app/security.py

"""Password hashing and session helpers."""
from __future__ import annotations
from passlib.hash import bcrypt
from starlette.requests import Request
from starlette.responses import RedirectResponse


def hash_password(plain: str) -> str:
    return bcrypt.hash(plain)


def verify_password(plain: str, hashed: str) -> bool:
    return bcrypt.verify(plain, hashed)


def get_current_user_id(request: Request) -> int | None:
    return request.session.get("user_id")


def require_login(request: Request):
    uid = get_current_user_id(request)
    if not uid:
        return RedirectResponse("/login", status_code=302)
    return None