77import resend
88from dotenv import load_dotenv
99from sqlmodel import Session , select
10- from passlib . context import CryptContext
10+ from bcrypt import gensalt , hashpw , checkpw
1111from datetime import UTC , datetime , timedelta
1212from typing import Optional
1313from fastapi import Depends , Cookie , HTTPException , status
1919
2020# --- AUTH ---
2121
22- pwd_context = CryptContext (schemes = ["bcrypt" ], deprecated = "auto" )
2322SECRET_KEY = os .getenv ("SECRET_KEY" )
2423ALGORITHM = "HS256"
2524ACCESS_TOKEN_EXPIRE_MINUTES = 30
@@ -43,16 +42,27 @@ def validate_password_strength(password: str) -> bool:
4342 - At least 8 characters long
4443 """
4544 pattern = re .compile (
46- r"(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[@$!%*?&] )[A-Za-z\d@$!%*?&]{8,}" )
45+ r"(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[@$!%*?&{}<>.,\\'#\-_=+\(\)\[\]:;|~] )[A-Za-z\d@$!%*?&{}<>.,\\'#\-_=+\(\)\[\]:;|~ ]{8,}" )
4746 return bool (pattern .match (password ))
4847
4948
5049def get_password_hash (password : str ) -> str :
51- return pwd_context .hash (password )
50+ """
51+ Hash a password using bcrypt with a random salt
52+ """
53+ # Convert the password to bytes and generate the hash
54+ password_bytes = password .encode ('utf-8' )
55+ salt = gensalt ()
56+ return hashpw (password_bytes , salt ).decode ('utf-8' )
5257
5358
5459def verify_password (plain_password : str , hashed_password : str ) -> bool :
55- return pwd_context .verify (plain_password , hashed_password )
60+ """
61+ Verify a password against a bcrypt hash
62+ """
63+ password_bytes = plain_password .encode ('utf-8' )
64+ hashed_bytes = hashed_password .encode ('utf-8' )
65+ return checkpw (password_bytes , hashed_bytes )
5666
5767
5868def create_access_token (data : dict , expires_delta : Optional [timedelta ] = None ) -> str :
0 commit comments