refactor to use bcrypt directly

mealie/core/security/hasher.py

@@ -1,7 +1,7 @@
 from functools import lru_cache
 from typing import Protocol
 
-from passlib.context import CryptContext
+import bcrypt
 
 from mealie.core.config import get_app_settings
 
@@ -22,15 +22,16 @@ class FakeHasher:
         return password == hashed
 
 
-class PasslibHasher:
-    def __init__(self) -> None:
-        self.ctx = CryptContext(schemes=["bcrypt"], deprecated="auto")
-
+class BcryptHasher:
     def hash(self, password: str) -> str:
-        return self.ctx.hash(password)
+        password_bytes = password.encode("utf-8")
+        hashed = bcrypt.hashpw(password_bytes, bcrypt.gensalt())
+        return hashed.decode("utf-8")
 
     def verify(self, password: str, hashed: str) -> bool:
-        return self.ctx.verify(password, hashed)
+        password_bytes = password.encode("utf-8")
+        hashed_bytes = hashed.encode("utf-8")
+        return bcrypt.checkpw(password_bytes, hashed_bytes)
 
 
 @lru_cache(maxsize=1)
@@ -40,4 +41,4 @@ def get_hasher() -> Hasher:
     if settings.TESTING:
         return FakeHasher()
 
-    return PasslibHasher()
+    return BcryptHasher()

tests/unit_tests/core/test_security.py

@@ -1,7 +1,7 @@
 from pytest import MonkeyPatch
 
 from mealie.core.config import get_app_settings
-from mealie.core.security.hasher import FakeHasher, PasslibHasher, get_hasher
+from mealie.core.security.hasher import BcryptHasher, FakeHasher, get_hasher
 
 
 def test_get_hasher(monkeypatch: MonkeyPatch):
@@ -16,7 +16,7 @@ def test_get_hasher(monkeypatch: MonkeyPatch):
 
     hasher = get_hasher()
 
-    assert isinstance(hasher, PasslibHasher)
+    assert isinstance(hasher, BcryptHasher)
 
     get_app_settings.cache_clear()
     get_hasher.cache_clear()