CodeReview/backend/app/core/security.py

from datetime import datetime, timedelta, timezone
from typing import Any, Union
from jose import jwt
import bcrypt

from app.core.config import settings

ALGORITHM = settings.ALGORITHM

def create_access_token(
    subject: Union[str, Any], expires_delta: timedelta = None
) -> str:
    if expires_delta:
        expire = datetime.now(timezone.utc) + expires_delta
    else:
        expire = datetime.now(timezone.utc) + timedelta(
            minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES
        )
    to_encode = {"exp": expire, "sub": str(subject)}
    encoded_jwt = jwt.encode(to_encode, settings.SECRET_KEY, algorithm=ALGORITHM)
    return encoded_jwt

def verify_password(plain_password: str, hashed_password: str) -> bool:
    """
    Verify a password against a hash.
    Explicitly truncate to 72 bytes to avoid bcrypt ValueError and maintain compatibility.
    """
    if not plain_password or not hashed_password:
        return False
        
    try:
        password_bytes = plain_password.encode("utf-8")
        if len(password_bytes) > 72:
            password_bytes = password_bytes[:72]
            
        return bcrypt.checkpw(
            password_bytes,
            hashed_password.encode("utf-8")
        )
    except Exception:
        return False

def get_password_hash(password: str) -> str:
    """
    Generate a bcrypt hash of the password.
    Explicitly truncate to 72 bytes for consistency.
    """
    password_bytes = password.encode("utf-8")
    if len(password_bytes) > 72:
        password_bytes = password_bytes[:72]
        
    salt = bcrypt.gensalt()
    return bcrypt.hashpw(password_bytes, salt).decode("utf-8")
fix: 修复时间显示问题，使用带时区的UTC时间 - 将所有 datetime.utcnow() 替换为 datetime.now(timezone.utc) - 修复 completed_at, started_at, updated_at, resolved_at 等时间字段 - 修复 JWT token 过期时间计算 - 修复数据导出和ZIP上传时间戳 - 调整README中项目管理和审计报告图片显示比例 2025-12-09 17:47:34 +08:00			`from datetime import datetime, timedelta, timezone`
refactor: 重构项目结构，将前端和后端代码分离到独立目录 - 将前端代码移动到 frontend/ 目录 - 将后端代码移动到 backend/ 目录 - 更新 .gitignore 以包含 Python 和前端构建产物 - 修复 LLM JSON 解析问题，增强错误处理 - 修复前端配置默认值，改为从后端获取 - 删除 AdminDashboard 中的数据库信息和统计卡片 - 完善系统配置管理，支持从后端获取默认配置 2025-11-26 21:11:12 +08:00			`from typing import Any, Union`
			`from jose import jwt`
feat: Add Gitea username integration, refactor password hashing with direct bcrypt, and remove frontend version displays. 2026-01-05 13:47:48 +08:00			`import bcrypt`
feat: Add CI/CD integration with Gitea webhooks and pull request review functionality. 2025-12-31 16:40:33 +08:00
refactor: 重构项目结构，将前端和后端代码分离到独立目录 - 将前端代码移动到 frontend/ 目录 - 将后端代码移动到 backend/ 目录 - 更新 .gitignore 以包含 Python 和前端构建产物 - 修复 LLM JSON 解析问题，增强错误处理 - 修复前端配置默认值，改为从后端获取 - 删除 AdminDashboard 中的数据库信息和统计卡片 - 完善系统配置管理，支持从后端获取默认配置 2025-11-26 21:11:12 +08:00			`from app.core.config import settings`

			`ALGORITHM = settings.ALGORITHM`

			`def create_access_token(`
			`subject: Union[str, Any], expires_delta: timedelta = None`
			`) -> str:`
			`if expires_delta:`
fix: 修复时间显示问题，使用带时区的UTC时间 - 将所有 datetime.utcnow() 替换为 datetime.now(timezone.utc) - 修复 completed_at, started_at, updated_at, resolved_at 等时间字段 - 修复 JWT token 过期时间计算 - 修复数据导出和ZIP上传时间戳 - 调整README中项目管理和审计报告图片显示比例 2025-12-09 17:47:34 +08:00			`expire = datetime.now(timezone.utc) + expires_delta`
refactor: 重构项目结构，将前端和后端代码分离到独立目录 - 将前端代码移动到 frontend/ 目录 - 将后端代码移动到 backend/ 目录 - 更新 .gitignore 以包含 Python 和前端构建产物 - 修复 LLM JSON 解析问题，增强错误处理 - 修复前端配置默认值，改为从后端获取 - 删除 AdminDashboard 中的数据库信息和统计卡片 - 完善系统配置管理，支持从后端获取默认配置 2025-11-26 21:11:12 +08:00			`else:`
fix: 修复时间显示问题，使用带时区的UTC时间 - 将所有 datetime.utcnow() 替换为 datetime.now(timezone.utc) - 修复 completed_at, started_at, updated_at, resolved_at 等时间字段 - 修复 JWT token 过期时间计算 - 修复数据导出和ZIP上传时间戳 - 调整README中项目管理和审计报告图片显示比例 2025-12-09 17:47:34 +08:00			`expire = datetime.now(timezone.utc) + timedelta(`
refactor: 重构项目结构，将前端和后端代码分离到独立目录 - 将前端代码移动到 frontend/ 目录 - 将后端代码移动到 backend/ 目录 - 更新 .gitignore 以包含 Python 和前端构建产物 - 修复 LLM JSON 解析问题，增强错误处理 - 修复前端配置默认值，改为从后端获取 - 删除 AdminDashboard 中的数据库信息和统计卡片 - 完善系统配置管理，支持从后端获取默认配置 2025-11-26 21:11:12 +08:00			`minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES`
			`)`
			`to_encode = {"exp": expire, "sub": str(subject)}`
			`encoded_jwt = jwt.encode(to_encode, settings.SECRET_KEY, algorithm=ALGORITHM)`
			`return encoded_jwt`

