# Hashing passwords via FastAPI

The FastAPI documentation already has a good article on this topic: [Click here!](https://fastapi.tiangolo.com/tutorial/security/oauth2-jwt/)

* First thing we have to do is install <mark style="color:orange;">`passlib`</mark> to use<mark style="color:orange;">`bcrypt`</mark>

```bash
pip install passlib[bcrypt]

# If the above does not work use:
pip install passlib
pip install bcrypt
```

* We will have to import the <mark style="color:orange;">`CryptContext`</mark> and tell <mark style="color:orange;">`passlib`</mark> what is the default hashing algorithm&#x20;

```python
from passlib.context import CryptContext

pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
```

* We also have to update the operation path

```python
@app.post("/users", status_code=status.HTTP_201_CREATED, response_model=schemas.UserOut)
def create_user(user: schemas.UserCreate, db: Session = Depends(get_db), ):

    # Hash the Password - user.password
    hashed_password = pwd_context.hash(user.password)
    user.password = hashed_password

    new_user = models.User(**user.dict())

    db.add(new_user)
    db.commit()
    db.refresh(new_user)

    return new_user
```

* Before creating the user, we are getting the password hashed via <mark style="color:orange;">`pwd_context.hash`</mark>&#x20;
* After which we are replacing <mark style="color:orange;">`user.password`</mark> in the schema with the hashed password
* As this is updated it should store the hashed password in the database

#### A better approach would be to create an additional file where we would store useful code

* We will call this file <mark style="color:green;">`utils.py`</mark>
* In this file we can import all the logic and define a function to hash our password

```python
from passlib.context import CryptContext

pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")

def hash(password: str):
    return pwd_context.hash(password)
```

* The thing that changes in our `main.py` file is the import and the variable passed in the operation path

```python
from . import models, schemas, utils

@app.post("/users", status_code=status.HTTP_201_CREATED, response_model=schemas.UserOut)
def create_user(user: schemas.UserCreate, db: Session = Depends(get_db), ):

    # Hash the Password - user.password
    hashed_password = utils.hash(user.password) # Here
    user.password = hashed_password

    new_user = models.User(**user.dict())

    db.add(new_user)
    db.commit()
    db.refresh(new_user)

    return new_user
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.arkannis.net/programming/python/frameworks/fastapi/hashing-passwords-via-fastapi.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.