From 81135cb861cf324c361ff777fa21d31d03aa0325 Mon Sep 17 00:00:00 2001
From: anti <samuel@securejump.cl>
Date: Tue, 7 Apr 2026 15:07:46 -0400
Subject: [PATCH] fix: switch to direct bcrypt usage for Python 3.14
 compatibility

---
 decnet/web/auth.py | 14 +++++++++-----
 pyproject.toml     |  1 -
 2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/decnet/web/auth.py b/decnet/web/auth.py
index a4737cf..82809be 100644
--- a/decnet/web/auth.py
+++ b/decnet/web/auth.py
@@ -2,21 +2,25 @@ import os
 from datetime import datetime, timedelta, timezone
 from typing import Optional, Any
 import jwt
-from passlib.context import CryptContext
+import bcrypt
 
 SECRET_KEY: str = os.environ.get("DECNET_SECRET_KEY", "super-secret-key-change-me")
 ALGORITHM: str = "HS256"
 ACCESS_TOKEN_EXPIRE_MINUTES: int = 1440
 
-pwd_context: CryptContext = CryptContext(schemes=["bcrypt"], deprecated="auto")
-
 
 def verify_password(plain_password: str, hashed_password: str) -> bool:
-    return pwd_context.verify(plain_password, hashed_password)
+    return bcrypt.checkpw(
+        plain_password.encode("utf-8"), 
+        hashed_password.encode("utf-8")
+    )
 
 
 def get_password_hash(password: str) -> str:
-    return pwd_context.hash(password)
+    # Use a cost factor of 12 (default for passlib/bcrypt)
+    salt = bcrypt.gensalt(rounds=12)
+    hashed = bcrypt.hashpw(password.encode("utf-8"), salt)
+    return hashed.decode("utf-8")
 
 
 def create_access_token(data: dict[str, Any], expires_delta: Optional[timedelta] = None) -> str:
diff --git a/pyproject.toml b/pyproject.toml
index 84b193b..a91533e 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -21,7 +21,6 @@ dependencies = [
     "uvicorn>=0.29.0",
     "aiosqlite>=0.20.0",
     "PyJWT>=2.8.0",
-    "passlib[bcrypt]>=1.7.4",
 ]
 
 [project.scripts]