search

mlco2 / codecarbon

Track emissions from Compute and recommend ways to reduce their impact on the environment.
https://mlco2.github.io/codecarbon
MIT License
1.17k stars 177 forks source link

feat: hashed passwords + alembic migration #688

Closed inimaz closed 1 month ago

inimaz commented 1 month ago

2 Flows

Create token flow:

  1. Generate a key
  2. Get a look_up value (to make it easier/faster to read from the db)
  3. Store hashed key with lookup value

Verify token flow:

  1. Get lookup value of the incoming token
  2. Look up by that value all possible candidates + other params (e.g. project_id)
  3. Hash the incoming token
  4. Verify that the hash key is the same as the stored hashed key

Why use bcrypt instead of passlib? It seems passlib is abandoned, in FastApi they recommend using bcrypt ==> https://github.com/fastapi/fastapi/discussions/11773#discussioncomment-10640267

TODO