Spaces:
Runtime error
Runtime error
suhail
commited on
Commit
·
dcd08d5
1
Parent(s):
9d2dad3
security.py
Browse files- src/core/security.py +12 -5
src/core/security.py
CHANGED
|
@@ -146,12 +146,19 @@ def hash_password(password: str) -> str:
|
|
| 146 |
|
| 147 |
def verify_password(plain_password: str, hashed_password: str) -> bool:
|
| 148 |
"""
|
| 149 |
-
Verify
|
| 150 |
"""
|
| 151 |
-
|
| 152 |
-
|
| 153 |
-
|
| 154 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 155 |
|
| 156 |
# =========================
|
| 157 |
# JWT utilities
|
|
|
|
| 146 |
|
| 147 |
def verify_password(plain_password: str, hashed_password: str) -> bool:
|
| 148 |
"""
|
| 149 |
+
Verify password while supporting legacy SHA256+bcrypt hashes.
|
| 150 |
"""
|
| 151 |
+
try:
|
| 152 |
+
# New bcrypt-safe method
|
| 153 |
+
return pwd_context.verify(
|
| 154 |
+
plain_password.encode("utf-8")[:72],
|
| 155 |
+
hashed_password
|
| 156 |
+
)
|
| 157 |
+
except ValueError:
|
| 158 |
+
# Fallback for OLD hashes (sha256 -> bcrypt)
|
| 159 |
+
import hashlib
|
| 160 |
+
legacy = hashlib.sha256(plain_password.encode("utf-8")).hexdigest()
|
| 161 |
+
return pwd_context.verify(legacy, hashed_password)
|
| 162 |
|
| 163 |
# =========================
|
| 164 |
# JWT utilities
|