Marco De Donno · Marco De Donno · Marco De Donno · Marco De Donno · Marco De Donno · Marco De Donno
--- a/.gitignore
+++ b/.gitignore
@@ -4,3 +4,4 @@ key.pem
 void.py
 *.pyc
 *.ignore
+venv/*
--- a/utils/template.py
+++ b/utils/template.py
@@ -20,7 +20,6 @@ def my_render_template( *args, **kwargs ):
    kwargs[ "js" ] = config.cdnjs
    kwargs[ "css" ] = config.cdncss
    kwargs[ "session_timeout" ] = config.session_timeout
-    kwargs[ "session_security_key" ] = session.get( "session_security_key" )
    kwargs[ "account_type" ] = session.get( "account_type", None )
    kwargs[ "account_type_name" ] = session.get( "account_type_name", None )
    kwargs[ "admin" ] = session.get( "account_type_name", None ) == "Administrator"

--- a/views/afis/templates/afis/shared/segment.html
+++ b/views/afis/templates/afis/shared/segment.html
@@ -32,6 +32,7 @@
                padding-left: 10px;
                padding-right: 20px;
                width: fit-content;
+                width: -moz-fit-content;
                background-color: rgb( 238, 238, 238 );
            }
        </style>

--- a/views/login/__init__.py
+++ b/views/login/__init__.py
@@ -65,7 +65,6 @@ def session_clear_and_prepare():
    session[ "process" ] = "login"
    session[ "need_to_check" ] = [ "password" ]
    session[ "logged" ] = False
-    session[ "session_security_key" ] = str( uuid4() )
 @login_view.route( "/login" )
 def login():

--- a/views/login/templates/login.html
+++ b/views/login/templates/login.html
@@ -19,13 +19,14 @@
        </style>
        <script type="text/javascript">
            baseurl = "{{ baseurl }}";
            homeurl = "{{ url_for( 'base.home' ) }}";
            begin_activate_url = "{{ url_for( 'login.webauthn_begin_activate' ) }}";
            verify_url = "{{ url_for( 'login.webauthn_verify' ) }}";
            begin_assertion_url = "{{ url_for( 'login.webauthn_begin_assertion' ) }}";
            verify_assertion_url = "{{ url_for( 'login.webauthn_verify_assertion' ) }}";
+            localStorage.setItem( "session_key", "" );
        </script>
    </head>
    <body>
@@ -98,9 +99,7 @@
            password_local = await generateKey( password_local, "icnml_" + username + "_localpassword", 50000 );
            password_local = password_local.substring( 0, 128 );
+            localStorage.setItem( "session_key", password_local );
-            var e = encrypt( password_local, "{{ session_security_key }}" );
-            sessionStorage.setItem( "session_key", e );
            $.ajax( {
                url: "{{ url_for( 'login.do_login' ) }}",

--- a/views/submission/templates/admin/segment_list.html
+++ b/views/submission/templates/admin/segment_list.html
@@ -13,7 +13,7 @@
        <script type="text/javascript">
            baseurl = "{{ baseurl }}";
-            var password_local = decrypt( sessionStorage.getItem( "session_key" ), "{{ session_security_key }}" );
+            var password_local = localStorage.getItem( "session_key" );
            var filename = decrypt( "{{ filename }}", password_local );
            var nickname = decrypt( "{{ nickname }}", password_local );
        </script>

--- a/views/submission/templates/shared/mark.html
+++ b/views/submission/templates/shared/mark.html
@@ -24,7 +24,7 @@
        <script type="text/javascript">
            baseurl = "{{ baseurl }}";
-            var password_local = decrypt( sessionStorage.getItem( "session_key" ), "{{ session_security_key }}" );
+            var password_local = localStorage.getItem( "session_key" );
            var nickname = decrypt( "{{ nickname }}", password_local );
            var filename = decrypt( "{{ file[ 'filename' ] }}", password_local );

--- a/views/submission/templates/shared/mark_list.html
+++ b/views/submission/templates/shared/mark_list.html
@@ -15,7 +15,7 @@
            baseurl = "{{ baseurl }}";
            {% if not admin %}
-                var password_local = decrypt( sessionStorage.getItem( "session_key" ), "{{ session_security_key }}" );
+                var password_local = localStorage.getItem( "session_key" );
                var nickname = decrypt( "{{ nickname }}", password_local );
            {% endif %}

--- a/views/submission/templates/shared/tenprint.html
+++ b/views/submission/templates/shared/tenprint.html
@@ -27,7 +27,7 @@
            file_id = "{{ file[ 'uuid' ] }}";
            {% if not admin %}
-                var password_local = decrypt( sessionStorage.getItem( "session_key" ), "{{ session_security_key }}" );
+                var password_local = localStorage.getItem( "session_key" );
                var nickname = decrypt( "{{ nickname }}", password_local );
                var filename = decrypt( "{{ file[ 'filename' ] }}", password_local );
            {% endif %}

--- a/views/submission/templates/submission/add_files.html
+++ b/views/submission/templates/submission/add_files.html
@@ -16,7 +16,7 @@
            baseurl = "{{ baseurl }}";
            submission_id = "{{ submission_id }}";
-            var password_local = decrypt( sessionStorage.getItem( "session_key" ), "{{ session_security_key }}" );
+            var password_local = localStorage.getItem( "session_key" );
            var nickname = decrypt( "{{ nickname }}", password_local );
            var update_nickname = function()

