ppfeiffer/MeshDD-Bot
1
0
Fork 0
Code Issues 7 Pull requests Actions Packages Projects Releases Wiki Activity

fix: v0.5.1 - Fernet key setup fuer EncryptedCookieStorage korrigiert

Browse source 
Fernet-Objekt direkt an EncryptedCookieStorage uebergeben statt
bytes (die intern nochmal base64-encoded wurden).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
ppfeiffer 2026-02-16 19:44:53 +01:00
parent 0d6b26f4f8
commit 49e8b409bd
3 changed files with 8 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
CHANGELOG.md
View file

@ -1,5 +1,9 @@
# Changelog # Changelog
## [0.5.1] - 2026-02-16
### Fixed
- Fernet key setup fuer EncryptedCookieStorage korrigiert (doppelte Base64-Kodierung)
## [0.5.0] - 2026-02-16 ## [0.5.0] - 2026-02-16
### Added ### Added
- Benutzerverwaltung mit Session-basierter Authentifizierung - Benutzerverwaltung mit Session-basierter Authentifizierung

2
config.yaml
View file

@ -1,4 +1,4 @@
version: "0.5.0" version: "0.5.1"
bot: bot:
name: "MeshDD-Bot" name: "MeshDD-Bot"

5
meshbot/auth.py
View file

@ -28,8 +28,9 @@ def check_password(password: str, hashed: str) -> bool:
def setup_session(app: web.Application): def setup_session(app: web.Application):
secret_key = config.get("auth.secret_key", "change-this-secret-key-32bytes!!") secret_key = config.get("auth.secret_key", "change-this-secret-key-32bytes!!")
# Fernet requires a 32-byte url-safe base64-encoded key # EncryptedCookieStorage accepts a Fernet object directly
fernet_key = base64.urlsafe_b64encode(secret_key.encode("utf-8")[:32]) key_bytes = secret_key.encode("utf-8")[:32].ljust(32, b"\0")
fernet_key = Fernet(base64.urlsafe_b64encode(key_bytes))
max_age = config.get("auth.session_max_age", 86400) max_age = config.get("auth.session_max_age", 86400)
storage = EncryptedCookieStorage( storage = EncryptedCookieStorage(
fernet_key, fernet_key,