Added frontend. Working on user management
This commit is contained in:
74
src/file-processor/app/utils/security.py
Normal file
74
src/file-processor/app/utils/security.py
Normal file
@@ -0,0 +1,74 @@
|
||||
"""
|
||||
Password security utilities using bcrypt for secure password hashing.
|
||||
|
||||
This module provides secure password hashing and verification functions
|
||||
using the bcrypt algorithm with automatic salt generation.
|
||||
"""
|
||||
|
||||
import bcrypt
|
||||
from typing import Union
|
||||
|
||||
|
||||
def hash_password(password: str) -> str:
|
||||
"""
|
||||
Hash a password using bcrypt with automatic salt generation.
|
||||
|
||||
Args:
|
||||
password: The plain text password to hash
|
||||
|
||||
Returns:
|
||||
The hashed password as a string
|
||||
|
||||
Raises:
|
||||
ValueError: If password is empty or None
|
||||
RuntimeError: If bcrypt hashing fails
|
||||
"""
|
||||
if not password:
|
||||
raise ValueError("Password cannot be empty or None")
|
||||
|
||||
try:
|
||||
# Encode password to bytes and generate salt
|
||||
password_bytes = password.encode('utf-8')
|
||||
salt = bcrypt.gensalt()
|
||||
|
||||
# Hash the password
|
||||
hashed = bcrypt.hashpw(password_bytes, salt)
|
||||
|
||||
# Return as string
|
||||
return hashed.decode('utf-8')
|
||||
|
||||
except Exception as e:
|
||||
raise RuntimeError(f"Failed to hash password: {str(e)}")
|
||||
|
||||
|
||||
def verify_password(password: str, hashed_password: str) -> bool:
|
||||
"""
|
||||
Verify a password against its hash.
|
||||
|
||||
Args:
|
||||
password: The plain text password to verify
|
||||
hashed_password: The hashed password to verify against
|
||||
|
||||
Returns:
|
||||
True if password matches the hash, False otherwise
|
||||
|
||||
Raises:
|
||||
ValueError: If password or hashed_password is empty or None
|
||||
RuntimeError: If password verification fails due to malformed hash
|
||||
"""
|
||||
if not password or not hashed_password:
|
||||
raise ValueError("Password and hashed_password cannot be empty or None")
|
||||
|
||||
try:
|
||||
# Encode inputs to bytes
|
||||
password_bytes = password.encode('utf-8')
|
||||
hashed_bytes = hashed_password.encode('utf-8')
|
||||
|
||||
# Verify password
|
||||
return bcrypt.checkpw(password_bytes, hashed_bytes)
|
||||
|
||||
except ValueError as e:
|
||||
# bcrypt raises ValueError for malformed hashes
|
||||
raise RuntimeError(f"Invalid hash format: {str(e)}")
|
||||
except Exception as e:
|
||||
raise RuntimeError(f"Failed to verify password: {str(e)}")
|
||||
Reference in New Issue
Block a user