Spaces:
Running
Running
| # backend/utils/security.py | |
| from passlib.context import CryptContext | |
| from datetime import datetime, timedelta, timezone | |
| from jose import JWTError, jwt | |
| # Configuration de la sécurité | |
| SECRET_KEY = "assistant-web-educatif" | |
| ALGORITHM = "HS256" | |
| ACCESS_TOKEN_EXPIRE_MINUTES = 30 | |
| # Contexte pour le hachage des mots de passe | |
| pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto") | |
| def verify_password(plain_password: str, hashed_password: str) -> bool: | |
| """Vérifie si un mot de passe en clair correspond à un mot de passe haché.""" | |
| return pwd_context.verify(plain_password, hashed_password) | |
| def get_password_hash(password: str) -> str: | |
| """Retourne le hachage d'un mot de passe.""" | |
| return pwd_context.hash(password) | |
| def create_access_token(data: dict, expires_delta: timedelta | None = None): | |
| """Crée un jeton d'accès JWT.""" | |
| to_encode = data.copy() | |
| if expires_delta: | |
| expire = datetime.now(timezone.utc) + expires_delta | |
| else: | |
| expire = datetime.now(timezone.utc) + timedelta(minutes=15) | |
| to_encode.update({"exp": expire}) | |
| encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM) | |
| return encoded_jwt |