Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ensure master password pop up is not shown on setting MASTER_PASSWORD_REQUIRED to false.#8299 #8317

Merged
merged 1 commit into from
Jan 3, 2025
Merged

Ensure master password pop up is not shown on setting MASTER_PASSWORD_REQUIRED to false.#8299 #8317

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions web/pgadmin/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -835,8 +835,9 @@ def before_request():
# but the user session may still be active. Logout the user
# to get the key again when login
if config.SERVER_MODE and current_user.is_authenticated and \
session['auth_source_manager']['current_source'] not in [
KERBEROS, OAUTH2, WEBSERVER] and \
'auth_source_manager' in session and \
session['auth_source_manager']['current_source'] not in \
[KERBEROS, OAUTH2, WEBSERVER] and \
current_app.keyManager.get() is None and \
request.endpoint not in ('security.login', 'security.logout'):
logout_user()
Expand Down
31 changes: 17 additions & 14 deletions web/pgadmin/utils/master_password.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,20 +28,23 @@ def get_crypt_key():
:return: the key
"""
enc_key = current_app.keyManager.get()
# if desktop mode and master pass and local os secret is
# disabled then use the password hash
if not config.MASTER_PASSWORD_REQUIRED and\
not config.USE_OS_SECRET_STORAGE and not config.SERVER_MODE:
return True, current_user.password
# if desktop mode and master pass enabled
elif (config.MASTER_PASSWORD_REQUIRED or config.USE_OS_SECRET_STORAGE) \
and enc_key is None:
return False, None
elif not config.MASTER_PASSWORD_REQUIRED and config.SERVER_MODE and \
'pass_enc_key' in session:
return True, session['pass_enc_key']
if config.SERVER_MODE:
if config.MASTER_PASSWORD_REQUIRED and enc_key is None:
return False, None
if 'pass_enc_key' in session:
return True, session['pass_enc_key']
else:
return True, enc_key
# if desktop mode and master pass and
# local os secret is disabled then use the password hash
if not config.MASTER_PASSWORD_REQUIRED and\
not config.USE_OS_SECRET_STORAGE:
return True, current_user.password
# and master pass enabled or local os secret enabled
# but enc key is none
if (config.MASTER_PASSWORD_REQUIRED or config.USE_OS_SECRET_STORAGE) \
and enc_key is None:
return False, None
return True, enc_key


def get_master_password_key_from_os_secret():
Expand Down Expand Up @@ -79,7 +82,7 @@ def validate_master_password(password):
else:
return True
except Exception:
False
return False


def set_masterpass_check_text(password, clear=False):
Expand Down