From c8e203f740c7cbadb3b6292192b76dd79200da6c Mon Sep 17 00:00:00 2001
From: Alexandre Teles <alexandre.teles@ufba.br>
Date: Thu, 29 Dec 2022 02:36:52 -0300
Subject: [PATCH] refactor(auth): use hmac.compare_digest

---
 app/routers/auth.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/app/routers/auth.py b/app/routers/auth.py
index 5b865b4..e86bca7 100644
--- a/app/routers/auth.py
+++ b/app/routers/auth.py
@@ -1,4 +1,5 @@
 import os
+import hmac
 from fastapi_paseto_auth import AuthPASETO
 from fastapi import APIRouter, Request, Response, Depends, status, HTTPException, Header
 from app.dependencies import load_config
@@ -22,7 +23,11 @@ async def auth(request: Request, response: Response, client: ClientModels.Client
         access_token: auth token
     """
     
-    if client.id == os.environ['CLIENT_ID'] and client.secret ==  os.environ['CLIENT_SECRET']:
+    if(
+        hmac.compare_digest(client.id, os.environ['CLIENT_ID']) and
+        hmac.compare_digest(client.secret, os.environ['CLIENT_SECRET'])
+        ):
+        
         authenticated: bool = True
         
         if not authenticated: