Skip to content

Commit

Permalink
compute password hashes in the background
Browse files Browse the repository at this point in the history
  • Loading branch information
axiomofjoy committed Aug 20, 2024
1 parent 59737da commit 904dc40
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 4 deletions.
8 changes: 7 additions & 1 deletion src/phoenix/server/api/mutations/user_mutations.py
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
import asyncio
from typing import Optional

import strawberry
Expand Down Expand Up @@ -40,7 +41,12 @@ async def create_user(
user_role_id = (
select(models.UserRole.id).where(models.UserRole.name == role_name).scalar_subquery()
)
password_hash = compute_password_hash(password=password, salt=info.context.get_secret())
secret = info.context.get_secret()
loop = asyncio.get_running_loop()
password_hash = await loop.run_in_executor(
executor=None,
func=lambda: compute_password_hash(password=password, salt=secret),
)
try:
async with info.context.db() as session:
user = await session.scalar(
Expand Down
5 changes: 2 additions & 3 deletions src/phoenix/server/api/routers/auth.py
Original file line number Diff line number Diff line change
Expand Up @@ -26,12 +26,11 @@ async def login(
user := await session.scalar(select(models.User).where(models.User.email == email))
) is None or (password_hash := user.password_hash) is None:
return Response(status_code=HTTP_401_UNAUTHORIZED)
secret = request.app.state.get_secret()
loop = asyncio.get_running_loop()
if not await loop.run_in_executor(
executor=None,
func=lambda: is_valid_password(
password=password, salt=request.app.state.get_secret(), password_hash=password_hash
),
func=lambda: is_valid_password(password=password, salt=secret, password_hash=password_hash),
):
return Response(status_code=HTTP_401_UNAUTHORIZED)
response = Response(status_code=HTTP_204_NO_CONTENT)
Expand Down

0 comments on commit 904dc40

Please sign in to comment.