Storing user data in redis.

Signed-off-by: Cliff Hill <clifford.hill@gsa.gov>
2026-02-06 11:23:48 -05:00 · 2024-11-06 10:41:20 -05:00
parent b532ce8959
commit c8ed66cbfe
2 changed files with 22 additions and 11 deletions
--- a/app/main/views/register.py
+++ b/app/main/views/register.py
@@ -164,14 +164,24 @@ def set_up_your_profile():
    state = request.args.get("state")

    state_key = f"login-state-{unquote(state)}"
-    stored_state = redis_client.get(state_key).decode("utf8")
+    stored_state = unquote(redis_client.get(state_key).decode("utf8"))
    if state != stored_state:
        current_app.logger.error(f"State Error: {state} != {stored_state}")
        abort(403)

    login_gov_error = request.args.get("error")

-    if redis_client.get(f"invitedata-{state}") is None:
+    invite_data = json.loads(redis_client.get(f"invitedata-{state}"))
+    user_email = redis_client.get(f"user_email-{state}").decode("utf8")
+    user_uuid = redis_client.get(f"user_uuid-{state}").decode("utf8")
+    # invite_data = json.loads(redis_client.get(f"invitedata-{state}"))
+    # user_email = redis_client.get(f"user_email-{state}").decode("utf8")
+    # user_uuid = redis_client.get(f"user_uuid-{state}").decode("utf8")
+    # invited_user_email_address = redis_client.get(
+    #     f"invited_user_email_address-{state}"
+    # ).decode("utf8")
+
+    if user_email is None or user_uuid is None:  # invite path
        access_token = sign_in._get_access_token(code)

        debug_msg("Got the access token for login.gov")
@@ -179,9 +189,9 @@ def set_up_your_profile():
        debug_msg(
            f"Got the user_email {user_email} and user_uuid {user_uuid} from login.gov"
        )
-        invite_data = state.encode("utf8")
-        invite_data = base64.b64decode(invite_data)
-        invite_data = json.loads(invite_data)
+        # invite_data = state.encode("utf8")
+        # invite_data = base64.b64decode(invite_data)
+        # invite_data = json.loads(invite_data)
        debug_msg(f"final state {invite_data}")
        invited_user_id = invite_data["invited_user_id"]
        invited_user_email_address = get_invited_user_email_address(invited_user_id)
@@ -202,10 +212,7 @@ def set_up_your_profile():

    form = SetupUserProfileForm()

-    if (
-        form.validate_on_submit()
-        and redis_client.get(f"invitedata-{state}") is not None
-    ):
+    if form.validate_on_submit():
        invite_data, user_email, user_uuid, invited_user_email_address = (
            get_invite_data_from_redis(state)
        )
--- a/app/notify_client/invite_api_client.py
+++ b/app/notify_client/invite_api_client.py
@@ -51,8 +51,12 @@ class InviteApiClient(NotifyAdminAPIClient):

        # make and store the nonce
        nonce = secrets.token_urlsafe()
-        redis_key = f"login-nonce-{unquote(nonce)}"
-        redis_client.set(f"{redis_key}", nonce)  # save the nonce to redis.
+        nonce_key = f"login-nonce-{unquote(nonce)}"
+        redis_client.set(f"{nonce_key}", nonce)  # save the nonce to redis.
+
+        redis_invite_data = json.dumps(data)
+        redis_client.set(f"invitedata-{state}", json.dumps(invite_data), ex=ttl)
+
        data["nonce"] = nonce  # This is passed to api for the invite url.
        data["state"] = state  # This is passed to api for the invite url.