-            margin-top: 1rem;
-            background-color: var(--cell-bg);
-        }
-
-        .styled-table th, .styled-table td {
-            padding: 8px 12px;
-            border: 1px solid #555;
-        }
-
-        .styled-table th {
-            background-color: var(--card-bg);
-            color: var(--fg);
-        }
-    </style>
 </head>
 <body>
-    <nav>
+  <nav>
-        <div class="links">
+    <div class="links">
-            <a href="/">Home</a>
+      <a href="{{ url_for('index_redirect') }}">Home</a>
-            <a href="/user_list">Users</a>
+      <a href="{{ url_for('user.user_list') }}">Users</a>
-            <a href="/group">Groups</a>
+      <a href="{{ url_for('group.group_list') }}">Groups</a>
-            <a href="/stats">Stats</a>
+      <a href="{{ url_for('stats') }}">Stats</a>
-        </div>
+    </div>
-        <div class="right">
+    <div class="right">
-            <button id="theme-toggle">🌓 Theme</button>
+      <button id="theme-toggle">🌓 Theme</button>
-        </div>
+    </div>
-    </nav>
+  </nav>
 
-    {% block content %}
+  {% block content %}{% endblock %}
-    {% endblock %}
 
-    <div id="toast" class="toast"></div>
+  <div id="toast" class="toast"></div>
+  <button id="scrollTopBtn" title="Back to top">⬆</button>
 
-    <script>
+  <script>
-        // Theme toggle logic
+    // Theme toggle
-        const toggleBtn = document.getElementById('theme-toggle');
+    const toggleBtn = document.getElementById('theme-toggle');
-        const userPref = localStorage.getItem('theme');
+    const savedTheme = localStorage.getItem('theme');
+    if (savedTheme) document.documentElement.setAttribute('data-theme', savedTheme);
 
-        if (userPref) {
+    toggleBtn.addEventListener('click', () => {
-            document.documentElement.setAttribute('data-theme', userPref);
+      const current = document.documentElement.getAttribute('data-theme') || 'dark';
-        }
+      const next = current === 'light' ? 'dark' : 'light';
+      document.documentElement.setAttribute('data-theme', next);
+      localStorage.setItem('theme', next);
+    });
 
-        toggleBtn.addEventListener('click', () => {
+    // Toast function
-            const current = document.documentElement.getAttribute('data-theme');
+    window.showToast = function (msg, duration = 3000) {
-            const next = current === 'light' ? 'dark' : 'light';
+      const toast = document.getElementById('toast');
-            document.documentElement.setAttribute('data-theme', next);
+      toast.textContent = msg;
-            localStorage.setItem('theme', next);
+      toast.classList.add('show');
-        });
+      setTimeout(() => toast.classList.remove('show'), duration);
+    };
 
-        // Toast display function
+    // Scroll-to-top button
-        function showToast(message, duration = 3000) {
+    const scrollBtn = document.getElementById('scrollTopBtn');
-            const toast = document.getElementById('toast');
+    window.onscroll = () => {
-            toast.textContent = message;
+      scrollBtn.style.display = window.scrollY > 150 ? 'block' : 'none';
-            toast.classList.add('show');
+    };
-            setTimeout(() => toast.classList.remove('show'), duration);
+    scrollBtn.onclick = () => window.scrollTo({ top: 0, behavior: 'smooth' });
-        }
 
-        // Make toast function globally available
+    // Preserve scroll position
-        window.showToast = showToast;
+    window.addEventListener('beforeunload', () => {
-    </script>
+      sessionStorage.setItem('scrollTop', window.scrollY);
+    });
+
+    window.addEventListener('load', () => {
+      const scrollTop = sessionStorage.getItem('scrollTop');
+      if (scrollTop !== null) {
+        window.scrollTo(0, parseInt(scrollTop));
+        sessionStorage.removeItem('scrollTop');
+      }
+    });
+  </script>
 </body>
 </html>

