Skip to content

Omar #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 9 commits into
base: master
Choose a base branch
from
Open

Omar #3

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
b360ef8
Remove CodeRabbit configuration file
omar-2004 Mar 8, 2025
7997998
Add CodeRabbit configuration for automated review features
omar-2004 Mar 8, 2025
e2bca72
Remove unnecessary entries from .gitignore
omar-2004 Mar 8, 2025
f48c414
Update AI PR reviewer workflow and VSCode tasks configuration
omar-2004 Mar 8, 2025
b524919
Refactor login page layout and update navigation with Bootstrap compo…
omar-2004 Mar 8, 2025
ff6af7d
Add favicon images and site manifest; update header and footer with logo
omar-2004 Mar 8, 2025
9177a33
Simplify Flask test command in workflow configuration
omar-2004 Mar 8, 2025
d7f3abb
Update GitHub Actions workflow to deploy Flask app to Heroku
omar-2004 Mar 8, 2025
ce33a1f
Refactor authentication flow and update templates with dynamic compan…
omar-2004 Mar 9, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 0 additions & 23 deletions .coderabbit.yaml
View file
Open in desktop

This file was deleted.

9 changes: 9 additions & 0 deletions .coderabbit.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
reviews:
enabled: true
auto_review: true
auto_summarize: true
auto_title: true
auto_title_instructions: "Generate a title based on the changes in the PR"
max_comments: 10
simple_changes: false
comment_lgtm: false
Comment on lines +1 to +9
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Configuration Schema Violation: auto_review
The CodeRabbit configuration schema expects the auto_review property to be an object, but a boolean (true) is provided here. This mismatch leads to a validation error ("Expected object, received boolean at reviews.auto_review").
For example, modify the configuration as follows:

-  auto_review: true
+  auto_review:
+    enabled: true
+    auto_incremental_review: true

Please update this section to match the schema.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
reviews:
enabled: true
auto_review: true
auto_summarize: true
auto_title: true
auto_title_instructions: "Generate a title based on the changes in the PR"
max_comments: 10
simple_changes: false
comment_lgtm: false
reviews:
enabled: true
auto_review:
enabled: true
auto_incremental_review: true
auto_summarize: true
auto_title: true
auto_title_instructions: "Generate a title based on the changes in the PR"
max_comments: 10
simple_changes: false
comment_lgtm: false

3 changes: 2 additions & 1 deletion .github/workflows/ai-pr-reviewer.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: Code Review

permissions:
Expand All @@ -16,7 +17,7 @@ jobs:
- uses: coderabbitai/ai-pr-reviewer@latest
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} # ignore error
with:
debug: true
review_simple_changes: false
Expand Down
30 changes: 30 additions & 0 deletions .github/workflows/flask-tests.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
name: Deploy Flask to Heroku

on:
push:
branches:
- main

jobs:
deploy:
runs-on: ubuntu-latest

steps:
- name: Checkout repository
uses: actions/checkout@v3

Comment on lines +13 to +15
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Verification agent

🧩 Analysis chain

Update Actions Checkout Version

Static analysis indicates that using actions/checkout@v3 may be outdated. Please verify if a newer version (e.g., actions/checkout@v4) is available and update accordingly to benefit from the latest features and security patches.

-        uses: actions/checkout@v3
+        uses: actions/checkout@v4

🌐 Web query:

What is the latest version of the GitHub Action "actions/checkout"? Does "actions/checkout@v4" exist and is it recommended for use over "actions/checkout@v3" based on GitHub Marketplace or official documentation?

💡 Result:

The latest version of the GitHub Action actions/checkout is v4.2.2, as indicated by its release history [7]. The @v4 tag exists and is actively maintained, with updates as recent as November 2024.

Key Details:

  1. Latest Version:

    • The actions/checkout@v4 line is the current major version, with incremental updates like v4.2.2 addressing bug fixes and security improvements [7][9].
    • Earlier releases under v4 (e.g., v4.1.4) are pinned in workflows for stability, as seen in projects like OpenTofu [1].

  2. Recommendation Over v3:

    • GitHub has deprecated Node.js 16, which actions/checkout@v3 relies on. Upgrading to v4 ensures compatibility with Node.js 20 and avoids warnings or failures [9][12].
    • v4 introduces features like improved sparse checkout support and authentication handling, while maintaining backward compatibility [1][10][18].

  3. Adoption in Official Documentation:

    • The GitHub Marketplace and tutorials now default to v4 for examples, such as cloning repositories, checking out branches, and handling multiple repos [10][18].
    • Workflows like Renovate Bot and Python testing explicitly use actions/checkout@v4 [4][14].

Summary:

  • Use actions/checkout@v4 for new workflows.
  • Migrate from v3 to v4 to ensure compatibility with GitHub’s latest runner environments (Node.js 20) and leverage performance improvements.
  • Pin specific versions (e.g., v4.2.2) for critical workflows to avoid unintended changes [7][10].

Citations:

Action Required: Update GitHub Checkout Action to v4

The current workflow uses actions/checkout@v3, which is now outdated. GitHub’s official documentation and release history confirm that the latest major version is v4 (with recent patches such as v4.2.2), which offers improved features, better Node.js 20 compatibility, and enhanced security. Please update the workflow accordingly.

  • File: .github/workflows/flask-tests.yml (lines 13–15)
  • Change Required: 
    -        uses: actions/checkout@v3
+        uses: actions/checkout@v4
  • Recommendation: Consider pinning a specific v4 release (e.g., v4.2.2) for additional stability if necessary.
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- name: Checkout repository
uses: actions/checkout@v3
- name: Checkout repository
uses: actions/checkout@v4
🧰 Tools
🪛 actionlint (1.7.4)

14-14: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: "3.9"

- name: Install dependencies
run: |
pip install -r requirements.txt

- name: Deploy to Heroku
run: |
heroku login
git push heroku main
env:
HEROKU_API_KEY: ${{ secrets.HEROKU_API_KEY }}
2 changes: 1 addition & 1 deletion .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,4 +3,4 @@
venv
__pycache__
app/__pycache__
.github/workflow/*.yml
Bootstrap Studio/*
57 changes: 30 additions & 27 deletions .vscode/tasks.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,28 +1,31 @@
{
"tasks": [
{
"type": "cppbuild",
"label": "C/C++: gcc.exe build active file",
"command": "C:\\msys64\\ucrt64\\bin\\gcc.exe",
"args": [
"-fdiagnostics-color=always",
"-g",
"${file}",
"-o",
"${fileDirname}\\${fileBasenameNoExtension}.exe"
],
"options": {
"cwd": "${fileDirname}"
},
"problemMatcher": [
"$gcc"
],
"group": {
"kind": "build",
"isDefault": true
},
"detail": "Task generated by Debugger."
}
],
"version": "2.0.0"
}
"tasks": [
{
"type": "cppbuild",
"label": "C/C++: gcc.exe build active file",
"command": "C:\\msys64\\ucrt64\\bin\\gcc.exe",
"args": [
"-fdiagnostics-color=always",
"-g",
"${file}",
"-o",
"${fileDirname}\\${fileBasenameNoExtension}.exe"
],
"options": {
"cwd": "${fileDirname}"
},
"problemMatcher": ["$gcc"],
"group": {
"kind": "build",
"isDefault": true
},
"detail": "Task generated by Debugger."
}
],
"yaml.customTags": [
"!Scalar-example scalar",
"!Seq-example sequence",
"!Mapping-example mapping"
],
"version": "2.0.0"
}
9 changes: 7 additions & 2 deletions App/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,14 +22,19 @@ def create_app(config_class='config.DevelopmentConfig'):
configure_logging(app)
# Enable the toolbar
toolbar = DebugToolbarExtension(app)
login_manager.login_view = 'auth/Login' # Redirect to login page if not logged in

login_manager.login_view = 'auth.home'


@app.context_processor
def inject_globals() -> dict[str, str]:
return {"WebSiteTitle": "AlphaCode",
"CompanyName":"AlphaCode"
}
# Register all blueprints
register_blueprints(app)

return app




Binary file modified App/__pycache__/__init__.cpython-313.pyc
View file
Open in desktop
Binary file not shown.
Binary file modified App/__pycache__/extensions.cpython-313.pyc
View file
Open in desktop
Binary file not shown.
Binary file modified App/blueprints/__pycache__/__init__.cpython-313.pyc
View file
Open in desktop
Binary file not shown.
20 changes: 15 additions & 5 deletions App/blueprints/auth/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,25 @@
from flask import Blueprint, render_template
auth = Blueprint('user', __name__)
# login_manager.login_view = 'login' # Redirect to login page if not logged in
from flask_login import UserMixin
Comment on lines 1 to +2
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Import missing dependencies

The current imports are incomplete for the authentication functionality implemented in this file.

-from flask import Blueprint, render_template
-from flask_login import  UserMixin
+from flask import Blueprint, render_template, request, redirect, url_for, flash
+from flask_login import UserMixin, login_user, logout_user, current_user
from App import login_manager
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
from flask import Blueprint, render_template
auth = Blueprint('user', __name__)
# login_manager.login_view = 'login' # Redirect to login page if not logged in
from flask_login import UserMixin
from flask import Blueprint, render_template, request, redirect, url_for, flash
from flask_login import UserMixin, login_user, logout_user, current_user
from App import login_manager

from App import login_manager

# from . import routes
auth = Blueprint('auth', __name__)

users = {"admin": {"password": "password123"}}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Remove hardcoded credentials from the code

Storing plaintext passwords in the code is a serious security vulnerability. Passwords should be hashed and stored securely, preferably in a database, and never in the source code.

