Remove bcrypt as a dependency

BCrypt has been superceded by argon, and this commit removes it and all code depending on it from the repository.
author: Frederick Muriuki Muriithi 2023-11-28 09:29:23 +0300
committer: Frederick Muriuki Muriithi 2023-11-28 09:29:23 +0300
commit: d2ad3b1abffdeeb52e1b5f5a303a381aa3dd477c (patch)
tree: 0be0c13400c9cbbf3fc6dfd186e9a7d7565b71cf
parent: 24a66e814fabcce19d2bf6fb48186f5bc86fff38 (diff)
download: gn-auth-d2ad3b1abffdeeb52e1b5f5a303a381aa3dd477c.tar.gz
3 files changed, 0 insertions, 124 deletions
diff --git a/.guix/modules/gn-auth.scm b/.guix/modules/gn-auth.scm
index fc89597..ec91df0 100644
--- a/.guix/modules/gn-auth.scm
+++ b/.guix/modules/gn-auth.scm
@@ -60,7 +60,6 @@
        ("python-authlib" ,python-authlib)
        ("python-pymonad" ,python-pymonad)
        ("yoyo-migrations" ,yoyo-migrations)
-       ("python-bcrypt" ,python-bcrypt) ;; remove after removing all references
        ("python-mysqlclient" ,python-mysqlclient)
        ("python-argon2-cffi" ,python-argon2-cffi)
        ("python-email-validator" ,python-email-validator)))
diff --git a/gn_auth/auth/authentication/__init__.py b/gn_auth/auth/authentication/__init__.py
index 42ceacb..919611e 100644
--- a/gn_auth/auth/authentication/__init__.py
+++ b/gn_auth/auth/authentication/__init__.py
@@ -1,24 +1 @@
 """Handle authentication requests"""
-
-import bcrypt
-
-def credentials_in_database(cursor, email: str, password: str) -> bool:
-    """Check whether credentials are in the database."""
-    if len(email.strip()) == 0 or len(password.strip()) == 0:
-        return False
-
-    cursor.execute(
-        ("SELECT "
-         "users.email, user_credentials.password "
-         "FROM users LEFT JOIN user_credentials "
-         "ON users.user_id = user_credentials.user_id "
-         "WHERE users.email = :email"),
-        {"email": email})
-    results = cursor.fetchall()
-    if len(results) == 0:
-        return False
-
-    assert len(results) == 1, "Expected one row."
-    row = results[0]
-    return (email == row[0] and
-            bcrypt.checkpw(password.encode("utf-8"), row[1]))
diff --git a/tests/unit/auth/test_credentials.py b/tests/unit/auth/test_credentials.py
deleted file mode 100644
index 1953228..0000000
--- a/tests/unit/auth/test_credentials.py
+++ /dev/null
@@ -1,100 +0,0 @@
-"""Test the credentials checks"""
-import pytest
-from yoyo.migrations import MigrationList
-from hypothesis import given, settings, strategies, HealthCheck
-
-from gn_auth.auth.db import sqlite3 as db
-from gn_auth.auth.authentication import credentials_in_database
-from gn_auth.migrations import get_migration, apply_migrations, rollback_migrations
-
-from tests.unit.auth.conftest import migrations_up_to
-
-@pytest.fixture
-def with_credentials_table(backend, auth_testdb_path):
-    """
-    Fixture: Yield a connection object with the 'user_credentials' table
-    created.
-    """
-    migrations_dir = "migrations/auth"
-    migration = f"{migrations_dir}/20221103_02_sGrIs-create-user-credentials-table.py"
-    migrations = (migrations_up_to(migration, migrations_dir) +
-                  MigrationList([get_migration(migration)]))
-    apply_migrations(backend, migrations)
-    with db.connection(auth_testdb_path) as conn:
-        yield conn
-
-    rollback_migrations(backend, migrations)
-
-@pytest.fixture
-def with_credentials(with_credentials_table):# pylint: disable=redefined-outer-name
-    """
-    Fixture: Initialise the database with some user credentials.