app/templates/group_list.html

@@ -24,15 +24,19 @@
     <tr>
       <td>{{ group.vlan_id }}</td>
       <td>
-        <form method="POST" action="{{ url_for('group.update_description_route') }}" class="inline-form">
+        <form method="POST" action="{{ url_for('group.update_description_route') }}" class="preserve-scroll">
           <input type="hidden" name="group_id" value="{{ group.vlan_id }}">
-          <input type="text" name="description" value="{{ group.description or '' }}">
+          <input type="text" name="description" value="{{ group.description or '' }}" class="description-input">
-          <button type="submit" title="Save">💾</button>
         </form>
       </td>
       <td>{{ group.user_count }}</td>
       <td>
-        <form method="POST" action="{{ url_for('group.delete_group_route') }}" onsubmit="return confirm('Delete this group?');">
+        <form method="POST" action="{{ url_for('group.update_description_route') }}" class="preserve-scroll" style="display:inline;">
+          <input type="hidden" name="group_id" value="{{ group.vlan_id }}">
+          <input type="hidden" name="description" value="{{ group.description }}">
+          <button type="submit" title="Save">💾</button>
+        </form>
+        <form method="POST" action="{{ url_for('group.delete_group_route') }}" class="preserve-scroll" style="display:inline;" onsubmit="return confirm('Delete this group?');">
           <input type="hidden" name="group_id" value="{{ group.vlan_id }}">
           <button type="submit">❌</button>
         </form>
@@ -42,11 +46,18 @@
   </tbody>
 </table>
 
-<style>
+<script>
-form.inline-form {
+  document.querySelectorAll('form.preserve-scroll').forEach(form => {
-  display: inline-flex;
+    form.addEventListener('submit', () => {
-  gap: 4px;
+      localStorage.setItem('scrollY', window.scrollY);
-  align-items: center;
+    });
-}
+  });
-</style>
+  window.addEventListener('load', () => {
+    const scrollY = localStorage.getItem('scrollY');
+    if (scrollY) {
+      window.scrollTo(0, parseInt(scrollY));
+      localStorage.removeItem('scrollY');
+    }
+  });
+</script>
 {% endblock %}

app/templates/index.html

@@ -45,79 +45,29 @@
   <button type="submit">🔍 Lookup</button>
 </form>
 
-<pre id="mac-result" class="debug-output" style="margin-top: 1em;"></pre>
+<pre id="mac-result" class="debug-output"></pre>
 
 <script>
-document.getElementById('mac-lookup-form').addEventListener('submit', function(e) {
+    document.getElementById('mac-lookup-form').addEventListener('submit', function(e) {
-  e.preventDefault();
+      e.preventDefault();
-  const form = e.target;
+      const form = e.target;
-  const data = new URLSearchParams(new FormData(form));
+      const data = new URLSearchParams(new FormData(form));
-  const resultBox = document.getElementById('mac-result');
+      const resultBox = document.getElementById('mac-result');
-  resultBox.textContent = "Querying...";
+      resultBox.textContent = "Querying...";
 
-  fetch(form.action, {
+      fetch(form.action, {
-    method: 'POST',
+        method: 'POST',
-    body: data,
+        body: data,
-  })
+      })
-  .then(r => r.json())
+      .then(r => r.json())
-  .then(data => {
+      .then(data => {
-    resultBox.textContent = JSON.stringify(data, null, 2);
+        // Update: Use 'output' from the API response
-  })
+        resultBox.textContent = data.output || "No data returned.";
-  .catch(err => {
+      })
-    resultBox.textContent = `Error: ${err}`;
+      .catch(err => {
-  });
+        resultBox.textContent = `Error: ${err}`;
-});
+      });
+    });
 </script>
 
-<style>
-.page-title {
-  margin-bottom: 1rem;
-  color: var(--fg);
-}
-.stats-cards {
-  display: flex;
-  gap: 1rem;
-  margin-bottom: 1.5rem;
-}
-.card {
-  background: var(--cell-bg);
-  border: 1px solid #666;
-  padding: 1rem;
-  border-radius: 8px;
-  flex: 1;
-  text-align: center;
-}
-.card.neutral {
-  background-color: #444;
-}
-.event-list {
-  list-style: none;
-  padding: 0;
-}
-.event-list li {
-  padding: 4px 0;
-  border-bottom: 1px dashed #666;
-}
-.event-list.green li { color: #4caf50; }
-.event-list.red li { color: #ff4d4d; }
-#mac-lookup-form input {
-  padding: 6px;
-  border-radius: 4px;
-  border: 1px solid #999;
-  width: 250px;
-}
-#mac-lookup-form button {
-  padding: 6px 12px;
-  margin-left: 10px;
-  cursor: pointer;
-}
-.debug-output {
-  background-color: #222;
-  color: #b6fcd5;
-  border: 1px solid #333;
-  padding: 1em;
-  font-size: 0.9rem;
-  white-space: pre-wrap;
-}
-</style>
 {% endblock %}

