✨ Use pwdlib with Argon2 by default, adding logic (and tests) to autoupdate old passwords using Bcrypt (#2104)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-01-22 07:24:19 -08:00
parent a0fe8a236f
commit 730c6e9ebb
8 changed files with 304 additions and 47 deletions
--- a/backend/app/api/routes/users.py
+++ b/backend/app/api/routes/users.py
@@ -104,7 +104,8 @@ def update_password_me(
    """
    Update own password.
    """
-    if not verify_password(body.current_password, current_user.hashed_password):
+    verified, _ = verify_password(body.current_password, current_user.hashed_password)
+    if not verified:
        raise HTTPException(status_code=400, detail="Incorrect password")
    if body.current_password == body.new_password:
        raise HTTPException(