backend/app/auth/password.py

"""
Password hashing and verification using bcrypt directly.
"""
import bcrypt


def hash_password(password: str) -> str:
    """Hash a plaintext password using bcrypt."""
    return bcrypt.hashpw(password.encode("utf-8"), bcrypt.gensalt()).decode("utf-8")


def verify_password(plain_password: str, hashed_password: str) -> bool:
    """Verify a plaintext password against a bcrypt hash."""
    try:
        return bcrypt.checkpw(
            plain_password.encode("utf-8"),
            hashed_password.encode("utf-8"),
        )
    except ValueError:
        # bcrypt 4.x raises for oversized inputs; treat them as invalid credentials.
        return False
v1 2026-04-18 07:23:55 +12:00			`"""`
			`Password hashing and verification using bcrypt directly.`
			`"""`
			`import bcrypt`


			`def hash_password(password: str) -> str:`
			`"""Hash a plaintext password using bcrypt."""`
			`return bcrypt.hashpw(password.encode("utf-8"), bcrypt.gensalt()).decode("utf-8")`


			`def verify_password(plain_password: str, hashed_password: str) -> bool:`
			`"""Verify a plaintext password against a bcrypt hash."""`
			`try:`
			`return bcrypt.checkpw(`
			`plain_password.encode("utf-8"),`
			`hashed_password.encode("utf-8"),`
			`)`
			`except ValueError:`
			`# bcrypt 4.x raises for oversized inputs; treat them as invalid credentials.`
			`return False`