File size: 1,233 Bytes
5dccc28 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 | from datetime import datetime, timedelta, timezone
from jose import JWTError, jwt
from passlib.context import CryptContext
from app.config import get_settings
# Use PBKDF2 for new hashes to avoid bcrypt backend/version issues and
# bcrypt's 72-byte password input limit. Keep bcrypt for legacy verification.
pwd_context = CryptContext(
schemes=["pbkdf2_sha256", "bcrypt"],
deprecated="auto",
)
settings = get_settings()
def hash_password(password: str) -> str:
return pwd_context.hash(password)
def verify_password(password: str, password_hash: str) -> bool:
return pwd_context.verify(password, password_hash)
def create_access_token(subject: str) -> str:
expires_delta = timedelta(minutes=settings.access_token_expire_minutes)
expire = datetime.now(timezone.utc) + expires_delta
payload = {"sub": subject, "exp": expire}
return jwt.encode(payload, settings.secret_key, algorithm=settings.algorithm)
def decode_access_token(token: str) -> str | None:
try:
payload = jwt.decode(token, settings.secret_key, algorithms=[settings.algorithm])
subject = payload.get("sub")
return str(subject) if subject is not None else None
except JWTError:
return None
|