change settings for cache

idhub/models.py

@@ -4,6 +4,7 @@ import requests
 import datetime
 from django.db import models
 from django.conf import settings
+from django.core.cache import cache
 from django.template.loader import get_template
 from django.utils.translation import gettext_lazy as _
 from nacl import secret
@@ -422,15 +423,17 @@ class DID(models.Model):
     )
 
     def get_key_material(self):
-        if not settings.KEY_CREDENTIALS_CLEAN:
+        key_dids = cache.get("KEY_DIDS", {})
+        if not key_dids.get(user.id):
             raise Exception("Ojo! Se intenta acceder a datos cifrados sin tener la clave.")
-        sb = secret.SecretBox(settings.KEY_CREDENTIALS_CLEAN)
+        sb = secret.SecretBox(key_dids[user.id])
         return sb.decrypt(self._key_material)
 
     def set_key_material(self, value):
-        if not settings.KEY_CREDENTIALS_CLEAN:
+        key_dids = cache.get("KEY_DIDS", {})
+        if not key_dids.get(user.id):
             raise Exception("Ojo! Se intenta acceder a datos cifrados sin tener la clave.")
-        sb = secret.SecretBox(settings.KEY_CREDENTIALS_CLEAN)
+        sb = secret.SecretBox(key_dids[user.id])
         self._key_material = sb.encrypt(value)
 
     @property
@@ -514,15 +517,17 @@ class VerificableCredential(models.Model):
     )
 
     def get_data(self):
-        if not settings.KEY_CREDENTIALS_CLEAN:
+        key_dids = cache.get("KEY_DIDS", {})
+        if not key_dids.get(user.id):
             raise Exception("Ojo! Se intenta acceder a datos cifrados sin tener la clave.")
-        sb = secret.SecretBox(settings.KEY_CREDENTIALS_CLEAN)
+        sb = secret.SecretBox(key_dids[user.id])
         return sb.decrypt(self._data)
 
     def set_data(self, value):
-        if not settings.KEY_CREDENTIALS_CLEAN:
+        key_dids = cache.get("KEY_DIDS", {})
+        if not key_dids.get(user.id):
             raise Exception("Ojo! Se intenta acceder a datos cifrados sin tener la clave.")
-        sb = secret.SecretBox(settings.KEY_CREDENTIALS_CLEAN)
+        sb = secret.SecretBox(key_dids[user.id])
         self._data = sb.encrypt(value)
 
     @property

idhub/views.py

@@ -1,5 +1,5 @@
 from django.urls import reverse_lazy
-from django.conf import settings
+from django.core.cache import cache
 from django.utils.translation import gettext_lazy as _
 from django.contrib.auth import views as auth_views
 from django.contrib.auth import login as auth_login
@@ -26,19 +26,14 @@ class LoginView(auth_views.LoginView):
             admin_dashboard = reverse_lazy('idhub:admin_dashboard')
             if self.extra_context['success_url'] == user_dashboard:
                 self.extra_context['success_url'] = admin_dashboard
-            password = form.cleaned_data.get("password")
-            # Decrypt the user's sensitive data encryption key and store it in the session.
-            self.decript_key(user, password)
 
         auth_login(self.request, user)
+        # Decrypt the user's sensitive data encryption key and store it in the session.
+        password = form.cleaned_data.get("password")
+        sensitive_data_encryption_key = user.decrypt_sensitive_data_encryption_key(password)
+        key_dids = cache.get("KEY_DIDS", {})
+        key_dids[user.id] = sensitive_data_encryption_key
+        cache.set("KEY_DIDS", key_dids)
+
         return HttpResponseRedirect(self.extra_context['success_url'])
 
-    def decript_key(self, user, password):
-        if not settings.KEY_CREDENTIALS:
-            return
-
-        sb_key = user.derive_key_from_password(password)
-        sb = secret.SecretBox(sb_key)
-        data_decript = sb.decrypt(settings.KEY_CREDENTIALS)
-        settings.KEY_CREDENTIALS_CLEAN = data_decript
-