PapaTutuWawa/etesync-server
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add a separate pubkey/privatekey for sharing.

Browse Source 
It's separated from the login one so that encryption key and identity
can be rotated separately.
This commit is contained in:
Tom Hacohen 2020-05-26 13:44:40 +03:00
parent 863c405802
commit e94e2f9d70
3 changed files with 33 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
django_etesync/migrations/0006_auto_20200526_1040.py Normal file
View File

@ -0,0 +1,25 @@
# Generated by Django 3.0.3 on 2020-05-26 10:40
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('django_etesync', '0005_auto_20200526_1021'),
]
operations = [
migrations.AddField(
model_name='userinfo',
name='encryptedSeckey',
field=models.BinaryField(default=b'', editable=True),
preserve_default=False,
),
migrations.AddField(
model_name='userinfo',
name='pubkey',
field=models.BinaryField(default=b'', editable=True),
preserve_default=False,
),
]

2
django_etesync/models.py
View File

@ -175,6 +175,8 @@ class UserInfo(models.Model):
owner = models.OneToOneField(settings.AUTH_USER_MODEL, on_delete=models.CASCADE, primary_key=True) owner = models.OneToOneField(settings.AUTH_USER_MODEL, on_delete=models.CASCADE, primary_key=True)
version = models.PositiveSmallIntegerField(default=1) version = models.PositiveSmallIntegerField(default=1)
loginPubkey = models.BinaryField(editable=True, blank=False, null=False) loginPubkey = models.BinaryField(editable=True, blank=False, null=False)
pubkey = models.BinaryField(editable=True, blank=False, null=False)
encryptedSeckey = models.BinaryField(editable=True, blank=False, null=False)
salt = models.BinaryField(editable=True, blank=False, null=False) salt = models.BinaryField(editable=True, blank=False, null=False)
def __str__(self): def __str__(self):

7
django_etesync/serializers.py
View File

@ -326,9 +326,12 @@ class InvitationAcceptSerializer(serializers.Serializer):
class UserSerializer(serializers.ModelSerializer): class UserSerializer(serializers.ModelSerializer):
pubkey = BinaryBase64Field(source='userinfo.pubkey')
encryptedSeckey = BinaryBase64Field(source='userinfo.encryptedSeckey')
class Meta: class Meta:
model = User model = User
fields = (User.USERNAME_FIELD, User.EMAIL_FIELD) fields = (User.USERNAME_FIELD, User.EMAIL_FIELD, 'pubkey', 'encryptedSeckey')
class UserQuerySerializer(serializers.ModelSerializer): class UserQuerySerializer(serializers.ModelSerializer):
@ -349,6 +352,8 @@ class AuthenticationSignupSerializer(serializers.Serializer):
user = UserQuerySerializer(many=False) user = UserQuerySerializer(many=False)
salt = BinaryBase64Field() salt = BinaryBase64Field()
loginPubkey = BinaryBase64Field() loginPubkey = BinaryBase64Field()
pubkey = BinaryBase64Field()
encryptedSeckey = BinaryBase64Field()
def create(self, validated_data): def create(self, validated_data):
"""Function that's called when this serializer creates an item""" """Function that's called when this serializer creates an item"""