🔧 Refactored code to use encryption algorithm name from settings for consistency

sameeramin · sameeramin · commit 324a7d99fa4c · 2024-04-08T11:29:15.000+05:00
diff --git a/backend/app/api/deps.py b/backend/app/api/deps.py
@@ -7,7 +7,6 @@
 from pydantic import ValidationError
 from sqlmodel import Session
 
-from app.core import security
 from app.core.config import settings
 from app.core.db import engine
 from app.models import TokenPayload, User
@@ -29,7 +28,7 @@ def get_db() -> Generator[Session, None, None]:
 def get_current_user(session: SessionDep, token: TokenDep) -> User:
     try:
         payload = jwt.decode(
-            token, settings.SECRET_KEY, algorithms=[security.ALGORITHM]
+            token, settings.SECRET_KEY, algorithms=[settings.ALGORITHM]
         )
         token_data = TokenPayload(**payload)
     except (JWTError, ValidationError):
diff --git a/backend/app/core/config.py b/backend/app/core/config.py
@@ -33,6 +33,7 @@ class Settings(BaseSettings):
     ACCESS_TOKEN_EXPIRE_MINUTES: int = 60 * 24 * 8
     DOMAIN: str = "localhost"
     ENVIRONMENT: Literal["local", "staging", "production"] = "local"
+    ALGORITHM: str = "HS256"
 
     @computed_field  # type: ignore[misc]
     @property
diff --git a/backend/app/core/security.py b/backend/app/core/security.py
@@ -9,13 +9,12 @@
 pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
 
 
-ALGORITHM = "HS256"
-
-
 def create_access_token(subject: str | Any, expires_delta: timedelta) -> str:
     expire = datetime.utcnow() + expires_delta
     to_encode = {"exp": expire, "sub": str(subject)}
-    encoded_jwt = jwt.encode(to_encode, settings.SECRET_KEY, algorithm=ALGORITHM)
+    encoded_jwt = jwt.encode(
+        to_encode, settings.SECRET_KEY, algorithm=settings.ALGORITHM
+    )
     return encoded_jwt
 
 
diff --git a/backend/app/utils.py b/backend/app/utils.py
@@ -103,14 +103,16 @@ def generate_password_reset_token(email: str) -> str:
     encoded_jwt = jwt.encode(
         {"exp": exp, "nbf": now, "sub": email},
         settings.SECRET_KEY,
-        algorithm="HS256",
+        algorithm=settings.ALGORITHM,
     )
     return encoded_jwt
 
 
 def verify_password_reset_token(token: str) -> str | None:
     try:
-        decoded_token = jwt.decode(token, settings.SECRET_KEY, algorithms=["HS256"])
+        decoded_token = jwt.decode(
+            token, settings.SECRET_KEY, algorithms=[settings.ALGORITHM]
+        )
         return str(decoded_token["sub"])
     except JWTError:
         return None