--- a/views/submission/templates/submission/add_marks_by_finger.html
+++ b/views/submission/templates/submission/add_marks_by_finger.html
@@ -16,7 +16,7 @@
            baseurl = "{{ baseurl }}";
            submission_id = "{{ submission_id }}";
-            var password_local = decrypt( sessionStorage.getItem( "session_key" ), "{{ session_security_key }}" );
+            var password_local = localStorage.getItem( "session_key" );
            var nickname = decrypt( "{{ user.nickname }}", password_local );
            var update_nickname = function()

--- a/views/submission/templates/submission/consent_form.html
+++ b/views/submission/templates/submission/consent_form.html
@@ -26,7 +26,7 @@
            baseurl = "{{ baseurl }}";
            submission_id = "{{ submission_id }}";
-            var password_local = decrypt( sessionStorage.getItem( "session_key" ), "{{ session_security_key }}" );
+            var password_local = localStorage.getItem( "session_key" );
            var nickname = decrypt( "{{ nickname }}", password_local );
            var update_nickname = function()

--- a/views/submission/templates/submission/list.html
+++ b/views/submission/templates/submission/list.html
@@ -14,7 +14,7 @@
        <script type="text/javascript">
            baseurl = "{{ baseurl }}";
-            var password_local = decrypt( sessionStorage.getItem( "session_key" ), "{{ session_security_key }}" );
+            var password_local = localStorage.getItem( "session_key" );
            var donors = {};
            {% for donor in donors %}

--- a/views/submission/templates/submission/mark_pfsp.html
+++ b/views/submission/templates/submission/mark_pfsp.html
@@ -48,7 +48,7 @@
            baseurl = "{{ baseurl }}";
            current_pfsp = "{{ current_pfsp }}";
-            var password_local = decrypt( sessionStorage.getItem( "session_key" ), "{{ session_security_key }}" );
+            var password_local = localStorage.getItem( "session_key" );
            var nickname = decrypt( "{{ nickname }}", password_local );
            var filename = decrypt( "{{ file[ 'filename' ] }}", password_local );
            var note     = decrypt( "{{ file[ 'note' ] }}", password_local );

--- a/views/submission/templates/submission/new.html
+++ b/views/submission/templates/submission/new.html
@@ -16,7 +16,7 @@
            baseurl = "{{ baseurl }}";
            submission_id = "{{ submission_id }}";
-            var password_local = decrypt( sessionStorage.getItem( "session_key" ), "{{ session_security_key }}" );
+            var password_local = localStorage.getItem( "session_key" );
        </script>
    </head>
    <body class="icnml_main_layout">

--- a/views/submission/templates/submission/segment.html
+++ b/views/submission/templates/submission/segment.html
@@ -14,7 +14,7 @@
        <script type="text/javascript">
            baseurl = "{{ baseurl }}";
-            var password_local = decrypt( sessionStorage.getItem( "session_key" ), "{{ session_security_key }}" );
+            var password_local = localStorage.getItem( "session_key" );
            var nickname = decrypt( "{{ nickname }}", password_local );
            var tp_filename = decrypt( "{{ tp_filename }}", password_local );

--- a/views/submission/templates/submission/segment_list.html
+++ b/views/submission/templates/submission/segment_list.html
@@ -13,7 +13,7 @@
        <script type="text/javascript">
            baseurl = "{{ baseurl }}";
-            var password_local = decrypt( sessionStorage.getItem( "session_key" ), "{{ session_security_key }}" );
+            var password_local = localStorage.getItem( "session_key" );
            var filename = decrypt( "{{ filename }}", password_local );
            var nickname = decrypt( "{{ nickname }}", password_local );
        </script>

--- a/views/submission/templates/submission/set_gp.html
+++ b/views/submission/templates/submission/set_gp.html
@@ -15,7 +15,7 @@
            baseurl = "{{ baseurl }}";
            submission_id = "{{ submission_id }}";
-            var password_local = decrypt( sessionStorage.getItem( "session_key" ), "{{ session_security_key }}" );
+            var password_local = localStorage.getItem( "session_key" );
            var nickname = decrypt( "{{ user.nickname }}", password_local );
            var update_nickname = function()

--- a/views/submission/templates/submission/summary.html
+++ b/views/submission/templates/submission/summary.html
@@ -14,7 +14,7 @@
        <script type="text/javascript">
            baseurl = "{{ baseurl }}";
-            var password_local = decrypt( sessionStorage.getItem( "session_key" ), "{{ session_security_key }}" );
+            var password_local = localStorage.getItem( "session_key" );
            var nickname = decrypt( "{{ nickname }}", password_local );
        </script>
    </head>

--- a/views/submission/templates/submission/tenprint_list.html
+++ b/views/submission/templates/submission/tenprint_list.html
@@ -13,7 +13,7 @@
        <script type="text/javascript">
            baseurl = "{{ baseurl }}";
-            var password_local = decrypt( sessionStorage.getItem( "session_key" ), "{{ session_security_key }}" );
+            var password_local = localStorage.getItem( "session_key" );
            var nickname = decrypt( "{{ nickname }}", password_local );
        </script>