From f62348dcdb305a9e92db3a9b600773160102dec9 Mon Sep 17 00:00:00 2001 From: Cayo Puigdefabregas Date: Wed, 3 Jan 2024 20:14:04 +0100 Subject: [PATCH] fix perpetual key in cache --- idhub/views.py | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/idhub/views.py b/idhub/views.py index 6d51159..3db164f 100644 --- a/idhub/views.py +++ b/idhub/views.py @@ -21,19 +21,23 @@ class LoginView(auth_views.LoginView): def form_valid(self, form): user = form.get_user() + # Decrypt the user's sensitive data encryption key and store it in the session. + password = form.cleaned_data.get("password") + sensitive_data_encryption_key = user.decrypt_sensitive_data_encryption_key(password) + key_dids = cache.get("KEY_DIDS", {}) if not user.is_anonymous and user.is_admin: user_dashboard = reverse_lazy('idhub:user_dashboard') admin_dashboard = reverse_lazy('idhub:admin_dashboard') if self.extra_context['success_url'] == user_dashboard: self.extra_context['success_url'] = admin_dashboard + key_dids[user.id] = sensitive_data_encryption_key + cache.set("KEY_DIDS", key_dids, None) + else: + key_dids[user.id] = sensitive_data_encryption_key + cache.set("KEY_DIDS", key_dids) + auth_login(self.request, user) - # Decrypt the user's sensitive data encryption key and store it in the session. - password = form.cleaned_data.get("password") - sensitive_data_encryption_key = user.decrypt_sensitive_data_encryption_key(password) - key_dids = cache.get("KEY_DIDS", {}) - key_dids[user.id] = sensitive_data_encryption_key - cache.set("KEY_DIDS", key_dids, None) return HttpResponseRedirect(self.extra_context['success_url'])