fix: resolve Python style issues in MFA implementation

- Move imports to top of files instead of inside functions - Remove debug print statements from production code - Remove unused imports from migration file - Fix trailing whitespace issues - Ensure all files comply with PEP8 style guidelines
10 months ago · cf4f0142d1
parent 1d6988c788
commit cf4f0142d1
3 changed files with 4 additions and 17 deletions
--- a/api/controllers/console/auth/mfa.py
+++ b/api/controllers/console/auth/mfa.py
@ -6,6 +6,7 @@ from flask_restful import Resource, reqparse
 from controllers.console.wraps import account_initialization_required
 from libs.login import login_required
 from models.account import Account
+from models.engine import db
 from services.mfa_service import MFAService


@ -100,7 +101,6 @@ class MFAVerifyApi(Resource):
        parser.add_argument("mfa_token", type=str, required=True, help="MFA token is required")
        args = parser.parse_args()
        
-        from models.engine import db
        account = db.session.query(Account).filter_by(email=args["email"]).first()
        
        if not account:
--- a/api/migrations/versions/2025_07_08_1500-abc123def456_add_account_mfa_settings_table.py
+++ b/api/migrations/versions/2025_07_08_1500-abc123def456_add_account_mfa_settings_table.py
@ -6,9 +6,7 @@ Create Date: 2025-07-08 15:00:00.000000

 """
 from alembic import op
-import models as models
 import sqlalchemy as sa
-from sqlalchemy.dialects import postgresql

 # revision identifiers, used by Alembic.
 revision = 'abc123def456'
--- a/api/services/mfa_service.py
+++ b/api/services/mfa_service.py
@ -7,6 +7,7 @@ from datetime import datetime
 import pyotp
 import qrcode

+from libs.password import compare_password
 from models.account import Account, AccountMFASettings
 from models.engine import db

@ -63,8 +64,7 @@ class MFAService:
        try:
            totp = pyotp.TOTP(secret)
            return totp.verify(token, valid_window=1)
-        except Exception as e:
-            print(f"[MFA DEBUG] verify_totp error: {type(e).__name__}: {str(e)}")
+        except Exception:
            return False

    @staticmethod
@ -129,8 +129,6 @@ class MFAService:
    @staticmethod
    def disable_mfa(account: Account, password: str) -> bool:
        """Disable MFA for account after password verification."""
-        from libs.password import compare_password
-        
        # Verify password
        if account.password is None or not compare_password(password, account.password, account.password_salt):
            return False
@ -178,28 +176,19 @@ class MFAService:
    @staticmethod
    def authenticate_with_mfa(account: Account, token: str) -> bool:
        """Authenticate user with MFA token (TOTP or backup code)."""
-        print(f"[MFA DEBUG] authenticate_with_mfa called with token: {token}")
        mfa_settings = db.session.query(AccountMFASettings).filter_by(account_id=account.id).first()
        
        if not mfa_settings or not mfa_settings.enabled:
-            print("[MFA DEBUG] MFA not enabled, returning True")
            return True
        
-        print(f"[MFA DEBUG] MFA enabled, secret: {mfa_settings.secret[:10]}...")
-        
        # Try TOTP first
-        print("[MFA DEBUG] Trying TOTP verification")
        if MFAService.verify_totp(mfa_settings.secret, token):
-            print("[MFA DEBUG] TOTP verification successful")
            return True
        
        # Try backup code
-        print("[MFA DEBUG] Trying backup code verification")
        if MFAService.verify_backup_code(mfa_settings, token):
-            print("[MFA DEBUG] Backup code verification successful")
            return True
        
-        print("[MFA DEBUG] All verifications failed")
        return False

    @staticmethod