Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit 80c7687

Browse files
feature: Use bcrypt directly instead of passlib
1 parent 335e62f commit 80c7687

File tree

3 files changed

+63
-42
lines changed

3 files changed

+63
-42
lines changed

‎backend/app/core/security.py

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,11 @@
11
from datetime import datetime, timedelta, timezone
22
from typing import Any
33

4+
import bcrypt
45
import jwt
5-
from passlib.context import CryptContext
66

77
from app.core.config import settings
88

9-
pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
10-
11-
129
ALGORITHM = "HS256"
1310

1411

@@ -20,8 +17,11 @@ def create_access_token(subject: str | Any, expires_delta: timedelta) -> str:
2017

2118

2219
def verify_password(plain_password: str, hashed_password: str) -> bool:
23-
return pwd_context.verify(plain_password, hashed_password)
20+
return bcrypt.checkpw(
21+
plain_password.encode("utf-8"),
22+
hashed_password.encode("utf-8"),
23+
)
2424

2525

2626
def get_password_hash(password: str) -> str:
27-
return pwd_context.hash(password)
27+
return bcrypt.hashpw(password.encode("utf-8"), bcrypt.gensalt()).decode("utf-8")

‎backend/pyproject.toml

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,6 @@ dependencies = [
77
"fastapi[standard]<1.0.0,>=0.114.2",
88
"python-multipart<1.0.0,>=0.0.7",
99
"email-validator<3.0.0.0,>=2.1.0.post1",
10-
"passlib[bcrypt]<2.0.0,>=1.7.4",
1110
"tenacity<9.0.0,>=8.2.3",
1211
"pydantic>2.0",
1312
"emails<1.0,>=0.6",
@@ -16,8 +15,7 @@ dependencies = [
1615
"httpx<1.0.0,>=0.25.1",
1716
"psycopg[binary]<4.0.0,>=3.1.13",
1817
"sqlmodel<1.0.0,>=0.0.21",
19-
# Pin bcrypt until passlib supports the latest
20-
"bcrypt==4.0.1",
18+
"bcrypt>=4.3.0",
2119
"pydantic-settings<3.0.0,>=2.2.1",
2220
"sentry-sdk[fastapi]<2.0.0,>=1.40.6",
2321
"pyjwt<3.0.0,>=2.8.0",

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /