Refactoring - Fix1

v2_adminpanel/MIGRATION_DISCREPANCIES.md

@@ -0,0 +1,156 @@
+# Migration Discrepancies - Backup vs Current Blueprint Structure
+
+## 1. Missing Routes
+
+### Authentication/Profile Routes (Not in any blueprint)
+- `/profile` - User profile page
+- `/profile/change-password` - Change password endpoint  
+- `/profile/setup-2fa` - Setup 2FA page
+- `/profile/enable-2fa` - Enable 2FA endpoint
+- `/profile/disable-2fa` - Disable 2FA endpoint
+- `/heartbeat` - Session heartbeat endpoint
+
+### Customer API Routes (Missing from api_routes.py)
+- `/api/customer/<int:customer_id>/licenses` - Get licenses for a customer
+- `/api/customer/<int:customer_id>/quick-stats` - Get quick stats for a customer
+
+### Resource Routes (Missing from resource_routes.py)
+- `/resources` - Main resources page
+- `/resources/add` - Add new resources page
+- `/resources/quarantine/<int:resource_id>` - Quarantine a resource
+- `/resources/release` - Release resources from quarantine
+- `/resources/history/<int:resource_id>` - View resource history
+- `/resources/metrics` - Resource metrics page
+- `/resources/report` - Resource report page
+
+### Main Dashboard Route (Missing)
+- `/` - Main dashboard (currently in backup shows dashboard with stats)
+
+## 2. Database Column Discrepancies
+
+### Column Name Differences
+- **created_by** - Used in backup_history table but not consistently referenced
+- **is_test_license** vs **is_test** - The database uses `is_test` but some code might reference `is_test_license`
+
+### Session Table Aliases
+The sessions table has multiple column aliases that need to be handled:
+- `login_time` (alias for `started_at`)
+- `last_activity` (alias for `last_heartbeat`)  
+- `logout_time` (alias for `ended_at`)
+- `active` (alias for `is_active`)
+
+## 3. Template Name Mismatches
+
+### Templates Referenced in Backup
+- `login.html` - Login page
+- `verify_2fa.html` - 2FA verification
+- `profile.html` - User profile
+- `setup_2fa.html` - 2FA setup
+- `backup_codes.html` - 2FA backup codes
+- `dashboard.html` - Main dashboard
+- `index.html` - Create license form
+- `batch_result.html` - Batch operation results
+- `batch_form.html` - Batch form
+- `edit_license.html` - Edit license
+- `edit_customer.html` - Edit customer
+- `create_customer.html` - Create customer
+- `customers_licenses.html` - Customer-license overview
+- `sessions.html` - Sessions list
+- `audit_log.html` - Audit log
+- `backups.html` - Backup management
+- `blocked_ips.html` - Blocked IPs
+- `resources.html` - Resources list
+- `add_resources.html` - Add resources form
+- `resource_history.html` - Resource history
+- `resource_metrics.html` - Resource metrics
+- `resource_report.html` - Resource report
+
+## 4. URL_FOR References That Need Blueprint Prefixes
+
+### In Templates and Redirects
+- `url_for('login')` → `url_for('auth.login')`
+- `url_for('logout')` → `url_for('auth.logout')`
+- `url_for('verify_2fa')` → `url_for('auth.verify_2fa')`
+- `url_for('profile')` → `url_for('auth.profile')` (needs implementation)
+- `url_for('index')` → `url_for('main.index')` or appropriate blueprint
+- `url_for('blocked_ips')` → `url_for('admin.blocked_ips')`
+- `url_for('audit_log')` → `url_for('admin.audit_log')`
+- `url_for('backups')` → `url_for('admin.backups')`
+
+## 5. Missing Functions/Middleware
+
+### Authentication Decorators
+- `@login_required` decorator implementation needs to be verified
+- `@require_2fa` decorator (if used)
+
+### Helper Functions
+- `get_connection()` - Database connection helper
+- `log_audit()` - Audit logging function
+- `create_backup()` - Backup creation function
+- Rate limiting functions for login attempts
+
+### Session Management
+- Session timeout handling
+- Heartbeat mechanism for active sessions
+
+## 6. API Endpoint Inconsistencies
+
+### URL Prefix Issues
+- API routes in backup don't use `/api` prefix consistently
+- Some use `/api/...` while others are at root level
+
+### Missing API Endpoints
+- `/api/generate-license-key` - Generate license key
+- `/api/global-search` - Global search functionality
+
+## 7. Export Routes Organization
+
+### Current vs Expected
+- Export routes might need different URL structure
+- Check if all export types are covered:
+  - `/export/licenses`
+  - `/export/audit`
+  - `/export/customers`
+  - `/export/sessions`
+  - `/export/resources`
+
+## 8. Special Configurations
+
+### Missing Configurations
+- TOTP/2FA configuration
+- Backup encryption settings
+- Rate limiting configuration
+- Session timeout settings
+
+### Environment Variables
+- Check if all required environment variables are properly loaded
+- Database connection parameters
+- Secret keys and encryption keys
+
+## 9. JavaScript/AJAX Endpoints
+
+### API calls that might be broken
+- Device management endpoints
+- Quick edit functionality
+- Bulk operations
+- Resource allocation checks
+
+## 10. Permission/Access Control
+
+### Missing or Incorrect Access Control
+- All routes need `@login_required` decorator
+- Some routes might need additional permission checks
+- API routes need proper authentication
+
+## Action Items
+
+1. **Implement missing profile/auth routes** in auth_routes.py
+2. **Add missing customer API routes** to api_routes.py  
+3. **Create complete resource management blueprint** with all routes
+4. **Fix main dashboard route** - decide which blueprint should handle "/"
+5. **Update all url_for() calls** in templates to use blueprint prefixes
+6. **Verify database column names** are consistent throughout
+7. **Check template names** match between routes and actual files
+8. **Implement heartbeat mechanism** for session management
+9. **Add missing helper functions** to appropriate modules
+10. **Test all export routes** work correctly with new structure