ti.sil/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2025-12-15 05:45:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

chore/refac: bump bcrypt and remove passlib

Browse source
This commit is contained in:
Timothy Jaeryang Baek 2025-10-01 19:19:56 -05:00
parent 7563a62dfe
commit ebce0578e6
3 changed files with 16 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
backend/open_webui/utils/auth.py
View file

@ -6,7 +6,7 @@ import hmac
import hashlib import hashlib
import requests import requests
import os import os
import bcrypt
from cryptography.hazmat.primitives.ciphers.aead import AESGCM from cryptography.hazmat.primitives.ciphers.aead import AESGCM
from cryptography.hazmat.primitives.asymmetric import ed25519 from cryptography.hazmat.primitives.asymmetric import ed25519
@ -38,11 +38,8 @@ from open_webui.env import (
from fastapi import BackgroundTasks, Depends, HTTPException, Request, Response, status from fastapi import BackgroundTasks, Depends, HTTPException, Request, Response, status
from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
from passlib.context import CryptContext
logging.getLogger("passlib").setLevel(logging.ERROR)
log = logging.getLogger(__name__) log = logging.getLogger(__name__)
log.setLevel(SRC_LOG_LEVELS["OAUTH"]) log.setLevel(SRC_LOG_LEVELS["OAUTH"])
@ -155,19 +152,25 @@ def get_license_data(app, key):
bearer_security = HTTPBearer(auto_error=False) bearer_security = HTTPBearer(auto_error=False)
pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
def verify_password(plain_password, hashed_password): def get_password_hash(password: str) -> str:
"""Hash a password using bcrypt"""
return bcrypt.hashpw(password.encode("utf-8"), bcrypt.gensalt()).decode("utf-8")
def verify_password(plain_password: str, hashed_password: str) -> bool:
"""Verify a password against its hash"""
return ( return (
pwd_context.verify(plain_password, hashed_password) if hashed_password else None bcrypt.checkpw(
plain_password.encode("utf-8"),
hashed_password.encode("utf-8"),
)
if hashed_password
else None
) )
def get_password_hash(password):
return pwd_context.hash(password)
def create_token(data: dict, expires_delta: Union[timedelta, None] = None) -> str: def create_token(data: dict, expires_delta: Union[timedelta, None] = None) -> str:
payload = data.copy() payload = data.copy()

3
backend/requirements.txt
View file

@ -6,9 +6,8 @@ itsdangerous==2.2.0
python-socketio==5.13.0 python-socketio==5.13.0
python-jose==3.4.0 python-jose==3.4.0
passlib[bcrypt]==1.7.4
cryptography cryptography
bcrypt==4.3.0 bcrypt==5.0.0
argon2-cffi==25.1.0 argon2-cffi==25.1.0
PyJWT[crypto]==2.10.1 PyJWT[crypto]==2.10.1
authlib==1.6.3 authlib==1.6.3

3
pyproject.toml
View file

@ -14,9 +14,8 @@ dependencies = [
"python-socketio==5.13.0", "python-socketio==5.13.0",
"python-jose==3.4.0", "python-jose==3.4.0",
"passlib[bcrypt]==1.7.4",
"cryptography", "cryptography",
"bcrypt==4.3.0", "bcrypt==5.0.0",
"argon2-cffi==25.1.0", "argon2-cffi==25.1.0",
"PyJWT[crypto]==2.10.1", "PyJWT[crypto]==2.10.1",
"authlib==1.6.3", "authlib==1.6.3",