Skip to content

Commit

Permalink
[REFACTOR] argilla server: Remove passlib dependency (#5674)
Browse files Browse the repository at this point in the history
# Description
<!-- Please include a summary of the changes and the related issue.
Please also include relevant motivation and context. List any
dependencies that are required for this change. -->

Closes #5664

**Type of change**
<!-- Please delete options that are not relevant. Remember to title the
PR according to the type of change -->

- Improvement (change adding some improvement to an existing
functionality)

**How Has This Been Tested**
<!-- Please add some reference about how your feature has been tested.
-->

**Checklist**
<!-- Please go over the list and make sure you've taken everything into
account -->

- I added relevant documentation
- I followed the style guidelines of this project
- I did a self-review of my code
- I made corresponding changes to the documentation
- I confirm My changes generate no new warnings
- I have added tests that prove my fix is effective or that my feature
works
- I have added relevant notes to the CHANGELOG.md file (See
https://keepachangelog.com/)

---------

Co-authored-by: José Francisco Calvo <[email protected]>
Co-authored-by: José Francisco Calvo <[email protected]>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
  • Loading branch information
4 people authored Nov 18, 2024
1 parent f9ab910 commit 91ed8ca
Show file tree
Hide file tree
Showing 3 changed files with 24 additions and 37 deletions.
27 changes: 1 addition & 26 deletions argilla-server/pdm.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion argilla-server/pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ dependencies = [
"PyYAML >= 5.4.1,< 6.1.0",
# security dependencies
"python-jose[cryptography] ~= 3.3.0",
"passlib[bcrypt] ~= 1.7.4",
"bcrypt ~= 4.2.0",
# required by fastapi
"python-multipart ~= 0.0.16",
# OAuth2 integration
Expand Down
32 changes: 22 additions & 10 deletions argilla-server/src/argilla_server/contexts/accounts.py
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
from typing import Iterable, List, Sequence, Union
from uuid import UUID

from passlib.context import CryptContext
import bcrypt
from sqlalchemy import exists, select
from sqlalchemy.ext.asyncio import AsyncSession
from sqlalchemy.orm import selectinload
Expand All @@ -27,8 +27,6 @@
from argilla_server.security.authentication.jwt import JWT
from argilla_server.security.authentication.userinfo import UserInfo

_CRYPT_CONTEXT = CryptContext(schemes=["bcrypt"], deprecated="auto")


async def create_workspace_user(db: AsyncSession, workspace_user_attrs: dict) -> WorkspaceUser:
workspace_id = workspace_user_attrs["workspace_id"]
Expand Down Expand Up @@ -168,19 +166,21 @@ async def authenticate_user(db: AsyncSession, username: str, password: str):
elif user:
return
else:
_CRYPT_CONTEXT.dummy_verify()
_dummy_verify()


def hash_password(password: str) -> str:
return _CRYPT_CONTEXT.hash(password)
return bcrypt.hashpw(
bytes(password, encoding="utf-8"),
bcrypt.gensalt(),
).decode("utf-8")


def verify_password(password: str, password_hash: str) -> bool:
return _CRYPT_CONTEXT.verify(password, password_hash)


def _generate_random_password() -> str:
return secrets.token_urlsafe()
return bcrypt.checkpw(
bytes(password, encoding="utf-8"),
bytes(password_hash, encoding="utf-8"),
)


def generate_user_token(user: User) -> str:
Expand All @@ -192,3 +192,15 @@ def generate_user_token(user: User) -> str:
role=user.role,
),
)


_DUMMY_SECRET = "dummy_secret"
_DUMMY_HASH = hash_password(_DUMMY_SECRET)


def _dummy_verify():
verify_password(_DUMMY_SECRET, _DUMMY_HASH)


def _generate_random_password() -> str:
return secrets.token_urlsafe()

0 comments on commit 91ed8ca

Please sign in to comment.