remove bcrypt and simplify auth

app.py

@@ -2,7 +2,7 @@ import streamlit as st
 import random
 import time
 import hmac
-import bcrypt
+import os
 
 st.header(" Scientific Claim Verification ")
 
@@ -18,20 +18,13 @@ def check_password():
 
     def password_entered():
         """Checks whether a password entered by the user is correct."""
-        
-        if st.session_state["username"] in st.secrets["passwords"]:
-            stored_hashed_password = st.secrets["passwords"][st.session_state["username"]]  # Retrieved as a string
-
-            # Convert hashed password back to bytes if it's stored as a string
-            if isinstance(stored_hashed_password, str):
-                stored_hashed_password = stored_hashed_password.encode()
-
-            # Compare user-entered password (encoded) with stored hash
-            if bcrypt.checkpw(st.session_state["password"].encode(), stored_hashed_password):
-                st.session_state["password_correct"] = True
-                del st.session_state["password"]  # Remove credentials from session
-                del st.session_state["username"]
-                return
+
+        stored_password = os.getenv(st.session_state["username"])
+        if stored_password == st.session_state["password"]:
+            st.session_state["password_correct"] = True
+            del st.session_state["password"]  # Remove credentials from session
+            del st.session_state["username"]
+            return
 
           # If authentication fails
         st.session_state["password_correct"] = False

requirements.txt

@@ -1 +0,0 @@
-bcrypt==4.2.1