Security Utilities¶

This module handles secure password management using the Argon2id algorithm.

Important

Password hashing is a CPU-bound operation. To prevent blocking the FastAPI asynchronous event loop, all hashing and verification operations are executed within a dedicated thread pool.

cpu_cores = 4¶: The number of logical CPU cores detected in the system.

crypto_executor = <concurrent.futures.thread.ThreadPoolExecutor object>¶: Thread pool dedicated to cryptographic tasks.

hasher = <pwdlib._hash.PasswordHash object>¶: The main password hashing interface, configured with Argon2id parameters.

async get_password_hash(password: str | bytes) → str[source]¶

Get password hash.

Parameters:: password (str | bytes) – Plain password.
Returns:: Hashed password.
Return type:: str

async verify_password(plain_password: str | bytes, hashed_password: str) → bool[source]¶

Verify Password.

Parameters:

plain_password (str | bytes) – The string or byte password.
hashed_password (str) – The hash of the password.

Returns:

True if password matches hash.

Return type:

bool