""" Authentication service for password hashing and verification. This module provides authentication-related functionality including password hashing, verification, and JWT token management. """ from datetime import datetime, timedelta import jwt from app.config import settings from app.utils.security import hash_password, verify_password class AuthService: """ Service class for authentication operations. Handles password hashing, verification, and other authentication related operations with proper security practices. """ @staticmethod def hash_user_password(password: str) -> str: """ Hash a plaintext password for secure storage. Args: password (str): Plaintext password to hash Returns: str: Hashed password safe for database storage Example: >>> auth = AuthService() >>> hashed = auth.hash_user_password("mypassword123") >>> len(hashed) > 0 True """ return hash_password(password) @staticmethod def verify_user_password(password: str, hashed_password: str) -> bool: """ Verify a password against its hash. Args: password (str): Plaintext password to verify hashed_password (str): Stored hashed password Returns: bool: True if password matches hash, False otherwise Example: >>> auth = AuthService() >>> hashed = auth.hash_user_password("mypassword123") >>> auth.verify_user_password("mypassword123", hashed) True >>> auth.verify_user_password("wrongpassword", hashed) False """ return verify_password(password, hashed_password) @staticmethod def create_access_token(data=dict) -> str: """ Create a JWT access token. Args: data (dict): Payload data to include in the token. Returns: str: Encoded JWT token. """ # Copy data to avoid modifying the original dict to_encode = data.copy() # Add expiration time expire = datetime.now() + timedelta(hours=settings.get_jwt_expire_hours()) to_encode.update({"exp": expire}) # Encode JWT encoded_jwt = jwt.encode(to_encode, settings.get_jwt_secret_key(), algorithm=settings.get_jwt_algorithm()) return encoded_jwt