fix
This commit is contained in:
parent
1e4323673c
commit
9f2abf6a04
|
@ -535,10 +535,11 @@ class VerificableCredential(models.Model):
|
||||||
self.status = self.Status.ISSUED
|
self.status = self.Status.ISSUED
|
||||||
self.subject_did = did
|
self.subject_did = did
|
||||||
self.issued_on = datetime.datetime.now().astimezone(pytz.utc)
|
self.issued_on = datetime.datetime.now().astimezone(pytz.utc)
|
||||||
issuer_pass = self.user.decrypt_data(
|
issuer_pass = cache.get("KEY_DIDS")
|
||||||
cache.get("KEY_DIDS"),
|
# issuer_pass = self.user.decrypt_data(
|
||||||
settings.SECRET_KEY,
|
# cache.get("KEY_DIDS"),
|
||||||
)
|
# settings.SECRET_KEY,
|
||||||
|
# )
|
||||||
data = sign_credential(
|
data = sign_credential(
|
||||||
self.render(),
|
self.render(),
|
||||||
self.issuer_did.get_key_material(issuer_pass)
|
self.issuer_did.get_key_material(issuer_pass)
|
||||||
|
|
|
@ -31,11 +31,12 @@ class LoginView(auth_views.LoginView):
|
||||||
if not user.is_anonymous and user.is_admin:
|
if not user.is_anonymous and user.is_admin:
|
||||||
admin_dashboard = reverse_lazy('idhub:admin_dashboard')
|
admin_dashboard = reverse_lazy('idhub:admin_dashboard')
|
||||||
self.extra_context['success_url'] = admin_dashboard
|
self.extra_context['success_url'] = admin_dashboard
|
||||||
encryption_key = user.encrypt_data(
|
# encryption_key = user.encrypt_data(
|
||||||
sensitive_data_encryption_key,
|
# sensitive_data_encryption_key,
|
||||||
settings.SECRET_KEY
|
# settings.SECRET_KEY
|
||||||
)
|
# )
|
||||||
cache.set("KEY_DIDS", encryption_key, None)
|
# cache.set("KEY_DIDS", encryption_key, None)
|
||||||
|
cache.set("KEY_DIDS", sensitive_data_encryption_key, None)
|
||||||
|
|
||||||
self.request.session["key_did"] = user.encrypt_data(
|
self.request.session["key_did"] = user.encrypt_data(
|
||||||
sensitive_data_encryption_key,
|
sensitive_data_encryption_key,
|
||||||
|
|
|
@ -135,11 +135,6 @@ class User(AbstractBaseUser):
|
||||||
|
|
||||||
def set_encrypted_sensitive_data(self, password):
|
def set_encrypted_sensitive_data(self, password):
|
||||||
key = base64.b64encode(nacl.utils.random(64))
|
key = base64.b64encode(nacl.utils.random(64))
|
||||||
key_dids = cache.get("KEY_DIDS", {})
|
|
||||||
|
|
||||||
if key_dids.get(self.id):
|
|
||||||
key = key_dids[self.id]
|
|
||||||
else:
|
|
||||||
self.set_salt()
|
self.set_salt()
|
||||||
|
|
||||||
key_crypted = self.encrypt_sensitive_data(password, key)
|
key_crypted = self.encrypt_sensitive_data(password, key)
|
||||||
|
@ -147,16 +142,16 @@ class User(AbstractBaseUser):
|
||||||
|
|
||||||
def encrypt_data(self, data, password):
|
def encrypt_data(self, data, password):
|
||||||
sb = self.get_secret_box(password)
|
sb = self.get_secret_box(password)
|
||||||
value = base64.b64encode(data.encode('utf-8'))
|
|
||||||
value_enc = sb.encrypt(data.encode('utf-8'))
|
value_enc = sb.encrypt(data.encode('utf-8'))
|
||||||
return base64.b64encode(value_enc).decode('utf-8')
|
return base64.b64encode(value_enc).decode('utf-8')
|
||||||
|
|
||||||
def decrypt_data(self, data, password):
|
def decrypt_data(self, data, password):
|
||||||
|
# import pdb; pdb.set_trace()
|
||||||
sb = self.get_secret_box(password)
|
sb = self.get_secret_box(password)
|
||||||
value = base64.b64decode(data.encode('utf-8'))
|
value = base64.b64decode(data.encode('utf-8'))
|
||||||
return sb.decrypt(value).decode('utf-8')
|
return sb.decrypt(value).decode('utf-8')
|
||||||
|
|
||||||
def get_secret_box(self, password):
|
def get_secret_box(self, password):
|
||||||
pw = base64.b64decode(password.encode('utf-8'))
|
pw = base64.b64decode(password.encode('utf-8')*4)
|
||||||
sb_key = self.derive_key_from_password(pw)
|
sb_key = self.derive_key_from_password(pw)
|
||||||
return nacl.secret.SecretBox(sb_key)
|
return nacl.secret.SecretBox(sb_key)
|
||||||
|
|
Loading…
Reference in New Issue