sssnake/Autarch
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Autarch/web/routes/auth_routes.py
DigiJ ffe47c51b5 Initial public release — AUTARCH v1.0.0 
Full security platform with web dashboard, 16 Flask blueprints, 26 modules,
autonomous AI agent, WebUSB hardware support, and Archon Android companion app.

Includes Hash Toolkit, debug console, anti-stalkerware shield, Metasploit/RouterSploit
integration, WireGuard VPN, OSINT reconnaissance, and multi-backend LLM support.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-01 03:57:32 -08:00

62 lines
2.1 KiB
Python
Raw Blame History

"""Auth routes - login, logout, password change"""
from flask import Blueprint, render_template, request, redirect, url_for, session, flash, jsonify
from web.auth import check_password, hash_password, load_credentials, save_credentials
auth_bp = Blueprint('auth', __name__)
@auth_bp.route('/login', methods=['GET', 'POST'])
def login():
if 'user' in session:
return redirect(url_for('dashboard.index'))
if request.method == 'POST':
username = request.form.get('username', '')
password = request.form.get('password', '')
creds = load_credentials()
if username == creds['username'] and check_password(password, creds['password']):
session['user'] = username
if creds.get('force_change'):
flash('Please change the default password.', 'warning')
return redirect(url_for('settings.index'))
next_url = request.args.get('next', url_for('dashboard.index'))
return redirect(next_url)
else:
flash('Invalid credentials.', 'error')
return render_template('login.html')
@auth_bp.route('/api/login', methods=['POST'])
def api_login():
"""JSON login endpoint for the companion app."""
data = request.get_json(silent=True) or {}
username = data.get('username', '')
password = data.get('password', '')
if not username or not password:
return jsonify({'ok': False, 'error': 'Missing username or password'}), 400
creds = load_credentials()
if username == creds['username'] and check_password(password, creds['password']):
session['user'] = username
return jsonify({'ok': True, 'user': username})
else:
return jsonify({'ok': False, 'error': 'Invalid credentials'}), 401
@auth_bp.route('/api/check', methods=['GET'])
def api_check():
"""Check if the current session is authenticated."""
if 'user' in session:
return jsonify({'ok': True, 'user': session['user']})
return jsonify({'ok': False}), 401
@auth_bp.route('/logout')
def logout():
session.clear()
return redirect(url_for('auth.login'))
Reference in New Issue View Git Blame Copy Permalink