app.auth - Code Metrics - whahn1983/pycashflow - Measure and Improve Code Quality continuously with Scrutinizer

app.auth A
last analyzed 2025-06-25 16:54 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	178
Duplicated Lines	0 %

Importance

Changes

Metric	Value
eloc	115
dl	0
loc	178
rs	10
c	0
b	0
f	0
wmc	25

9 Functions

Rating	Name	Size	Complexity
A	signup()	16	4
A	login_passkey()	6	1
A	admin_required()	8	2
A	signup_post()	28	4
A	logout()	5	1
A	login_post()	27	5
A	login_passkey_post()	31	4
A	login()	3	1
A	get_authenticated_user_from_cookie()	8	3

from flask import Blueprint, render_template, redirect, url_for, request, flash, session
from flask_login import login_user, login_required, logout_user, current_user
from werkzeug.security import generate_password_hash, check_password_hash
from .models import User
from app import db
import pandas as pd
import os
from functools import wraps
from werkzeug.exceptions import Unauthorized
from corbado_python_sdk import Config, CorbadoSDK, UserEntity


auth = Blueprint('auth', __name__)


short_session_cookie_name = "cbo_short_session"
# Config has a default values for 'short_session_cookie_name' and 'BACKEND_API'
config: Config = Config(
    api_secret=os.environ['API_SECRET'],
    project_id=os.environ['PROJECT_ID'],
    frontend_api=os.environ['FRONTEND_URI'],
    backend_api="https://backendapi.cloud.corbado.io",
)
config.frontend_api = os.environ['FRONTEND_URI']

# Initialize SDK
sdk: CorbadoSDK = CorbadoSDK(config=config)


@auth.route('/login')
def login():
    return render_template('login.html')


@auth.route('/login', methods=['POST'])
def login_post():
    # login code goes here
    email = request.form.get('email')
    password = request.form.get('password')
    remember = True if request.form.get('remember') else False

    user = User.query.filter_by(email=email).first()

    # check if the user actually exists
    # take the user-supplied password, hash it, and compare it to the hashed password in the database
    if not user or not check_password_hash(user.password, password):
        flash('Please check your login details and try again.')
        return redirect(url_for('auth.login')) # if the user doesn't exist or password is wrong, reload the page

    # fix for no admin user to make current user an admin
    user_test = User.query.filter_by(admin=True).first()
    if not user_test:
        user.admin = 1
        db.session.commit()

    # if the above check passes, then we know the user has the right credentials
    login_user(user, remember=remember)
    session['name'] = user.name
    session['email'] = user.email

    return redirect(url_for('main.index'))


@auth.route('/signup')
def signup():
    try:
        engine = db.create_engine(os.environ.get('DATABASE_URL')).connect()
    except:
        engine = db.create_engine('sqlite:///db.sqlite').connect()

    try:
        df = pd.read_sql('SELECT * FROM settings;', engine)

        if df['value'][0] == 1:
            return render_template('login.html')
    except:
        pass

    return render_template('signup.html')


@auth.route('/signup', methods=['POST'])
def signup_post():
    # code to validate and add user to database goes here
    email = request.form.get('email')
    name = request.form.get('name')
    password = request.form.get('password')

    user = User.query.filter_by(email=email).first() # if this returns a user, then the email already exists in database

    if user: # if a user is found, we want to redirect back to signup page so user can try again
        return redirect(url_for('auth.signup'))

    # if no admin user, make new user an admin
    user_test = User.query.filter_by(admin=True).first()
    if not user_test:
        admin = 1
    else:
        admin = 0

    # create a new user with the form data. Hash the password so the plaintext version isn't saved.
    new_user = User(email=email, name=name, password=generate_password_hash(password, method='scrypt'), admin=admin)

    # add the new user to the database
    db.session.add(new_user)
    db.session.commit()
    if user:  # if a user is found, we want to redirect back to signup page so user can try again
        flash('Email address already exists')
    return redirect(url_for('auth.login'))


