From 8e8f2c0f47da85883c02d4f8e95eebff824cdb73 Mon Sep 17 00:00:00 2001 From: ivk Date: Thu, 8 Aug 2024 18:20:47 +0200 Subject: [PATCH] Fix key error after the first login We have added a migration to add `encryptedPassphraseKey` and we've been erroneously calling `getDecryptedCredentialsByUserId()` before any credentials have been stored. Now we first make sure that the credentials are there and then we try to fetch and decrypt them. fix #7330 --- src/common/api/main/PageContextLoginListener.ts | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/src/common/api/main/PageContextLoginListener.ts b/src/common/api/main/PageContextLoginListener.ts index f44f07fd7bb..bc296183eaf 100644 --- a/src/common/api/main/PageContextLoginListener.ts +++ b/src/common/api/main/PageContextLoginListener.ts @@ -36,10 +36,16 @@ export class PageContextLoginListener implements LoginListener { // Update the credentials after the full login. // It is needed because we added encryptedPassphraseKey to credentials which is only // available after the full login which happens async. - const storedCredentials = await this.credentialsProvider.getDecryptedCredentialsByUserId(credentials.userId) - if (storedCredentials != null) { - const updatedCredentials = credentialsToUnencrypted(credentials, storedCredentials.databaseKey) - await this.credentialsProvider.store(updatedCredentials) + + // First try to fetch credentials info and only then try to get decrypted credentials as it is not valid to + // call `getDecryptedCredentialsByUserId()` without storing any credentials first. + const areCredentialsStored = (await this.credentialsProvider.getCredentialsInfoByUserId(credentials.userId)) != null + if (areCredentialsStored) { + const storedCredentials = await this.credentialsProvider.getDecryptedCredentialsByUserId(credentials.userId) + if (storedCredentials != null) { + const updatedCredentials = credentialsToUnencrypted(credentials, storedCredentials.databaseKey) + await this.credentialsProvider.store(updatedCredentials) + } } this.loginPromise.resolve()