fix: use recipient_email instead of user_id for password reset counting

email_logs.user_id is never populated for password_reset emails. Match by recipient_email instead. Also fix failed_logins stat card to use users.failed_login_attempts sum instead of security_alerts. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-21 21:51:31 +01:00 · 2026-02-21 21:51:31 +01:00 · d21bdd6f65
commit d21bdd6f65
parent 2aca385845
1 changed files with 9 additions and 7 deletions
--- a/blueprints/admin/routes_user_insights.py
+++ b/blueprints/admin/routes_user_insights.py
@ -95,9 +95,11 @@ def _tab_problems(db, start_date, days):
        User.locked_until > now, User.is_active == True
    ).scalar() or 0

-    failed_logins_7d = db.query(func.count(SecurityAlert.id)).filter(
-        SecurityAlert.alert_type.in_(['brute_force', 'account_locked']),
-        SecurityAlert.created_at >= start_dt
+    failed_logins_7d = db.query(
+        func.coalesce(func.sum(User.failed_login_attempts), 0)
+    ).filter(
+        User.is_active == True,
+        User.failed_login_attempts > 0
    ).scalar() or 0

    password_resets_7d = db.query(func.count(EmailLog.id)).filter(
@ -123,9 +125,9 @@ def _tab_problems(db, start_date, days):
            SecurityAlert.created_at >= start_dt
        ).scalar() or 0

-        # Password resets 30d
+        # Password resets 30d (email_logs.user_id often NULL, match by recipient_email)
        pr_30d = db.query(func.count(EmailLog.id)).filter(
-            EmailLog.user_id == user.id,
+            EmailLog.recipient_email == user.email,
            EmailLog.email_type == 'password_reset',
            EmailLog.created_at >= start_30d
        ).scalar() or 0
@ -707,7 +709,7 @@ def user_insights_profile(user_id):
            SecurityAlert.created_at >= start_7d
        ).scalar() or 0
        pr_30d = db.query(func.count(EmailLog.id)).filter(
-            EmailLog.user_id == user_id,
+            EmailLog.recipient_email == user.email,
            EmailLog.email_type == 'password_reset',
            EmailLog.created_at >= start_30d
        ).scalar() or 0
@ -784,7 +786,7 @@ def user_insights_profile(user_id):

        # Password resets
        resets = db.query(EmailLog).filter(
-            EmailLog.user_id == user_id,
+            EmailLog.recipient_email == user.email,
            EmailLog.email_type == 'password_reset'
        ).order_by(desc(EmailLog.created_at)).limit(5).all()
        for r in resets: