feat: argon2 password hashing helpers for the portal

2026-06-15 23:29:26 +00:00
parent 33069a070d
commit d44625374d
2 changed files with 51 additions and 0 deletions
@@ -0,0 +1,24 @@
+import pytest
+from backend.auth_passwords import hash_password, verify_password, generate_password
+
+
+def test_hash_is_not_plaintext_and_verifies():
+    h = hash_password("hunter2")
+    assert h != "hunter2"
+    assert h.startswith("$argon2")
+    assert verify_password("hunter2", h) is True
+
+
+def test_verify_rejects_wrong_password():
+    h = hash_password("hunter2")
+    assert verify_password("nope", h) is False
+
+
+def test_verify_is_safe_on_garbage_hash():
+    assert verify_password("anything", "not-a-real-hash") is False
+
+
+def test_generated_password_is_strong_and_unique():
+    a, b = generate_password(), generate_password()
+    assert a != b
+    assert len(a) >= 12