Storing user secrets with passlib.

mikeckennedy · mikeckennedy · commit 63072424f4e9 · 2021-01-01T23:01:09.000-08:00
diff --git a/code/ch7-databases/db/pypi.sqlite b/code/ch7-databases/db/pypi.sqlite
diff --git a/code/ch7-databases/requirements.txt b/code/ch7-databases/requirements.txt
@@ -9,4 +9,6 @@ starlette==0.13.6
 SQLAlchemy==1.3.22
 progressbar2
 python-dateutil
+passlib
+
 
diff --git a/code/ch7-databases/services/user_service.py b/code/ch7-databases/services/user_service.py
@@ -1,5 +1,7 @@
 from typing import Optional
 
+from passlib.handlers.sha2_crypt import sha512_crypt as crypto
+
 from data import db_session
 from data.user import User
 
@@ -20,8 +22,7 @@ def create_account(name: str, email: str, password: str) -> User:
         user = User()
         user.email = email
         user.name = name
-        # TODO: Set proper password
-        user.hash_password = "TBD"
+        user.hash_password = crypto.hash(password, rounds=172_434)
 
         session.add(user)
         session.commit()
@@ -39,8 +40,7 @@ def login_user(email: str, password: str) -> Optional[User]:
         if not user:
             return user
 
-        # TODO: Verify password
-        if False:
+        if not crypto.verify(password, user.hash_password):
             return None
 
         return user