app/templates/user_list.html

@@ -5,12 +5,12 @@
 <h1 class="page-title">MAC Address List</h1>
 
 <form id="add-user-form" method="POST" action="{{ url_for('user.add') }}">
-  <input type="text" name="mac_address" placeholder="MAC address (12 hex characters)" required maxlength="12">
+  <input type="text" name="mac_address" placeholder="MAC address (12 hex)" required maxlength="12">
   <input type="text" name="description" placeholder="Description (optional)">
   <select name="group_id" required>
     <option value="">Assign to VLAN</option>
     {% for group in groups %}
-    <option value="{{ group.id }}">VLAN {{ group.vlan_id }}</option>
+    <option value="{{ group.vlan_id }}">VLAN {{ group.vlan_id }}</option>
     {% endfor %}
   </select>
   <button type="submit">➕ Add</button>
@@ -30,30 +30,37 @@
     {% for entry in users %}
     <tr>
       <td>{{ entry.mac_address }}</td>
+
       <td>
-        <form method="POST" action="{{ url_for('user.update_description_route') }}" class="inline-form">
+        <form method="POST" action="{{ url_for('user.update_description_route') }}">
           <input type="hidden" name="mac_address" value="{{ entry.mac_address }}">
           <input type="text" name="description" value="{{ entry.description or '' }}">
-          <button type="submit" title="Save">💾</button>
         </form>
       </td>
-      <td>{% if entry.vendor_name %}
+
-        {{ entry.vendor_name }}
+      <td>{{ entry.vendor or "..." }}</td>
-      {% else %}
+
-        <em>Unknown</em>
-      {% endif %}</td>
       <td>
         <form method="POST" action="{{ url_for('user.update_vlan_route') }}" class="inline-form">
           <input type="hidden" name="mac_address" value="{{ entry.mac_address }}">
           <select name="group_id" onchange="this.form.submit()">
             {% for group in groups %}
-            <option value="{{ group.id }}" {% if group.vlan_id == entry.vlan_id %}selected{% endif %}>VLAN {{ group.vlan_id }}</option>
+            <option value="{{ group.vlan_id }}" {% if group.vlan_id == entry.vlan_id %}selected{% endif %}>
+              VLAN {{ group.vlan_id }}
+            </option>
             {% endfor %}
           </select>
         </form>
       </td>
+
       <td>
-        <form method="POST" action="{{ url_for('user.delete') }}">
+        <form method="POST" action="{{ url_for('user.update_description_route') }}" style="display:inline;">
+          <input type="hidden" name="mac_address" value="{{ entry.mac_address }}">
+          <input type="hidden" name="description" value="{{ entry.description }}">
+          <button type="submit" title="Save">💾</button>
+        </form>
+
+        <form method="POST" action="{{ url_for('user.delete') }}" style="display:inline;">
           <input type="hidden" name="mac_address" value="{{ entry.mac_address }}">
           <button type="submit" onclick="return confirm('Delete this MAC address?')">❌</button>
         </form>
@@ -64,22 +71,14 @@
 </table>
 
 <script>
-document.getElementById('refresh-vendors').addEventListener('click', function () {
+  document.getElementById('refresh-vendors').addEventListener('click', function () {
-  fetch("{{ url_for('user.refresh') }}", { method: "POST" })
+    fetch("{{ url_for('user.refresh') }}", { method: "POST" })
-    .then(res => res.json())
+      .then(res => res.json())
-    .then(data => {
+      .then(data => {
-      alert("Vendor refresh complete.");
+        window.showToast("Vendor refresh complete.");
-      window.location.reload();
+        window.location.reload();
-    })
+      })
-    .catch(err => alert("Error: " + err));
+      .catch(err => alert("Error: " + err));
-});
+  });
 </script>
-
-<style>
-form.inline-form {
-  display: inline-flex;
-  gap: 4px;
-  align-items: center;
-}
-</style>
 {% endblock %}

app/views/index_views.py

@@ -5,12 +5,12 @@ from db_interface import (
     get_vendor_info,
     get_all_groups,
     get_latest_auth_logs,
+    lookup_mac_verbose
 )
 import pytz
 
 index = Blueprint('index', __name__)
 
-
 def time_ago(dt):
     if not dt:
         return "n/a"
@@ -36,7 +36,6 @@ def time_ago(dt):
     else:
         return f"{seconds // 86400}d{(seconds % 86400) // 3600}h ago"
 
-
 @index.route('/')
 def homepage():
     total_users, total_groups = get_summary_counts()
@@ -52,24 +51,30 @@ def homepage():
                            latest_accept=latest_accept,
                            latest_reject=latest_reject)
 
-
 @index.route('/stats')
 def stats():
-    accept_entries = get_latest_auth_logs('Access-Accept', limit=25)
+    accept_entries = get_latest_auth_logs('Access-Accept')
-    reject_entries = get_latest_auth_logs('Access-Reject', limit=25)
+    reject_entries = get_latest_auth_logs('Access-Reject')
     available_groups = get_all_groups()
+    
+    # Process entries to add vendor and time-ago
+    from datetime import datetime, timezone
+    import humanize
 
-    for entry in accept_entries + reject_entries:
+    def enrich(entry):
-        entry['ago'] = time_ago(entry['timestamp'])
+        from db_interface import get_vendor_info, get_user_by_mac
         entry['vendor'] = get_vendor_info(entry['mac_address'])
-        entry['already_exists'] = entry.get('vlan_id') is not None
+        entry['ago'] = humanize.naturaltime(datetime.now(timezone.utc) - entry['timestamp'])
-        entry['existing_vlan'] = entry.get('vlan_id') if entry['already_exists'] else None
+        user = get_user_by_mac(entry['mac_address'])
+        entry['already_exists'] = user is not None
+        entry['existing_vlan'] = user['vlan_id'] if user else None
+        entry['description'] = user['description'] if user else None
+        return entry
 
-    return render_template('stats.html',
+    accept_entries = [enrich(e) for e in accept_entries]
-                           accept_entries=accept_entries,
+    reject_entries = [enrich(e) for e in reject_entries]
-                           reject_entries=reject_entries,
-                           available_groups=available_groups)
 
+    return render_template("stats.html", accept_entries=accept_entries, reject_entries=reject_entries, available_groups=available_groups)
 
 @index.route('/lookup_mac', methods=['POST'])
 def lookup_mac():
@@ -77,7 +82,8 @@ def lookup_mac():
     if not mac:
         return jsonify({"error": "MAC address is required"}), 400
 
-    return jsonify(get_vendor_info(mac))
+    result = lookup_mac_verbose(mac)
+    return jsonify({"mac": mac, "output": result})
 
 
 def get_summary_counts():

db/init/init-schema.sql

@@ -11,8 +11,9 @@ CREATE TABLE IF NOT EXISTS users (
 CREATE TABLE IF NOT EXISTS auth_logs (
     id INT AUTO_INCREMENT PRIMARY KEY,
     mac_address CHAR(12) NOT NULL CHECK (mac_address REGEXP '^[0-9A-Fa-f]{12}$'),
-    reply ENUM('Access-Accept', 'Access-Reject') NOT NULL,
+    reply ENUM('Access-Accept', 'Access-Reject', 'Accept-Fallback') NOT NULL,
-    timestamp DATETIME DEFAULT CURRENT_TIMESTAMP
+    timestamp DATETIME DEFAULT CURRENT_TIMESTAMP,
+    result VARCHAR(500) DEFAULT NULL,
 );
 
