From eb56623bd4525a1a410d3f251cc0fbc83a75fd19 Mon Sep 17 00:00:00 2001
From: coolneng <akasroua@gmail.com>
Date: Wed, 30 Sep 2020 11:27:48 +0200
Subject: [PATCH] Store password as a hash

---
 app/routes.py    |  5 ++---
 database/crud.py | 10 ++++++++++
 shell.nix        |  2 ++
 3 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/app/routes.py b/app/routes.py
index 791d9ed..8be6d83 100644
--- a/app/routes.py
+++ b/app/routes.py
@@ -4,17 +4,16 @@ from sqlalchemy.orm import Session
 
 from app.external_services import resend_otp, send_otp
 from app.schemas import *
-from database.crud import get_db, insert_data, verify_otp
+from database.crud import add_user, get_db, verify_otp
 
 router = APIRouter()
 
 oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
 
 
-# FIXME Password hash
 @router.post("/register", response_model=UserCreateResponse)
 def create_user(data: UserCreate, db: Session = Depends(get_db)):
-    user = insert_data(model="Users", data=data, db=db)
+    user = add_user(data=data, db=db)
     send_otp(data=user, db=db)
     return user
 
diff --git a/database/crud.py b/database/crud.py
index 9c5ea6d..f3db7a6 100644
--- a/database/crud.py
+++ b/database/crud.py
@@ -1,11 +1,15 @@
 from datetime import datetime
 from fastapi import HTTPException
+from passlib.context import CryptContext
 
 from app.schemas import *
 from database import SessionLocal
 from database.models import *
 
 
+pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
+
+
 def get_db():
     db = SessionLocal()
     try:
@@ -43,6 +47,12 @@ def fetch_user_by_email(data, db):
     return db.query(Users).filter(Users.email == data.email).first()
 
 
+def add_user(data, db):
+    data.password = pwd_context.hash(data.password)
+    user = insert_data(model="Users", data=data, db=db)
+    return user
+
+
 def activate_account(data: OTPVerify, db):
     db.query(Users).filter(Users.access_key == data.access_key).update(
         {Users.status: 1}
diff --git a/shell.nix b/shell.nix
index 87b176a..a197bba 100644
--- a/shell.nix
+++ b/shell.nix
@@ -13,6 +13,8 @@ mkShell {
     python38Packages.alembic
     python38Packages.pytest
     python38Packages.twilio
+    python38Packages.passlib
+    python38Packages.bcrypt
     sqlite
     # Development tools
     python38Packages.isort