From b0b9a9e912de352d16fa96df6c234d888c4aea48 Mon Sep 17 00:00:00 2001
From: chelsea <chelsea@chelseawoodruff.net>
Date: Sat, 11 Oct 2025 23:40:48 -0500
Subject: [PATCH] Fix Auth0 500 error when not configured (Issue #5)

- Add check for AUTH0 credentials before attempting login
- Show friendly error message if Auth0 not configured
- Hide Auth0 button on login page when not configured
- Add try/catch for auth0.authorize_redirect() failures

Fixes #5
---
 app.py               | 21 +++++++++++++++++----
 templates/login.html |  2 ++
 2 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/app.py b/app.py
index 20a423e..dc60e34 100644
--- a/app.py
+++ b/app.py
@@ -704,6 +704,9 @@ def login():
     if current_user.is_authenticated:
         return redirect(url_for('index'))
 
+    # Check if Auth0 is configured
+    auth0_configured = bool(app.config.get('AUTH0_DOMAIN') and app.config.get('AUTH0_CLIENT_ID'))
+
     if request.method == 'POST':
         username = request.form.get('username')
         password = request.form.get('password')
@@ -711,7 +714,7 @@ def login():
 
         if not user_service:
             flash('User service not available', 'error')
-            return render_template('login.html')
+            return render_template('login.html', auth0_configured=auth0_configured)
 
         user = user_service.authenticate(username, password)
 
@@ -725,7 +728,7 @@ def login():
         else:
             flash('Invalid username or password', 'error')
 
-    return render_template('login.html')
+    return render_template('login.html', auth0_configured=auth0_configured)
 
 
 @app.route('/password-reset-request', methods=['GET', 'POST'])
@@ -804,8 +807,18 @@ def password_reset(token):
 @app.route('/auth0/login')
 def auth0_login():
     """Redirect to Auth0 for authentication"""
-    redirect_uri = url_for('auth0_callback', _external=True)
-    return auth0.authorize_redirect(redirect_uri)
+    # Check if Auth0 is configured
+    if not app.config.get('AUTH0_DOMAIN') or not app.config.get('AUTH0_CLIENT_ID'):
+        flash('Auth0 authentication is not configured. Please use email/password login or contact the administrator.', 'error')
+        return redirect(url_for('login'))
+
+    try:
+        redirect_uri = url_for('auth0_callback', _external=True)
+        return auth0.authorize_redirect(redirect_uri)
+    except Exception as e:
+        logger.error(f"Auth0 login error: {e}")
+        flash('Auth0 authentication failed. Please use email/password login.', 'error')
+        return redirect(url_for('login'))
 
 
 @app.route('/auth0/callback')
diff --git a/templates/login.html b/templates/login.html
index bc9132e..599c819 100644
--- a/templates/login.html
+++ b/templates/login.html
@@ -48,6 +48,7 @@
             <span>or</span>
         </div>
 
+        {% if auth0_configured %}
         <div class="social-auth-buttons">
             <a href="{{ url_for('auth0_login') }}" class="social-btn auth0-btn">
                 <svg width="20" height="20" viewBox="0 0 24 24" fill="currentColor">
@@ -56,6 +57,7 @@
                 Continue with Auth0
             </a>
         </div>
+        {% endif %}
 
         <div class="auth-footer">
             <p>Don't have an account? <a href="{{ url_for('signup') }}">Sign up</a></p>