github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

perf: Login encryption key cache added

pull/14209/head
feng 2 months ago committed by Bryan
parent
fce8cc375f
commit
f7030e4fee
2 changed files with 33 additions and 12 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 43
      apps/authentication/middleware.py
  2. 2
      apps/authentication/tests.py

43
apps/authentication/middleware.py
Unescape View File

@ -2,6 +2,7 @@ import base64
from django.conf import settings from django.conf import settings
from django.contrib.auth import logout as auth_logout from django.contrib.auth import logout as auth_logout
from django.core.cache import cache
from django.http import HttpResponse from django.http import HttpResponse
from django.shortcuts import redirect, reverse, render from django.shortcuts import redirect, reverse, render
from django.utils.deprecation import MiddlewareMixin from django.utils.deprecation import MiddlewareMixin
@ -116,23 +117,43 @@ class ThirdPartyLoginMiddleware(mixins.AuthMixin):
class SessionCookieMiddleware(MiddlewareMixin): class SessionCookieMiddleware(MiddlewareMixin):
USER_LOGIN_ENCRYPTION_KEY_PAIR = 'user_login_encryption_key_pair'
@staticmethod def set_cookie_public_key(self, request, response):
def set_cookie_public_key(request, response):
if request.path.startswith('/api'): if request.path.startswith('/api'):
return return
pub_key_name = settings.SESSION_RSA_PUBLIC_KEY_NAME
public_key = request.session.get(pub_key_name) session_public_key_name = settings.SESSION_RSA_PUBLIC_KEY_NAME
cookie_key = request.COOKIES.get(pub_key_name) session_private_key_name = settings.SESSION_RSA_PRIVATE_KEY_NAME
if public_key and public_key == cookie_key:
session_public_key = request.session.get(session_public_key_name)
cookie_public_key = request.COOKIES.get(session_public_key_name)
if session_public_key and session_public_key == cookie_public_key:
return return
pri_key_name = settings.SESSION_RSA_PRIVATE_KEY_NAME private_key, public_key = self.get_key_pair()
private_key, public_key = gen_key_pair()
public_key_decode = base64.b64encode(public_key.encode()).decode() public_key_decode = base64.b64encode(public_key.encode()).decode()
request.session[pub_key_name] = public_key_decode
request.session[pri_key_name] = private_key request.session[session_public_key_name] = public_key_decode
response.set_cookie(pub_key_name, public_key_decode) request.session[session_private_key_name] = private_key
response.set_cookie(session_public_key_name, public_key_decode)
def get_key_pair(self):
key_pair = cache.get(self.USER_LOGIN_ENCRYPTION_KEY_PAIR)
if key_pair:
return key_pair['private_key'], key_pair['public_key']
private_key, public_key = gen_key_pair()
key_pair = {
'private_key': private_key,
'public_key': public_key
}
cache.set(self.USER_LOGIN_ENCRYPTION_KEY_PAIR, key_pair, None)
return private_key, public_key
@staticmethod @staticmethod
def set_cookie_session_prefix(request, response): def set_cookie_session_prefix(request, response):

2
apps/authentication/tests.py
Unescape View File

@ -1,4 +1,4 @@
from .utils import gen_key_pair, rsa_decrypt, rsa_encrypt from common.utils import gen_key_pair, rsa_decrypt, rsa_encrypt
def test_rsa_encrypt_decrypt(message='test-password-$%^&*'): def test_rsa_encrypt_decrypt(message='test-password-$%^&*'):

Write Preview
Loading…
Cancel
Save