фикс кредов

This commit is contained in:
dv 2026-05-04 17:43:53 +03:00
parent 7e7f9ca66b
commit 826e0b4198

View file

@ -17,6 +17,7 @@ If the last_auth method fails it is cleared and the full list is tried.
""" """
import asyncio import asyncio
import hashlib
import logging import logging
import time import time
from dataclasses import dataclass, field from dataclasses import dataclass, field
@ -84,7 +85,13 @@ def _opt_key(opt: _AuthOption) -> str:
"""Deduplication key for an auth option.""" """Deduplication key for an auth option."""
if opt.type == "key": if opt.type == "key":
return f"key:{opt.key_id}:{opt.username}" return f"key:{opt.key_id}:{opt.username}"
return f"password:{opt.cred_id}:{opt.username}" # For DB-backed credentials we can deduplicate by (cred_id, username).
# For legacy/fallback credentials (cred_id is None), include a password
# fingerprint so different passwords for the same username are still tried.
if opt.cred_id is not None:
return f"password:{opt.cred_id}:{opt.username}"
pwd_fingerprint = hashlib.sha256(opt.password.encode("utf-8")).hexdigest()[:16]
return f"password:inline:{opt.username}:{pwd_fingerprint}"
async def _load_key_path(db: AsyncSession, key_id: int) -> Optional[str]: async def _load_key_path(db: AsyncSession, key_id: int) -> Optional[str]: