Make bcrypt work factor explicit (13 rounds)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
curo1305
@@ -6,8 +6,11 @@ from jose import jwt
|
|||||||
from app.core.config import settings
|
from app.core.config import settings
|
||||||
|
|
||||||
|
|
||||||
|
_BCRYPT_ROUNDS = 13 # ~300 ms on modern hardware; increase over time as CPUs get faster
|
||||||
|
|
||||||
|
|
||||||
def hash_password(password: str) -> str:
|
def hash_password(password: str) -> str:
|
||||||
return bcrypt.hashpw(password.encode(), bcrypt.gensalt()).decode()
|
return bcrypt.hashpw(password.encode(), bcrypt.gensalt(rounds=_BCRYPT_ROUNDS)).decode()
|
||||||
|
|
||||||
|
|
||||||
def verify_password(plain: str, hashed: str) -> bool:
|
def verify_password(plain: str, hashed: str) -> bool:
|
||||||
|
|||||||
@@ -25,3 +25,15 @@ Added a Groups system (backend models, API, migration) and split the Admin sideb
|
|||||||
- `frontend/src/components/Sidebar.tsx` — Admin item is now an expandable accordion with Users and Groups sub-items
|
- `frontend/src/components/Sidebar.tsx` — Admin item is now an expandable accordion with Users and Groups sub-items
|
||||||
- `backend/STATUS.md` — Documented groups endpoints, models, updated future work
|
- `backend/STATUS.md` — Documented groups endpoints, models, updated future work
|
||||||
- `frontend/STATUS.md` — Documented new routes, pages, API client functions
|
- `frontend/STATUS.md` — Documented new routes, pages, API client functions
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
# 2026-04-17 — Explicit bcrypt work factor
|
||||||
|
|
||||||
|
**Timestamp:** 2026-04-17T15:00:00Z
|
||||||
|
|
||||||
|
## Summary
|
||||||
|
Made the bcrypt cost factor explicit (13 rounds, ~300 ms) in `hash_password` so it is easy to audit and increase over time.
|
||||||
|
|
||||||
|
## Files Modified
|
||||||
|
- `backend/app/core/security.py` — added `_BCRYPT_ROUNDS = 13`; passed `rounds=` to `bcrypt.gensalt()`
|
||||||
|
|||||||
Reference in New Issue
Block a user