-users = {"admin": {"password": "password123"}}
+# Configure proper user authentication with a database and password hashing
+# Example using Flask-SQLAlchemy and werkzeug:
+# from werkzeug.security import generate_password_hash, check_password_hash
+# 
+# users = {} # This should be replaced with database queries

Consider using a database with SQLAlchemy and implement proper password hashing using a library like passlib or werkzeug.security.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
users = {"admin": {"password": "password123"}}
# Configure proper user authentication with a database and password hashing
# Example using Flask-SQLAlchemy and werkzeug:
# from werkzeug.security import generate_password_hash, check_password_hash
#
users = {} # This should be replaced with database queries


class User(UserMixin):
def __init__(self, user_id):
self.id = user_id

@login_manager.user_loader
def load_user(user_id):
if user_id in users:
return User(user_id)
return None # If user not found
Comment on lines +13 to +17
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Improve user loading security

The current user loading mechanism is simplistic and insecure. It needs to be enhanced with proper user retrieval from a database.

@login_manager.user_loader
def load_user(user_id):
-    if user_id in users:
-        return User(user_id)
-    return None  # If user not found
+    # Example with SQLAlchemy:
+    # return User.query.get(int(user_id))
+    
+    # Temporary implementation until database is set up:
+    if user_id in users:
+        user = User(user_id)
+        return user
+    return None
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
@login_manager.user_loader
def load_user(user_id):
if user_id in users:
return User(user_id)
return None # If user not found
@login_manager.user_loader
def load_user(user_id):
# Example with SQLAlchemy:
# return User.query.get(int(user_id))
# Temporary implementation until database is set up:
if user_id in users:
user = User(user_id)
return user
return None


@auth.route('/Login', methods=["POST", "GET"])
def home():
return "<h1>Login</h1"
return render_template('auth/login.html')
Comment on lines 19 to +21
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Implement authentication logic in the login route

The login route doesn't contain any authentication logic. It simply renders the template without processing the form data.

@auth.route('/Login', methods=["POST", "GET"])
def home():
-    return render_template('auth/login.html')
+    form_errors = []
+    if request.method == "POST":
+        username = request.form.get("email")
+        password = request.form.get("password")
+        
+        # Implement proper authentication logic with password hashing
+        # Example:
+        # user = User.query.filter_by(email=username).first()
+        # if user and check_password_hash(user.password, password):
+        #     login_user(user)
+        #     next_page = request.args.get('next')
+        #     return redirect(next_page or url_for('main.index'))
+        # else:
+        #     form_errors.append("Invalid username or password")
+    
+    return render_template('auth/login.html', form_errors=form_errors)

Don't forget to import the necessary functions:

from flask import request, redirect, url_for, flash
from flask_login import login_user


# @login_manager.user_loader
@auth.route("/testing")
def test():
return render_template('base.html')
Expand Down
17 changes: 9 additions & 8 deletions App/blueprints/user/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,16 +1,17 @@
from flask import Blueprint, render_template
from App import login_manager
from flask import Blueprint, render_template, redirect, url_for
from flask_login import login_required

user_bp = Blueprint('user', __name__)

from . import routes
@login_manager.user_loader


@user_bp.route('')
@login_required
def home():
return render_template('auth/login.html')
return render_template('base/base.html')

@login_manager.user_loader
@user_bp.route("/testing")
@login_required
def test():
return render_template('base.html')

return "testing"

Binary file modified App/blueprints/user/__pycache__/__init__.cpython-313.pyc
View file
Open in desktop
Binary file not shown.
5 changes: 5 additions & 0 deletions App/static/bootstrap/css/bootstrap.min.css
View file
Open in desktop

Large diffs are not rendered by default.

31 changes: 3 additions & 28 deletions App/static/css/login.css
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,29 +1,4 @@
* {
margin: 0;
padding: 0;
box-sizing: border-box;
}

header,
footer {
background-color: lightgray;
width: 100dvw;
height: 10dvh;
}

header {
display: flex;
align-items: center;
justify-content: space-around;
}
header a {
color: black;
text-decoration: none;
transition: color 0.3s;
}

main {
background-color: antiquewhite;
width: 100dvw;
min-height: 80dvh;
footer,
nav {
background-color: rgb(230, 230, 230);
}/*# sourceMappingURL=login.css.map */
2 changes: 1 addition & 1 deletion App/static/css/login.css.map
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

