fix: enforce authentication for superuser cli command #9152

jordanrfrazier · 2025-07-23T15:11:06Z

Enforce authentication for superuser cli command. Maintains existing AUTO_LOGIN behavior, but adds additional checks when creating superusers.

Summary by CodeRabbit

New Features
- Enhanced security controls for superuser creation via the CLI, including authentication requirements and the ability to disable the CLI command in production environments.
- Added new configuration options to manage superuser creation and authentication.
Documentation
- Updated security guidelines with detailed recommendations for secure deployment and configuration of superuser creation and authentication.
Bug Fixes
- Improved validation and handling of superuser credentials and authentication tokens.
Tests
- Introduced comprehensive tests covering various scenarios for superuser CLI creation and authentication.

coderabbitai · 2025-07-23T15:11:14Z

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

This update introduces stricter security controls and configuration options for superuser creation via the CLI. It adds authentication requirements, the ability to disable CLI superuser creation, and improved handling of the AUTO_LOGIN setting. The changes include new documentation, settings, logic in the CLI command, utility functions, and comprehensive unit tests.

Changes

File(s)	Change Summary
SECURITY.md	Added a new section detailing security guidelines for superuser CLI creation, including authentication requirements, disabling options, and recommended production settings.
src/backend/base/langflow/main.py	Enhanced `superuser` CLI command with authentication, conditional logic based on settings, and audit logging. Added `auth_token` parameter. Updated `api_key` command with a TODO for future changes.
src/backend/base/langflow/services/database/models/user/crud.py	Added `get_all_superusers` async function to fetch all superusers from the database.
src/backend/base/langflow/services/settings/auth.py	Changed `AUTO_LOGIN` to a `Field` with metadata and added `ENABLE_SUPERUSER_CLI` setting to control CLI superuser creation.
src/backend/base/langflow/services/utils.py	Updated `setup_superuser` logic to use settings for credentials and added validation for required fields. Improved type annotations.
src/backend/tests/unit/test_cli.py	Added `TestSuperuserCommand` class with multiple unit tests covering superuser CLI creation, authentication, and settings-based behavior.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant CLI
    participant Settings
    participant DB
    participant Auth

    User->>CLI: Run 'langflow superuser' [with optional args]
    CLI->>Settings: Check AUTO_LOGIN, ENABLE_SUPERUSER_CLI
    alt ENABLE_SUPERUSER_CLI is False
        CLI-->>User: Exit with error (CLI disabled)
    else AUTO_LOGIN is True
        CLI->>DB: Check if any superusers exist
        alt No superusers
            CLI->>DB: Create default superuser
            CLI-->>User: Success
        else
            CLI-->>User: Exit with error (additional superuser not allowed)
        end
    else
        CLI->>User: Prompt for username/password if not provided
        CLI->>Auth: Validate auth_token
        alt Token valid and is superuser
            CLI->>DB: Create superuser with provided credentials
            CLI-->>User: Success
        else
            CLI-->>User: Exit with error (auth failed)
        end
    end

Estimated code review effort

3 (~45 minutes)

Possibly related PRs

fix: fixes auth check for auto_login #8796: Addresses authentication and authorization checks for superuser creation via CLI, and also involves logic changes tied to the AUTO_LOGIN setting.

Suggested labels

bug, enhancement, size:L, lgtm

Suggested reviewers

ogabrielluiz
mendonk

✨ Finishing Touches

🧪 Generate unit tests

Create PR with unit tests
Post copyable unit tests in a comment
Commit unit tests in branch superuser-escalation

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

Review comments: Directly reply to a review comment made by CodeRabbit. Example:
- I pushed a fix in commit <commit_id>, please review it.
- Open a follow-up GitHub issue for this discussion.
Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
- @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
- @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
Add @coderabbitai anywhere in the PR title to generate the title automatically.

Status, Documentation and Community

Visit our Status Page to check the current availability of CodeRabbit.
Visit our Documentation for detailed information on how to use CodeRabbit.
Join our Discord Community to get help, request features, and share feedback.
Follow us on X/Twitter for updates and announcements.

coderabbitai

Actionable comments posted: 3

🧹 Nitpick comments (2)

src/backend/base/langflow/__main__.py (2)
666-666: Remove unnecessary variable initialization.

