diff --git a/perguntations/__init__.py b/perguntations/__init__.py
index 1ed54dc..ed98706 100644
--- a/perguntations/__init__.py
+++ b/perguntations/__init__.py
@@ -1,4 +1,4 @@
-# Copyright (C) 2020 Miguel Barão
+# Copyright (C) 2021 Miguel Barão
 #
 # THE MIT License
 #
@@ -32,10 +32,10 @@ proof of submission and for review.
 '''
 
 APP_NAME = 'perguntations'
-APP_VERSION = '2021.01.dev1'
+APP_VERSION = '2021.09.dev1'
 APP_DESCRIPTION = __doc__
 
 __author__ = 'Miguel Barão'
-__copyright__ = 'Copyright 2020, Miguel Barão'
+__copyright__ = 'Copyright 2021, Miguel Barão'
 __license__ = 'MIT license'
 __version__ = APP_VERSION
diff --git a/perguntations/app.py b/perguntations/app.py
index 8671926..1053991 100644
--- a/perguntations/app.py
+++ b/perguntations/app.py
@@ -1,5 +1,6 @@
 '''
-Main application module
+File:           perguntations/app.py
+Description:    Main application logic.
 '''
 
 
@@ -21,10 +22,10 @@ from sqlalchemy.exc import NoResultFound
 
 # this project
 from perguntations.models import Student, Test, Question
+from perguntations.questions import question_from
 from perguntations.tools import load_yaml
 from perguntations.testfactory import TestFactory, TestFactoryException
 import perguntations.test
-from perguntations.questions import question_from
 
 # setup logger for this module
 logger = logging.getLogger(__name__)
@@ -113,44 +114,44 @@ class App():
                         len(self.allowed))
             self._pregenerate_tests(len(self.allowed))
         else:
-            logger.info('No tests were generated.')
+            logger.info('No tests generated yet.')
 
         if conf['correct']:
             self._correct_tests()
 
+    # ------------------------------------------------------------------------
     def _db_setup(self) -> None:
         logger.info('Setup database')
 
         # connect to database and check registered students
         dbfile = path.expanduser(self.testfactory['database'])
         if not path.exists(dbfile):
-            raise AppException('Database does not exist.')
+            raise AppException('Database does not exist. Use "initdb" to create.')
         self._engine = create_engine(f'sqlite:///{dbfile}', future=True)
 
         try:
-            query = select(func.count(Student.id)).where(Student.id != '0')
             with Session(self._engine, future=True) as session:
-                num = session.execute(query).scalar()
+                num = session.execute(
+                    select(func.count(Student.id)).where(Student.id != '0')
+                ).scalar()
         except Exception as exc:
             raise AppException(f'Database unusable {dbfile}.') from exc
 
-        # try:
-        #     with self._db_session() as sess:
-        #         num = sess.query(Student).filter(Student.id != '0').count()
-        # except Exception as exc:
-            # raise AppException(f'Database unusable {dbfile}.') from exc
         logger.info('Database "%s" has %s students.', dbfile, num)
 
-
-
     # ------------------------------------------------------------------------
     def _correct_tests(self):
-        with self._db_session() as sess:
+        with Session(self._engine, future=True) as session:
             # Find which tests have to be corrected
-            dbtests = sess.query(Test)\
-                    .filter(Test.ref == self.testfactory['ref'])\
-                    .filter(Test.state == "SUBMITTED")\
-                    .all()
+            dbtests = session.execute(
+                select(Test).
+                where(Test.ref == self.testfactory['ref']).
+                where(Test.state == "SUBMITTED")
+            ).all()
+            # dbtests = session.query(Test)\
+            #         .filter(Test.ref == self.testfactory['ref'])\
+            #         .filter(Test.state == "SUBMITTED")\
+            #         .all()
 
             logger.info('Correcting %d tests...', len(dbtests))
             for dbtest in dbtests:
@@ -204,16 +205,26 @@ class App():
             logger.warning('"%s" unauthorized.', uid)
             return 'unauthorized'
 
-        with self._db_session() as sess:
-            name, hashed_pw = sess.query(Student.name, Student.password)\
-                                 .filter_by(id=uid)\
-                                 .one()
+        with Session(self._engine, future=True) as session:
+        # with self._db_session() as sess:
+            name, hashed_pw = session.execute(
+                    select(Student.name, Student.password).
+                    where(id == uid)
+            ).one()
+            # name, hashed_pw = sess.query(Student.name, Student.password)\
+            #                      .filter_by(id=uid)\
+            #                      .one()
 
         if hashed_pw == '':              # update password on first login
             await self.update_student_password(uid, try_pw)
             pw_ok = True
         else:                           # check password
-            pw_ok = await check_password(try_pw, hashed_pw)  # async bcrypt
+            loop = asyncio.get_running_loop()
+            pw_ok = await loop.run_in_executor(None,
+                                                bcrypt.checkpw,
+                                                try_pw.encode('utf-8'),
+                                                hashed_pw.password)
+            # pw_ok = await check_password(try_pw, hashed_pw)  # async bcrypt
 
         if not pw_ok:        # wrong password
             logger.info('"%s" wrong password.', uid)
--
libgit2 0.21.2