Improve code quality - add custom exception, documentation, and refactor auth.py

Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com>
2026-05-26 11:25:49 +00:00 · 2026-01-31 18:46:30 +00:00
parent a1f9cd4114
commit f636387717
2 changed files with 41 additions and 8 deletions
@@ -22,7 +22,13 @@ if not JWT_SECRET:
    import warnings
    import tempfile
    import stat
+    import secrets as secrets_module
    warnings.warn("JWT_SECRET environment variable not set. Using persistent dev secret.", UserWarning)
+    
+    def _generate_and_store_secret():
+        """Generate a random secret and store it with restrictive permissions."""
+        return secrets_module.token_hex(32)
+    
    # Use persistent file-based secret for development to avoid invalidating tokens on restart
    _secret_file = os.path.join(tempfile.gettempdir(), '.openlearnx_dev_jwt_secret_auth')
    try:
@@ -30,15 +36,13 @@ if not JWT_SECRET:
            with open(_secret_file, 'r') as f:
                JWT_SECRET = f.read().strip()
        if not JWT_SECRET:
-            import secrets as _secrets
-            JWT_SECRET = _secrets.token_hex(32)
+            JWT_SECRET = _generate_and_store_secret()
            with open(_secret_file, 'w') as f:
                f.write(JWT_SECRET)
            # Set restrictive permissions (owner read/write only)
            os.chmod(_secret_file, stat.S_IRUSR | stat.S_IWUSR)
    except Exception:
-        import secrets as _secrets
-        JWT_SECRET = _secrets.token_hex(32)
+        JWT_SECRET = _generate_and_store_secret()

@bp.route('/nonce', methods=['POST', 'OPTIONS'])
 def get_nonce():