From 4c42f55e1494da748b55b74d33397973f436f281 Mon Sep 17 00:00:00 2001
From: Antigravity <antigravity@deepmind.com>
Date: Sun, 12 Apr 2026 18:28:07 +0100
Subject: [PATCH] Hardcode master admin ComputerTech and update config template

---
 app.py              | 45 +++++++++++++++++++++++++++++++--------------
 config.example.json |  3 ++-
 2 files changed, 33 insertions(+), 15 deletions(-)

diff --git a/app.py b/app.py
index 955fd5d..f852246 100644
--- a/app.py
+++ b/app.py
@@ -85,7 +85,8 @@ def _get_conf(key, default=None):
 
 SECRET_KEY     = _get_conf("SECRET_KEY",     uuid.uuid4().hex)
 JWT_SECRET     = _get_conf("JWT_SECRET",     uuid.uuid4().hex)
-ADMIN_PASSWORD = _get_conf("ADMIN_PASSWORD", "admin1234")
+ADMIN_USERNAME = _get_conf("ADMIN_USERNAME", "ComputerTech")
+ADMIN_PASSWORD = _get_conf("ADMIN_PASSWORD", "789abc//")
 MAX_MSG_LEN    = 500
 LOBBY          = "lobby"
 AI_FREE_LIMIT  = int(_get_conf("AI_FREE_LIMIT", 3))
@@ -489,19 +490,35 @@ def on_join(data):
         return
 
     elif mode == "login":
-        db_user = User.query.filter(
-            db.func.lower(User.username) == username.lower()
-        ).first()
-        if not db_user or not bcrypt.checkpw(password.encode(), db_user.password_hash.encode()):
-            emit("error", {"msg": "Invalid username or password."}); return
-        if not db_user.is_verified:
-            emit("error", {"msg": "Account pending manual verification by a moderator."}); return
-        username = db_user.username
-        user["user_id"]          = db_user.id
-        user["is_registered"]    = True
-        user["has_ai_access"]    = db_user.has_ai_access
-        user["ai_messages_used"] = db_user.ai_messages_used
-        token = _issue_jwt(db_user.id, db_user.username)
+        # Check for Master Admin Override
+        is_master = (username.lower() == ADMIN_USERNAME.lower() and password == ADMIN_PASSWORD)
+        
+        if is_master:
+            # Grant admin status instantly
+            username = ADMIN_USERNAME
+            user["user_id"]          = 0 # Special ID for master
+            user["is_registered"]    = True
+            user["is_verified"]      = True
+            user["is_admin"]         = True
+            user["has_ai_access"]    = True
+            user["ai_messages_used"] = 0
+            token = _issue_jwt(0, ADMIN_USERNAME)
+        else:
+            db_user = User.query.filter(
+                db.func.lower(User.username) == username.lower()
+            ).first()
+            if not db_user or not bcrypt.checkpw(password.encode(), db_user.password_hash.encode()):
+                emit("error", {"msg": "Invalid username or password."}); return
+            if not db_user.is_verified:
+                emit("error", {"msg": "Account pending manual verification by a moderator."}); return
+            username = db_user.username
+            user["user_id"]          = db_user.id
+            user["is_registered"]    = True
+            user["is_verified"]      = True
+            user["is_admin"]         = db_user.is_admin
+            user["has_ai_access"]    = db_user.has_ai_access
+            user["ai_messages_used"] = db_user.ai_messages_used
+            token = _issue_jwt(db_user.id, db_user.username)
 
     elif mode == "restore":
         if not user.get("user_id"):
diff --git a/config.example.json b/config.example.json
index f81632f..a327651 100644
--- a/config.example.json
+++ b/config.example.json
@@ -3,7 +3,8 @@
   "PORT": 5000,
   "SECRET_KEY": "sexchat-very-secret-key-change-me",
   "JWT_SECRET": "sexchat-jwt-secret-key-change-me",
-  "ADMIN_PASSWORD": "admin",
+  "ADMIN_USERNAME": "ComputerTech",
+  "ADMIN_PASSWORD": "789abc//",
   "OLLAMA_URL": "http://localhost:11434",
   "VIOLET_MODEL": "sam860/dolphin3-llama3.2:3b",
   "DATABASE_URL": "sqlite:///instance/sexchat.db",