Skip to main content

Overview

The authentication module provides secure user registration and authentication using bcrypt for password hashing. All functions are async and return user dictionaries or None on failure.

Register User

async def register_user(
    name: str,
    email: str,
    student_id: str,
    password: str
) -> Optional[dict]:
    """Hash the password and insert a new user.
    
    Returns user dict or None if email/student_id taken.
    """

Parameters

name
string
required
Full name of the user. Will be stripped of leading/trailing whitespace.
email
string
required
Email address. Converted to lowercase and stripped. Must be unique.
student_id
string
required
Student identifier used for barcode scanner login. Stripped and must be unique.
password
string
required
Plain text password. Will be hashed using bcrypt with auto-generated salt.

Returns

user
dict | None
Returns user object on success, None if email or student_id already exists

Security Notes

  • Passwords are hashed using bcrypt with auto-generated salts
  • Email addresses are case-insensitive (stored as lowercase)
  • Password hashes are never returned in user objects
  • Duplicate emails or student IDs result in None return value

Authenticate User

async def authenticate_user(
    email: str,
    password: str
) -> Optional[dict]:
    """Check email + password.
    
    Returns user dict on success, else None.
    """

Parameters

email
string
required
Email address to authenticate. Converted to lowercase and stripped.
password
string
required
Plain text password to verify against stored hash.

Returns

user
dict | None
Returns user object on successful authentication, None if credentials are invalid

Implementation Details

The function:
  1. Looks up user by email (case-insensitive)
  2. Returns None if user not found
  3. Verifies password using bcrypt.checkpw()
  4. Returns user dict (without password_hash) if password matches
  5. Returns None if password doesn’t match

Get User by ID

async def get_user_by_id(student_id_input: str) -> Optional[dict]:
    """Look up a user by their student_id for scanner login."""

Parameters

student_id_input
string
required
Student ID to lookup. Converted to string and stripped. Typically scanned from barcode.

Returns

user
dict | None
Returns user object if found, None if student ID doesn’t exist

Use Cases

  • Barcode Scanner Login: Primary authentication method at kiosk terminals
  • Quick Lookup: Fast user identification without password
  • Card-Based Access: Simplified login flow for physical kiosks

Security Considerations

  • No password required - suitable only for physical kiosk environments
  • Check active status before granting access
  • Student IDs should be treated as semi-public identifiers
  • Consider additional authentication for sensitive operations

Build docs developers (and LLMs) love

Get started for freeTalk to us