Spaces:
Building
Building
Update admin_routes.py
Browse files- admin_routes.py +16 -2
admin_routes.py
CHANGED
|
@@ -183,8 +183,22 @@ async def login(request: LoginRequest):
|
|
| 183 |
if not user:
|
| 184 |
raise HTTPException(status_code=401, detail="Invalid credentials")
|
| 185 |
|
| 186 |
-
# Verify password
|
| 187 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 188 |
raise HTTPException(status_code=401, detail="Invalid credentials")
|
| 189 |
|
| 190 |
# Create token
|
|
|
|
| 183 |
if not user:
|
| 184 |
raise HTTPException(status_code=401, detail="Invalid credentials")
|
| 185 |
|
| 186 |
+
# Verify password - Try both bcrypt and SHA256 for backward compatibility
|
| 187 |
+
password_valid = False
|
| 188 |
+
|
| 189 |
+
# First try bcrypt (new format)
|
| 190 |
+
try:
|
| 191 |
+
if user.password_hash.startswith("$2b$") or user.password_hash.startswith("$2a$"):
|
| 192 |
+
password_valid = bcrypt.checkpw(request.password.encode('utf-8'), user.password_hash.encode('utf-8'))
|
| 193 |
+
except:
|
| 194 |
+
pass
|
| 195 |
+
|
| 196 |
+
# If not valid, try SHA256 (old format)
|
| 197 |
+
if not password_valid:
|
| 198 |
+
sha256_hash = hashlib.sha256(request.password.encode('utf-8')).hexdigest()
|
| 199 |
+
password_valid = (user.password_hash == sha256_hash)
|
| 200 |
+
|
| 201 |
+
if not password_valid:
|
| 202 |
raise HTTPException(status_code=401, detail="Invalid credentials")
|
| 203 |
|
| 204 |
# Create token
|