fix: change passlib and bcrypt support

2025-11-23 16:54:46 +00:00
parent 70041ffa7d
commit a33b48a237
1 changed files with 17 additions and 8 deletions
--- a/backend/main.py
+++ b/backend/main.py
@@ -5,20 +5,29 @@ from sqlmodel import Session, select
 from typing import List
 from datetime import datetime
 import os
-from passlib.context import CryptContext
+import bcrypt

 from database import get_session
 from models import Association, Balance, Operation, OperationType, AssociationRead, BalanceRead

 app = FastAPI()

-pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
+def verify_password(plain_password: str, hashed_password: str) -> bool:
+    """Verify a plain password against a hashed password using bcrypt."""
+    # Convert plain password to bytes and truncate to 72 bytes (bcrypt's limit)
+    password_bytes = plain_password.encode('utf-8')[:72]
+    # Convert hashed password to bytes
+    hashed_bytes = hashed_password.encode('utf-8')
+    return bcrypt.checkpw(password_bytes, hashed_bytes)

-def verify_password(plain_password, hashed_password):
-    return pwd_context.verify(plain_password, hashed_password)
-
-def get_password_hash(password):
-    return pwd_context.hash(password)
+def get_password_hash(password: str) -> str:
+    """Hash a password using bcrypt."""
+    # Truncate to 72 bytes to comply with bcrypt's limit
+    password_bytes = password.encode('utf-8')[:72]
+    # Generate salt and hash
+    salt = bcrypt.gensalt(rounds=12)
+    hashed = bcrypt.hashpw(password_bytes, salt)
+    return hashed.decode('utf-8')

 origins = [
    "http://localhost:5173",
@@ -247,4 +256,4 @@ if os.path.exists(static_dir):

@app.get("/health")
 def health_check():
-    return {"status": "ok"}
+    return {"status": "ok"}