-    """
-    with db.cursor(with_credentials_table) as cursor:
-        cursor.executemany(
-            "INSERT INTO users VALUES (:user_id, :email, :name)",
-            ({"user_id": "82552014-21ee-4321-b96a-b8788b97b862",
-              "email": "first@test.user",
-              "name": "First Test User"
-              },
-             {"user_id": "bdd5cb7a-072d-4c2b-9872-d0cecb718523",
-              "email": "second@test.user",
-              "name": "Second Test User"
-              }))
-        cursor.executemany(
-            "INSERT INTO user_credentials VALUES (:user_id, :password)",
-            ({"user_id": "82552014-21ee-4321-b96a-b8788b97b862",
-              "password": b'$2b$12$LAh1PYtUgAFK7d5fA0EfL.4AdTZuYEAfzwO.p.jXVboxcP8bXNj7a'
-              },
-             {"user_id": "bdd5cb7a-072d-4c2b-9872-d0cecb718523",
-              "password": b'$2b$12$zX77QCFSJuwIjAZGc0Jq5.rCWMHEMKD9Zf3Ay4C0AzwsiZ7SSPdKO'
-              }))
-
-        yield with_credentials_table
-
-        cursor.executemany("DELETE FROM user_credentials WHERE user_id=?",
-                           (("82552014-21ee-4321-b96a-b8788b97b862",),
-                            ("bdd5cb7a-072d-4c2b-9872-d0cecb718523",)))
-        cursor.executemany("DELETE FROM users WHERE user_id=?",
-                           (("82552014-21ee-4321-b96a-b8788b97b862",),
-                            ("bdd5cb7a-072d-4c2b-9872-d0cecb718523",)))
-
-@pytest.mark.unit_test
-@given(strategies.emails(), strategies.text())
-@settings(suppress_health_check=[HealthCheck.function_scoped_fixture])
-def test_credentials_not_in_database(with_credentials, email, password):# pylint: disable=redefined-outer-name
-    """
-    GIVEN: credentials that do not exist in the database
-    WHEN: the `credentials_in_database` function is run against the credentials
-    THEN: check that the function returns false in all cases.
-    """
-    with db.cursor(with_credentials) as cursor:
-        assert credentials_in_database(cursor, email, password) is False
-
-@pytest.mark.unit_test
-@pytest.mark.parametrize(
-    "email,password",
-    (("first@test.user", "wrongpassword"),
-     ("first@tes.user", "testuser01")))
-def test_partially_wrong_credentials(with_credentials, email, password):# pylint: disable=redefined-outer-name
-    """
-    GIVEN: credentials that exist in the database
-    WHEN: the credentials are checked with partially wrong values
-    THEN: the check fails since the credentials are not correct
-    """
-    with db.cursor(with_credentials) as cursor:
-        assert credentials_in_database(cursor, email, password) is False
-
-@pytest.mark.unit_test
-@pytest.mark.parametrize(
-    "email,password",
-    (("first@test.user", "testuser01"),
-     ("second@test.user", "testuser02")))
-def test_partially_correct_credentials(with_credentials, email, password):# pylint: disable=redefined-outer-name
-    """
-    GIVEN: credentials that exist in the database
-    WHEN: the credentials are checked with correct values
-    THEN: the check passes
-    """
-    with db.cursor(with_credentials) as cursor:
-        assert credentials_in_database(cursor, email, password) is True
author	Frederick Muriuki Muriithi	2023-11-28 09:29:23 +0300
committer	Frederick Muriuki Muriithi	2023-11-28 09:29:23 +0300
commit	d2ad3b1abffdeeb52e1b5f5a303a381aa3dd477c (patch)
tree	0be0c13400c9cbbf3fc6dfd186e9a7d7565b71cf
parent	24a66e814fabcce19d2bf6fb48186f5bc86fff38 (diff)
download	gn-auth-d2ad3b1abffdeeb52e1b5f5a303a381aa3dd477c.tar.gz