From 93712919ffe3712188a071b29358f1bf1e330e65 Mon Sep 17 00:00:00 2001 From: Robin COuret Date: Thu, 5 Mar 2026 19:40:13 +0100 Subject: [PATCH] refacto name --- .../__pycache__/faker_seed.cpython-311.pyc | Bin 3205 -> 3187 bytes .../v1/__pycache__/knowledges.cpython-311.pyc | Bin 3248 -> 3236 bytes .../v1/__pycache__/metrics.cpython-311.pyc | Bin 743 -> 737 bytes .../api/v1/__pycache__/users.cpython-311.pyc | Bin 2611 -> 2606 bytes server/src/app/api/v1/knowledges.py | 4 +-- server/src/app/api/v1/metrics.py | 2 +- server/src/app/api/v1/users.py | 2 +- .../crud_knowledges.cpython-311.pyc | Bin 3432 -> 3432 bytes .../__pycache__/crud_metrics.cpython-311.pyc | Bin .../crud_questions.cpython-311.pyc | Bin .../__pycache__/crud_user.cpython-311.pyc | Bin .../__pycache__/knowledge.cpython-311.pyc | Bin 0 -> 3426 bytes .../data/__pycache__/metric.cpython-311.pyc | Bin 0 -> 2735 bytes .../data/__pycache__/question.cpython-311.pyc | Bin 0 -> 2688 bytes .../app/data/__pycache__/user.cpython-311.pyc | Bin 0 -> 3350 bytes .../crud_knowledges.py => data/knowledge.py} | 0 .../{crud/crud_metrics.py => data/metric.py} | 0 .../crud_questions.py => data/question.py} | 12 ------- .../app/{crud/crud_user.py => data/user.py} | 0 server/src/app/faker_seed.py | 6 ++-- .../services/__pycache__/auth.cpython-311.pyc | Bin 4463 -> 4742 bytes server/src/app/services/auth.py | 34 ++++++++++-------- 22 files changed, 26 insertions(+), 34 deletions(-) rename server/src/app/{crud => data}/__pycache__/crud_knowledges.cpython-311.pyc (95%) rename server/src/app/{crud => data}/__pycache__/crud_metrics.cpython-311.pyc (100%) rename server/src/app/{crud => data}/__pycache__/crud_questions.cpython-311.pyc (100%) rename server/src/app/{crud => data}/__pycache__/crud_user.cpython-311.pyc (100%) create mode 100644 server/src/app/data/__pycache__/knowledge.cpython-311.pyc create mode 100644 server/src/app/data/__pycache__/metric.cpython-311.pyc create mode 100644 server/src/app/data/__pycache__/question.cpython-311.pyc create mode 100644 server/src/app/data/__pycache__/user.cpython-311.pyc rename server/src/app/{crud/crud_knowledges.py => data/knowledge.py} (100%) rename server/src/app/{crud/crud_metrics.py => data/metric.py} (100%) rename server/src/app/{crud/crud_questions.py => data/question.py} (67%) rename server/src/app/{crud/crud_user.py => data/user.py} (100%) diff --git a/server/src/app/__pycache__/faker_seed.cpython-311.pyc b/server/src/app/__pycache__/faker_seed.cpython-311.pyc index 491ccd6258506285c0f6a02d3bf882f65c3d4b73..52bef4a3a15d6a91df6ba4ecd8797f77e0ad465f 100644 GIT binary patch delta 195 zcmZpb{4Bw{oR^o20SM&JuFMqL$g9LHE>>KWte03&pqG+ZlBk!RmtUTfnv$M6*@s(2 zOcX_~ur#%}Br`v6au2tXh%ky&ZfZ$UX7c0{-0l&^7Z^~`4F;VHsOScR;RRH5gF)j0 QD!Rd-djS=vcBr_(Koq*c5ODz;+RVYdf)M~sSvOAr delta 180 zcmZ1?xj~Y5IWI340}#{;uE-SG$lJ;pEK^*Rte03&pqE@!ngS-`v-9%Hb5c{%Q;Un( zfoh95Km;d<0O>8_1`@ZVF|`$zrWTiE=I0epzRCI6q3!|$QRoIk+y!iC^B=Aii~#JP BKFa_A diff --git a/server/src/app/api/v1/__pycache__/metrics.cpython-311.pyc b/server/src/app/api/v1/__pycache__/metrics.cpython-311.pyc index ac7232bdfe4ffb77186221c94a4bb88e3d177f34..f4a966ea3bfece80e4f792b393fd1a6bf728db6a 100644 GIT binary patch delta 68 zcmaFP`jC}(IWI340}%W^vocd*BkvbR5#i#ZWWB_K0=<;Pl0?1S)RLmiobJ L7*NpUNlc*t1wj^Y delta 74 zcmaFJ`ka+_IWI340}vQ)o0qA!k@pLulw@&HvR-0AfnIV^X$qK#&rK~U%1kbvEXtHF OV0?iA1x@Z@3Izake;7jm diff --git a/server/src/app/api/v1/__pycache__/users.cpython-311.pyc b/server/src/app/api/v1/__pycache__/users.cpython-311.pyc index 7584b8b108a89564a716c36cd70d2cab1be8257a..59bbe23fcd3780128b5c18e9d7ee699a4843ca43 100644 GIT binary patch delta 69 zcmdlivQC6|IWI340}wEsU74A@k@qq?pI~uOvR-0AfnG{tNuu87&+Pn+f|?f?P|%IZ M@|?1p4LF$@0nkJgegFUf delta 73 zcmZ1{vRQ<8IWI340}wQ>UzwS)k@qsYuvl?XvR-0AfnIV^X$qK#-~5i9pHWcn0s{)V NF2a^If0Exi}bN~PV diff --git a/server/src/app/crud/__pycache__/crud_metrics.cpython-311.pyc b/server/src/app/data/__pycache__/crud_metrics.cpython-311.pyc similarity index 100% rename from server/src/app/crud/__pycache__/crud_metrics.cpython-311.pyc rename to server/src/app/data/__pycache__/crud_metrics.cpython-311.pyc diff --git a/server/src/app/crud/__pycache__/crud_questions.cpython-311.pyc b/server/src/app/data/__pycache__/crud_questions.cpython-311.pyc similarity index 100% rename from server/src/app/crud/__pycache__/crud_questions.cpython-311.pyc rename to server/src/app/data/__pycache__/crud_questions.cpython-311.pyc diff --git a/server/src/app/crud/__pycache__/crud_user.cpython-311.pyc b/server/src/app/data/__pycache__/crud_user.cpython-311.pyc similarity index 100% rename from server/src/app/crud/__pycache__/crud_user.cpython-311.pyc rename to server/src/app/data/__pycache__/crud_user.cpython-311.pyc diff --git a/server/src/app/data/__pycache__/knowledge.cpython-311.pyc b/server/src/app/data/__pycache__/knowledge.