File size: 1,591 Bytes
073bb25 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 |
import os
import psycopg2
import bcrypt
from psycopg2.extras import RealDictCursor
from dotenv import load_dotenv
from backend.scripts.db.session import DATABASE_URL
import traceback
def get_db_connection():
return psycopg2.connect(DATABASE_URL, cursor_factory=RealDictCursor)
def hash_unencrypted_passwords():
conn = cursor = None
try:
conn = get_db_connection()
cursor = conn.cursor()
# Find rows with non-bcrypt passwords (e.g. not starting with $2)
cursor.execute("""
SELECT id, user_password
FROM user_profiles
WHERE user_password NOT LIKE '$2%';
""")
users = cursor.fetchall()
print(f"Found {len(users)} users with unencrypted passwords.")
for user in users:
user_id = user['id']
raw_password = user['user_password']
# Hash the plaintext password
hashed_pw = bcrypt.hashpw(raw_password.encode(), bcrypt.gensalt()).decode()
# Update the row with the hashed password
cursor.execute("""
UPDATE user_profiles
SET user_password = %s
WHERE id = %s
""", (hashed_pw, user_id))
conn.commit()
print("Password hashing complete.")
except Exception as e:
print("[ERROR]", e)
traceback.print_exc()
if conn:
conn.rollback()
finally:
if cursor:
cursor.close()
if conn:
conn.close()
if __name__ == "__main__":
hash_unencrypted_passwords()
|