ldap: decode decrypted password (#41875)
Crypto functions work with bytes.
This commit is contained in:
parent
a89c9a1c41
commit
70c6320ed9
|
@ -318,7 +318,7 @@ class LDAPUser(User):
|
|||
password = cache.get(self.dn)
|
||||
if password is not None:
|
||||
try:
|
||||
password = crypto.aes_base64_decrypt(settings.SECRET_KEY, password)
|
||||
password = force_text(crypto.aes_base64_decrypt(settings.SECRET_KEY, password))
|
||||
except crypto.DecryptionError:
|
||||
logging.getLogger(__name__).error('unable to decrypt a stored LDAP password')
|
||||
self.keep_password_in_session(None)
|
||||
|
|
|
@ -208,9 +208,10 @@ def test_keep_password_in_session(slapd, settings, client, db):
|
|||
assert user.ou == get_default_ou()
|
||||
assert not user.check_password(PASS)
|
||||
assert client.session['ldap-data']['password']
|
||||
assert force_bytes(DN) in result.context['request'].user.ldap_data[b'password']
|
||||
assert force_text(DN) in result.context['request'].user.ldap_data['password']
|
||||
assert crypto.aes_base64_decrypt(
|
||||
settings.SECRET_KEY, result.context['request'].user.ldap_data[b'password'][force_bytes(DN)]) == force_bytes(PASS)
|
||||
settings.SECRET_KEY,
|
||||
force_bytes(result.context['request'].user.ldap_data['password'][force_text(DN)])) == force_bytes(PASS)
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
|
|
Loading…
Reference in New Issue