fix: update password handling and constraints

.gitignore

@@ -54,3 +54,4 @@ Thumbs.db
 # Docker
 .dockerignore
 
+

auth.py

@@ -28,12 +28,23 @@ security = HTTPBearer()
 
 
 def verify_password(plain_password: str, hashed_password: str) -> bool:
-    """Vérifier un mot de passe"""
+    """Vérifier un mot de passe (bcrypt limite à 72 bytes)"""
+    # Tronquer le mot de passe à 72 bytes pour éviter l'erreur bcrypt
+    password_bytes = plain_password.encode('utf-8')
+    if len(password_bytes) > 72:
+        password_bytes = password_bytes[:72]
+        plain_password = password_bytes.decode('utf-8', errors='ignore')
     return pwd_context.verify(plain_password, hashed_password)
 
 
 def get_password_hash(password: str) -> str:
-    """Hacher un mot de passe"""
+    """Hacher un mot de passe (bcrypt limite à 72 bytes)"""
+    # Tronquer le mot de passe à 72 bytes pour éviter l'erreur bcrypt
+    # Encoder en UTF-8 pour obtenir les bytes
+    password_bytes = password.encode('utf-8')
+    if len(password_bytes) > 72:
+        password_bytes = password_bytes[:72]
+        password = password_bytes.decode('utf-8', errors='ignore')
     return pwd_context.hash(password)
 
 

main.py

@@ -262,3 +262,4 @@ async def health_check():
     """Vérification de l'état de l'API"""
     return {"status": "ok", "message": "API Anime Tracker is running"}
 
+

models.py

@@ -40,3 +40,4 @@ class Anime(Base):
     
     user = relationship("User", back_populates="animes")
 
+

requirements.txt

@@ -7,6 +7,7 @@ pydantic[email]
 pydantic-settings==2.1.0
 python-jose[cryptography]==3.3.0
 passlib[bcrypt]==1.7.4
+bcrypt==4.0.1
 python-multipart==0.0.6
 python-dotenv==1.0.0
 

schemas.py

@@ -11,7 +11,7 @@ from datetime import datetime
 class UserCreate(BaseModel):
     username: str = Field(..., min_length=3, max_length=50)
     email: EmailStr
-    password: str = Field(..., min_length=6)
+    password: str = Field(..., min_length=6, max_length=72)
 
 
 class UserLogin(BaseModel):