function login
Flask route handler that renders the login page for user authentication, with support for Azure SSO integration and automatic redirection for authenticated users or when authentication is disabled.
/tf/active/vicechatdev/docchat/app.py
714 - 730
moderate
Purpose
This function serves as the entry point for user authentication in a Flask web application. It handles three scenarios: (1) redirects to the main application if authentication is disabled via config, (2) redirects already-authenticated users to the index page, and (3) renders the login template with an optional Azure SSO authentication URL for unauthenticated users. It integrates with Azure Active Directory for single sign-on capabilities.
Source Code
def login():
"""Login page"""
if not config.REQUIRE_AUTH:
# If auth is disabled, redirect to main app
return redirect(url_for('index'))
if 'user' in session:
# Already logged in
return redirect(url_for('index'))
# Get Azure auth URL if available
azure_auth_url = None
if azure_sso:
azure_auth_url = azure_sso.get_auth_url()
logger.info(f"Generated Azure auth URL: {azure_auth_url}")
return render_template('login.html', azure_auth_url=azure_auth_url)Return Value
Returns a Flask response object. This can be: (1) a redirect response to the 'index' route if authentication is disabled or user is already logged in, or (2) a rendered HTML template ('login.html') with the 'azure_auth_url' context variable passed to it (which may be None if Azure SSO is not configured).
Dependencies
flasklogging
Required Imports
from flask import Flask
from flask import render_template
from flask import session
from flask import redirect
from flask import url_for
import logging
import config
from auth.azure_auth import setup_azure_sso
Conditional/Optional Imports
These imports are only needed under specific conditions:
from auth.azure_auth import setup_azure_ssoCondition: Required if Azure SSO authentication is enabled and the 'azure_sso' object needs to be initialized
OptionalUsage Example
from flask import Flask, session
import config
from auth.azure_auth import setup_azure_sso
import logging
app = Flask(__name__)
app.secret_key = 'your-secret-key-here'
logger = logging.getLogger(__name__)
# Setup Azure SSO (optional)
azure_sso = setup_azure_sso(app) if config.AZURE_ENABLED else None
# Configure authentication requirement
config.REQUIRE_AUTH = True
@app.route('/login')
def login():
"""Login page"""
if not config.REQUIRE_AUTH:
return redirect(url_for('index'))
if 'user' in session:
return redirect(url_for('index'))
azure_auth_url = None
if azure_sso:
azure_auth_url = azure_sso.get_auth_url()
logger.info(f"Generated Azure auth URL: {azure_auth_url}")
return render_template('login.html', azure_auth_url=azure_auth_url)
if __name__ == '__main__':
app.run(debug=True)Best Practices
- Ensure Flask session secret key is properly configured and kept secure before using this function
- The 'azure_sso' object must be properly initialized before this function is called if Azure authentication is intended
- Always validate that config.REQUIRE_AUTH is properly set according to your security requirements
- Ensure the 'login.html' template exists and properly handles the azure_auth_url parameter (including None values)
- The function assumes an 'index' route exists for redirection - ensure this route is defined
- Consider implementing rate limiting on the login route to prevent brute force attacks
- The logger object should be configured at the module level before this function is used
- Session data should be validated and sanitized when checking for 'user' key
- Consider adding CSRF protection to the login form rendered by this route
Tags
Similar Components
AI-powered semantic similarity - components with related functionality: