Holo795/Anime-Tracker-API
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: update password handling and constraints

Browse Source
This commit is contained in:
ɧσℓσ
2025-12-02 19:42:59 +01:00
parent f75fc23cb1
commit 3f8dc7e6c5
6 changed files with 18 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
auth.py
View File

@@ -28,12 +28,23 @@ security = HTTPBearer()
def verify_password(plain_password: str, hashed_password: str) -> bool:
"""Vérifier un mot de passe"""
"""Vérifier un mot de passe (bcrypt limite à 72 bytes)"""
# Tronquer le mot de passe à 72 bytes pour éviter l'erreur bcrypt
password_bytes = plain_password.encode('utf-8')
if len(password_bytes) > 72:
password_bytes = password_bytes[:72]
plain_password = password_bytes.decode('utf-8', errors='ignore')
return pwd_context.verify(plain_password, hashed_password)
def get_password_hash(password: str) -> str:
"""Hacher un mot de passe"""
"""Hacher un mot de passe (bcrypt limite à 72 bytes)"""
# Tronquer le mot de passe à 72 bytes pour éviter l'erreur bcrypt
# Encoder en UTF-8 pour obtenir les bytes
password_bytes = password.encode('utf-8')
if len(password_bytes) > 72:
password_bytes = password_bytes[:72]
password = password_bytes.decode('utf-8', errors='ignore')
return pwd_context.hash(password)