make migrations and fix some things

This commit is contained in:
Cayo Puigdefabregas 2024-01-04 16:27:27 +01:00
parent bd84dbc3bb
commit e910f3ceec
5 changed files with 53 additions and 44 deletions

View file

@ -31,12 +31,15 @@ class Command(BaseCommand):
self.create_organizations(r[0].strip(), r[1].strip())
def create_admin_users(self, email, password):
User.objects.create_superuser(email=email, password=password)
su = User.objects.create_superuser(email=email, password=password)
su.set_encrypted_sensitive_data(password)
su.save()
def create_users(self, email, password):
u= User.objects.create(email=email, password=password)
u = User.objects.create(email=email, password=password)
u.set_password(password)
u.set_encrypted_sensitive_data(password)
u.save()

View file

@ -1,4 +1,4 @@
# Generated by Django 4.2.5 on 2023-11-15 09:58
# Generated by Django 4.2.5 on 2024-01-04 15:12
from django.conf import settings
from django.db import migrations, models
@ -28,7 +28,7 @@ class Migration(migrations.Migration):
('created_at', models.DateTimeField(auto_now=True)),
('label', models.CharField(max_length=50)),
('did', models.CharField(max_length=250)),
('key_material', models.CharField(max_length=250)),
('_key_material', models.BinaryField(max_length=250)),
(
'user',
models.ForeignKey(
@ -169,7 +169,7 @@ class Migration(migrations.Migration):
('created_on', models.DateTimeField(auto_now=True)),
('issued_on', models.DateTimeField(null=True)),
('subject_did', models.CharField(max_length=250)),
('data', models.TextField()),
('_data', models.BinaryField()),
('csv_data', models.TextField()),
(
'status',
@ -274,36 +274,39 @@ class Migration(migrations.Migration):
'type',
models.PositiveSmallIntegerField(
choices=[
(1, 'EV_USR_REGISTERED'),
(2, 'EV_USR_WELCOME'),
(3, 'EV_DATA_UPDATE_REQUESTED_BY_USER'),
(4, 'EV_DATA_UPDATE_REQUESTED'),
(5, 'EV_USR_UPDATED_BY_ADMIN'),
(6, 'EV_USR_UPDATED'),
(7, 'EV_USR_DELETED_BY_ADMIN'),
(8, 'EV_DID_CREATED_BY_USER'),
(9, 'EV_DID_CREATED'),
(10, 'EV_DID_DELETED'),
(11, 'EV_CREDENTIAL_DELETED_BY_ADMIN'),
(12, 'EV_CREDENTIAL_DELETED'),
(13, 'EV_CREDENTIAL_ISSUED_FOR_USER'),
(14, 'EV_CREDENTIAL_ISSUED'),
(15, 'EV_CREDENTIAL_PRESENTED_BY_USER'),
(16, 'EV_CREDENTIAL_PRESENTED'),
(17, 'EV_CREDENTIAL_ENABLED'),
(18, 'EV_CREDENTIAL_CAN_BE_REQUESTED'),
(19, 'EV_CREDENTIAL_REVOKED_BY_ADMIN'),
(20, 'EV_CREDENTIAL_REVOKED'),
(21, 'EV_ROLE_CREATED_BY_ADMIN'),
(22, 'EV_ROLE_MODIFIED_BY_ADMIN'),
(23, 'EV_ROLE_DELETED_BY_ADMIN'),
(24, 'EV_SERVICE_CREATED_BY_ADMIN'),
(25, 'EV_SERVICE_MODIFIED_BY_ADMIN'),
(26, 'EV_SERVICE_DELETED_BY_ADMIN'),
(27, 'EV_ORG_DID_CREATED_BY_ADMIN'),
(28, 'EV_ORG_DID_DELETED_BY_ADMIN'),
(29, 'EV_USR_DEACTIVATED_BY_ADMIN'),
(30, 'EV_USR_ACTIVATED_BY_ADMIN'),
(1, 'User registered'),
(2, 'User welcomed'),
(3, 'Data update requested by user'),
(
4,
'Data update requested. Pending approval by administrator',
),
(5, "User's data updated by admin"),
(6, 'Your data updated by admin'),
(7, 'User deactivated by admin'),
(8, 'DID created by user'),
(9, 'DID created'),
(10, 'DID deleted'),
(11, 'Credential deleted by user'),
(12, 'Credential deleted'),
(13, 'Credential issued for user'),
(14, 'Credential issued'),
(15, 'Credential presented by user'),
(16, 'Credential presented'),
(17, 'Credential enabled'),
(18, 'Credential available'),
(19, 'Credential revoked by admin'),
(20, 'Credential revoked'),
(21, 'Role created by admin'),
(22, 'Role modified by admin'),
(23, 'Role deleted by admin'),
(24, 'Service created by admin'),
(25, 'Service modified by admin'),
(26, 'Service deleted by admin'),
(27, 'Organisational DID created by admin'),
(28, 'Organisational DID deleted by admin'),
(29, 'User deactivated'),
(30, 'User activated'),
]
),
),

View file

@ -2,7 +2,7 @@ import re
from django import forms
from django.utils.translation import gettext_lazy as _
from idhub_auth.models import User, gen_salt
from idhub_auth.models import User
class ProfileForm(forms.ModelForm):

View file

@ -1,4 +1,4 @@
# Generated by Django 4.2.5 on 2023-11-15 09:58
# Generated by Django 4.2.5 on 2024-01-04 15:12
from django.db import migrations, models
@ -38,6 +38,8 @@ class Migration(migrations.Migration):
('is_admin', models.BooleanField(default=False)),
('first_name', models.CharField(blank=True, max_length=255, null=True)),
('last_name', models.CharField(blank=True, max_length=255, null=True)),
('encrypted_sensitive_data', models.CharField(max_length=255)),
('salt', models.CharField(max_length=255)),
],
options={
'abstract': False,

View file

@ -1,6 +1,7 @@
import nacl
import base64
from nacl import pwhash
from django.db import models
from django.core.cache import cache
from django.contrib.auth.models import BaseUserManager, AbstractBaseUser
@ -93,9 +94,9 @@ class User(AbstractBaseUser):
return ", ".join(set(roles))
def derive_key_from_password(self, password):
kdf = nacl.pwhash.argon2i.kdf
ops = nacl.pwhash.argon2i.OPSLIMIT_INTERACTIVE
mem = nacl.pwhash.argon2i.MEMLIMIT_INTERACTIVE
kdf = pwhash.argon2i.kdf
ops = pwhash.argon2i.OPSLIMIT_INTERACTIVE
mem = pwhash.argon2i.MEMLIMIT_INTERACTIVE
return kdf(
nacl.secret.SecretBox.KEY_SIZE,
password,
@ -120,7 +121,7 @@ class User(AbstractBaseUser):
if not isinstance(data, bytes):
data = data.encode('utf-8')
return sb.encrypt(data).decode('utf-8')
return base64.b64encode(sb.encrypt(data)).decode('utf-8')
def get_salt(self):
return base64.b64decode(self.salt.encode('utf-8'))
@ -135,12 +136,12 @@ class User(AbstractBaseUser):
key = base64.b64encode(nacl.utils.random(64))
key_dids = cache.get("KEY_DIDS", {})
if key_dids.get(user.id):
key = key_dids[user.id]
if key_dids.get(self.id):
key = key_dids[self.id]
else:
self.set_salt()
key_crypted = self.encrypt_sensitive_data(password, key)
self.encrypted_sensitive_data = base64.b64encode(key_crypted).decode('utf-8')
self.encrypted_sensitive_data = key_crypted