 -- Table for MAC vendor caching

radius/main.py

@@ -3,7 +3,9 @@ from pyrad.dictionary import Dictionary
 from pyrad.packet import AccessAccept, AccessReject
 import mysql.connector
 import os
-DEFAULT_VLAN_ID = os.getenv("DEFAULT_VLAN", "999")
+
+DEFAULT_VLAN_ID = os.getenv("DEFAULT_VLAN", "505")
+DENIED_VLAN = os.getenv("DENIED_VLAN", "999")
 
 class MacRadiusServer(Server):
     def __init__(self, *args, **kwargs):
@@ -20,28 +22,68 @@ class MacRadiusServer(Server):
     def HandleAuthPacket(self, pkt):
         username = pkt['User-Name'][0].upper()
         cursor = self.db.cursor(dictionary=True)
+        
+        # Step 1: Check if the MAC exists in the users table
         cursor.execute("SELECT vlan_id FROM users WHERE mac_address = %s", (username,))
         result = cursor.fetchone()
-        cursor.close()
 
+        reply = self.CreateReplyPacket(pkt)
+
+        # Step 2: Handle the Access-Accept or Access-Reject scenario
         if result:
-            reply = self.CreateReplyPacket(pkt)
+            # MAC found in users table
-            reply.code = AccessAccept
+            vlan_id = result['vlan_id']
-            
+
-            reply.AddAttribute("Tunnel-Type", 13)
+            # Check if the VLAN is a denied VLAN
-            reply.AddAttribute("Tunnel-Medium-Type", 6)
+            denied_vlan = os.getenv("DENIED_VLAN", "999")  # Get the denied VLAN from environment
-            reply.AddAttribute("Tunnel-Private-Group-Id", result['vlan_id'])
+
+            if vlan_id == denied_vlan:
+                # Step 3: If the MAC is in a denied VLAN, reject the access
+                reply.code = AccessReject
+                cursor.execute("""
+                    INSERT INTO auth_logs (mac_address, reply, result)
+                    VALUES (%s, %s, %s)
+                """, (username, "Access-Reject", f"Denied due to VLAN {denied_vlan}"))
+                self.db.commit()
+                print(f"[INFO] MAC {username} rejected due to VLAN {denied_vlan}")
+
+            else:
+                # Step 4: If the MAC is valid and not in the denied VLAN, accept access and assign VLAN
+                reply.code = AccessAccept
+                reply.AddAttribute("Tunnel-Type", 13)
+                reply.AddAttribute("Tunnel-Medium-Type", 6)
+                reply.AddAttribute("Tunnel-Private-Group-Id", vlan_id)
+
+                # Log successful access
+                cursor.execute("""
+                    INSERT INTO auth_logs (mac_address, reply, result)
+                    VALUES (%s, %s, %s)
+                """, (username, "Access-Accept", f"Assigned to VLAN {vlan_id}"))
+                self.db.commit()
+                print(f"[INFO] MAC {username} accepted and assigned to VLAN {vlan_id}")
+
         else:
-            # Fallback to default VLAN
+            # Step 5: If the MAC is not found in the database, assign to fallback VLAN
-            reply = self.CreateReplyPacket(pkt)
+            reply.code = AccessAccept  # Still send Access-Accept even for fallback
-            reply.code = AccessAccept
             reply["Tunnel-Type"] = 13  # VLAN
             reply["Tunnel-Medium-Type"] = 6  # IEEE-802
             reply["Tunnel-Private-Group-Id"] = DEFAULT_VLAN_ID
-            self.SendReplyPacket(pkt.fd, reply)
+
+            # Log fallback assignment
+            cursor.execute("""
+                INSERT INTO auth_logs (mac_address, reply, result)
+                VALUES (%s, %s, %s)
+            """, (username, "Access-Accept", f"Assigned to fallback VLAN {DEFAULT_VLAN_ID}"))
+            self.db.commit()
+
             print(f"[INFO] MAC {username} not found — assigned to fallback VLAN {DEFAULT_VLAN_ID}")
 
+        # Send the reply packet (whether accept or reject)
         self.SendReplyPacket(pkt.fd, reply)
+        cursor.close()
+
+
+
 
 if __name__ == '__main__':
     srv = MacRadiusServer(dict=Dictionary("dictionary"))