Add argon2 password hash

backend/security.py

@@ -0,0 +1,19 @@
+from passlib.context import CryptContext
+
+# Configuration sensible : tu peux ajuster time_cost, memory_cost, parallelism
+pwd_context = CryptContext(
+    schemes=["argon2"],
+    deprecated="auto",
+    argon2__time_cost=3,
+    argon2__memory_cost=64 * 1024,  # 64 MB
+    argon2__parallelism=2
+)
+
+def hash_password(plain: str) -> str:
+    return pwd_context.hash(plain)
+
+def verify_password(plain: str, hashed: str) -> bool:
+    return pwd_context.verify(plain, hashed)
+
+def needs_rehash(hashed: str) -> bool:
+    return pwd_context.needs_update(hashed)