authenticate
Authenticates a user by verifying their email and password against the database. This function performs a database lookup, executes password verification with timing attack protection, and updates the stored password hash if a rehash is required.
def authenticate(
session: Session,
email: string,
password: string
) - > User | None
Verifies user credentials against the database and returns the authenticated user object if successful. This function includes protections against timing attacks and automatically updates password hashes if the hashing algorithm has been upgraded.
Parameters
| Name | Type | Description |
|---|---|---|
| session | Session | The active database session used to query the user and commit password hash updates. |
string | The unique email address associated with the user account being authenticated. | |
| password | string | The plain-text password provided by the user to be verified against the stored hash. |
Returns
| Type | Description |
|---|---|
| `User | None` |