agenda/backend-collector
1
0
Fork 0
Code Issues Pull Requests Projects Releases 62 Wiki Activity

Compare commits

base: agenda:1.5.6
Branches Tags
agenda:master agenda:feature/search
agenda:1.7.3 agenda:1.7.2 agenda:1.7.1 agenda:1.7.0 agenda:1.6.9 agenda:1.6.8 agenda:1.6.7 agenda:1.6.6 agenda:1.6.5 agenda:1.6.4 agenda:1.6.3 agenda:1.6.2 agenda:1.6.1 agenda:1.6.0 agenda:1.5.9 agenda:1.5.8 agenda:1.5.7 agenda:1.5.6 agenda:1.5.5 agenda:1.5.4 agenda:1.5.3 agenda:1.5.2 agenda:1.5.1 agenda:1.5.0 agenda:1.4.9 agenda:1.4.8 agenda:1.4.7 agenda:1.4.6 agenda:1.4.5 agenda:1.4.4 agenda:1.4.3 agenda:1.4.2 agenda:1.4.1 agenda:1.4.0 agenda:1.3.6 agenda:1.3.5 agenda:1.3.4 agenda:1.3.3 agenda:1.3.2 agenda:1.3.1 agenda:1.3.0 agenda:1.2.9 agenda:1.2.8 agenda:1.2.7 agenda:1.2.6 agenda:1.2.5 agenda:1.2.4 agenda:1.2.3 agenda:1.2.2 agenda:1.2.1 agenda:1.2.0 agenda:1.1.0 agenda:1.0.9 agenda:1.0.8 agenda:1.0.7 agenda:1.0.6 agenda:1.0.5 agenda:1.0.4 agenda:1.0.3 agenda:1.0.2 agenda:1.0.1 agenda:1.0.0 agenda:0.0.1
..
compare: agenda:feature/oauth
Branches Tags
agenda:master agenda:feature/search
agenda:1.7.3 agenda:1.7.2 agenda:1.7.1 agenda:1.7.0 agenda:1.6.9 agenda:1.6.8 agenda:1.6.7 agenda:1.6.6 agenda:1.6.5 agenda:1.6.4 agenda:1.6.3 agenda:1.6.2 agenda:1.6.1 agenda:1.6.0 agenda:1.5.9 agenda:1.5.8 agenda:1.5.7 agenda:1.5.6 agenda:1.5.5 agenda:1.5.4 agenda:1.5.3 agenda:1.5.2 agenda:1.5.1 agenda:1.5.0 agenda:1.4.9 agenda:1.4.8 agenda:1.4.7 agenda:1.4.6 agenda:1.4.5 agenda:1.4.4 agenda:1.4.3 agenda:1.4.2 agenda:1.4.1 agenda:1.4.0 agenda:1.3.6 agenda:1.3.5 agenda:1.3.4 agenda:1.3.3 agenda:1.3.2 agenda:1.3.1 agenda:1.3.0 agenda:1.2.9 agenda:1.2.8 agenda:1.2.7 agenda:1.2.6 agenda:1.2.5 agenda:1.2.4 agenda:1.2.3 agenda:1.2.2 agenda:1.2.1 agenda:1.2.0 agenda:1.1.0 agenda:1.0.9 agenda:1.0.8 agenda:1.0.7 agenda:1.0.6 agenda:1.0.5 agenda:1.0.4 agenda:1.0.3 agenda:1.0.2 agenda:1.0.1 agenda:1.0.0 agenda:0.0.1

6 Commits
1.5.6 ... feature/oa

Author SHA1 Message Date
Valentin CZERYBA
221bd1e244 rollback 2025-03-06 22:00:52 +01:00
Valentin CZERYBA
4669774cc3 add env facebook 2025-03-01 21:45:10 +01:00
Valentin CZERYBA
a094b56d44 add google client id 2025-03-01 14:02:11 +01:00
Valentin CZERYBA
3e514acb19 add oauth wip 2025-02-24 20:45:52 +01:00
v4l3n71n
a34ba04f78 Merge pull request 'fix password update' (#53) from feature/passwordForgot into master 
Reviewed-on: #53
 2025-02-15 11:09:12 +00:00
Valentin CZERYBA
8f3f2d0f98 fix password update 2025-02-15 12:07:58 +01:00
2 changed files with 24 additions and 2 deletions
Expand all files Collapse all files

9
app/dependencies/users_token.py
View File

@@ -12,11 +12,20 @@ from ..dependencies import database, cookie
SECRET_KEY = "09d25e094faa6ca2556c818166b7a9563b93f7099f6f0f4caa6cf63b88e8d3e7" SECRET_KEY = "09d25e094faa6ca2556c818166b7a9563b93f7099f6f0f4caa6cf63b88e8d3e7"
ALGORITHM = "HS256" ALGORITHM = "HS256"
ACCESS_TOKEN_EXPIRE_MINUTES = 30
pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto") pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
oauth2_scheme = cookie.OAuth2PasswordBearerWithCookie(tokenUrl="token") oauth2_scheme = cookie.OAuth2PasswordBearerWithCookie(tokenUrl="token")
def create_access_token(data: dict, expires_delta: timedelta | None = None):
to_encode = data.copy()
expire = datetime.utcnow() + (expires_delta or timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES))
to_encode.update({"exp": expire})
encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
return encoded_jwt
def verify_password(plain_password, hashed_password): def verify_password(plain_password, hashed_password):
return pwd_context.verify(plain_password, hashed_password) return pwd_context.verify(plain_password, hashed_password)

17
app/routers/password.py
View File

@@ -95,12 +95,25 @@ async def reset_password(request: Request, key: str | None = None, email: str |
@router.post("/password/update", tags=["password"]) @router.post("/password/update", tags=["password"])
async def update_password(request: Request, email: str = Form(...), key: str = Form(...), new_password: str = Form(...)): # Vérification du token dans Redis async def update_password(request: Request, email: str = Form(...), key: str = Form(...), new_password: str = Form(...)): # Vérification du token dans Redis
# Récupérer la clé hachée depuis Redis
key_hashed = database.connect_redis.get(email) key_hashed = database.connect_redis.get(email)
if key_hashed is None or key_hashed.decode() != key: if key_hashed is None:
raise HTTPException( raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST, status_code=status.HTTP_400_BAD_REQUEST,
detail="Key is invalid or expired" detail="Invalid or expired reset key"
)
# Redis stocke les valeurs en `bytes`, donc il faut décoder si nécessaire
if isinstance(key_hashed, bytes):
key_hashed = key_hashed.decode()
# Vérifier que la clé en clair correspond au hash stocké
if not bcrypt.checkpw(key.encode(), key_hashed.encode()):
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="Invalid reset key"
) )
# Recherche de l'utilisateur dans la base de données # Recherche de l'utilisateur dans la base de données