Upload auth.py

src/apps/auth.py

@@ -25,17 +25,25 @@ ACCESS_TOKEN_EXPIRE_MINUTES = int(os.getenv("ACCESS_TOKEN_EXPIRE_MINUTES", 30))
 pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
 
 def verify_password(plain_password: str, hashed_password: str) -> bool:
-    """Verifies a plain text password against its hashed version."""
+    """Verifies a plain text password against its hashed version using bcrypt."""
     try:
+        if isinstance(plain_password, str):
+            plain_password = plain_password.encode('utf-8')
         if isinstance(hashed_password, str):
             hashed_password = hashed_password.encode('utf-8')
-        return pwd_context.verify(plain_password, hashed_password)
-    except Exception:
+        return bcrypt.checkpw(plain_password, hashed_password)
+    except Exception as e:
+        print(f"Bcrypt verification error: {e}")
         return False
 
 def get_password_hash(password: str) -> str:
-    """Creates a secure hash for a password."""
-    return pwd_context.hash(password)
+    """Creates a secure bcrypt hash for a password."""
+    if isinstance(password, str):
+        password = password.encode('utf-8')
+    # Generate salt and hash
+    salt = bcrypt.gensalt()
+    hashed = bcrypt.hashpw(password, salt)
+    return hashed.decode('utf-8')
 
 # --- Token Management ---
 def create_access_token(data: dict, expires_delta: Optional[timedelta] = None) -> str: