change settings for cache
This commit is contained in:
parent
d2f7e5395d
commit
c671ac489f
|
@ -4,6 +4,7 @@ import requests
|
||||||
import datetime
|
import datetime
|
||||||
from django.db import models
|
from django.db import models
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
|
from django.core.cache import cache
|
||||||
from django.template.loader import get_template
|
from django.template.loader import get_template
|
||||||
from django.utils.translation import gettext_lazy as _
|
from django.utils.translation import gettext_lazy as _
|
||||||
from nacl import secret
|
from nacl import secret
|
||||||
|
@ -422,15 +423,17 @@ class DID(models.Model):
|
||||||
)
|
)
|
||||||
|
|
||||||
def get_key_material(self):
|
def get_key_material(self):
|
||||||
if not settings.KEY_CREDENTIALS_CLEAN:
|
key_dids = cache.get("KEY_DIDS", {})
|
||||||
|
if not key_dids.get(user.id):
|
||||||
raise Exception("Ojo! Se intenta acceder a datos cifrados sin tener la clave.")
|
raise Exception("Ojo! Se intenta acceder a datos cifrados sin tener la clave.")
|
||||||
sb = secret.SecretBox(settings.KEY_CREDENTIALS_CLEAN)
|
sb = secret.SecretBox(key_dids[user.id])
|
||||||
return sb.decrypt(self._key_material)
|
return sb.decrypt(self._key_material)
|
||||||
|
|
||||||
def set_key_material(self, value):
|
def set_key_material(self, value):
|
||||||
if not settings.KEY_CREDENTIALS_CLEAN:
|
key_dids = cache.get("KEY_DIDS", {})
|
||||||
|
if not key_dids.get(user.id):
|
||||||
raise Exception("Ojo! Se intenta acceder a datos cifrados sin tener la clave.")
|
raise Exception("Ojo! Se intenta acceder a datos cifrados sin tener la clave.")
|
||||||
sb = secret.SecretBox(settings.KEY_CREDENTIALS_CLEAN)
|
sb = secret.SecretBox(key_dids[user.id])
|
||||||
self._key_material = sb.encrypt(value)
|
self._key_material = sb.encrypt(value)
|
||||||
|
|
||||||
@property
|
@property
|
||||||
|
@ -514,15 +517,17 @@ class VerificableCredential(models.Model):
|
||||||
)
|
)
|
||||||
|
|
||||||
def get_data(self):
|
def get_data(self):
|
||||||
if not settings.KEY_CREDENTIALS_CLEAN:
|
key_dids = cache.get("KEY_DIDS", {})
|
||||||
|
if not key_dids.get(user.id):
|
||||||
raise Exception("Ojo! Se intenta acceder a datos cifrados sin tener la clave.")
|
raise Exception("Ojo! Se intenta acceder a datos cifrados sin tener la clave.")
|
||||||
sb = secret.SecretBox(settings.KEY_CREDENTIALS_CLEAN)
|
sb = secret.SecretBox(key_dids[user.id])
|
||||||
return sb.decrypt(self._data)
|
return sb.decrypt(self._data)
|
||||||
|
|
||||||
def set_data(self, value):
|
def set_data(self, value):
|
||||||
if not settings.KEY_CREDENTIALS_CLEAN:
|
key_dids = cache.get("KEY_DIDS", {})
|
||||||
|
if not key_dids.get(user.id):
|
||||||
raise Exception("Ojo! Se intenta acceder a datos cifrados sin tener la clave.")
|
raise Exception("Ojo! Se intenta acceder a datos cifrados sin tener la clave.")
|
||||||
sb = secret.SecretBox(settings.KEY_CREDENTIALS_CLEAN)
|
sb = secret.SecretBox(key_dids[user.id])
|
||||||
self._data = sb.encrypt(value)
|
self._data = sb.encrypt(value)
|
||||||
|
|
||||||
@property
|
@property
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
from django.urls import reverse_lazy
|
from django.urls import reverse_lazy
|
||||||
from django.conf import settings
|
from django.core.cache import cache
|
||||||
from django.utils.translation import gettext_lazy as _
|
from django.utils.translation import gettext_lazy as _
|
||||||
from django.contrib.auth import views as auth_views
|
from django.contrib.auth import views as auth_views
|
||||||
from django.contrib.auth import login as auth_login
|
from django.contrib.auth import login as auth_login
|
||||||
|
@ -26,19 +26,14 @@ class LoginView(auth_views.LoginView):
|
||||||
admin_dashboard = reverse_lazy('idhub:admin_dashboard')
|
admin_dashboard = reverse_lazy('idhub:admin_dashboard')
|
||||||
if self.extra_context['success_url'] == user_dashboard:
|
if self.extra_context['success_url'] == user_dashboard:
|
||||||
self.extra_context['success_url'] = admin_dashboard
|
self.extra_context['success_url'] = admin_dashboard
|
||||||
password = form.cleaned_data.get("password")
|
|
||||||
# Decrypt the user's sensitive data encryption key and store it in the session.
|
|
||||||
self.decript_key(user, password)
|
|
||||||
|
|
||||||
auth_login(self.request, user)
|
auth_login(self.request, user)
|
||||||
|
# Decrypt the user's sensitive data encryption key and store it in the session.
|
||||||
|
password = form.cleaned_data.get("password")
|
||||||
|
sensitive_data_encryption_key = user.decrypt_sensitive_data_encryption_key(password)
|
||||||
|
key_dids = cache.get("KEY_DIDS", {})
|
||||||
|
key_dids[user.id] = sensitive_data_encryption_key
|
||||||
|
cache.set("KEY_DIDS", key_dids)
|
||||||
|
|
||||||
return HttpResponseRedirect(self.extra_context['success_url'])
|
return HttpResponseRedirect(self.extra_context['success_url'])
|
||||||
|
|
||||||
def decript_key(self, user, password):
|
|
||||||
if not settings.KEY_CREDENTIALS:
|
|
||||||
return
|
|
||||||
|
|
||||||
sb_key = user.derive_key_from_password(password)
|
|
||||||
sb = secret.SecretBox(sb_key)
|
|
||||||
data_decript = sb.decrypt(settings.KEY_CREDENTIALS)
|
|
||||||
settings.KEY_CREDENTIALS_CLEAN = data_decript
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue