Skip to content

Commit

Permalink
Add encryption
Browse files Browse the repository at this point in the history
  • Loading branch information
@philippjfr
philippjfr committed May 9, 2024
1 parent da2e43c commit 1541929
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 2 deletions.
6 changes: 5 additions & 1 deletion panel/auth.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -994,7 +994,11 @@ async def get_user(handler):
_, token = protocol_header.split(', ')
payload = get_token_payload(token)
if 'user_data' in payload:
state._oauth_user_overrides[user] = payload['user_data']
user_data = payload['user_data']
if state.encryption:
user_data = state.encryption.decrypt(user_data).decode('utf-8')
user_data = json.loads(user_data)
state._oauth_user_overrides[user] = user_data

now_ts = dt.datetime.now(dt.timezone.utc).timestamp()
expiry = None
Expand Down
6 changes: 5 additions & 1 deletion panel/io/application.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
"""
from __future__ import annotations

import json
import logging
import os

Expand Down Expand Up @@ -101,7 +102,10 @@ def process_request(self, request) -> dict[str, Any]:
from tornado.web import decode_signed_value
user = decode_signed_value(config.cookie_secret, 'user', user.value).decode('utf-8')
if user in state._oauth_user_overrides:
request_data['user_data'] = state._oauth_user_overrides[user]
user_data = json.dumps(state._oauth_user_overrides[user])
if state.encryption:
user_data = state.encryption.encrypt(user_data.encode('utf-8'))
request_data['user_data'] = user_data
return request_data

bokeh.command.util.Application = Application # type: ignore
Expand Down

0 comments on commit 1541929

Please sign in to comment.