@app.route('/account', methods=['GET', 'POST'])
def account():
    if request.method == 'POST':
        form_type = request.form['form_type']
        email = request.form['email']
        password = request.form['password']

        if form_type == 'login':
            user = User.query.filter_by(email=email).first()
            if user and bcrypt.check_password_hash(user.password_hash, password):
                login_user(user)
                flash('Logged in successfully.', 'success')
                return redirect(url_for('dashboard'))
            else:
                flash('Login failed. Check email and password.', 'danger')

        elif form_type == 'register':
            name = request.form['name']
            existing_user = User.query.filter_by(email=email).first()
            if existing_user:
                flash('Email already registered.', 'danger')
            else:
                hashed_pw = bcrypt.generate_password_hash(password).decode('utf-8')
                new_user = User(name=name, email=email, password_hash=hashed_pw)
                db.session.add(new_user)
                db.session.commit()
                flash('Account created! Please log in.', 'success')

    return render_template('account.html')