pgadmin-org
/
pgadmin4
mirror of https://github.com/pgadmin-org/pgadmin4.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Ensure master password pop up is not shown on setting MASTER_PASSWORD_REQUIRED to false. #8299

pull/8336/head
Yogesh Mahajan 2025-01-03 20:50:32 +05:30 committed by GitHub
parent b22bfdf74b
commit 6d45dd4491
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 20 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
web/pgadmin/__init__.py
View File

@ -835,8 +835,9 @@ def create_app(app_name=None):
# but the user session may still be active. Logout the user # but the user session may still be active. Logout the user
# to get the key again when login # to get the key again when login
if config.SERVER_MODE and current_user.is_authenticated and \ if config.SERVER_MODE and current_user.is_authenticated and \
session['auth_source_manager']['current_source'] not in [ 'auth_source_manager' in session and \
KERBEROS, OAUTH2, WEBSERVER] and \ session['auth_source_manager']['current_source'] not in \
[KERBEROS, OAUTH2, WEBSERVER] and \
current_app.keyManager.get() is None and \ current_app.keyManager.get() is None and \
request.endpoint not in ('security.login', 'security.logout'): request.endpoint not in ('security.login', 'security.logout'):
logout_user() logout_user()

25
web/pgadmin/utils/master_password.py
View File

@ -28,19 +28,22 @@ def get_crypt_key():
:return: the key :return: the key
""" """
enc_key = current_app.keyManager.get() enc_key = current_app.keyManager.get()
# if desktop mode and master pass and local os secret is if config.SERVER_MODE:
# disabled then use the password hash if config.MASTER_PASSWORD_REQUIRED and enc_key is None:
if not config.MASTER_PASSWORD_REQUIRED and\
not config.USE_OS_SECRET_STORAGE and not config.SERVER_MODE:
return True, current_user.password
# if desktop mode and master pass enabled
elif (config.MASTER_PASSWORD_REQUIRED or config.USE_OS_SECRET_STORAGE) \
and enc_key is None:
return False, None return False, None
elif not config.MASTER_PASSWORD_REQUIRED and config.SERVER_MODE and \ if 'pass_enc_key' in session:
'pass_enc_key' in session:
return True, session['pass_enc_key'] return True, session['pass_enc_key']
else: else:
# if desktop mode and master pass and
# local os secret is disabled then use the password hash
if not config.MASTER_PASSWORD_REQUIRED and\
not config.USE_OS_SECRET_STORAGE:
return True, current_user.password
# and master pass enabled or local os secret enabled
# but enc key is none
if (config.MASTER_PASSWORD_REQUIRED or config.USE_OS_SECRET_STORAGE) \
and enc_key is None:
return False, None
return True, enc_key return True, enc_key
@ -79,7 +82,7 @@ def validate_master_password(password):
else: else:
return True return True
except Exception: except Exception:
False return False
def set_masterpass_check_text(password, clear=False): def set_masterpass_check_text(password, clear=False):