From 904dc4019c8696cca6a5159a41d1d3bbd765aa31 Mon Sep 17 00:00:00 2001 From: Alexander Song Date: Tue, 20 Aug 2024 16:41:24 -0700 Subject: [PATCH] compute password hashes in the background --- src/phoenix/server/api/mutations/user_mutations.py | 8 +++++++- src/phoenix/server/api/routers/auth.py | 5 ++--- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/src/phoenix/server/api/mutations/user_mutations.py b/src/phoenix/server/api/mutations/user_mutations.py index aad94854f20..2803d64f073 100644 --- a/src/phoenix/server/api/mutations/user_mutations.py +++ b/src/phoenix/server/api/mutations/user_mutations.py @@ -1,3 +1,4 @@ +import asyncio from typing import Optional import strawberry @@ -40,7 +41,12 @@ async def create_user( user_role_id = ( select(models.UserRole.id).where(models.UserRole.name == role_name).scalar_subquery() ) - password_hash = compute_password_hash(password=password, salt=info.context.get_secret()) + secret = info.context.get_secret() + loop = asyncio.get_running_loop() + password_hash = await loop.run_in_executor( + executor=None, + func=lambda: compute_password_hash(password=password, salt=secret), + ) try: async with info.context.db() as session: user = await session.scalar( diff --git a/src/phoenix/server/api/routers/auth.py b/src/phoenix/server/api/routers/auth.py index 0e5cd53c899..ade37a3272a 100644 --- a/src/phoenix/server/api/routers/auth.py +++ b/src/phoenix/server/api/routers/auth.py @@ -26,12 +26,11 @@ async def login( user := await session.scalar(select(models.User).where(models.User.email == email)) ) is None or (password_hash := user.password_hash) is None: return Response(status_code=HTTP_401_UNAUTHORIZED) + secret = request.app.state.get_secret() loop = asyncio.get_running_loop() if not await loop.run_in_executor( executor=None, - func=lambda: is_valid_password( - password=password, salt=request.app.state.get_secret(), password_hash=password_hash - ), + func=lambda: is_valid_password(password=password, salt=secret, password_hash=password_hash), ): return Response(status_code=HTTP_401_UNAUTHORIZED) response = Response(status_code=HTTP_204_NO_CONTENT)