@auth.route('/logout')
@login_required
def logout():
    logout_user()
    return redirect(url_for('main.index'))


def admin_required(f):
    @wraps(f)
    def decorated_function(*args, **kwargs):
        if current_user.admin:
            return f(*args, **kwargs)
        else:
            return redirect(url_for('main.index'))
    return decorated_function


@auth.route('/passkey_login')
def login_passkey():
    project_id = os.environ['PROJECT_ID']
    frontend_uri = os.environ['FRONTEND_URI']

    return render_template('passkey_login.html', project_id=project_id, frontend_uri=frontend_uri)


@auth.route('/passkey_login_post')
def login_passkey_post():

    auth_user = get_authenticated_user_from_cookie()
    if auth_user:
        email_identifiers = sdk.identifiers.list_all_emails_by_user_id(user_id=auth_user.user_id)
        email = email_identifiers[0].value
    else:
        # use more sophisticated error handling in production
        raise Unauthorized()

    user = User.query.filter_by(email=email).first()

    # check if the user actually exists
    # take the user-supplied password, hash it, and compare it to the hashed password in the database
    if not user:
        flash('Please check your login details and try again.')
        return redirect(url_for('auth.login'))  # if the user doesn't exist or password is wrong, reload the page

    # fix for no admin user to make current user an admin
    user_test = User.query.filter_by(admin=True).first()
    if not user_test:
        user.admin = 1
        db.session.commit()

    # if the above check passes, then we know the user has the right credentials
    login_user(user, remember=True)
    session['name'] = user.name
    session['email'] = user.email

    return redirect(url_for('main.index'))


def get_authenticated_user_from_cookie() -> UserEntity | None:
    session_token = request.cookies.get('cbo_session_token')
    if not session_token:
        return None
    try:
        return sdk.sessions.validate_token(session_token)
    except:
        raise Unauthorized()

1			from flask import Blueprint, render_template, redirect, url_for, request, flash, session
2			from flask_login import login_user, login_required, logout_user, current_user
3			from werkzeug.security import generate_password_hash, check_password_hash
4			from .models import User
5			from app import db
6			import pandas as pd
7			import os
8			from functools import wraps
9			from werkzeug.exceptions import Unauthorized
10			from corbado_python_sdk import Config, CorbadoSDK, UserEntity
11
12
13			auth = Blueprint('auth', __name__)
14
15
16			short_session_cookie_name = "cbo_short_session"
17			# Config has a default values for 'short_session_cookie_name' and 'BACKEND_API'
18			config: Config = Config(
19			api_secret=os.environ['API_SECRET'],
20			project_id=os.environ['PROJECT_ID'],
21			frontend_api=os.environ['FRONTEND_URI'],
22			backend_api="https://backendapi.cloud.corbado.io",
23			)
24			config.frontend_api = os.environ['FRONTEND_URI']
25
26			# Initialize SDK
27			sdk: CorbadoSDK = CorbadoSDK(config=config)
28
29
30			@auth.route('/login')
31			def login():
32			return render_template('login.html')
33
34
35			@auth.route('/login', methods=['POST'])
36			def login_post():
37			# login code goes here
38			email = request.form.get('email')
39			password = request.form.get('password')
40			remember = True if request.form.get('remember') else False
41
42			user = User.query.filter_by(email=email).first()
43
44			# check if the user actually exists
45			# take the user-supplied password, hash it, and compare it to the hashed password in the database
46			if not user or not check_password_hash(user.password, password):
47			flash('Please check your login details and try again.')
48			return redirect(url_for('auth.login')) # if the user doesn't exist or password is wrong, reload the page
49
50			# fix for no admin user to make current user an admin
51			user_test = User.query.filter_by(admin=True).first()
52			if not user_test:
53			user.admin = 1
54			db.session.commit()
55
56			# if the above check passes, then we know the user has the right credentials
57			login_user(user, remember=remember)
58			session['name'] = user.name
59			session['email'] = user.email
60
61			return redirect(url_for('main.index'))
62
63
64			@auth.route('/signup')
65			def signup():
66			try:
67			engine = db.create_engine(os.environ.get('DATABASE_URL')).connect()
68			except:
69			engine = db.create_engine('sqlite:///db.sqlite').connect()
70
71			try:
72			df = pd.read_sql('SELECT * FROM settings;', engine)
73
74			if df['value'][0] == 1:
75			return render_template('login.html')
76			except:
77			pass
78
79			return render_template('signup.html')
80
81
82			@auth.route('/signup', methods=['POST'])
83			def signup_post():
84			# code to validate and add user to database goes here
85			email = request.form.get('email')
86			name = request.form.get('name')
87			password = request.form.get('password')
88
89			user = User.query.filter_by(email=email).first() # if this returns a user, then the email already exists in database
90
91			if user: # if a user is found, we want to redirect back to signup page so user can try again
92			return redirect(url_for('auth.signup'))
93
94			# if no admin user, make new user an admin
95			user_test = User.query.filter_by(admin=True).first()
96			if not user_test:
97			admin = 1
98			else:
99			admin = 0
100
101			# create a new user with the form data. Hash the password so the plaintext version isn't saved.
102			new_user = User(email=email, name=name, password=generate_password_hash(password, method='scrypt'), admin=admin)
103
104			# add the new user to the database
105			db.session.add(new_user)
106			db.session.commit()
107			if user: # if a user is found, we want to redirect back to signup page so user can try again
108			flash('Email address already exists')
109			return redirect(url_for('auth.login'))
110
111
112			@auth.route('/logout')
113			@login_required
114			def logout():
115			logout_user()
116			return redirect(url_for('main.index'))
117
118
119			def admin_required(f):
120			@wraps(f)
121			def decorated_function(args, *kwargs):
122			if current_user.admin:
123			return f(args, *kwargs)
124			else:
125			return redirect(url_for('main.index'))
126			return decorated_function
127
128
129			@auth.route('/passkey_login')
130			def login_passkey():
131			project_id = os.environ['PROJECT_ID']
132			frontend_uri = os.environ['FRONTEND_URI']
133
134			return render_template('passkey_login.html', project_id=project_id, frontend_uri=frontend_uri)
135
136
137			@auth.route('/passkey_login_post')
138			def login_passkey_post():
139
140			auth_user = get_authenticated_user_from_cookie()
141			if auth_user:
142			email_identifiers = sdk.identifiers.list_all_emails_by_user_id(user_id=auth_user.user_id)
143			email = email_identifiers[0].value
144			else:
145			# use more sophisticated error handling in production
146			raise Unauthorized()
147
148			user = User.query.filter_by(email=email).first()
149
150			# check if the user actually exists
151			# take the user-supplied password, hash it, and compare it to the hashed password in the database
152			if not user:
153			flash('Please check your login details and try again.')
154			return redirect(url_for('auth.login')) # if the user doesn't exist or password is wrong, reload the page
155
156			# fix for no admin user to make current user an admin
157			user_test = User.query.filter_by(admin=True).first()
158			if not user_test:
159			user.admin = 1
160			db.session.commit()
161
162			# if the above check passes, then we know the user has the right credentials
163			login_user(user, remember=True)
164			session['name'] = user.name
165			session['email'] = user.email
166
167			return redirect(url_for('main.index'))
168
169
170			def get_authenticated_user_from_cookie() -> UserEntity \| None:
171			session_token = request.cookies.get('cbo_session_token')
172			if not session_token:
173			return None
174			try:
175			return sdk.sessions.validate_token(session_token)
176			except:
177			raise Unauthorized()

whahn1983 / pycashflow

app.auth A last analyzed 2025-06-25 16:54 UTC

Complexity

Size/Duplication

Importance

9 Functions

Duplication Side-by-Side

Filter issues like

app.auth A
last analyzed 2025-06-25 16:54 UTC