The variable existing_superusers is initialized as an empty list but immediately overwritten. This initialization is unnecessary.
-        from langflow.services.database.models.user.crud import get_all_superusers
-        existing_superusers = []
+        from langflow.services.database.models.user.crud import get_all_superusers
834-834: Track the TODO for non-auto-login API key creation.

The TODO comment indicates planned functionality. Consider creating a GitHub issue to track this enhancement.

Would you like me to open a new issue to track implementing API key creation for non-auto-login users via CLI?

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b519057 and 09ff374.

⛔ Files ignored due to path filters (1)

uv.lock is excluded by !**/*.lock

📒 Files selected for processing (6)

SECURITY.md (1 hunks)
src/backend/base/langflow/__main__.py (3 hunks)
src/backend/base/langflow/services/database/models/user/crud.py (1 hunks)
src/backend/base/langflow/services/settings/auth.py (1 hunks)
src/backend/base/langflow/services/utils.py (1 hunks)
src/backend/tests/unit/test_cli.py (2 hunks)

📓 Path-based instructions (4)

{src/backend/**/*.py,tests/**/*.py,Makefile}

📄 CodeRabbit Inference Engine (.cursor/rules/backend_development.mdc)

{src/backend/**/*.py,tests/**/*.py,Makefile}: Run make format_backend to format Python code before linting or committing changes
Run make lint to perform linting checks on backend Python code

Files:

src/backend/base/langflow/services/database/models/user/crud.py
src/backend/tests/unit/test_cli.py
src/backend/base/langflow/services/settings/auth.py
src/backend/base/langflow/services/utils.py
src/backend/base/langflow/__main__.py

src/backend/base/langflow/services/database/models/**/*.py

📄 CodeRabbit Inference Engine (.cursor/rules/backend_development.mdc)

Place database models in src/backend/base/langflow/services/database/models/

Files:

src/backend/base/langflow/services/database/models/user/crud.py

src/backend/tests/unit/**/*.py

📄 CodeRabbit Inference Engine (.cursor/rules/backend_development.mdc)

Test component integration within flows using create_flow, build_flow, and get_build_events utilities

Files:

src/backend/tests/unit/test_cli.py

src/backend/tests/**/*.py

📄 CodeRabbit Inference Engine (.cursor/rules/testing.mdc)

src/backend/tests/**/*.py: Unit tests for backend code must be located in the 'src/backend/tests/' directory, with component tests organized by component subdirectory under 'src/backend/tests/unit/components/'.
Test files should use the same filename as the component under test, with an appropriate test prefix or suffix (e.g., 'my_component.py' → 'test_my_component.py').
Use the 'client' fixture (an async httpx.AsyncClient) for API tests in backend Python tests, as defined in 'src/backend/tests/conftest.py'.
When writing component tests, inherit from the appropriate base class in 'src/backend/tests/base.py' (ComponentTestBase, ComponentTestBaseWithClient, or ComponentTestBaseWithoutClient) and provide the required fixtures: 'component_class', 'default_kwargs', and 'file_names_mapping'.
Each test in backend Python test files should have a clear docstring explaining its purpose, and complex setups or mocks should be well-commented.
Test both sync and async code paths in backend Python tests, using '@pytest.mark.asyncio' for async tests.
Mock external dependencies appropriately in backend Python tests to isolate unit tests from external services.
Test error handling and edge cases in backend Python tests, including using 'pytest.raises' and asserting error messages.
Validate input/output behavior and test component initialization and configuration in backend Python tests.
Use the 'no_blockbuster' pytest marker to skip the blockbuster plugin in tests when necessary.
Be aware of ContextVar propagation in async tests; test both direct event loop execution and 'asyncio.to_thread' scenarios to ensure proper context isolation.
Test error handling by mocking internal functions using monkeypatch in backend Python tests.
Test resource cleanup in backend Python tests by using fixtures that ensure proper initialization and cleanup of resources.
Test timeout and performance constraints in backend Python tests using 'asyncio.wait_for' and timing assertions.
Test Langflow's Messag...

