Replace passlib with direct bcrypt calls, drop passlib dependency

passlib is unmaintained and incompatible with bcrypt 5.0.0 due to its
internal wrap-bug detection test exceeding bcrypt's 72-byte password limit.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-05-25 01:41:27 -07:00
parent b8d2910d7c
commit 3e990cae7e
2 changed files with 3 additions and 7 deletions
+3 -6
View File
@@ -2,8 +2,8 @@ import os
from datetime import datetime, timedelta, timezone
from typing import Optional
import bcrypt
from jose import JWTError, jwt
from passlib.context import CryptContext
from fastapi import Cookie, Depends, HTTPException, Response, status
from sqlalchemy.orm import Session
@@ -16,15 +16,12 @@ ACCESS_TOKEN_EXPIRE_DAYS = 30
COOKIE_NAME = "token"
SECURE_COOKIES = os.environ.get("SECURE_COOKIES", "true").lower() == "true"
pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
def verify_password(plain_password: str, hashed_password: str) -> bool:
return pwd_context.verify(plain_password, hashed_password)
return bcrypt.checkpw(plain_password.encode(), hashed_password.encode())
def hash_password(password: str) -> str:
return pwd_context.hash(password)
return bcrypt.hashpw(password.encode(), bcrypt.gensalt()).decode()
def create_access_token(user_id: int, username: str, is_admin: bool, user_timezone: str = "UTC", admin_id: Optional[int] = None) -> str: