ereuse
/
IdHub
8
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

make migrations and fix some things

This commit is contained in:
Cayo Puigdefabregas 2024-01-04 16:27:27 +01:00
parent bd84dbc3bb
commit e910f3ceec
5 changed files with 53 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
idhub/management/commands/initial_datas.py
View File

@ -31,12 +31,15 @@ class Command(BaseCommand):
self.create_organizations(r[0].strip(), r[1].strip()) self.create_organizations(r[0].strip(), r[1].strip())
def create_admin_users(self, email, password): def create_admin_users(self, email, password):
User.objects.create_superuser(email=email, password=password) su = User.objects.create_superuser(email=email, password=password)
su.set_encrypted_sensitive_data(password)
su.save()
def create_users(self, email, password): def create_users(self, email, password):
u= User.objects.create(email=email, password=password) u = User.objects.create(email=email, password=password)
u.set_password(password) u.set_password(password)
u.set_encrypted_sensitive_data(password)
u.save() u.save()

69
idhub/migrations/0001_initial.py
View File

@ -1,4 +1,4 @@
# Generated by Django 4.2.5 on 2023-11-15 09:58 # Generated by Django 4.2.5 on 2024-01-04 15:12
from django.conf import settings from django.conf import settings
from django.db import migrations, models from django.db import migrations, models
@ -28,7 +28,7 @@ class Migration(migrations.Migration):
('created_at', models.DateTimeField(auto_now=True)), ('created_at', models.DateTimeField(auto_now=True)),
('label', models.CharField(max_length=50)), ('label', models.CharField(max_length=50)),
('did', models.CharField(max_length=250)), ('did', models.CharField(max_length=250)),
('key_material', models.CharField(max_length=250)), ('_key_material', models.BinaryField(max_length=250)),
( (
'user', 'user',
models.ForeignKey( models.ForeignKey(
@ -169,7 +169,7 @@ class Migration(migrations.Migration):
('created_on', models.DateTimeField(auto_now=True)), ('created_on', models.DateTimeField(auto_now=True)),
('issued_on', models.DateTimeField(null=True)), ('issued_on', models.DateTimeField(null=True)),
('subject_did', models.CharField(max_length=250)), ('subject_did', models.CharField(max_length=250)),
('data', models.TextField()), ('_data', models.BinaryField()),
('csv_data', models.TextField()), ('csv_data', models.TextField()),
( (
'status', 'status',
@ -274,36 +274,39 @@ class Migration(migrations.Migration):
'type', 'type',
models.PositiveSmallIntegerField( models.PositiveSmallIntegerField(
choices=[ choices=[
(1, 'EV_USR_REGISTERED'), (1, 'User registered'),
(2, 'EV_USR_WELCOME'), (2, 'User welcomed'),
(3, 'EV_DATA_UPDATE_REQUESTED_BY_USER'), (3, 'Data update requested by user'),
(4, 'EV_DATA_UPDATE_REQUESTED'), (
(5, 'EV_USR_UPDATED_BY_ADMIN'), 4,
(6, 'EV_USR_UPDATED'), 'Data update requested. Pending approval by administrator',
(7, 'EV_USR_DELETED_BY_ADMIN'), ),
(8, 'EV_DID_CREATED_BY_USER'), (5, "User's data updated by admin"),
(9, 'EV_DID_CREATED'), (6, 'Your data updated by admin'),
(10, 'EV_DID_DELETED'), (7, 'User deactivated by admin'),
(11, 'EV_CREDENTIAL_DELETED_BY_ADMIN'), (8, 'DID created by user'),
(12, 'EV_CREDENTIAL_DELETED'), (9, 'DID created'),
(13, 'EV_CREDENTIAL_ISSUED_FOR_USER'), (10, 'DID deleted'),
(14, 'EV_CREDENTIAL_ISSUED'), (11, 'Credential deleted by user'),
(15, 'EV_CREDENTIAL_PRESENTED_BY_USER'), (12, 'Credential deleted'),
(16, 'EV_CREDENTIAL_PRESENTED'), (13, 'Credential issued for user'),
(17, 'EV_CREDENTIAL_ENABLED'), (14, 'Credential issued'),
(18, 'EV_CREDENTIAL_CAN_BE_REQUESTED'), (15, 'Credential presented by user'),
(19, 'EV_CREDENTIAL_REVOKED_BY_ADMIN'), (16, 'Credential presented'),
(20, 'EV_CREDENTIAL_REVOKED'), (17, 'Credential enabled'),
(21, 'EV_ROLE_CREATED_BY_ADMIN'), (18, 'Credential available'),
(22, 'EV_ROLE_MODIFIED_BY_ADMIN'), (19, 'Credential revoked by admin'),
(23, 'EV_ROLE_DELETED_BY_ADMIN'), (20, 'Credential revoked'),
(24, 'EV_SERVICE_CREATED_BY_ADMIN'), (21, 'Role created by admin'),
(25, 'EV_SERVICE_MODIFIED_BY_ADMIN'), (22, 'Role modified by admin'),
(26, 'EV_SERVICE_DELETED_BY_ADMIN'), (23, 'Role deleted by admin'),
(27, 'EV_ORG_DID_CREATED_BY_ADMIN'), (24, 'Service created by admin'),
(28, 'EV_ORG_DID_DELETED_BY_ADMIN'), (25, 'Service modified by admin'),
(29, 'EV_USR_DEACTIVATED_BY_ADMIN'), (26, 'Service deleted by admin'),
(30, 'EV_USR_ACTIVATED_BY_ADMIN'), (27, 'Organisational DID created by admin'),
(28, 'Organisational DID deleted by admin'),
(29, 'User deactivated'),
(30, 'User activated'),
] ]
), ),
), ),

2
idhub_auth/forms.py
View File

@ -2,7 +2,7 @@ import re
from django import forms from django import forms
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from idhub_auth.models import User, gen_salt from idhub_auth.models import User
class ProfileForm(forms.ModelForm): class ProfileForm(forms.ModelForm):

4
idhub_auth/migrations/0001_initial.py
View File

@ -1,4 +1,4 @@
# Generated by Django 4.2.5 on 2023-11-15 09:58 # Generated by Django 4.2.5 on 2024-01-04 15:12
from django.db import migrations, models from django.db import migrations, models
@ -38,6 +38,8 @@ class Migration(migrations.Migration):
('is_admin', models.BooleanField(default=False)), ('is_admin', models.BooleanField(default=False)),
('first_name', models.CharField(blank=True, max_length=255, null=True)), ('first_name', models.CharField(blank=True, max_length=255, null=True)),
('last_name', models.CharField(blank=True, max_length=255, null=True)), ('last_name', models.CharField(blank=True, max_length=255, null=True)),
('encrypted_sensitive_data', models.CharField(max_length=255)),
('salt', models.CharField(max_length=255)),
], ],
options={ options={
'abstract': False, 'abstract': False,

15
idhub_auth/models.py
View File

@ -1,6 +1,7 @@
import nacl import nacl
import base64 import base64
from nacl import pwhash
from django.db import models from django.db import models
from django.core.cache import cache from django.core.cache import cache
from django.contrib.auth.models import BaseUserManager, AbstractBaseUser from django.contrib.auth.models import BaseUserManager, AbstractBaseUser
@ -93,9 +94,9 @@ class User(AbstractBaseUser):
return ", ".join(set(roles)) return ", ".join(set(roles))
def derive_key_from_password(self, password): def derive_key_from_password(self, password):
kdf = nacl.pwhash.argon2i.kdf kdf = pwhash.argon2i.kdf
ops = nacl.pwhash.argon2i.OPSLIMIT_INTERACTIVE ops = pwhash.argon2i.OPSLIMIT_INTERACTIVE
mem = nacl.pwhash.argon2i.MEMLIMIT_INTERACTIVE mem = pwhash.argon2i.MEMLIMIT_INTERACTIVE
return kdf( return kdf(
nacl.secret.SecretBox.KEY_SIZE, nacl.secret.SecretBox.KEY_SIZE,
password, password,
@ -120,7 +121,7 @@ class User(AbstractBaseUser):
if not isinstance(data, bytes): if not isinstance(data, bytes):
data = data.encode('utf-8') data = data.encode('utf-8')
return sb.encrypt(data).decode('utf-8') return base64.b64encode(sb.encrypt(data)).decode('utf-8')
def get_salt(self): def get_salt(self):
return base64.b64decode(self.salt.encode('utf-8')) return base64.b64decode(self.salt.encode('utf-8'))
@ -135,12 +136,12 @@ class User(AbstractBaseUser):
key = base64.b64encode(nacl.utils.random(64)) key = base64.b64encode(nacl.utils.random(64))
key_dids = cache.get("KEY_DIDS", {}) key_dids = cache.get("KEY_DIDS", {})
if key_dids.get(user.id): if key_dids.get(self.id):
key = key_dids[user.id] key = key_dids[self.id]
else: else:
self.set_salt() self.set_salt()
key_crypted = self.encrypt_sensitive_data(password, key) key_crypted = self.encrypt_sensitive_data(password, key)
self.encrypted_sensitive_data = base64.b64encode(key_crypted).decode('utf-8') self.encrypted_sensitive_data = key_crypted