Files:

src/backend/tests/unit/test_cli.py

🧠 Learnings (2)

src/backend/tests/unit/test_cli.py (12)

Learnt from: CR
PR: langflow-ai/langflow#0
File: .cursor/rules/backend_development.mdc:0-0
Timestamp: 2025-07-18T18:25:54.474Z
Learning: Applies to src/backend/tests/unit/components/**/*.py : Create comprehensive unit tests for all new components

Learnt from: CR
PR: langflow-ai/langflow#0
File: .cursor/rules/testing.mdc:0-0
Timestamp: 2025-07-21T14:16:14.092Z
Learning: Applies to src/backend/tests/**/*.py : Mock external dependencies appropriately in backend Python tests to isolate unit tests from external services.

Learnt from: CR
PR: langflow-ai/langflow#0
File: .cursor/rules/testing.mdc:0-0
Timestamp: 2025-07-21T14:16:14.092Z
Learning: Applies to src/backend/tests/**/*.py : Test component configuration updates in backend Python tests by asserting correct updates to build configuration objects.

Learnt from: CR
PR: langflow-ai/langflow#0
File: .cursor/rules/testing.mdc:0-0
Timestamp: 2025-07-21T14:16:14.091Z
Learning: Applies to src/backend/tests/**/*.py : Each test in backend Python test files should have a clear docstring explaining its purpose, and complex setups or mocks should be well-commented.

Learnt from: CR
PR: langflow-ai/langflow#0
File: .cursor/rules/testing.mdc:0-0
Timestamp: 2025-07-21T14:16:14.092Z
Learning: Applies to src/backend/tests/**/*.py : Validate input/output behavior and test component initialization and configuration in backend Python tests.

Learnt from: CR
PR: langflow-ai/langflow#0
File: .cursor/rules/testing.mdc:0-0
Timestamp: 2025-07-21T14:16:14.092Z
Learning: Applies to src/backend/tests/**/*.py : Test error handling by mocking internal functions using monkeypatch in backend Python tests.

Learnt from: CR
PR: langflow-ai/langflow#0
File: .cursor/rules/testing.mdc:0-0
Timestamp: 2025-07-21T14:16:14.092Z
Learning: Applies to src/backend/tests/**/*.py : Test error handling and edge cases in backend Python tests, including using 'pytest.raises' and asserting error messages.

Learnt from: CR
PR: langflow-ai/langflow#0
File: .cursor/rules/backend_development.mdc:0-0
Timestamp: 2025-07-18T18:25:54.474Z
Learning: Applies to src/backend/tests/unit/components/**/*.py : Use ComponentTestBaseWithClient or ComponentTestBaseWithoutClient as base classes for component unit tests

Learnt from: CR
PR: langflow-ai/langflow#0
File: .cursor/rules/testing.mdc:0-0
Timestamp: 2025-07-21T14:16:14.092Z
Learning: Applies to src/backend/tests/**/*.py : Test components that require external APIs using appropriate pytest markers (e.g., 'api_key_required', 'no_blockbuster') and environment variables for API keys.

Learnt from: CR
PR: langflow-ai/langflow#0
File: .cursor/rules/testing.mdc:0-0
Timestamp: 2025-07-21T14:16:14.092Z
Learning: Applies to src/backend/tests/**/*.py : Test Langflow's REST API endpoints in backend Python tests using the async client fixture and asserting response codes and payloads.

Learnt from: CR
PR: langflow-ai/langflow#0
File: .cursor/rules/backend_development.mdc:0-0
Timestamp: 2025-07-18T18:25:54.474Z
Learning: Applies to tests/**/*.py : Test authenticated API endpoints using logged_in_headers

Learnt from: CR
PR: langflow-ai/langflow#0
File: .cursor/rules/testing.mdc:0-0
Timestamp: 2025-07-21T14:16:14.092Z
Learning: Applies to src/backend/tests/unit/test_database.py : For database-related tests that may fail in batch runs but pass individually, consider running them sequentially and be aware of this behavior when writing such tests.

