Refactor database layer and auditing

packages/sshecret-backend/src/sshecret_backend/backend_api.py

@@ -3,11 +3,11 @@
 import logging
 from typing import Annotated
 
-import bcrypt
 from fastapi import APIRouter, Depends, Header, HTTPException
-from sqlmodel import Session, select
-
+from sqlalchemy import select
+from sqlalchemy.orm import Session
 from .api import get_audit_api, get_clients_api, get_policy_api, get_secrets_api
+from .auth import verify_token
 from .models import (
     APIClient,
 )
@@ -18,13 +18,6 @@ LOG = logging.getLogger(__name__)
 API_VERSION = "v1"
 
 
-def verify_token(token: str, stored_hash: str) -> bool:
-    """Verify token."""
-    token_bytes = token.encode("utf-8")
-    stored_bytes = stored_hash.encode("utf-8")
-    return bcrypt.checkpw(token_bytes, stored_bytes)
-
-
 def get_backend_api(
     get_db_session: DBSessionDep,
 ) -> APIRouter:
@@ -37,7 +30,7 @@ def get_backend_api(
         """Validate token."""
         LOG.debug("Validating token %s", x_api_token)
         statement = select(APIClient)
-        results = session.exec(statement)
+        results = session.scalars(statement)
         valid = False
         for result in results:
             if verify_token(x_api_token, result.token):