diff --git a/main.py b/main.py index 68755d3..94fbb87 100644 --- a/main.py +++ b/main.py @@ -49,8 +49,8 @@ from fastapi import Depends, FastAPI, HTTPException, Query, Request from fastapi.middleware.cors import CORSMiddleware from fastapi.responses import HTMLResponse, JSONResponse, StreamingResponse from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer +import bcrypt from jose import JWTError, jwt -from passlib.context import CryptContext from pydantic import BaseModel, Field # --------------------------------------------------------------------------- @@ -77,7 +77,6 @@ def app_url(path: str) -> str: _APP_ROOT_JSON = json.dumps(APP_ROOT) -pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto") security_bearer = HTTPBearer(auto_error=False) # 启动时由 load_gateway_config() 填充 @@ -98,12 +97,19 @@ STATUS_LABELS: Dict[str, str] = { } +def _is_bcrypt_hash(value: str) -> bool: + return value.startswith(("$2a$", "$2b$", "$2y$")) + + def hash_password(p: str) -> str: - return pwd_context.hash(p) + return bcrypt.hashpw(p.encode("utf-8"), bcrypt.gensalt()).decode("utf-8") def verify_password(plain: str, hashed: str) -> bool: - return pwd_context.verify(plain, hashed) + try: + return bcrypt.checkpw(plain.encode("utf-8"), hashed.encode("utf-8")) + except (ValueError, TypeError): + return False def generate_api_key() -> str: @@ -138,7 +144,10 @@ def load_gateway_config() -> None: wf.write("\n") _GATE = {"username": username, "api_key": api_key} - _PASSWORD_HASH = hash_password(password) + if _is_bcrypt_hash(password): + _PASSWORD_HASH = password + else: + _PASSWORD_HASH = hash_password(password) def create_web_token(user_id: int) -> str: diff --git a/requirements.txt b/requirements.txt index 8340416..5b22326 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,7 +1,6 @@ typing_extensions>=4.5.0 fastapi>=0.110.0 uvicorn[standard]>=0.27.0 -passlib[bcrypt]>=1.7.4 -bcrypt>=4.0.0,<4.1.0 +bcrypt>=4.0.0,<5.0.0 python-jose[cryptography]>=3.3.0 httpx>=0.27.0