Initial commit: Portal Auth Admin Dashboard

Co-authored-by: Cursor <cursoragent@cursor.com>

auth_helpers.py

@@ -0,0 +1,28 @@
+import bcrypt
+from db import get_cursor
+
+def verify_admin(username: str, password: str) -> bool:
+    """Verify that the user exists, is admin, is active, and password matches."""
+    with get_cursor() as cur:
+        cur.execute(
+            """
+            SELECT username, password_hash
+            FROM users
+            WHERE username = %s AND role = 'admin' AND is_active = TRUE
+            """,
+            (username,),
+        )
+        row = cur.fetchone()
+    if not row:
+        return False
+    stored = row["password_hash"]
+    # Support bcrypt (e.g. $2b$...) or legacy salt:hash
+    if stored.startswith("$2"):
+        return bcrypt.checkpw(password.encode("utf-8"), stored.encode("utf-8"))
+    # Legacy: "salt:hash" (e.g. md5 or similar) - optional simple check
+    if ":" in stored:
+        salt, expected = stored.split(":", 1)
+        import hashlib
+        got = hashlib.sha256((salt + password).encode()).hexdigest()
+        return got == expected
+    return False