diff --git a/backend/main.py b/backend/main.py index 67417cf..a4cd89b 100644 --- a/backend/main.py +++ b/backend/main.py @@ -27,6 +27,12 @@ from backend.db import engine, get_db # noqa: E402 from backend.models import Base, User # noqa: E402 +def _password_ok_or_400(password: str): + # bcrypt has a 72-byte input limit (bytes, not chars) + if len(password.encode("utf-8")) > 72: + raise HTTPException(status_code=400, detail="Password is too long (max 72 bytes for bcrypt)") + + class GenerationRequest(BaseModel): description: str platform: str = "GitHub Actions" # or GitLab CI @@ -81,6 +87,7 @@ def register(req: RegisterRequest, db: Session = Depends(get_db)): email = req.email.strip().lower() if not email or not req.password: raise HTTPException(status_code=400, detail="Email and password are required") + _password_ok_or_400(req.password) try: exists = db.execute(select(User).where(User.email == email)).scalar_one_or_none() @@ -111,6 +118,9 @@ def register(req: RegisterRequest, db: Session = Depends(get_db)): @app.post("/auth/login") def login(req: LoginRequest, db: Session = Depends(get_db)): email = req.email.strip().lower() + if not req.password: + raise HTTPException(status_code=400, detail="Password is required") + _password_ok_or_400(req.password) try: user = db.execute(select(User).where(User.email == email)).scalar_one_or_none() if not user or not verify_password(req.password, user.password_hash):