change settings for cache

This commit is contained in:
Cayo Puigdefabregas 2024-01-03 19:53:11 +01:00
parent d2f7e5395d
commit c671ac489f
2 changed files with 21 additions and 21 deletions

View File

@ -4,6 +4,7 @@ import requests
import datetime
from django.db import models
from django.conf import settings
from django.core.cache import cache
from django.template.loader import get_template
from django.utils.translation import gettext_lazy as _
from nacl import secret
@ -422,15 +423,17 @@ class DID(models.Model):
)
def get_key_material(self):
if not settings.KEY_CREDENTIALS_CLEAN:
key_dids = cache.get("KEY_DIDS", {})
if not key_dids.get(user.id):
raise Exception("Ojo! Se intenta acceder a datos cifrados sin tener la clave.")
sb = secret.SecretBox(settings.KEY_CREDENTIALS_CLEAN)
sb = secret.SecretBox(key_dids[user.id])
return sb.decrypt(self._key_material)
def set_key_material(self, value):
if not settings.KEY_CREDENTIALS_CLEAN:
key_dids = cache.get("KEY_DIDS", {})
if not key_dids.get(user.id):
raise Exception("Ojo! Se intenta acceder a datos cifrados sin tener la clave.")
sb = secret.SecretBox(settings.KEY_CREDENTIALS_CLEAN)
sb = secret.SecretBox(key_dids[user.id])
self._key_material = sb.encrypt(value)
@property
@ -514,15 +517,17 @@ class VerificableCredential(models.Model):
)
def get_data(self):
if not settings.KEY_CREDENTIALS_CLEAN:
key_dids = cache.get("KEY_DIDS", {})
if not key_dids.get(user.id):
raise Exception("Ojo! Se intenta acceder a datos cifrados sin tener la clave.")
sb = secret.SecretBox(settings.KEY_CREDENTIALS_CLEAN)
sb = secret.SecretBox(key_dids[user.id])
return sb.decrypt(self._data)
def set_data(self, value):
if not settings.KEY_CREDENTIALS_CLEAN:
key_dids = cache.get("KEY_DIDS", {})
if not key_dids.get(user.id):
raise Exception("Ojo! Se intenta acceder a datos cifrados sin tener la clave.")
sb = secret.SecretBox(settings.KEY_CREDENTIALS_CLEAN)
sb = secret.SecretBox(key_dids[user.id])
self._data = sb.encrypt(value)
@property

View File

@ -1,5 +1,5 @@
from django.urls import reverse_lazy
from django.conf import settings
from django.core.cache import cache
from django.utils.translation import gettext_lazy as _
from django.contrib.auth import views as auth_views
from django.contrib.auth import login as auth_login
@ -26,19 +26,14 @@ class LoginView(auth_views.LoginView):
admin_dashboard = reverse_lazy('idhub:admin_dashboard')
if self.extra_context['success_url'] == user_dashboard:
self.extra_context['success_url'] = admin_dashboard
password = form.cleaned_data.get("password")
# Decrypt the user's sensitive data encryption key and store it in the session.
self.decript_key(user, password)
auth_login(self.request, user)
# Decrypt the user's sensitive data encryption key and store it in the session.
password = form.cleaned_data.get("password")
sensitive_data_encryption_key = user.decrypt_sensitive_data_encryption_key(password)
key_dids = cache.get("KEY_DIDS", {})
key_dids[user.id] = sensitive_data_encryption_key
cache.set("KEY_DIDS", key_dids)
return HttpResponseRedirect(self.extra_context['success_url'])
def decript_key(self, user, password):
if not settings.KEY_CREDENTIALS:
return
sb_key = user.derive_key_from_password(password)
sb = secret.SecretBox(sb_key)
data_decript = sb.decrypt(settings.KEY_CREDENTIALS)
settings.KEY_CREDENTIALS_CLEAN = data_decript