Hugging Face's logo

Spaces:
Legal-Assistant
/
LawBot
Running

App Files Community
Vishwanath77 commited on
Commit
bccefa7
·
verified ·
1 Parent(s): 5ed4dc4

Upload 2 files

Browse files
Files changed (2) hide show
  1. src/apps/app.py +6 -2
  2. src/apps/auth.py +51 -42
src/apps/app.py CHANGED
@@ -180,7 +180,7 @@ async def login(response: Response, user: UserLogin, db: AsyncSession = Depends(
180
  httponly=True,
181
  max_age=ACCESS_TOKEN_EXPIRE_MINUTES * 60,
182
  samesite="lax",
183
- secure=False # Set to True in production with HTTPS
184
  )
185
 
186
  print(f"Login successful for {db_user.username}, role: {db_user.role}")
@@ -194,7 +194,11 @@ async def login(response: Response, user: UserLogin, db: AsyncSession = Depends(
194
 
195
  @app.post("/api/logout")
196
  async def logout(response: Response):
197
- response.delete_cookie("access_token")
 
 
 
 
198
  return {"message": "Logged out successfully"}
199
 
200
  @app.post("/api/forgot-password")
 
180
  httponly=True,
181
  max_age=ACCESS_TOKEN_EXPIRE_MINUTES * 60,
182
  samesite="lax",
183
+ secure=True # Required for Hugging Face HTTPS
184
  )
185
 
186
  print(f"Login successful for {db_user.username}, role: {db_user.role}")
 
194
 
195
  @app.post("/api/logout")
196
  async def logout(response: Response):
197
+ response.delete_cookie(
198
+ key="access_token",
199
+ samesite="lax",
200
+ secure=True
201
+ )
202
  return {"message": "Logged out successfully"}
203
 
204
  @app.post("/api/forgot-password")
src/apps/auth.py CHANGED
@@ -1,42 +1,51 @@
1
- from datetime import datetime, timedelta
2
- from typing import Optional
3
- import bcrypt
4
-
5
- # Monkeypatch bcrypt for passlib compatibility if needed
6
- if not hasattr(bcrypt, "__about__"):
7
- bcrypt.__about__ = type('About', (object,), {'__version__': bcrypt.__version__})
8
-
9
- from jose import JWTError, jwt
10
- from passlib.context import CryptContext
11
- import os
12
- from dotenv import load_dotenv
13
-
14
- load_dotenv()
15
-
16
- SECRET_KEY = os.getenv("SECRET_KEY", "your_secret_key")
17
- ALGORITHM = os.getenv("ALGORITHM", "HS256")
18
- ACCESS_TOKEN_EXPIRE_MINUTES = int(os.getenv("ACCESS_TOKEN_EXPIRE_MINUTES", 30))
19
-
20
- _pwd_context = None
21
-
22
- def get_pwd_context():
23
- global _pwd_context
24
- if _pwd_context is None:
25
- _pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
26
- return _pwd_context
27
-
28
- def verify_password(plain_password, hashed_password):
29
- return get_pwd_context().verify(plain_password, hashed_password)
30
-
31
- def get_password_hash(password):
32
- return get_pwd_context().hash(password)
33
-
34
- def create_access_token(data: dict, expires_delta: Optional[timedelta] = None):
35
- to_encode = data.copy()
36
- if expires_delta:
37
- expire = datetime.utcnow() + expires_delta
38
- else:
39
- expire = datetime.utcnow() + timedelta(minutes=15)
40
- to_encode.update({"exp": expire})
41
- encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
42
- return encoded_jwt
 
 
 
 
 
 
 
 
 
 
1
+ from datetime import datetime, timedelta
2
+ from typing import Optional
3
+ import os
4
+ import bcrypt
5
+ from jose import JWTError, jwt
6
+ from passlib.context import CryptContext
7
+ from dotenv import load_dotenv
8
+
9
+ # --- BCrypt Compatibility Fix ---
10
+ # Satisfy passlib's check for the bcrypt library version (needed for modern Python/BCrypt compatibility)
11
+ if not hasattr(bcrypt, "__about__"):
12
+ bcrypt.__about__ = type('About', (object,), {'__version__': bcrypt.__version__})
13
+
14
+ load_dotenv()
15
+
16
+ # --- Configuration ---
17
+ # Use environment variables or local fallback for development
18
+ # SECRET_KEY is used for signing JWT tokens and should be 32+ characters
19
+ SECRET_KEY = os.getenv("SECRET_KEY", "f1fda542576b459ee24bf2d459711a439576da2d804dcbb35de9e18261")
20
+ ALGORITHM = os.getenv("ALGORITHM", "HS256")
21
+ ACCESS_TOKEN_EXPIRE_MINUTES = int(os.getenv("ACCESS_TOKEN_EXPIRE_MINUTES", 30))
22
+
23
+ # --- Password Management ---
24
+ # Using the standard bcrypt hashing scheme with passlib
25
+ pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
26
+
27
+ def verify_password(plain_password: str, hashed_password: str) -> bool:
28
+ """Verifies a plain text password against its hashed version."""
29
+ try:
30
+ if isinstance(hashed_password, str):
31
+ hashed_password = hashed_password.encode('utf-8')
32
+ return pwd_context.verify(plain_password, hashed_password)
33
+ except Exception:
34
+ return False
35
+
36
+ def get_password_hash(password: str) -> str:
37
+ """Creates a secure hash for a password."""
38
+ return pwd_context.hash(password)
39
+
40
+ # --- Token Management ---
41
+ def create_access_token(data: dict, expires_delta: Optional[timedelta] = None) -> str:
42
+ """Generates a signed JWT access token."""
43
+ to_encode = data.copy()
44
+ if expires_delta:
45
+ expire = datetime.utcnow() + expires_delta
46
+ else:
47
+ expire = datetime.utcnow() + timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
48
+
49
+ to_encode.update({"exp": expire})
50
+ encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
51
+ return encoded_jwt