Security Utilities

This module handles secure password management using the Argon2id algorithm.

async get_password_hash(password: str | bytes) → str

Get password hash.

Parameters:

password (str | bytes) – Plain password.

Returns:

Hashed password.

Return type:

str

async verify_password(plain_password: str | bytes, hashed_password: str) → bool

Verify Password.

Parameters:

• plain_password (str | bytes) – The string or byte password.

• hashed_password (str) – The hash of the password.

Returns:

True if password matches hash.

Return type:

bool

Configuration & Performance

The security module is automatically tuned based on available CPU resources to balance high security with system responsiveness.

• Thread Pool: Uses a ThreadPoolExecutor named “Argon2Pool” to prevent CPU-intensive hashing from blocking the FastAPI event loop.

• Concurrency: Scales dynamically (up to 4 parallel workers) to ensure optimal hashing throughput without resource contention.

• Algorithm:

  • Time Cost: 3

  • Memory Cost: 65536

  • Parallelism: 1