This commit is contained in:
2026-04-08 00:22:48 +03:00
parent 7876c30159
commit e54d845976

View File

@@ -27,6 +27,12 @@ from backend.db import engine, get_db # noqa: E402
from backend.models import Base, User # noqa: E402 from backend.models import Base, User # noqa: E402
def _password_ok_or_400(password: str):
# bcrypt has a 72-byte input limit (bytes, not chars)
if len(password.encode("utf-8")) > 72:
raise HTTPException(status_code=400, detail="Password is too long (max 72 bytes for bcrypt)")
class GenerationRequest(BaseModel): class GenerationRequest(BaseModel):
description: str description: str
platform: str = "GitHub Actions" # or GitLab CI platform: str = "GitHub Actions" # or GitLab CI
@@ -81,6 +87,7 @@ def register(req: RegisterRequest, db: Session = Depends(get_db)):
email = req.email.strip().lower() email = req.email.strip().lower()
if not email or not req.password: if not email or not req.password:
raise HTTPException(status_code=400, detail="Email and password are required") raise HTTPException(status_code=400, detail="Email and password are required")
_password_ok_or_400(req.password)
try: try:
exists = db.execute(select(User).where(User.email == email)).scalar_one_or_none() exists = db.execute(select(User).where(User.email == email)).scalar_one_or_none()
@@ -111,6 +118,9 @@ def register(req: RegisterRequest, db: Session = Depends(get_db)):
@app.post("/auth/login") @app.post("/auth/login")
def login(req: LoginRequest, db: Session = Depends(get_db)): def login(req: LoginRequest, db: Session = Depends(get_db)):
email = req.email.strip().lower() email = req.email.strip().lower()
if not req.password:
raise HTTPException(status_code=400, detail="Password is required")
_password_ok_or_400(req.password)
try: try:
user = db.execute(select(User).where(User.email == email)).scalar_one_or_none() user = db.execute(select(User).where(User.email == email)).scalar_one_or_none()
if not user or not verify_password(req.password, user.password_hash): if not user or not verify_password(req.password, user.password_hash):