Fix save_value issue

diegojromerolopez · diegojromerolopez · commit a24722ac1be5 · 2023-02-07T23:31:54.000+01:00
diff --git a/async_include/crypto.py b/async_include/crypto.py
@@ -5,17 +5,17 @@
 from Crypto.Cipher import AES
 
 
-def encrypt(key, data):
+def encrypt(key: str, text: str):
     cipher = AES.new(key.encode('utf-8'), AES.MODE_EAX)
-    encrypted_data, tag = cipher.encrypt_and_digest(data.encode('utf-8'))
+    encrypted_data, tag = cipher.encrypt_and_digest(text.encode('utf-8'))
     return cipher.nonce, encrypted_data, tag
 
 
-def decrypt(key, nonce, encrypted_data, tag):
+def decrypt(key: str, nonce: str, encrypted_data: str, tag: str):
     cipher = AES.new(
-        key.encode('utf-8'), AES.MODE_EAX, nonce.encode('latin-1')
+        key.encode('utf-8'), AES.MODE_EAX, nonce.encode('utf-8')
     )
     data = cipher.decrypt_and_verify(
-        encrypted_data.encode('latin-1'), tag.encode('latin-1')
+        encrypted_data.encode('utf-8'), tag.encode('utf-8')
     )
     return data.decode('utf-8')
diff --git a/async_include/templatetags/async_include.py b/async_include/templatetags/async_include.py
@@ -126,7 +126,7 @@ def async_include(context, template_path, *args, **kwargs):
             sql_query, params = context_object.query.sql_with_params()
 
             nonce, encrypted_sql, tag = crypto.encrypt(
-                key=settings.SECRET_KEY[:16], data=sql_query
+                key=settings.SECRET_KEY[:16], text=sql_query
             )
 
             replacements['context'][context_object_name] = {
@@ -142,7 +142,10 @@ def async_include(context, template_path, *args, **kwargs):
         # Safe values are sent as is to the view
         # that will render the template
         else:
-            context_object_as_str = '{0}'.format(context_object)
+            if isinstance(context_object, str):
+                context_object_as_str = context_object
+            else:
+                context_object_as_str = '{0}'.format(context_object)
             replacements['context'][context_object_name] = {
                 'type': 'safe_value',
                 'value': context_object,
diff --git a/async_include/views.py b/async_include/views.py
@@ -101,7 +101,7 @@ def get_template(request):
             # Checking if JSON has been tampered
             if (
                 context_object_load_params['__checksum__'] !=
-                    checksum.make(value_as_str)
+                    checksum.make(value)
             ):
                 return HttpResponse(
                     status=403,
