Faster code reviews

for

Code reviews shouldn't be a blocker. Sourcery can review all of your PR's instantly - letting your team stay in flow and get more done.

Trusted by thousands of engineers

CiscoMindwayHelloFreshSkyCisco2Mindway2HelloFresh2Sky2
fromcode_reviewer import Expert

Speed up your team's development with an expert automated reviewer

Sourcery can review every change you make to your codebase in seconds rather than days.

12345678910111213
class User:
  def __init__(self, username, email, password):
      self.username = username
      self._hashed_password = self._hash_password(password)
      self.is_authenticated = False

  def _hash_password(self, password):
      return hashlib.sha256(password.encode()).hexdigest()

  def authenticate(self, password):
      if self._hashed_password == self._hash_password(password):
          self.is_authenticated = True
SHA-256 for password hashing is not secure enough for modern standards. Here is a suggested improved approach using bcrypt.
123456789101112131415161718192021222324252627
class User:
  def __init__(self, username, email, password):
      self.username = username
      self._hashed_password = self._hash_password(password)
      self.is_authenticated = False

  def _hash_password(self, password):
      # Generate a salt and hash the password. The bcrypt.hashpw function automatically handles salting.
      return bcrypt.hashpw(password.encode(), bcrypt.gensalt())

  def change_password(self, old_password, new_password):
      if self.authenticate(old_password):
          self._hashed_password = self._hash_password(new_password)
          return True
      return False

  def logout(self):
      self.is_authenticated = False

  def authenticate(self, password):
      # Compare the provided password with the stored hash. The bcrypt.checkpw function securely compares the hashes.
      if bcrypt.checkpw(password.encode(), self._hashed_password):
          self.is_authenticated = True
          return True
      else:
          return False
whiledeveloping: get feedback

Immediate feedback on every pull request

Stay in the flow while you're working by getting rapid feedback on how to improve your code.

123456
def change_password(self, old_password, new_password):
  if self.authenticate(old_password):
      self._hashed_password = self._hash_password(new_password)
      return True
  return False
ifreview.isrepetitive(): review.automate()

Spend less time on reviews

Sometimes we still need peer reviews. But, Sourcery lets you cut down on the ammount of time you manually need to review code.

Explain Code
What?
This method, change_password takes
old_password, and new_passwordas arguments. It verifies the old_password , updates the _hashed_password with the new_password's hash if True. Otherwise, it returns False.
Generate docstrings
Absolutely!
Here’s your docstring:
123456789101112131415
def change_password(self, old_password, new_password):
  """
  Changes the user's password.
  Args:
      old_password (str): The old password to authenticate.
      new_password (str): The new password to set.

  Returns:
      bool: True if the password is successfully changed, False otherwise.
  """
  if self.authenticate(old_password):
      self._hashed_password = self._hash_password(new_password)
      return True
  return False
Generate tests
123456789101112131415161718192021
import pytest
from demo import change_password

@pytest.mark.parametrize(
    "password, old_password, new_password, expected_result,
    [
        ("password", "password", "new_password", True),
        ("password", "wrong_password" , "new_password", False),
        ...,
    ]
)
def test_change_password(password, old_password, new_password, expected_result):
    # Arrange
    user = User("username", password)

    # Act
    result = user.change_password(old_password, new_password)

    # Assert
    assert result == expected_result
awaitquality_code()

Improve your code quality

Sourcery helps you check all of your code for opportunities for improvement and helps you maintain high quality code.

Reviewing uncommitted changes on branch'magic-code'
Summary:This PR expands the `User` class.
Specifically it introduces the ability for users
to change their password and log out.
General Suggestions:Ensure that the password is stored in a database to maintain
the user's credentials across restarts of the application
Specific suggestions:
Line 9: This method hashes passwords securely using SHA-256.
It's private, which is good, but consider integrating
a salt for even better security against rainbow table attacks.
Line 28: Consider logging logout operations for monitoring.

match typeOfUser:

Simple, flexible pricing

Save up to 20% with yearly subscription

Monthly
Yearly

For individuals

10/ mo

Save 16% with yearly subscription

Flying solo?
Then this plan is for you!

GitHub code reviews on every PR for your individual private repos.

For teams

30/ mo

Save 20% with yearly subscription

Team Player?
We got you covered!

Code reviews for every pull request for teams of 2 to 200.

time.sleep()

Not ready to decide?

Book a demo call with our team and we’ll help you understand how Sourcery can benefit your business and engineers.