40 changes: 3 additions & 37 deletions App/static/css/login.scss
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,38 +1,4 @@
* {
margin: 0;
padding: 0;
box-sizing: border-box;
footer,
nav {
background-color: rgb(230, 230, 230);
}
header,
footer {
background-color: lightgray;
width: 100dvw;
height: 10dvh;
}
header {
display: flex;
align-items: center;
justify-content: space-around;
a {
color: black;
text-decoration: none;
transition: color 0.3s;
}
}
main {
background-color: antiquewhite;
width: 100dvw;
min-height: 80dvh;
}
// body {
// display: grid;
// place-content: center;
// width: 100dvw;
// height: 100dvh;
// }
// h1 {
// font-size: 3rem;
// font-family: serif;
// text-transform: uppercase;
// letter-spacing: 0.5em;
// }
Binary file added App/static/img/android-chrome-192x192.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added App/static/img/android-chrome-512x512.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added App/static/img/apple-touch-icon.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added App/static/img/favicon-16x16.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added App/static/img/favicon-32x32.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added App/static/img/favicon.ico
View file
Open in desktop
Binary file not shown.
1 change: 1 addition & 0 deletions App/static/img/site.webmanifest
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
{"name":"","short_name":"","icons":[{"src":"/android-chrome-192x192.png","sizes":"192x192","type":"image/png"},{"src":"/android-chrome-512x512.png","sizes":"512x512","type":"image/png"}],"theme_color":"#ffffff","background_color":"#ffffff","display":"standalone"}
70 changes: 63 additions & 7 deletions App/templates/auth/login.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,64 @@
{% extends "base.html" %} {% block title %}Home - My Website{% endblock %} {%
block content %}
<div class="text-center">
<h1 class="display-4">Welcome to My Website</h1>
<p class="lead">This is a Bootstrap-enhanced Flask application.</p>
<a href="{{ url_for('about') }}" class="btn btn-primary">Learn More</a>
</div>
{% extends "base/base.html" %} {% block title %}Home - My Website{% endblock %}
{% block content %}
<section class="position-relative py-4 py-xl-5">
<div class="container">
<div class="row mb-5">
<div class="col-md-8 col-xl-6 text-center mx-auto">
<h2>Log in</h2>
<p class="w-lg-50">
Curae hendrerit donec commodo hendrerit egestas tempus, turpis
facilisis nostra nunc. Vestibulum dui eget ultrices.
</p>
</div>
</div>
<div class="row d-flex justify-content-center">
<div class="col-md-6 col-xl-4">
<div class="card mb-5">
<div class="card-body d-flex flex-column align-items-center">
<div class="bs-icon-xl bs-icon-circle bs-icon-primary bs-icon my-4">
<svg
xmlns="http://www.w3.org/2000/svg"
width="1em"
height="1em"
fill="currentColor"
viewBox="0 0 16 16"
class="bi bi-person"
>
<path
d="M8 8a3 3 0 1 0 0-6 3 3 0 0 0 0 6m2-3a2 2 0 1 1-4 0 2 2 0 0 1 4 0m4 8c0 1-1 1-1 1H3s-1 0-1-1 1-4 6-4 6 3 6 4m-1-.004c-.001-.246-.154-.986-.832-1.664C11.516 10.68 10.289 10 8 10c-2.29 0-3.516.68-4.168 1.332-.678.678-.83 1.418-.832 1.664z"
></path>
</svg>
</div>
<form class="text-center" method="post" action="">
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Add CSRF protection to the login form

The form is missing CSRF protection, which is important for security. In Flask, you should use the CSRF token provided by Flask-WTF.

-            <form class="text-center" method="post" action="">
+            <form class="text-center" method="post" action="">
+              <input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>

Note: Make sure Flask-WTF is set up in your application with WTF_CSRF_ENABLED = True and that the secret key is properly configured.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
<form class="text-center" method="post" action="">
<form class="text-center" method="post" action="">
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>

<div class="mb-3">
<input
class="form-control"
type="email"
name="email"
placeholder="Email"
/>
</div>
<div class="mb-3">
<input
class="form-control"
type="password"
name="password"
placeholder="Password"
/>
</div>
<div class="mb-3">
<button class="btn btn-primary d-block w-100" type="submit">
Login
</button>
</div>
<a class="text-muted" href="#ForgotPassword"
>Forgot your password?</a
>
Comment on lines +54 to +56
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Implement the forgot password functionality

The "Forgot your password?" link currently points to a placeholder anchor. This should be linked to an actual forgot password route.

-              <a class="text-muted" href="#ForgotPassword"
-                >Forgot your password?</a
-              >
+              <a class="text-muted" href="{{ url_for('auth.forgot_password') }}"
+                >Forgot your password?</a
+              >
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
<a class="text-muted" href="#ForgotPassword"
>Forgot your password?</a
>
<a class="text-muted" href="{{ url_for('auth.forgot_password') }}"
>Forgot your password?</a
>

</form>
</div>
</div>
</div>
</div>
</div>
</section>
{% endblock %}
Loading