Modified files
storeapi/security.py
---
+++
@@ -1,8 +1,19 @@
import logging
+from passlib.context import CryptContext
from storeapi.database import database, user_table
logger = logging.getLogger(__name__)
+
+pwd_context = CryptContext(schemes=["bcrypt"])
+
+
+def get_password_hash(password: str) -> str:
+ return pwd_context.hash(password)
+
+
+def verify_password(plain_password: str, hashed_password: str) -> bool:
+ return pwd_context.verify(plain_password, hashed_password)
async def get_user(email: str):
storeapi/routers/user.py
---
+++
@@ -3,7 +3,7 @@
from fastapi import APIRouter, HTTPException, status
from storeapi.database import database, user_table
from storeapi.models.user import UserIn
-from storeapi.security import get_user
+from storeapi.security import get_password_hash, get_user
logger = logging.getLogger(__name__)
router = APIRouter()
@@ -16,8 +16,8 @@
status_code=status.HTTP_400_BAD_REQUEST,
detail="A user with that email already exists",
)
- # This is a VERY BAD idea! You should never store passwords in plain text!
- query = user_table.insert().values(email=user.email, password=user.password)
+ hashed_password = get_password_hash(user.password)
+ query = user_table.insert().values(email=user.email, password=hashed_password)
logger.debug(query)
storeapi/tests/test_security.py
---
+++
@@ -1,5 +1,10 @@
import pytest
from storeapi import security
+
+
+def test_password_hashes():
+ password = "password"
+ assert security.verify_password(password, security.get_password_hash(password))
@pytest.mark.anyio