85 lines
2.3 KiB
Python
85 lines
2.3 KiB
Python
"""
|
|
Authentication service for password hashing and verification.
|
|
|
|
This module provides authentication-related functionality including
|
|
password hashing, verification, and JWT token management.
|
|
"""
|
|
from datetime import datetime, timedelta
|
|
|
|
import jwt
|
|
|
|
from app.config import settings
|
|
from app.utils.security import hash_password, verify_password
|
|
|
|
|
|
class AuthService:
|
|
"""
|
|
Service class for authentication operations.
|
|
|
|
Handles password hashing, verification, and other authentication
|
|
related operations with proper security practices.
|
|
"""
|
|
|
|
@staticmethod
|
|
def hash_user_password(password: str) -> str:
|
|
"""
|
|
Hash a plaintext password for secure storage.
|
|
|
|
Args:
|
|
password (str): Plaintext password to hash
|
|
|
|
Returns:
|
|
str: Hashed password safe for database storage
|
|
|
|
Example:
|
|
>>> auth = AuthService()
|
|
>>> hashed = auth.hash_user_password("mypassword123")
|
|
>>> len(hashed) > 0
|
|
True
|
|
"""
|
|
return hash_password(password)
|
|
|
|
@staticmethod
|
|
def verify_user_password(password: str, hashed_password: str) -> bool:
|
|
"""
|
|
Verify a password against its hash.
|
|
|
|
Args:
|
|
password (str): Plaintext password to verify
|
|
hashed_password (str): Stored hashed password
|
|
|
|
Returns:
|
|
bool: True if password matches hash, False otherwise
|
|
|
|
Example:
|
|
>>> auth = AuthService()
|
|
>>> hashed = auth.hash_user_password("mypassword123")
|
|
>>> auth.verify_user_password("mypassword123", hashed)
|
|
True
|
|
>>> auth.verify_user_password("wrongpassword", hashed)
|
|
False
|
|
"""
|
|
return verify_password(password, hashed_password)
|
|
|
|
@staticmethod
|
|
def create_access_token(data=dict) -> str:
|
|
"""
|
|
Create a JWT access token.
|
|
|
|
Args:
|
|
data (dict): Payload data to include in the token.
|
|
|
|
Returns:
|
|
str: Encoded JWT token.
|
|
"""
|
|
# Copy data to avoid modifying the original dict
|
|
to_encode = data.copy()
|
|
|
|
# Add expiration time
|
|
expire = datetime.now() + timedelta(hours=settings.get_jwt_expire_hours())
|
|
to_encode.update({"exp": expire})
|
|
|
|
# Encode JWT
|
|
encoded_jwt = jwt.encode(to_encode, settings.get_jwt_secret_key(), algorithm=settings.get_jwt_algorithm())
|
|
return encoded_jwt
|