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..0376b554841a46967472cb514ace06ef73cfc3f1 GIT binary patch literal 3426 zcmb_eO=ufO6rR~xX?HE_r>^YUv1==K5+mYDls1rrG)18ygwRm%DGDJd+OeZnf1O!3 zF(}YO4sHlEO=GM>3qG`IOnS(%mmZXJ4-%*#76O4nX>SV2!Q|98EA6hAGK^N-U zgCK|X&@zgL{}!JS$ENZTEz_dT!e=-7^+8@PhEd+fF!LKWoo#Rxpb8~WOP z&^&asmY?i&dxZWG;g`d4AKw4a`38)Nfd%v~;_@}=I=O(Z!O~nn7>){BMmzX?+{eW5 zOaU-SM%PV$wp1wO3{zorg;9PrE-_UY72f%!TnrwIy*!@0S}M>aD_zMIlOJb_rF<^) zP9|Tznn`lXzMw40SvHv|my>$N$RwQ~ohYxHku0MbgI;!&ECPdyZ{Xhne2JcDkpgy?=Y}KcgexoTc8!= z@NWV7+3_U0@B3qo=)q?6;D**3o7!5syHs6ojK!N{@eQRlKC^Z4?!|8|-Mh3g^8b@! zqArhjNO3YXM{09&YC)+T!hq(eGsDX{eQx-l;0XdZq#>7AvX@tO zm)9h#)UcL!hpGun)K0ZSX%@JvWAoUUuwBUu~Qe#o^w4MfGZ6~x+{`GEW?r?66!F`%hrOGQI) zlB}^@wl^F*TlfCMZWCH64)in?rdkUyE57C z2^TQaZmY=NfB<2iY>P14*SrD2@)J?Nul0{OB)4RnTbj!)wh!K8af`hzq*(z00iyzf z0Fb9F(z$jK4?6S{zX9lHM~}!_88S|9a*2V%G+g|501pKfE4lPju(g<|&z!EFsh)Xs zw)y_)4Xvq8wdUsQlSitgN*-uG2RF3a!Kbg2mBR4OHnQQFkX|@l*RV&j$ZbE=V~cdN z(iqHaGj;sbG&iaR@H{1AvD|#5XlCly$3=JL?T~ ze^cFGSNHF&TSP*d5(P&GM3pins+1m`YuzJtOO;o<@(wM0sYOy-lv9V5S^@)}k4H>p zB?CFRoMU3nrpiCh7fLYU&ZZPQ%AADyEdljg!ZPrLlgv6vK4P0id3PlPHJ=D9Rv~BQ zYm?-Ph86uy!VSh^!YcmY4tfrVtW^I}JprSy<>^Vb1UgYm^FIL~1z_Al({=CJLI>)D z&Zj6*_ns}ZQ1_l~*@wrswKjs=UI_W{gwS;%M8NY+_}RkK3!@sC-fJVcJpvE7{nF`K Tat}<%cuF|J?Uld|!&LtPu_>IV literal 0 HcmV?d00001 diff --git a/server/src/app/data/__pycache__/metric.cpython-311.pyc b/server/src/app/data/__pycache__/metric.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..10f169aa0514b82050609558d7b418f2f96072d6 GIT binary patch literal 2735 zcmcIm&1)M+6rb5|S+Z=)PHIQN64=z<`a>NhZY)a2!euj35s?SE8UfxnRV1l6o4}x|u_%ydBBJ>yU)SKWjrv@;)$Up`*k%iOP64ChbY}+Xe0=d07ya}-vfNF5lkUH^bem>7aTQ37|Rv% zj>3pZvbK&LWscZ1mjzC{u}qi^S}rB|JGne@6wB3SvA1UaQQ(C=p;HIQF0xy6c71Q4 zIRN=lL-!F{!$rK`q6ZVN729kv0!uzaM>_z?QA6t5NsVp`)9DdT6@CXW|50NN80CXw z=mW&06=79eKr0xd1%%;OL@9KL=XII#Wl$A}BW4W4QL+Wg%Gr)e$!$v5qApO4D^*rI zSjL^l<8MDnEEX)1poLqxd}1z>FPOQ^OvYSV%p@40_X$lfnoVSumJ&wB&LnE5JiGM3 z>CIA-vB}Mvg!Y3wK0Esv$U1r%=-;{gL+r;`6^U|u@9Pt-@2B8q@X=RgEn3l{B`wM& z;mvSa8?I=>C2g4Z`!@Ubl(H79Xt9zOtEw>69q*FY+|wIQnzC-(+1Xh)aaBX1$od=` zfc5QsnT(6aaVa^j9#3GP-C;8hptuNZY#Dre&F0|qnjc{MU4hVQf4AYMi0(H0eCNW! z?`ur}0Poe{!Mx4dS&SPM&KkevOB#s zz4xFT(JK*sL*;_0t*OT|+cO*Le-FvQ^?4S7#qK1>ugT(bS-KWbpNB9|Cs5lmoLF~w zZo{yP!1KJU)(SnyN50InCR`8>LLClL6Aq4e2a+=n+@VOX!p9A>n~xYzTa91_TY^dB zpt%GuTLt2aC6?cZj50918{LXN`F4MyJdmgiBsP?)2%0LYlh>Sk)95x8ZJe7h>VulP zSHS^D7aU|eS3eh@NlC08OBiVPX#5R^|9>t$mM46bmaUx4_6EXpHYgY4Cf zNB7IxXhj<>X`}6xgkRDTUIJ=_*NqWgH(F#(Z5!tmkMm8v%PJ=)#N!DmIi()YVxaSS z*wNTM(<;FJYUje^W`suUfjP@trnZBMI`9@ATKTyzbu0Kr!Zd-mSB4 znsdZl-gYku<%f8PPJtpfDZbS{gXxw{@&%m&8UJg;o&kaTf$<3%FLirfp~;f}IYHAU z|8s)IO8%!R$vCq2ZWY0&orGmP$YmZ0i(vU7oHw`hlO73=?4_y*KIanp9_-*>{7N9_ literal 0 HcmV?d00001 diff --git a/server/src/app/data/__pycache__/question.cpython-311.pyc b/server/src/app/data/__pycache__/question.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..4ca09b30b121e5bd93bb8acacb9c7ad499173e6a GIT binary patch literal 2688 zcmcIm&1)M+6rb4-?Z~pF)ZVm~UDt9Va5r`>dT>cezm!W`Ql~Y(G`a*uJF%6lBxhz_ zJ0L?2p}3~d)Wq0O0zMSC#`I4pRH4Tnq#&qS2n2d*Zwk)Ag(%4Ft-2L%YH2*^p}`4hU77aUjnm*Ok`pUH@}cwSZN!yjX+^$< zmN7=x5Qbk7&7nPf)livO1`|7W)ewd8O zrI?b8Yo&1vv^#X-0F2W>$5z3&H*9ej-e?EePFFCr+TZg16wxi;&uteH?Y>qe0HKKO zu~C#dEajrSLynn&U>EKtTvwG-f>4=5EC?=)U=xN+Y>|mwIO_5OWz^}toi8j~)SRc+ zv!)}#tmG5UB&a4IhduX05D?0Co^=>BPmsR<(s$33gk9#ptC)C(E zoLzUMK7MIdV2{ zyQ$zF)E+tnHF9garL@Po}Rk&0LYJ|k0z$NX0T#)f@h^g(Q?`;YQ zN6LXi8X;j2D3&U!93U;_!l8#=&0k<6OSM))s?Bg5yX5Z(Z;Bvn5}oL@NJ?~`mZW)!VqYrCB{t7&SuXlY z{&_#h%wP+W?z_Y072R*BAS)mTboCCIAJGFw5ViUUSp0erEc;LgUi&}}>7hBIh5y8< zHOW%u3?T|jWy>#&qLDW>YOybc!J+jVj|m&pxE$z?*}S0Quc8NHy|&iR4NrrOX0=>H^ibQaRrTv za1K)7;OX?clbOY(l9Ay{R}1CL#awx*SjZjA6_*!t892^w44x4@pUEvRXY`zz%itN$ zF5j|(d2ZxP;|lh91ct(y#dpBg$m>A#(SdJMcT+n=_8qRBZ>y1e!Hr<`TvJW7)I>u~ zpeDQ#ZmMG~b*!O|VL!4Fsj;S-Y^lkHn%q&~Rr`IL{e>g_jjXF1B)xt6c942UCHtal zpNmmg-=j0xv|LZK?4(kkrob%~H&M=&jKSbJ1ke};Jf;t3>5z%X(xJW3*%}CkUjOUv zI2H1h4TZfUtV#gBp7D3*0hmf2Pq`v*;qCX)HfXvqU1dXpkIfMtfFU%s3qOt<;o*f}<5REVQ%}t&tG}qPrax=Ov#oe`JxeO`dQ*xE%AgOxtY zrp^-iC1Gco@=~F|^PqJJFVl`!Z4icl9QkjMgSbWp!>&R-fRQTFmJ2_3eIR%MBM%7} zc^5GLL4e`=VFn0a#iGV+aPSX6!4II;haagB2(B(5Mj#03HX;Nc2TL3tQ3d9K1Oy=$ z5`%6(dT=xNAb3CYFtqOb|0B=n+65=_oX)1?dWvO_DD^1{+){8;R|>kt7IR`T--0Whl~_C zaPRiU?Z+p!4mKlNE26El_T)@s>`YCqsV^pfKDN&8hT7xlMm$qJS3S3-KPiAFfY3OO zAH2gbFdWCg(4*^GyHY1G^m+9rrBm6YTu-v>gi@cRzz3(IKVUaQVBx)W%)ep*(~5iV zFriD{v|?8^E&^OP5cWn1yDA(|)96sU46bU>;v|+HeDE}k>?9Vy4n?48@E~Y3*?|bA z1G~f#_!+r5Bj~s~X=4&BAHgG@0Q0~iF&Gw3rBXGU>Uc{XZ>Zzm+66(8z{_?Rf+B&S z=+Skp9;t(j_q%qohA%rU*QZ(bs8XM$z%OZGOBG)iOG~gjCz9fgS^J?@n}u3!);5S) zyE?-gvZA{dtm3ZbAnag(u`4%A7AEJIQSBIN$%V4X@dM&`T+hfG;KWYA@6=N;@Ji7* z&1XP|C9}Zrv?EhW+hnpa=>J=vvQ3UO_WpO6k4CHd4uQtY!af?S3e?8D3{0b_>oDj> dYy0i@f0XU!#V2;-Wno4W=m^bw89xde`v?8seBJ;6 literal 0 HcmV?d00001 diff --git a/server/src/app/crud/crud_knowledges.py b/server/src/app/data/knowledge.py similarity index 100% rename from server/src/app/crud/crud_knowledges.py rename to server/src/app/data/knowledge.py diff --git a/server/src/app/crud/crud_metrics.py b/server/src/app/data/metric.py similarity index 100% rename from server/src/app/crud/crud_metrics.py rename to server/src/app/data/metric.py diff --git a/server/src/app/crud/crud_questions.py b/server/src/app/data/question.py similarity index 67% rename from server/src/app/crud/crud_questions.py rename to server/src/app/data/question.py index 6b1b798..f3c568e 100644 --- a/server/src/app/crud/crud_questions.py +++ b/server/src/app/data/question.py @@ -22,18 +22,6 @@ def read_question(question_id: int): question = session.get(Question, question_id) return question -# #TODO adapt logic with args -# def update_question(question_id: int, content: str, uri: str): -# with Session(engine) as session: -# question = session.get(Question, question_id) -# question.content = content if content else question.content -# question.uri = uri if uri else question.uri - -# session.add(question) -# session.commit() -# session.refresh(question) - -#TODO : test def delete_question(question_id: int): with Session(engine) as session: question = session.get(Question, question_id) diff --git a/server/src/app/crud/crud_user.py b/server/src/app/data/user.py similarity index 100% rename from server/src/app/crud/crud_user.py rename to server/src/app/data/user.py diff --git a/server/src/app/faker_seed.py b/server/src/app/faker_seed.py index bd6ae02..12f653a 100644 --- a/server/src/app/faker_seed.py +++ b/server/src/app/faker_seed.py @@ -1,9 +1,9 @@ from src.app.models.knowledge import Knowledge -from src.app.crud.crud_knowledges import create_knowledge +from src.app.data.knowledge import create_knowledge from src.app.models.question import Question -from src.app.crud.crud_questions import create_question +from src.app.data.question import create_question from src.app.models.metric import Metric -from src.app.crud.crud_metrics import create_metric +from src.app.data.metric import create_metric def faker(): knowledge1 = Knowledge(content="La connaissance est une notion aux sens multiples, à la fois utilisée dans le langage courant et objet d'étude poussée de la part des sciences cognitives et des philosophes contemporains. ", uri="https://fr.wikipedia.org/wiki/Connaissance") diff --git a/server/src/app/services/__pycache__/auth.cpython-311.pyc b/server/src/app/services/__pycache__/auth.cpython-311.pyc index 63c9bee5dbfc55bf6875768b84246537b5cf8d1e..81a240e436e247d88150e02582627fd063e7f6e4 100644 GIT binary patch delta 2150 zcmb7EOH3O_7@l3PA9%g2jUl`Y7>o@j#7R)nq$H)G;i-hYAW^ev<7~VOnEHWcmylGn zb|q9rRn;n*s^w5A9NM&1bEwoy`iRsXbEs+}qF5^-<YAcV_`?iofZ`_?NK~wNs&0DAd$pkM)FTj&sJHCg+%(@<*#iQPCh%wnk9`_9iJ~2(#GNOX_~Yax??261)#p^h zSj=K=Of_b89JN{gOFB+Y-_~iKL8OuI4*?0J*Uk>71GM>`XVO?cx- zGi3vmv``YJq?HnSJ~&7TLw8WFvqD1TQ(?cz3``d$1tH}62+W@$lOvM5srDUyi8lf! z54x?k%9DelKZ=&PoymjJf;5@V3Jw8ciJue56??eFj{TswYLhHUzeyAwQ zC1kVL{o$&A>Iyt|1y){Pb4Au&k%B8ylxuG3vx0O`;Go1wd{!(^26NGF{vJw5=0ifkT&BUKY_! z+hw%K;ch@g?Kld9<+#BL2FoB|FC{)|wc-7g?dgZ*NZdnxIn2%qCPZ6DD$$eQ&hiLY2FNvc2wa!lL9UN{ z>0T6Oxchbz5Tl%fjEG&FlVrqGKz|flI2S33S8`F#a;vGCEKZuUX~VJ^3)f*ST1!z6 zrjI8Ufmn58Q&Z>ShYlQ!UpzB-acb=Bg>hwg2oF%3L(>ykO~)rFng(jwW^}WBNhGSH zm0O!ciexaj@1gzMRCiWNRoWb$yrWF>}av0$3MT`${TuH&%3g_J&kb+FQEGnPoR ztdjvbNFK`GToJkR>?@+)!p^^l+6z1X5-)Ik3H=}9L0q_iI$!*YC{n2WHD&G@67%AF z(z2A7o{|0Dw$^8o{Gsyk)eo+&Osq*g>rzkNUG(_#RmIj&0X35|-b<%koOjh$LNI)7 iuwgf;wR3f=Crb#12O&26(#eM1q?$bUE(z_BoPPmhI0;e! delta 1815 zcmZV;T})e5_}tsu+n?Lp-ohw91zK7PbYsOa9g0l1uqnx$apIP(=(^H-fX@Elxh*&Y zp(bQbV?ywlNPNNCqlw>l`I)ejd%pAi-|z37 z+p#|*>RnZJ6Ik0{f0-RyR-1*Nmb*t{Le8CZ>qM7xO5T(72n29PPR)Ch-n=jA%WFwZ zAj_Xd7A%R9Ys@z#n*<^fDz1UE`{>bH0-@w)^B%R@vWNZu)IDng*udUd$)K(#TXk=; z4gA&VzOS@H@^;`KvHr8LXG4-9k-SWF|02=rsB6sz4q@*)3|q2#kR5qK)}c4hh#sJk z2}y5Ul#)@s3Fv0nEwpn&)`P%{>8-SDLe$#;??zpap?>=iFnaV5bg6lP=K|%2^!vXk)wzphC9%%_}_{{^+JZS~*u$d^IB48@8N{E6&x< z&B&<@=fI|OVBI;uKa^w7VtS@`I+xBCQq#MwU{G*k%8ZuEtdQ9cAD9wsjOMQ^{CD}q z;d!y(iV{p~Uc5#Mws&pU$Sf3Kl&~0R#YNM%=QA~h{bi;+Ls@p>R@}ypf(Gm6OOEF2 zR^7XhMsN(a@jQSEsW!D$F4RPuy>%-P`z_G>OQ82&>Oo;6aB(wm@s4sw*{+F#y|o$$ zA_3&~c2xAvYzLIEklFqALkPm*C}J%M0nurWQ; zK?^fkR$M5si$FfE1sg!ATEzR%pE5F2G*20}%X$NLiez1KydI`BUM%LU@iHYnn<-h1 zX4o-?wK((${OufqAj>)W0=ofHY`JK>!bOeRYcdfO{<+q|nO4siG?