Resolve "Allow CLI to set password"

Closes #104 (closed)

login/app.py

 
-"""Flask application which provides the inferface of a login panel. The
+"""Flask application which provides the interface of a login panel. The
 application interacts with different backend, like the Kratos backend for users,
 Hydra for OIDC sessions and Postgres for application and role specifications.
-The application provides also serveral command line options to interact with
+The application provides also several command line options to interact with
 the user entries in the database(s)"""
 
 
@@ -16,6 +16,7 @@ import click
 # Flask
 from flask import abort, Flask, redirect, request, render_template
 from flask_sqlalchemy import SQLAlchemy
+from flask_migrate import Migrate
 # False positive: pylint: disable=ungrouped-imports
 from flask.cli import AppGroup
 
@@ -35,7 +36,7 @@ from exceptions import BackendError
 from kratos import KratosUser
 
 
-# Initaliaze the FLASK app
+# Initialize the FLASK app
 app = Flask(__name__,
              static_url_path='/static')
 
@@ -90,8 +91,8 @@ from models import User, App, AppRole
 # WARNING:
 #
 # Below are very minimalistic calls to interfaces for development and testing
-# purposed. Eventually this need to be moved to seperate files and more
-# sophisticated calls with try{} catch{} claused etc.
+# purposed. Eventually this need to be moved to separate files and more
+# sophisticated calls with try{} catch{} clauses etc.
 #
 
 ##############################################################################
@@ -146,7 +147,7 @@ def delete_app(slug):
         return
 
 
-    # Deleting will (propably) fail is there are still roles attached. This is a
+    # Deleting will (probably) fail is there are still roles attached. This is a
     # PoC implementation only. Actually management of apps and roles will be
     # done by the backend application
     db.session.delete(obj)
@@ -245,7 +246,7 @@ def setpassword_user(email, password):
 
     # Kratos does not provide an interface to set a password directly. However
     # we still want to be able to set a password. So we have to hack our way
-    # a bit arround this. We do this by creating a recovery link though the
+    # a bit around this. We do this by creating a recovery link though the
     # admin interface (which is not e-mailed) and then follow the recovery
     # flow in the public facing pages of kratos
 
@@ -403,7 +404,7 @@ def auth():
         challenge = request.args.post("login_challenge")
 
     if not challenge:
-        app.logger.error("No challange given. Error in request")
+        app.logger.error("No challenge given. Error in request")
         abort(400, description="Challenge required when requesting authorization")
 
 
@@ -481,7 +482,7 @@ def consent():
     username = consent_request.subject
 
     # Get the related user object
-    user = KratosUser.find_by_email(KRATOS_ADMIN, email)
+    user = KratosUser.find_by_email(KRATOS_ADMIN, username)
     if not user:
         app.logger.error(f"User not found in database: {username}")
         abort(401, description="User not found. Please try again.")