extract password hashing into separate module

2025-11-16 16:42:20 +01:00
parent 16bf9b54f2
commit a120512baf
2 changed files with 51 additions and 28 deletions
--- a/database.py
+++ b/database.py
@@ -1,20 +1,20 @@
 from models import User
-from passlib.context import CryptContext
 from settings import settings
 from fastapi import HTTPException, status, Request
 import sqlite3
 import jwt
 import datetime
+import security

 connection = sqlite3.connect('database.db')
 connection.row_factory = sqlite3.Row
 cursor = connection.cursor()

-password_context = CryptContext(schemes=["sha256_crypt"], deprecated="auto")
-

 def init() -> None:
-    # create users table
+    """Initializes the database."""
+
+    # Create users table
    cursor.execute('''
    CREATE TABLE IF NOT EXISTS users (
        id INTEGER PRIMARY KEY,
@@ -23,21 +23,35 @@ def init() -> None:
    )
    ''')

+    # Create logs table
+    cursor.execute('''
+    CREATE TABLE IF NOT EXISTS logs (
+        id INTEGER PRIMARY KEY,
+        user_id INTEGER NOT NULL,
+        calories DOUBLE NOT NULL,
+        description TEXT,
+        timestamp DATETIME DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (user_id) REFERENCES users (id)
+    )
+    ''')
+

 def close() -> None:
+    """Closes the database connection."""
    connection.close()


 def register(user: User) -> None:
-    password = password_context.hash(user.password)
+    """Registers a new user in the database."""
    cursor.execute(
        "INSERT INTO users (name, password) VALUES (?, ?)",
        (user.name,
-         password))
+         security.hash_password(user.password))
    connection.commit()


 def get_user_by_token(request: Request) -> User:
+    """Retrieves a user from the database using a JWT token."""
    token=request.headers.get("Authorization")
    if not token or not token.startswith("Bearer "):
        raise HTTPException(
@@ -69,16 +83,12 @@ def get_user_by_token(request: Request) -> User:


 def login(user: User) -> str:
+    """Logs in a user and returns a JWT token."""
    cursor.execute(
        "SELECT id, name, password FROM users WHERE name = ?", (user.name,))
    row=cursor.fetchone()

-    if not row:
-        raise HTTPException(
-            status_code=status.HTTP_401_UNAUTHORIZED,
-            detail="Invalid credentials"
-        )
-    if not password_context.verify(user.password, row["password"]):
+    if not row or not security.verify_password(user.password, row["password"]):
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Invalid credentials"
--- a/security.py
+++ b/security.py
@@ -0,0 +1,13 @@
+from passlib.context import CryptContext
+
+password_context = CryptContext(schemes=["sha256_crypt"], deprecated="auto")
+
+
+def hash_password(password: str) -> str:
+    """Hashes a plain text password."""
+    return password_context.hash(password)
+
+
+def verify_password(plain_password: str, hashed_password: str) -> bool:
+    """Verifies a plain text password against a hashed password."""
+    return password_context.verify(plain_password, hashed_password)