|~#?EC{w8-GMP z)(?JTr#~@gQm)KXzKjVW4rjZcf5i;6HQhqRapQ diff --git a/server/src/app/services/auth.py b/server/src/app/services/auth.py index 0466b79..7959fda 100644 --- a/server/src/app/services/auth.py +++ b/server/src/app/services/auth.py @@ -5,25 +5,29 @@ from datetime import timedelta, datetime, timezone from typing import Annotated from pydantic import BaseModel - -import jwt -from jwt.exceptions import InvalidTokenError from fastapi import Depends, HTTPException, status from fastapi.security import OAuth2PasswordBearer - +import jwt +from jwt.exceptions import InvalidTokenError from argon2 import PasswordHasher +from argon2.exceptions import ( + VerifyMismatchError, + VerificationError, + InvalidHashError, +) from src.app.models.user import User -from src.app.crud.crud_user import get_user - +from src.app.data.user import get_user load_dotenv() -secret_key = os.environ.get("SECRET") -algorithm = "HS256" -access_token_expire_minutes = 10080 + oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/v1/token") password_hasher = PasswordHasher() +secret_key = os.environ.get("SECRET_SIGN") +algorithm = "HS256" +access_token_expire_minutes = 10080 + class Token(BaseModel): access_token: str token_type: str @@ -34,7 +38,8 @@ class TokenData(BaseModel): def authenticate_user(username: str, password: str): user: User = get_user(username) if not user: - verify_password(password, user.hashed_password) + # Add timing to prevent attack + password_hasher.hash(password) return False if not verify_password(password, user.hashed_password): return False @@ -43,10 +48,9 @@ def authenticate_user(username: str, password: str): def verify_password(plain_password: str, hashed_password: str) -> bool: isValidated: bool = False try: - isValidated = password_hasher.verify(hashed_password, plain_password) - except: - isValidated = False - return isValidated + return password_hasher.verify(hashed_password, plain_password) + except (VerifyMismatchError, VerificationError, InvalidHashError): + return False def create_access_token(data: dict): expire = datetime.now(timezone.utc) + timedelta(minutes=access_token_expire_minutes) @@ -65,7 +69,7 @@ async def get_current_user(token: Annotated[str, Depends(oauth2_scheme)]) -> Use headers={"WWW-Authenticate": "Bearer"}, ) try: - payload = jwt.decode(token, secret_key, algorithm) + payload = jwt.decode(token, secret_key, algorithms=[algorithm]) username = payload.get("sub") if username is None: raise credentials_exception