Spaces:
Sleeping
Sleeping
File size: 3,351 Bytes
ba3347a |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 |
# import bcrypt
# from db import get_db
# import re
# import sqlite3
# # --- Auth Functions ---
# def create_user(username, password):
# # Password policy checks
# if len(password) < 12:
# return False, "Password must be at least 12 characters long."
# if not re.search(r"[A-Z]", password):
# return False, "Password must contain at least one uppercase letter."
# if not re.search(r"[a-z]", password):
# return False, "Password must contain at least one lowercase letter."
# if not re.search(r"\d", password):
# return False, "Password must contain at least one digit."
# if not re.search(r"[!@#$%^&*(),.?\":{}|<>]", password):
# return False, "Password must contain at least one special character (!@#$%^&*(),.?:{}|<>)."
# hashed = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt())
# db = get_db()
# try:
# db.execute("INSERT INTO users (username, password) VALUES (?, ?)", (username, hashed))
# db.commit()
# return True, "User created successfully."
# except sqlite3.IntegrityError:
# return False, "Username already exists."
# except Exception as e:
# print(f"Error creating user: {e}")
# db.rollback()
# return False, "Server error during user creation."
# def verify_user(username, password):
# db = get_db()
# user = db.execute("SELECT id, password FROM users WHERE username = ?", (username,)).fetchone()
# if user and bcrypt.checkpw(password.encode('utf-8'), user["password"]):
# return user["id"]
# return None
import bcrypt
import re
import sqlite3
from fastapi import Depends
from db import get_db # Assuming get_db is defined in db.py
# In auth.py
def create_user(username, password, db: sqlite3.Connection):
# Password policy checks
if len(password) < 12:
return False, "Password must be at least 12 characters long."
# --- Start of Added Code (Password Rules) ---
if not re.search(r"[A-Z]", password):
return False, "Password must contain at least one uppercase letter."
if not re.search(r"[a-z]", password):
return False, "Password must contain at least one lowercase letter."
if not re.search(r"\d", password):
return False, "Password must contain at least one digit."
# --- End of Added Code ---
if not re.search(r"[!@#$%^&*(),.?\":{}|<>]", password):
return False, "Password must contain at least one special character (!@#$%^&*(),.?:{}|<>)."
hashed = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt())
try:
db.execute("INSERT INTO users (username, password) VALUES (?, ?)", (username, hashed))
db.commit()
return True, "User created successfully."
except sqlite3.IntegrityError:
return False, "Username already exists."
except Exception as e:
print(f"Error creating user: {e}")
db.rollback()
return False, "Server error during user creation."
def verify_user(username, password, db: sqlite3.Connection):
user = db.execute("SELECT id, password FROM users WHERE username = ?", (username,)).fetchone()
if user and bcrypt.checkpw(password.encode('utf-8'), user["password"]):
return user["id"]
return None |