python3: force text on ldap user's cached password

2020-02-10 11:48:32 +01:00 · 2020-02-10 11:48:32 +01:00 · b1349a9496
parent d79cfeabc7
commit b1349a9496
1 changed files with 2 additions and 1 deletions
--- a/src/authentic2/backends/ldap_backend.py
+++ b/src/authentic2/backends/ldap_backend.py
@ -306,7 +306,8 @@ class LDAPUser(User):
        cache = self.ldap_data.setdefault('password', {})
        if password is not None:
            # Prevent eavesdropping of the password through the session storage
-            password = crypto.aes_base64_encrypt(settings.SECRET_KEY, force_bytes(password))
+            password = force_text(crypto.aes_base64_encrypt(
+                    settings.SECRET_KEY, force_bytes(password)))
        cache[self.dn] = password
        # ensure session is marked dirty
        self.update_request()