SECURITY.md (2)

Learnt from: CR
PR: langflow-ai/langflow#0
File: .cursor/rules/docs_development.mdc:0-0
Timestamp: 2025-07-18T18:26:42.011Z
Learning: Applies to docs/docs/**/*.{md,mdx} : Use consistent terminology: always capitalize Langflow, Component, Flow, and uppercase API and JSON.

Learnt from: CR
PR: langflow-ai/langflow#0
File: .cursor/rules/docs_development.mdc:0-0
Timestamp: 2025-06-23T12:46:29.953Z
Learning: All terminology such as 'Langflow', 'Component', 'Flow', 'API', and 'JSON' must be capitalized or uppercased as specified in the terminology section.

🧬 Code Graph Analysis (3)

src/backend/base/langflow/services/database/models/user/crud.py (1)

src/backend/base/langflow/services/database/models/user/model.py (1)

User (25-51)

src/backend/tests/unit/test_cli.py (1)

src/backend/tests/conftest.py (1)

runner (432-434)

src/backend/base/langflow/services/utils.py (1)

src/backend/base/langflow/services/settings/manager.py (1)

SettingsService (13-49)

🧰 Additional context used

📓 Path-based instructions (4)

{src/backend/**/*.py,tests/**/*.py,Makefile}

📄 CodeRabbit Inference Engine (.cursor/rules/backend_development.mdc)

{src/backend/**/*.py,tests/**/*.py,Makefile}: Run make format_backend to format Python code before linting or committing changes
Run make lint to perform linting checks on backend Python code

Files:

src/backend/base/langflow/services/database/models/user/crud.py
src/backend/tests/unit/test_cli.py
src/backend/base/langflow/services/settings/auth.py
src/backend/base/langflow/services/utils.py
src/backend/base/langflow/__main__.py

src/backend/base/langflow/services/database/models/**/*.py

📄 CodeRabbit Inference Engine (.cursor/rules/backend_development.mdc)

Place database models in src/backend/base/langflow/services/database/models/

Files:

src/backend/base/langflow/services/database/models/user/crud.py

src/backend/tests/unit/**/*.py

📄 CodeRabbit Inference Engine (.cursor/rules/backend_development.mdc)

Test component integration within flows using create_flow, build_flow, and get_build_events utilities

Files:

src/backend/tests/unit/test_cli.py

src/backend/tests/**/*.py

📄 CodeRabbit Inference Engine (.cursor/rules/testing.mdc)

src/backend/tests/**/*.py: Unit tests for backend code must be located in the 'src/backend/tests/' directory, with component tests organized by component subdirectory under 'src/backend/tests/unit/components/'.
Test files should use the same filename as the component under test, with an appropriate test prefix or suffix (e.g., 'my_component.py' → 'test_my_component.py').
Use the 'client' fixture (an async httpx.AsyncClient) for API tests in backend Python tests, as defined in 'src/backend/tests/conftest.py'.
When writing component tests, inherit from the appropriate base class in 'src/backend/tests/base.py' (ComponentTestBase, ComponentTestBaseWithClient, or ComponentTestBaseWithoutClient) and provide the required fixtures: 'component_class', 'default_kwargs', and 'file_names_mapping'.
Each test in backend Python test files should have a clear docstring explaining its purpose, and complex setups or mocks should be well-commented.
Test both sync and async code paths in backend Python tests, using '@pytest.mark.asyncio' for async tests.
Mock external dependencies appropriately in backend Python tests to isolate unit tests from external services.
Test error handling and edge cases in backend Python tests, including using 'pytest.raises' and asserting error messages.
Validate input/output behavior and test component initialization and configuration in backend Python tests.
Use the 'no_blockbuster' pytest marker to skip the blockbuster plugin in tests when necessary.
Be aware of ContextVar propagation in async tests; test both direct event loop execution and 'asyncio.to_thread' scenarios to ensure proper context isolation.
Test error handling by mocking internal functions using monkeypatch in backend Python tests.
Test resource cleanup in backend Python tests by using fixtures that ensure proper initialization and cleanup of resources.
Test timeout and performance constraints in backend Python tests using 'asyncio.wait_for' and timing assertions.
Test Langflow's Messag...

Files:

src/backend/tests/unit/test_cli.py