Andrei Neagoie Python -

def test_hash_password_weak(self): hasher = PasswordHasher() with pytest.raises(ValidationError): hasher.hash_password("weak")

def __init__(self, secret_key: str, token_expiry_minutes: int = 60): """ Initialize token manager Args: secret_key: Secret key for JWT signing token_expiry_minutes: Token expiration time in minutes """ self.secret_key = secret_key self.token_expiry_minutes = token_expiry_minutes

# Register user try: user = auth_service.register_user("user@example.com", "MySecurePass123!") print(f"✅ User registered: user.email") except ValidationError as e: print(f"❌ Registration failed: e") andrei neagoie python

class InvalidPasswordError(AuthenticationError): """Raised when password is incorrect""" pass

def generate_token(self, user_id: str, email: str) -> str: """ Generate JWT token for authenticated user Args: user_id: User's unique identifier email: User's email address Returns: JWT token string """ payload = 'user_id': user_id, 'email': email, 'exp': datetime.utcnow() + timedelta(minutes=self.token_expiry_minutes), 'iat': datetime.utcnow(), 'jti': str(uuid4()) # Unique token ID return jwt.encode(payload, self.secret_key, algorithm='HS256') email: str) -&gt

@staticmethod def hash_password(password: str) -> str: """ Hash password using SHA-256 with salt Args: password: Plain text password Returns: String containing salt and hash separated by colon Raises: ValidationError: If password doesn't meet security requirements """ PasswordHasher._validate_password_strength(password) # Generate random salt (32 bytes) salt = os.urandom(32) # Hash password with salt password_hash = hashlib.pbkdf2_hmac( 'sha256', password.encode('utf-8'), salt, 100000 # Number of iterations ) # Return salt and hash as hex strings return f"salt.hex():password_hash.hex()"

def test_token_validation(self, auth_service): auth_service.register_user("test@example.com", "ValidPass123!") token, _ = auth_service.login("test@example.com", "ValidPass123!", "10.0.0.1") user = auth_service.verify_token(token) assert user.email == "test@example.com" _ = auth_service.login("test@example.com"

def test_register_user_success(self, auth_service): user = auth_service.register_user("test@example.com", "ValidPass123!") assert user.email == "test@example.com" assert user.user_id is not None