from __future__ import annotations import hashlib import hmac import re import secrets from datetime import UTC, datetime, timedelta from pathlib import Path from app.core.config import get_settings def utc_now() -> datetime: return datetime.now(UTC) def token_urlsafe(length: int = 32) -> str: return secrets.token_urlsafe(length) def short_code(length: int = 6) -> str: alphabet = "23456789ABCDEFGHJKLMNPQRSTUVWXYZ" return "".join(secrets.choice(alphabet) for _ in range(length)) def hash_token(raw_token: str) -> str: settings = get_settings() return hmac.new(settings.session_secret.encode("utf-8"), raw_token.encode("utf-8"), hashlib.sha256).hexdigest() def constant_time_equal(left: str, right: str) -> bool: return hmac.compare_digest(left, right) def session_expiry(days: int = 30) -> datetime: return utc_now() + timedelta(days=days) def sanitize_filename(filename: str) -> str: cleaned = Path(filename).name.strip().replace("\x00", "") cleaned = re.sub(r"[^A-Za-z0-9._ -]+", "_", cleaned) cleaned = re.sub(r"\s+", " ", cleaned).strip(" .") return cleaned[:180] or "upload.bin"