someengineering · meln1k · Sep 13, 2024 · Sep 13, 2024
@@ -310,10 +310,9 @@ async def update(
             if not user_update.current_password:
                 raise exceptions.InvalidPasswordException(reason="Current password is required to update password.")
 
-            db_pwd_hash = user.hashed_password
-            user_pwd_hash = self.password_helper.hash(user_update.current_password)
+            verified, _ = self.password_helper.verify_and_update(user_update.current_password, user.hashed_password)
 
-            if not secrets.compare_digest(db_pwd_hash, user_pwd_hash):
+            if not verified:
                 raise exceptions.InvalidPasswordException(reason="Current password is incorrect.")
 
         return await super().update(user_update, user, safe)

@@ -40,6 +40,7 @@
 from fixbackend.workspaces.models import WorkspaceInvitation
 from fixbackend.workspaces.repository import WorkspaceRepository
 from tests.fixbackend.conftest import InMemoryDomainEventPublisher, InsecureFastPasswordHelper
+from fastapi_users.password import PasswordHelper
 
 
 class InMemoryVerifier(AuthEmailSender):
@@ -156,11 +157,12 @@ async def test_registration_flow(
     workspace_repository: WorkspaceRepository,
     user_repository: UserRepository,
     cert_store: CertificateStore,
-    password_helper: InsecureFastPasswordHelper,
     user_manager: UserManager,
     jwt_strategy: FixJWTStrategy,
     fix_deps: FixDependencies,
 ) -> None:
+
+    user_manager.password_helper = PasswordHelper()
     verifier = fix_deps.service(ServiceNames.auth_email_sender, InMemoryVerifier)
     role_repo = fix_deps.add(ServiceNames.role_repository, InMemoryRoleRepository())
     registration_json = {