Show truncated signing key in admin key request dashboard
Browse filesAdmin can now see the first 16 chars of each user's derived signing key
in the Key Request Dashboard table, making it easier to verify and
troubleshoot key issues.
app.py
CHANGED
|
@@ -1410,8 +1410,15 @@ def admin_build_key_dashboard(session_token: str):
|
|
| 1410 |
# ---- Display DataFrame ----
|
| 1411 |
display_df = df.copy()
|
| 1412 |
display_df["timestamp"] = display_df["timestamp"].dt.strftime("%Y-%m-%d %H:%M UTC")
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1413 |
display_df.insert(0, "#", range(1, len(display_df) + 1))
|
| 1414 |
-
display_df.columns = ["#", "Email", "Team", "Institution", "Timestamp"]
|
| 1415 |
|
| 1416 |
# ---- CSV export (owner-only permissions) ----
|
| 1417 |
csv_path = None
|
|
|
|
| 1410 |
# ---- Display DataFrame ----
|
| 1411 |
display_df = df.copy()
|
| 1412 |
display_df["timestamp"] = display_df["timestamp"].dt.strftime("%Y-%m-%d %H:%M UTC")
|
| 1413 |
+
# Re-derive signing key for each email (deterministic from master key)
|
| 1414 |
+
if _get_master_key():
|
| 1415 |
+
display_df["key"] = display_df["email"].apply(
|
| 1416 |
+
lambda e: derive_user_key(e)[:16] + "..."
|
| 1417 |
+
)
|
| 1418 |
+
else:
|
| 1419 |
+
display_df["key"] = "N/A (no master key)"
|
| 1420 |
display_df.insert(0, "#", range(1, len(display_df) + 1))
|
| 1421 |
+
display_df.columns = ["#", "Email", "Team", "Institution", "Timestamp", "Signing Key (truncated)"]
|
| 1422 |
|
| 1423 |
# ---- CSV export (owner-only permissions) ----
|
| 1424 |
csv_path = None
|