GauriSP10 · 0xthiagomartins · May 21, 2025
diff --git a/streamlit_login_auth_ui/utils.py b/streamlit_login_auth_ui/utils.py
@@ -1,12 +1,14 @@
 import re
 import json
-from trycourier import Courier
+try:
+    from trycourier import Courier
+except ImportError:
+    from courier.client import Courier
 import secrets
 from argon2 import PasswordHasher
 import requests
 
-
-ph = PasswordHasher() 
+ph = PasswordHasher()
 
 def check_usr_pass(username: str, password: str) -> bool:
     """
@@ -19,7 +21,7 @@ def check_usr_pass(username: str, password: str) -> bool:
         if registered_user['username'] == username:
             try:
                 passwd_verification_bool = ph.verify(registered_user['password'], password)
-                if passwd_verification_bool == True:
+                if passwd_verification_bool:
                     return True
             except:
                 pass
@@ -36,187 +38,161 @@ def load_lottieurl(url: str) -> str:
             return None
         return r.json()
     except:
-        pass
+        return None
 
 
 def check_valid_name(name_sign_up: str) -> bool:
     """
     Checks if the user entered a valid name while creating the account.
     """
-    name_regex = (r'^[A-Za-z_][A-Za-z0-9_]*')
+    name_regex = r'^[A-Za-z_][A-Za-z0-9_]*'
 
-    if re.search(name_regex, name_sign_up):
-        return True
-    return False
+    return bool(re.search(name_regex, name_sign_up))
 
 
 def check_valid_email(email_sign_up: str) -> bool:
     """
     Checks if the user entered a valid email while creating the account.
     """
-    regex = re.compile(r'([A-Za-z0-9]+[.-_])*[A-Za-z0-9]+@[A-Za-z0-9-]+(\.[A-Z|a-z]{2,})+')
+    regex = re.compile(
+        r'([A-Za-z0-9]+[._-])*[A-Za-z0-9]+@[A-Za-z0-9-]+(\.[A-Za-z]{2,})+'
+    )
 
-    if re.fullmatch(regex, email_sign_up):
-        return True
-    return False
+    return bool(re.fullmatch(regex, email_sign_up))
 
 
 def check_unique_email(email_sign_up: str) -> bool:
     """
     Checks if the email already exists (since email needs to be unique).
     """
-    authorized_user_data_master = list()
     with open("_secret_auth_.json", "r") as auth_json:
-        authorized_users_data = json.load(auth_json)
-
-        for user in authorized_users_data:
-            authorized_user_data_master.append(user['email'])
+        authorized_users = json.load(auth_json)
 
-    if email_sign_up in authorized_user_data_master:
-        return False
-    return True
+    existing_emails = [user['email'] for user in authorized_users]
+    return email_sign_up not in existing_emails
 
 
 def non_empty_str_check(username_sign_up: str) -> bool:
     """
     Checks for non-empty strings.
     """
-    empty_count = 0
-    for i in username_sign_up:
-        if i == ' ':
-            empty_count = empty_count + 1
-            if empty_count == len(username_sign_up):
-                return False
-
-    if not username_sign_up:
+    if not username_sign_up.strip():
         return False
     return True
 
 
-def check_unique_usr(username_sign_up: str):
+def check_unique_usr(username_sign_up: str) -> bool:
     """
     Checks if the username already exists (since username needs to be unique),
-    also checks for non - empty username.
+    also checks for non-empty username.
     """
-    authorized_user_data_master = list()
     with open("_secret_auth_.json", "r") as auth_json:
-        authorized_users_data = json.load(auth_json)
-
-        for user in authorized_users_data:
-            authorized_user_data_master.append(user['username'])
+        authorized_users = json.load(auth_json)
 
-    if username_sign_up in authorized_user_data_master:
+    existing_usernames = [user['username'] for user in authorized_users]
+    if username_sign_up in existing_usernames:
         return False
-
-    non_empty_check = non_empty_str_check(username_sign_up)
-
-    if non_empty_check == False:
-        return None
-    return True
+    return non_empty_str_check(username_sign_up)
 
 
 def register_new_usr(name_sign_up: str, email_sign_up: str, username_sign_up: str, password_sign_up: str) -> None:
     """
     Saves the information of the new user in the _secret_auth.json file.
     """
-    new_usr_data = {'username': username_sign_up, 'name': name_sign_up, 'email': email_sign_up, 'password': ph.hash(password_sign_up)}
-
-    with open("_secret_auth_.json", "r") as auth_json:
-        authorized_user_data = json.load(auth_json)
+    new_usr_data = {
+        'username': username_sign_up,
+        'name': name_sign_up,
+        'email': email_sign_up,
+        'password': ph.hash(password_sign_up)
+    }
 
-    with open("_secret_auth_.json", "w") as auth_json_write:
-        authorized_user_data.append(new_usr_data)
-        json.dump(authorized_user_data, auth_json_write)
+    with open("_secret_auth_.json", "r+") as auth_json:
+        authorized_users = json.load(auth_json)
+        authorized_users.append(new_usr_data)
+        auth_json.seek(0)
+        json.dump(authorized_users, auth_json)
+        auth_json.truncate()
 
 
 def check_username_exists(user_name: str) -> bool:
     """
     Checks if the username exists in the _secret_auth.json file.
     """
-    authorized_user_data_master = list()
     with open("_secret_auth_.json", "r") as auth_json:
-        authorized_users_data = json.load(auth_json)
+        authorized_users = json.load(auth_json)
+
+    return any(user['username'] == user_name for user in authorized_users)
 
-        for user in authorized_users_data:
-            authorized_user_data_master.append(user['username'])
-
-    if user_name in authorized_user_data_master:
-        return True
-    return False
-
 
-def check_email_exists(email_forgot_passwd: str):
+def check_email_exists(email_forgot_passwd: str) -> (bool, str):
     """
-    Checks if the email entered is present in the _secret_auth.json file.
+    Checks if the email entered is present in the _secret_auth_.json file.
     """
     with open("_secret_auth_.json", "r") as auth_json:
-        authorized_users_data = json.load(auth_json)
+        authorized_users = json.load(auth_json)
 
-        for user in authorized_users_data:
-            if user['email'] == email_forgot_passwd:
-                    return True, user['username']
+    for user in authorized_users:
+        if user['email'] == email_forgot_passwd:
+            return True, user['username']
     return False, None
 
 
 def generate_random_passwd() -> str:
     """
     Generates a random password to be sent in email.
     """
-    password_length = 10
-    return secrets.token_urlsafe(password_length)
+    return secrets.token_urlsafe(10)
 
 
 def send_passwd_in_email(auth_token: str, username_forgot_passwd: str, email_forgot_passwd: str, company_name: str, random_password: str) -> None:
     """
     Triggers an email to the user containing the randomly generated password.
     """
-    client = Courier(auth_token = auth_token)
-
-    resp = client.send_message(
-    message={
-        "to": {
-        "email": email_forgot_passwd
-        },
-        "content": {
-        "title": company_name + ": Login Password!",
-        "body": "Hi! " + username_forgot_passwd + "," + "\n" + "\n" + "Your temporary login password is: " + random_password  + "\n" + "\n" + "{{info}}"
-        },
-        "data":{
-        "info": "Please reset your password at the earliest for security reasons."
+    client = Courier(auth_token=auth_token)
+    client.send_message(
+        message={
+            "to": {"email": email_forgot_passwd},
+            "content": {
+                "title": f"{company_name}: Login Password!",
+                "body": (
+                    f"Hi {username_forgot_passwd},\n\n"
+                    f"Your temporary login password is: {random_password}\n\n"
+                    "{{info}}"
+                )
+            },
+            "data": {"info": "Please reset your password at the earliest for security reasons."}
         }
-    }
     )
 
 
 def change_passwd(email_: str, random_password: str) -> None:
     """
     Replaces the old password with the newly generated password.
     """
-    with open("_secret_auth_.json", "r") as auth_json:
-        authorized_users_data = json.load(auth_json)
-
-    with open("_secret_auth_.json", "w") as auth_json_:
-        for user in authorized_users_data:
+    with open("_secret_auth_.json", "r+") as auth_json:
+        authorized_users = json.load(auth_json)
+        for user in authorized_users:
             if user['email'] == email_:
                 user['password'] = ph.hash(random_password)
-        json.dump(authorized_users_data, auth_json_)
-
+        auth_json.seek(0)
+        json.dump(authorized_users, auth_json)
+        auth_json.truncate()
+
 
 def check_current_passwd(email_reset_passwd: str, current_passwd: str) -> bool:
     """
-    Authenticates the password entered against the username when 
+    Authenticates the password entered against the username when
     resetting the password.
     """
     with open("_secret_auth_.json", "r") as auth_json:
-        authorized_users_data = json.load(auth_json)
-
-        for user in authorized_users_data:
-            if user['email'] == email_reset_passwd:
-                try:
-                    if ph.verify(user['password'], current_passwd) == True:
-                        return True
-                except:
-                    pass
+        authorized_users = json.load(auth_json)
+
+    for user in authorized_users:
+        if user['email'] == email_reset_passwd:
+            try:
+                return ph.verify(user['password'], current_passwd)
+            except:
+                return False
     return False
 
 # Author: Gauri Prabhakar