fix perpetual key in cache

This commit is contained in:
Cayo Puigdefabregas 2024-01-03 20:14:04 +01:00
parent 3655291dc6
commit f62348dcdb
1 changed files with 10 additions and 6 deletions

View File

@ -21,19 +21,23 @@ class LoginView(auth_views.LoginView):
def form_valid(self, form): def form_valid(self, form):
user = form.get_user() user = form.get_user()
# Decrypt the user's sensitive data encryption key and store it in the session.
password = form.cleaned_data.get("password")
sensitive_data_encryption_key = user.decrypt_sensitive_data_encryption_key(password)
key_dids = cache.get("KEY_DIDS", {})
if not user.is_anonymous and user.is_admin: if not user.is_anonymous and user.is_admin:
user_dashboard = reverse_lazy('idhub:user_dashboard') user_dashboard = reverse_lazy('idhub:user_dashboard')
admin_dashboard = reverse_lazy('idhub:admin_dashboard') admin_dashboard = reverse_lazy('idhub:admin_dashboard')
if self.extra_context['success_url'] == user_dashboard: if self.extra_context['success_url'] == user_dashboard:
self.extra_context['success_url'] = admin_dashboard self.extra_context['success_url'] = admin_dashboard
key_dids[user.id] = sensitive_data_encryption_key
cache.set("KEY_DIDS", key_dids, None)
else:
key_dids[user.id] = sensitive_data_encryption_key
cache.set("KEY_DIDS", key_dids)
auth_login(self.request, user) auth_login(self.request, user)
# Decrypt the user's sensitive data encryption key and store it in the session.
password = form.cleaned_data.get("password")
sensitive_data_encryption_key = user.decrypt_sensitive_data_encryption_key(password)
key_dids = cache.get("KEY_DIDS", {})
key_dids[user.id] = sensitive_data_encryption_key
cache.set("KEY_DIDS", key_dids, None)
return HttpResponseRedirect(self.extra_context['success_url']) return HttpResponseRedirect(self.extra_context['success_url'])