core/security.py

"""
Core Security Utilities

Note: Secret key authentication has been replaced with Google OAuth.
The bcrypt functions below are kept for potential future use (e.g., admin passwords).
"""
import bcrypt


def verify_password(plain_password: str, hashed_password: str) -> bool:
    """
    Verify a password against a bcrypt hash.
    
    Note: This is no longer used for user authentication (moved to Google OAuth).
    Kept for potential admin/internal use cases.
    """
    if isinstance(hashed_password, str):
        hashed_password = hashed_password.encode('utf-8')
    return bcrypt.checkpw(plain_password.encode('utf-8'), hashed_password)


def get_password_hash(password: str) -> str:
    """
    Hash a password using bcrypt.
    
    Note: This is no longer used for user authentication (moved to Google OAuth).
    Kept for potential admin/internal use cases.
    """
    salt = bcrypt.gensalt(rounds=12)
    hashed = bcrypt.hashpw(password.encode('utf-8'), salt)
    return hashed.decode('utf-8')