Login Process
How the login process works
User logs in with username and password
API checks for user in the database
API checks for the users password if user is found
API hashes password provided again
The hashed password provided should match the hashed password in the database
If they match, user receives token
How to code this
Fist we will have to set up a
auth.py
file to keep it separate in therouters
folderThis makes more sense then having it in a single file
We also need to create a schema for the user login
Now we will store this in our function
We have to make a request to our database, specifically our users table to retrieve the user based on email
If we do not have a user, we need to raise an exception
Now that we have the password, we need to compare this to the hashed password in our database
First we need to hash the provided password (we will create this in the
utils.py
file)
The beauty about CryptContext
is that it has the .verify
method which allows us to hash the password and compare it directly without additional logic
Now we can import this function in our
auth.py
file and verify the passwordAdditionally raise an exception if the password does not match
Next steps would be:
Create Token
Return Token
Last updated