From 9f2abf6a04ae3a9dfd58cb193e0e758a66ef83eb Mon Sep 17 00:00:00 2001
From: Cayo Puigdefabregas <cayo@usody.com>
Date: Wed, 17 Jan 2024 13:43:40 +0100
Subject: [PATCH] fix

---
 idhub/models.py      |  9 +++++----
 idhub/views.py       | 11 ++++++-----
 idhub_auth/models.py | 11 +++--------
 3 files changed, 14 insertions(+), 17 deletions(-)

diff --git a/idhub/models.py b/idhub/models.py
index 128071b..0e3fe32 100644
--- a/idhub/models.py
+++ b/idhub/models.py
@@ -535,10 +535,11 @@ class VerificableCredential(models.Model):
         self.status = self.Status.ISSUED
         self.subject_did = did
         self.issued_on = datetime.datetime.now().astimezone(pytz.utc)
-        issuer_pass = self.user.decrypt_data(
-            cache.get("KEY_DIDS"),
-            settings.SECRET_KEY,
-        )
+        issuer_pass = cache.get("KEY_DIDS")
+        # issuer_pass = self.user.decrypt_data(
+        #     cache.get("KEY_DIDS"),
+        #     settings.SECRET_KEY,
+        # )
         data = sign_credential(
             self.render(),
             self.issuer_did.get_key_material(issuer_pass)
diff --git a/idhub/views.py b/idhub/views.py
index 3d64501..f544adb 100644
--- a/idhub/views.py
+++ b/idhub/views.py
@@ -31,11 +31,12 @@ class LoginView(auth_views.LoginView):
         if not user.is_anonymous and user.is_admin:
             admin_dashboard = reverse_lazy('idhub:admin_dashboard')
             self.extra_context['success_url'] = admin_dashboard
-            encryption_key = user.encrypt_data(
-                sensitive_data_encryption_key,
-                settings.SECRET_KEY
-            )
-            cache.set("KEY_DIDS", encryption_key, None)
+            # encryption_key = user.encrypt_data(
+            #     sensitive_data_encryption_key,
+            #     settings.SECRET_KEY
+            # )
+            # cache.set("KEY_DIDS", encryption_key, None)
+            cache.set("KEY_DIDS", sensitive_data_encryption_key, None)
 
         self.request.session["key_did"] = user.encrypt_data(
             sensitive_data_encryption_key,
diff --git a/idhub_auth/models.py b/idhub_auth/models.py
index 189b421..38224b2 100644
--- a/idhub_auth/models.py
+++ b/idhub_auth/models.py
@@ -135,28 +135,23 @@ class User(AbstractBaseUser):
 
     def set_encrypted_sensitive_data(self, password):
         key = base64.b64encode(nacl.utils.random(64))
-        key_dids = cache.get("KEY_DIDS", {})
-
-        if key_dids.get(self.id):
-            key = key_dids[self.id]
-        else:
-            self.set_salt()
+        self.set_salt()
 
         key_crypted = self.encrypt_sensitive_data(password, key)
         self.encrypted_sensitive_data = key_crypted
 
     def encrypt_data(self, data, password):
         sb = self.get_secret_box(password)
-        value = base64.b64encode(data.encode('utf-8'))
         value_enc = sb.encrypt(data.encode('utf-8'))
         return base64.b64encode(value_enc).decode('utf-8')
 
     def decrypt_data(self, data, password):
+        # import pdb; pdb.set_trace()
         sb = self.get_secret_box(password)
         value = base64.b64decode(data.encode('utf-8'))
         return sb.decrypt(value).decode('utf-8')
 
     def get_secret_box(self, password):
-        pw = base64.b64decode(password.encode('utf-8'))
+        pw = base64.b64decode(password.encode('utf-8')*4)
         sb_key = self.derive_key_from_password(pw)
         return nacl.secret.SecretBox(sb_key)