This commit is contained in:
Timothy Jaeryang Baek
2026-06-29 03:16:59 -05:00
parent 4712544d5e
commit 33cd199e6d
2 changed files with 13 additions and 14 deletions

View File

@@ -148,15 +148,15 @@ class AuthsTable:
log.info('authenticate_user: %s', email)
resolved = await Users.get_user_by_email(email, db=db)
if not resolved:
verify_password(PLACEHOLDER_HASH)
await verify_password(PLACEHOLDER_HASH)
return
# load the credential row and verify the password hash
async with get_async_db_context(db) as session:
credential = await session.get(Auth, resolved.id)
if not credential or not credential.active:
verify_password(PLACEHOLDER_HASH)
await verify_password(PLACEHOLDER_HASH)
return
if not verify_password(credential.password):
if not await verify_password(credential.password):
return
return resolved

View File

@@ -1,5 +1,6 @@
from __future__ import annotations
import asyncio
import base64
import hashlib
import hmac
@@ -160,8 +161,6 @@ bearer_security = HTTPBearer(auto_error=False)
async def get_password_hash(password: str) -> str:
"""Hash a password using bcrypt in a thread pool (non-blocking)."""
import asyncio
return (await asyncio.to_thread(bcrypt.hashpw, password.encode('utf-8'), bcrypt.gensalt())).decode('utf-8')
@@ -179,15 +178,15 @@ def validate_password(password: str) -> bool:
return True
def verify_password(plain_password: str, hashed_password: str) -> bool:
"""Verify a password against its hash"""
return (
bcrypt.checkpw(
plain_password.encode('utf-8'),
hashed_password.encode('utf-8'),
)
if hashed_password
else None
async def verify_password(plain_password: str, hashed_password: str) -> bool:
"""Verify a password using bcrypt in a thread pool."""
if not hashed_password:
return False
return await asyncio.to_thread(
bcrypt.checkpw,
plain_password.encode('utf-8'),
hashed_password.encode('utf-8'),
)