Refactor: extract get_external_login_url helper function and remove unnecessary fallbacks

Co-authored-by: cadtoolbox <12723486+cadtoolbox@users.noreply.github.com>

backend/app/api/routes/auth.py

@@ -41,7 +41,7 @@ from backend.app.services.email_service import (
     save_smtp_settings,
     send_email,
 )
-from backend.app.api.routes.settings import get_setting
+from backend.app.api.routes.settings import get_external_login_url
 
 
 def _user_to_response(user: User) -> UserResponse:
@@ -525,7 +525,6 @@ async def get_advanced_auth_status(db: AsyncSession = Depends(get_db)):
 async def forgot_password(request: ForgotPasswordRequest, db: AsyncSession = Depends(get_db)):
     """Request password reset via email (advanced auth only)."""
     import logging
-    import os
 
     logger = logging.getLogger(__name__)
 
@@ -557,13 +556,7 @@ async def forgot_password(request: ForgotPasswordRequest, db: AsyncSession = Dep
             user.password_hash = get_password_hash(new_password)
             await db.commit()
 
-            # Use external_url from settings if available, otherwise fall back to APP_URL env var
-            external_url = await get_setting(db, "external_url")
-            if external_url:
-                external_url = external_url.rstrip("/")
-            else:
-                external_url = os.environ.get("APP_URL", "http://localhost:5173")
-            login_url = external_url + "/login"
+            login_url = await get_external_login_url(db)
 
             # Send password reset email
             subject, text_body, html_body = create_password_reset_email(user.username, new_password, login_url)
@@ -587,7 +580,6 @@ async def reset_user_password(
 ):
     """Reset a user's password and send them an email (admin only, advanced auth only)."""
     import logging
-    import os
 
     logger = logging.getLogger(__name__)
 
@@ -638,13 +630,7 @@ async def reset_user_password(
         user.password_hash = get_password_hash(new_password)
         await db.commit()
 
-        # Use external_url from settings if available, otherwise fall back to APP_URL env var
-        external_url = await get_setting(db, "external_url")
-        if external_url:
-            external_url = external_url.rstrip("/")
-        else:
-            external_url = os.environ.get("APP_URL", "http://localhost:5173")
-        login_url = external_url + "/login"
+        login_url = await get_external_login_url(db)
 
         # Send password reset email
         subject, text_body, html_body = create_password_reset_email(user.username, new_password, login_url)

backend/app/api/routes/settings.py

@@ -32,6 +32,27 @@ async def get_setting(db: AsyncSession, key: str) -> str | None:
     return setting.value if setting else None
 
 
+async def get_external_login_url(db: AsyncSession) -> str:
+    """Get the external URL for the login page.
+    
+    Uses external_url from settings if available, otherwise falls back to APP_URL env var.
+    
+    Args:
+        db: Database session
+        
+    Returns:
+        Full URL to the login page
+    """
+    import os
+    
+    external_url = await get_setting(db, "external_url")
+    if external_url:
+        external_url = external_url.rstrip("/")
+    else:
+        external_url = os.environ.get("APP_URL", "http://localhost:5173")
+    return external_url + "/login"
+
+
 async def set_setting(db: AsyncSession, key: str, value: str) -> None:
     """Set a single setting value."""
     from sqlalchemy import func

backend/app/api/routes/users.py

@@ -24,7 +24,7 @@ from backend.app.services.email_service import (
     get_smtp_settings,
     send_email,
 )
-from backend.app.api.routes.settings import get_setting
+from backend.app.api.routes.settings import get_external_login_url
 
 router = APIRouter(prefix="/users", tags=["users"])
 
@@ -71,7 +71,6 @@ async def create_user(
     - Admin cannot set or see the password
     """
     import logging
-    import os
 
     logger = logging.getLogger(__name__)
 
@@ -153,13 +152,7 @@ async def create_user(
         try:
             smtp_settings = await get_smtp_settings(db)
             if smtp_settings:
-                # Use external_url from settings if available, otherwise fall back to APP_URL env var
-                external_url = await get_setting(db, "external_url")
-                if external_url:
-                    external_url = external_url.rstrip("/")
-                else:
-                    external_url = os.environ.get("APP_URL", "http://localhost:5173")
-                login_url = external_url + "/login"
+                login_url = await get_external_login_url(db)
                 subject, text_body, html_body = create_welcome_email(new_user.username, password, login_url)
                 send_email(smtp_settings, new_user.email, subject, text_body, html_body)
                 logger.info(f"Welcome email sent to {new_user.email}")

frontend/src/pages/SettingsPage.tsx

@@ -3435,9 +3435,9 @@ export function SettingsPage() {
                     <Mail className="w-5 h-5 text-blue-400" />
                   </div>
                   <div>
-                    <h3 className="text-white font-medium">{t('settings.email.advancedAuthEnabled') || 'Advanced Authentication is enabled'}</h3>
+                    <h3 className="text-white font-medium">{t('settings.email.advancedAuthEnabled')}</h3>
                     <p className="text-sm text-bambu-gray mt-1">
-                      {t('settings.email.advancedAuthEnabledDesc') || 'Email-based user management features are active. New users will receive auto-generated passwords via email, and users can reset their passwords through the forgot password feature.'}
+                      {t('settings.email.advancedAuthEnabledDesc')}
                     </p>
                   </div>
                 </div>

static/index.html

@@ -23,7 +23,7 @@
 
     <!-- Splash screens for iOS -->
     <link rel="apple-touch-startup-image" href="/img/android-chrome-512x512.png" />
-    <script type="module" crossorigin src="/assets/index-NgO9xbrN.js"></script>
+    <script type="module" crossorigin src="/assets/index-C4SeuzlU.js"></script>
     <link rel="stylesheet" crossorigin href="/assets/index-RuMjImbZ.css">
   </head>
   <body>