This commit is contained in:
2026-04-10 00:01:42 +03:00
parent 1b8c03d6c3
commit f01e3b9040
4 changed files with 161 additions and 95 deletions

View File

@@ -12,10 +12,10 @@ from sqlalchemy.orm import Session
from backend.db import get_db
from backend.models import User
pwd_context = CryptContext(schemes=["argon2"], deprecated="auto")
pwd_context = CryptContext(schemes=["argon2", "bcrypt"], deprecated="auto")
bearer = HTTPBearer(auto_error=False)
AUTH_VERSION = "argon2-2026-04-07"
AUTH_VERSION = "argon2-bcrypt-compat-2026-04-07"
def _env(name: str, default: str) -> str:
@@ -48,6 +48,10 @@ def verify_password(password: str, password_hash: str) -> bool:
) from e
def password_needs_update(password_hash: str) -> bool:
return pwd_context.needs_update(password_hash)
def create_access_token(*, user_id: str) -> str:
now = datetime.now(timezone.utc)
payload = {

View File

@@ -27,6 +27,7 @@ from backend.auth import ( # noqa: E402
create_access_token,
get_current_user,
hash_password,
password_needs_update,
verify_password,
)
from backend.db import engine, get_db # noqa: E402
@@ -130,6 +131,11 @@ def login(req: LoginRequest, db: Session = Depends(get_db)):
if not user.is_active:
raise HTTPException(status_code=403, detail="User is inactive")
if password_needs_update(user.password_hash):
user.password_hash = hash_password(req.password)
db.add(user)
db.commit()
token = create_access_token(user_id=str(user.id))
return {"access_token": token, "token_type": "bearer"}
except HTTPException:

View File

@@ -6,5 +6,7 @@ sqlalchemy
psycopg[binary]
passlib[argon2]
argon2-cffi
passlib[bcrypt]
bcrypt
python-jose[cryptography]
pydantic[email]