chore: enforce strict typing and internal naming conventions across web components

decnet/web/auth.py

@@ -18,20 +18,20 @@ def verify_password(plain_password: str, hashed_password: str) -> bool:
 
 def get_password_hash(password: str) -> str:
     # Use a cost factor of 12 (default for passlib/bcrypt)
-    salt = bcrypt.gensalt(rounds=12)
-    hashed = bcrypt.hashpw(password.encode("utf-8"), salt)
-    return hashed.decode("utf-8")
+    _salt: bytes = bcrypt.gensalt(rounds=12)
+    _hashed: bytes = bcrypt.hashpw(password.encode("utf-8"), _salt)
+    return _hashed.decode("utf-8")
 
 
 def create_access_token(data: dict[str, Any], expires_delta: Optional[timedelta] = None) -> str:
-    to_encode: dict[str, Any] = data.copy()
-    expire: datetime
+    _to_encode: dict[str, Any] = data.copy()
+    _expire: datetime
     if expires_delta:
-        expire = datetime.now(timezone.utc) + expires_delta
+        _expire = datetime.now(timezone.utc) + expires_delta
     else:
-        expire = datetime.now(timezone.utc) + timedelta(minutes=15)
+        _expire = datetime.now(timezone.utc) + timedelta(minutes=15)
         
-    to_encode.update({"exp": expire})
-    to_encode.update({"iat": datetime.now(timezone.utc)})
-    encoded_jwt: str = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
-    return encoded_jwt
+    _to_encode.update({"exp": _expire})
+    _to_encode.update({"iat": datetime.now(timezone.utc)})
+    _encoded_jwt: str = jwt.encode(_to_encode, SECRET_KEY, algorithm=ALGORITHM)
+    return _encoded_jwt