Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Fix iteration counts breaking personal API keys #19355

Merged
merged 6 commits into from
Dec 15, 2023
Merged

fix: Fix iteration counts breaking personal API keys #19355

merged 6 commits into from
Dec 15, 2023

Conversation

webjunkie
Copy link
Contributor

@webjunkie webjunkie commented Dec 15, 2023
edited
Loading

Problem

API keys issued with a different number of iterations are not getting validated due to hash mismatches.

Changes

  • hard-code iteration counts to decouple from Django
  • use our main count, if that doesn't work use a fallback one
    • take care to only hash when necessary

How did you test this code?

  • generated a key with our regular master and another one with the Django 4 commit
  • see that both keys work (they don't on master)

@webjunkie webjunkie self-assigned this Dec 15, 2023
benjackwhite
benjackwhite approved these changes Dec 15, 2023
View reviewed changes
Copy link
Contributor

@benjackwhite benjackwhite left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This could really do with a test tbh. If it is not possible then rather merge but if it is doable, lets add it now so it doesn't bite us in the future...

@webjunkie
Copy link
Contributor Author

I added tests for the new iteration count and also with a hardcoded key as if a customer would have it.

@webjunkie webjunkie enabled auto-merge (squash) December 15, 2023 13:46
@webjunkie webjunkie merged commit bd0fb1c into master Dec 15, 2023
74 checks passed
@webjunkie webjunkie deleted the fix/personal-api-key-iterations-both branch December 15, 2023 14:08
@webjunkie webjunkie mentioned this pull request Dec 15, 2023
Closed
@sentry-io Sentry.io
Copy link

sentry-io bot commented Dec 15, 2023

Suspect Issues

This pull request was deployed and Sentry observed the following issues:

  • ‼️ OperationalError: server closed the connection unexpectedly /api/feature_flag/local_evaluation/ View Issue

Did you find this useful? React with a 👍 or 👎

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@benjackwhite benjackwhite benjackwhite approved these changes

Assignees

@webjunkie webjunkie

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@webjunkie @benjackwhite