fix

2025-12-30 16:59:34 +03:00 · 2025-12-30 16:59:34 +03:00 · c34aef8dd7
parent cc7c571115
commit c34aef8dd7
1 changed files with 6 additions and 3 deletions
--- a/backend/src/app/infra/security.py
+++ b/backend/src/app/infra/security.py
@ -1,5 +1,6 @@
 """Security utilities for authentication and authorization."""

+import base64
 import hashlib
 from datetime import datetime, timedelta, timezone
 from typing import Optional
@ -30,8 +31,9 @@ def hash_password(password: str) -> str:
        avoiding bcrypt's 72-byte limitation.
    """
    # Pre-hash with SHA256 to support unlimited password length
-    # This is a common technique to work around bcrypt's 72-byte limit
-    password_hash = hashlib.sha256(password.encode('utf-8')).hexdigest()
+    # Use base64 encoding for compact representation (43 chars < 72 bytes)
+    password_bytes = hashlib.sha256(password.encode('utf-8')).digest()
+    password_hash = base64.b64encode(password_bytes).decode('ascii')
    return pwd_context.hash(password_hash)


@ -47,7 +49,8 @@ def verify_password(plain_password: str, hashed_password: str) -> bool:
        True if password matches, False otherwise
    """
    # Apply same SHA256 pre-hashing as hash_password
-    password_hash = hashlib.sha256(plain_password.encode('utf-8')).hexdigest()
+    password_bytes = hashlib.sha256(plain_password.encode('utf-8')).digest()
+    password_hash = base64.b64encode(password_bytes).decode('ascii')
    return pwd_context.verify(password_hash, hashed_password)