Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

passlib replaced with bcrypt for password hashing #74

Merged
merged 1 commit into from
Dec 11, 2023
Merged

passlib replaced with bcrypt for password hashing #74

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@ alembic = "^1.12.0"
asyncpg = "^0.28.0"
SQLAlchemy-Utils = "^0.41.1"
python-jose = "^3.3.0"
passlib = "^1.7.4"
SQLAlchemy = "^2.0.21"
pytest = "^7.4.2"
python-multipart = "^0.0.6"
Expand All @@ -30,6 +29,7 @@ pydantic-settings = "^2.0.3"
redis = "^5.0.1"
arq = "^0.25.0"
gunicorn = "^21.2.0"
bcrypt = "^4.1.1"


[build-system]
Expand Down
2 changes: 0 additions & 2 deletions src/app/api/dependencies.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
from typing import Annotated, Union, Any

from sqlalchemy.ext.asyncio import AsyncSession
from jose import JWTError, jwt
from fastapi import (
Depends,
HTTPException,
Expand All @@ -13,7 +12,6 @@
from ..core.exceptions.http_exceptions import UnauthorizedException, ForbiddenException, RateLimitException
from ..core.db.database import async_get_db
from ..core.logger import logging
from ..core.schemas import TokenData
from ..core.utils.rate_limit import is_rate_limited
from ..core.security import verify_token
from ..crud.crud_rate_limit import crud_rate_limits
Expand Down
9 changes: 3 additions & 6 deletions src/app/core/security.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
from typing import Union, Literal, Dict, Any
from datetime import datetime, timedelta

import bcrypt
from sqlalchemy.ext.asyncio import AsyncSession
from passlib.context import CryptContext
from jose import jwt, JWTError
from fastapi.security import OAuth2PasswordBearer

Expand All @@ -17,15 +17,12 @@
REFRESH_TOKEN_EXPIRE_DAYS = settings.REFRESH_TOKEN_EXPIRE_DAYS

oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/v1/login")
crypt_context = CryptContext(schemes=["sha256_crypt"])

async def verify_password(plain_password: str, hashed_password: str) -> bool:
out: bool = crypt_context.verify(plain_password, hashed_password)
return out
return bcrypt.checkpw(plain_password.encode(), hashed_password.encode())

def get_password_hash(password: str) -> str:
out: str = crypt_context.hash(password)
return out
return bcrypt.hashpw(password.encode(), bcrypt.gensalt()).decode()

async def authenticate_user(username_or_email: str, password: str, db: AsyncSession) -> Union[Dict[str, Any], Literal[False]]:
if "@" in username_or_email:
Expand Down