			`def verify_password(plain_password: str, hashed_password: str) -> bool:`
feat: Add Gitea username integration, refactor password hashing with direct bcrypt, and remove frontend version displays. 2026-01-05 13:47:48 +08:00			`"""`
			`Verify a password against a hash.`
			`Explicitly truncate to 72 bytes to avoid bcrypt ValueError and maintain compatibility.`
			`"""`
			`if not plain_password or not hashed_password:`
			`return False`

			`try:`
			`password_bytes = plain_password.encode("utf-8")`
			`if len(password_bytes) > 72:`
			`password_bytes = password_bytes[:72]`

			`return bcrypt.checkpw(`
			`password_bytes,`
			`hashed_password.encode("utf-8")`
			`)`
			`except Exception:`
			`return False`
refactor: 重构项目结构，将前端和后端代码分离到独立目录 - 将前端代码移动到 frontend/ 目录 - 将后端代码移动到 backend/ 目录 - 更新 .gitignore 以包含 Python 和前端构建产物 - 修复 LLM JSON 解析问题，增强错误处理 - 修复前端配置默认值，改为从后端获取 - 删除 AdminDashboard 中的数据库信息和统计卡片 - 完善系统配置管理，支持从后端获取默认配置 2025-11-26 21:11:12 +08:00
			`def get_password_hash(password: str) -> str:`
feat: Add Gitea username integration, refactor password hashing with direct bcrypt, and remove frontend version displays. 2026-01-05 13:47:48 +08:00			`"""`
			`Generate a bcrypt hash of the password.`
			`Explicitly truncate to 72 bytes for consistency.`
			`"""`
			`password_bytes = password.encode("utf-8")`
			`if len(password_bytes) > 72:`
			`password_bytes = password_bytes[:72]`

			`salt = bcrypt.gensalt()`
			`return bcrypt.hashpw(password_bytes, salt).decode("utf-8")`
refactor: 重构项目结构，将前端和后端代码分离到独立目录 - 将前端代码移动到 frontend/ 目录 - 将后端代码移动到 backend/ 目录 - 更新 .gitignore 以包含 Python 和前端构建产物 - 修复 LLM JSON 解析问题，增强错误处理 - 修复前端配置默认值，改为从后端获取 - 删除 AdminDashboard 中的数据库信息和统计卡片 - 完善系统配置管理，支持从后端获取默认配置 2025-11-26 21:11:12 +08:00
feat: Refactor frontend layout with new sidebar and i18n, update backend LLM adapters, and adjust database models. 2025-11-27 18:01:57 +08:00
feat(agent): implement Agent audit module with LangGraph integration - Introduce new Agent audit functionality for autonomous code security analysis and vulnerability verification. - Add API endpoints for managing Agent tasks and configurations. - Implement UI components for Agent mode selection and embedding model configuration. - Enhance the overall architecture with a focus on RAG (Retrieval-Augmented Generation) for improved code semantic search. - Create a sandbox environment for secure execution of vulnerability tests. - Update documentation to include details on the new Agent audit features and usage instructions. 2025-12-11 19:09:10 +08:00
feat(agent): implement streaming support for agent events and enhance UI components - Introduce streaming capabilities for agent events, allowing real-time updates during audits. - Add new hooks for managing agent stream events in React components. - Enhance the AgentAudit page to display LLM thinking processes and tool call details in real-time. - Update API endpoints to support streaming event data and improve error handling. - Refactor UI components for better organization and user experience during audits. 2025-12-11 20:33:46 +08:00

chore: reduce logging verbosity and clean up file formatting - Change logger.info to logger.debug in agent_tasks.py streaming and tree endpoints - Disable SQLAlchemy echo mode in database session configuration - Suppress uvicorn access logs and LiteLLM INFO level logging in main application - Remove LogViewer component and LogsPage from frontend - Add trailing newlines to multiple backend configuration and model files - Update frontend routing to remove logs page reference - Improve application startup logging clarity by filtering verbose third-party logs 2025-12-12 15:50:48 +08:00