fix: module 'bcrypt' has no attribute '__about__' (#354)

* fix: replace passlib with bcrypt for password hashing and verification * fix: update lock files with pdm lock
hotosm · Nov 26, 2024 · a686dec · a686dec
1 parent e3624cb
commit a686dec
Show file tree

Hide file tree

Showing 3 changed files with 264 additions and 265 deletions.
diff --git a/src/backend/app/users/user_logic.py b/src/backend/app/users/user_logic.py
@@ -1,18 +1,15 @@
 import time
+import bcrypt
 import jwt
 from app.config import settings
 from typing import Any
 from psycopg import Connection
 from app.db import db_models
 from pydantic import EmailStr
 from fastapi import HTTPException
-from passlib.context import CryptContext
 from app.users import user_schemas
 
 
-pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
-
-
 async def create_access_token(subject: str | Any):
     expire = int(time.time()) + settings.ACCESS_TOKEN_EXPIRE_MINUTES
     refresh_expire = int(time.time()) + settings.REFRESH_TOKEN_EXPIRE_MINUTES
@@ -53,11 +50,15 @@ def verify_token(token: str) -> dict[str, Any]:
 
 
 def verify_password(plain_password: str, hashed_password: str) -> bool:
-    return pwd_context.verify(plain_password, hashed_password)
+    return bcrypt.checkpw(
+        plain_password.encode("utf-8"), hashed_password.encode("utf-8")
+    )
 
 
 def get_password_hash(password: str) -> str:
-    return pwd_context.hash(password)
+    salt = bcrypt.gensalt()
+    hashed_password = bcrypt.hashpw(password.encode("utf-8"), salt)
+    return hashed_password.decode("utf-8")
 
 
 async def authenticate(