Autarch/web/routes/auth_routes.py

"""Auth routes - login, logout, password change"""

from flask import Blueprint, render_template, request, redirect, url_for, session, flash, jsonify
from web.auth import check_password, hash_password, load_credentials, save_credentials

auth_bp = Blueprint('auth', __name__)


@auth_bp.route('/login', methods=['GET', 'POST'])
def login():
    if 'user' in session:
        return redirect(url_for('dashboard.index'))

    if request.method == 'POST':
        username = request.form.get('username', '')
        password = request.form.get('password', '')
        creds = load_credentials()

        if username == creds['username'] and check_password(password, creds['password']):
            session['user'] = username
            if creds.get('force_change'):
                flash('Please change the default password.', 'warning')
                return redirect(url_for('settings.index'))
            next_url = request.args.get('next', url_for('dashboard.index'))
            return redirect(next_url)
        else:
            flash('Invalid credentials.', 'error')

    return render_template('login.html')


@auth_bp.route('/api/login', methods=['POST'])
def api_login():
    """JSON login endpoint for the companion app."""
    data = request.get_json(silent=True) or {}
    username = data.get('username', '')
    password = data.get('password', '')

    if not username or not password:
        return jsonify({'ok': False, 'error': 'Missing username or password'}), 400

    creds = load_credentials()
    if username == creds['username'] and check_password(password, creds['password']):
        session['user'] = username
        return jsonify({'ok': True, 'user': username})
    else:
        return jsonify({'ok': False, 'error': 'Invalid credentials'}), 401


@auth_bp.route('/api/check', methods=['GET'])
def api_check():
    """Check if the current session is authenticated."""
    if 'user' in session:
        return jsonify({'ok': True, 'user': session['user']})
    return jsonify({'ok': False}), 401


@auth_bp.route('/logout')
def logout():
    session.clear()
    return redirect(url_for('auth.login'))
Initial public release — AUTARCH v1.0.0 Full security platform with web dashboard, 16 Flask blueprints, 26 modules, autonomous AI agent, WebUSB hardware support, and Archon Android companion app. Includes Hash Toolkit, debug console, anti-stalkerware shield, Metasploit/RouterSploit integration, WireGuard VPN, OSINT reconnaissance, and multi-backend LLM support. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-03-01 03:57:32 -08:00			`"""Auth routes - login, logout, password change"""`

			`from flask import Blueprint, render_template, request, redirect, url_for, session, flash, jsonify`
			`from web.auth import check_password, hash_password, load_credentials, save_credentials`

			`auth_bp = Blueprint('auth', __name__)`


			`@auth_bp.route('/login', methods=['GET', 'POST'])`
			`def login():`
			`if 'user' in session:`
			`return redirect(url_for('dashboard.index'))`

			`if request.method == 'POST':`
			`username = request.form.get('username', '')`
			`password = request.form.get('password', '')`
			`creds = load_credentials()`

			`if username == creds['username'] and check_password(password, creds['password']):`
			`session['user'] = username`
			`if creds.get('force_change'):`
			`flash('Please change the default password.', 'warning')`
			`return redirect(url_for('settings.index'))`
			`next_url = request.args.get('next', url_for('dashboard.index'))`
			`return redirect(next_url)`
			`else:`
			`flash('Invalid credentials.', 'error')`

			`return render_template('login.html')`


			`@auth_bp.route('/api/login', methods=['POST'])`
			`def api_login():`
			`"""JSON login endpoint for the companion app."""`
			`data = request.get_json(silent=True) or {}`
			`username = data.get('username', '')`
			`password = data.get('password', '')`

			`if not username or not password:`
			`return jsonify({'ok': False, 'error': 'Missing username or password'}), 400`

			`creds = load_credentials()`
			`if username == creds['username'] and check_password(password, creds['password']):`
			`session['user'] = username`
			`return jsonify({'ok': True, 'user': username})`
			`else:`
			`return jsonify({'ok': False, 'error': 'Invalid credentials'}), 401`


			`@auth_bp.route('/api/check', methods=['GET'])`
			`def api_check():`
			`"""Check if the current session is authenticated."""`
			`if 'user' in session:`
			`return jsonify({'ok': True, 'user': session['user']})`
			`return jsonify({'ok': False}), 401`


			`@auth_bp.route('/logout')`
			`def logout():`
			`session.clear()`
			`return redirect(url_for('auth.login'))`