Relate SessionKey to UserKey rather than User

2025-07-22 12:06:53 -06:00 · 2017-03-14 13:32:07 -04:00 · 2017-03-14 13:32:07 -04:00 · 4cb30f1ce4
commit 4cb30f1ce4
parent b868de8d67
4 changed files with 30 additions and 15 deletions
--- a/netbox/secrets/api/views.py
+++ b/netbox/secrets/api/views.py
@ -71,7 +71,7 @@ class SecretViewSet(WritableSerializerMixin, ModelViewSet):
        # Retrieve session key cipher (if any) for the current user
        if session_key is not None:
            try:
-                sk = SessionKey.objects.get(user=request.user)
+                sk = SessionKey.objects.get(userkey__user=request.user)
                master_key = sk.get_master_key(session_key)
                secret.decrypt(master_key)
            except SessionKey.DoesNotExist:
@ -152,10 +152,10 @@ class GetSessionKeyViewSet(ViewSet):
            return HttpResponseBadRequest(ERR_PRIVKEY_INVALID)

        # Delete the existing SessionKey for this user if one exists
-        SessionKey.objects.filter(user=request.user).delete()
+        SessionKey.objects.filter(userkey__user=request.user).delete()

        # Create a new SessionKey
-        sk = SessionKey(user=request.user)
+        sk = SessionKey(userkey=user_key)
        sk.save(master_key=master_key)
        encoded_key = base64.b64encode(sk.key)

--- a/netbox/secrets/migrations/0002_userkey_add_session_key.py
+++ b/netbox/secrets/migrations/0002_userkey_add_session_key.py
@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-# Generated by Django 1.10.6 on 2017-03-14 14:46
+# Generated by Django 1.10.6 on 2017-03-14 17:19
 from __future__ import unicode_literals

 from django.conf import settings
@ -10,7 +10,6 @@ import django.db.models.deletion
 class Migration(migrations.Migration):

    dependencies = [
-        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
        ('secrets', '0001_initial'),
    ]

@ -22,7 +21,6 @@ class Migration(migrations.Migration):
                ('cipher', models.BinaryField(max_length=512)),
                ('hash', models.CharField(editable=False, max_length=128)),
                ('created', models.DateTimeField(auto_now_add=True)),
-                ('user', models.OneToOneField(editable=False, on_delete=django.db.models.deletion.CASCADE, related_name='session_key', to=settings.AUTH_USER_MODEL)),
            ],
            options={
                'ordering': ['user__username'],
@ -33,4 +31,9 @@ class Migration(migrations.Migration):
            name='user',
            field=models.OneToOneField(editable=False, on_delete=django.db.models.deletion.CASCADE, related_name='user_key', to=settings.AUTH_USER_MODEL),
        ),
+        migrations.AddField(
+            model_name='sessionkey',
+            name='userkey',
+            field=models.OneToOneField(editable=False, on_delete=django.db.models.deletion.CASCADE, related_name='session_key', to='secrets.UserKey'),
+        ),
    ]
--- a/netbox/secrets/models.py
+++ b/netbox/secrets/models.py
@ -187,7 +187,7 @@ class SessionKey(models.Model):
    """
    A SessionKey stores a User's temporary key to be used for the encryption and decryption of secrets.
    """
-    user = models.OneToOneField(User, related_name='session_key', editable=False)
+    userkey = models.OneToOneField(UserKey, related_name='session_key', on_delete=models.CASCADE, editable=False)
    cipher = models.BinaryField(max_length=512, editable=False)
    hash = models.CharField(max_length=128, editable=False)
    created = models.DateTimeField(auto_now_add=True)
--- a/netbox/templates/users/userkey.html
+++ b/netbox/templates/users/userkey.html
@ -4,6 +4,12 @@

 {% block usercontent %}
    {% if userkey %}
+        <div class="pull-right">
+            <a href="{% url 'user:userkey_edit' %}" class="btn btn-warning">
+                <span class="fa fa-pencil" aria-hidden="true"></span>
+                Edit user key
+            </a>
+        </div>
        <h4>
            Your user key is:
            {% if userkey.is_active %}
@ -12,15 +18,21 @@
                <span class="label label-danger">Inactive</span>
            {% endif %}
        </h4>
-        <p>Your public key is below.</p>
-        <pre>{{ userkey.public_key }}</pre>
-        <div class="pull-right">
-            <a href="{% url 'user:userkey_edit' %}" class="btn btn-warning">
-                <span class="fa fa-pencil" aria-hidden="true"></span>
-                Edit user key
-            </a>
-        </div>
        {% include 'inc/created_updated.html' with obj=userkey %}
+        <pre>{{ userkey.public_key }}</pre>
+        <hr />
+        {% if userkey.session_key %}
+            <div class="pull-right">
+                <a href="#" class="btn btn-danger">
+                    <span class="fa fa-trash" aria-hidden="true"></span>
+                    Delete session key
+                </a>
+            </div>
+            <h4>Session key: <span class="label label-success">Active</span></h4>
+            <small class="text-muted">Created {{ userkey.session_key.created }}</small>
+        {% else %}
+            <h4>No active session key</h4>
+        {% endif %}
    {% else %}
        <p>You don't have a user key on file.</p>
        <p>