update
This commit is contained in:
@@ -27,6 +27,12 @@ from backend.db import engine, get_db # noqa: E402
|
|||||||
from backend.models import Base, User # noqa: E402
|
from backend.models import Base, User # noqa: E402
|
||||||
|
|
||||||
|
|
||||||
|
def _password_ok_or_400(password: str):
|
||||||
|
# bcrypt has a 72-byte input limit (bytes, not chars)
|
||||||
|
if len(password.encode("utf-8")) > 72:
|
||||||
|
raise HTTPException(status_code=400, detail="Password is too long (max 72 bytes for bcrypt)")
|
||||||
|
|
||||||
|
|
||||||
class GenerationRequest(BaseModel):
|
class GenerationRequest(BaseModel):
|
||||||
description: str
|
description: str
|
||||||
platform: str = "GitHub Actions" # or GitLab CI
|
platform: str = "GitHub Actions" # or GitLab CI
|
||||||
@@ -81,6 +87,7 @@ def register(req: RegisterRequest, db: Session = Depends(get_db)):
|
|||||||
email = req.email.strip().lower()
|
email = req.email.strip().lower()
|
||||||
if not email or not req.password:
|
if not email or not req.password:
|
||||||
raise HTTPException(status_code=400, detail="Email and password are required")
|
raise HTTPException(status_code=400, detail="Email and password are required")
|
||||||
|
_password_ok_or_400(req.password)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
exists = db.execute(select(User).where(User.email == email)).scalar_one_or_none()
|
exists = db.execute(select(User).where(User.email == email)).scalar_one_or_none()
|
||||||
@@ -111,6 +118,9 @@ def register(req: RegisterRequest, db: Session = Depends(get_db)):
|
|||||||
@app.post("/auth/login")
|
@app.post("/auth/login")
|
||||||
def login(req: LoginRequest, db: Session = Depends(get_db)):
|
def login(req: LoginRequest, db: Session = Depends(get_db)):
|
||||||
email = req.email.strip().lower()
|
email = req.email.strip().lower()
|
||||||
|
if not req.password:
|
||||||
|
raise HTTPException(status_code=400, detail="Password is required")
|
||||||
|
_password_ok_or_400(req.password)
|
||||||
try:
|
try:
|
||||||
user = db.execute(select(User).where(User.email == email)).scalar_one_or_none()
|
user = db.execute(select(User).where(User.email == email)).scalar_one_or_none()
|
||||||
if not user or not verify_password(req.password, user.password_hash):
|
if not user or not verify_password(req.password, user.password_hash):
|
||||||
|
|||||||
Reference in New Issue
Block a user