# pip install bcrypt
import bcrypt

PEPPER = b"My$ecretPepperKey"  # secret pepper (store securely)

# Hash password
def hash_pw(pw: str):
    return bcrypt.hashpw(pw.encode() + PEPPER, bcrypt.gensalt())

# Verify password
def verify_pw(stored: bytes, attempt: str):
    return bcrypt.checkpw(attempt.encode() + PEPPER, stored)

# Example
user_pw = "my_secure_password123"
stored_hash = hash_pw(user_pw)
print("🔒 Stored Hash:", stored_hash)

# Login attempt
if verify_pw(stored_hash, "my_secure_password123"):
    print("✅ Password verified.")
else:
    print("❌ Invalid password.")
