Files
comiaunicaty/backend/app/core/security.py

45 lines
1.1 KiB
Python

from __future__ import annotations
import hashlib
import hmac
import re
import secrets
from datetime import UTC, datetime, timedelta
from pathlib import Path
from app.core.config import get_settings
def utc_now() -> datetime:
return datetime.now(UTC)
def token_urlsafe(length: int = 32) -> str:
return secrets.token_urlsafe(length)
def short_code(length: int = 6) -> str:
alphabet = "23456789ABCDEFGHJKLMNPQRSTUVWXYZ"
return "".join(secrets.choice(alphabet) for _ in range(length))
def hash_token(raw_token: str) -> str:
settings = get_settings()
return hmac.new(settings.session_secret.encode("utf-8"), raw_token.encode("utf-8"), hashlib.sha256).hexdigest()
def constant_time_equal(left: str, right: str) -> bool:
return hmac.compare_digest(left, right)
def session_expiry(days: int = 30) -> datetime:
return utc_now() + timedelta(days=days)
def sanitize_filename(filename: str) -> str:
cleaned = Path(filename).name.strip().replace("\x00", "")
cleaned = re.sub(r"[^A-Za-z0-9._ -]+", "_", cleaned)
cleaned = re.sub(r"\s+", " ", cleaned).strip(" .")
return cleaned[:180] or "upload.bin"