Ensure master password pop up is not shown on setting MASTER_PASSWORD_REQUIRED to false. #8299

yogeshmahajan-1903 · web-flow · commit 6d45dd449148 · 2025-01-03T20:50:32.000+05:30
diff --git a/web/pgadmin/__init__.py b/web/pgadmin/__init__.py
@@ -835,8 +835,9 @@ def before_request():
         # but the user session may still be active. Logout the user
         # to get the key again when login
         if config.SERVER_MODE and current_user.is_authenticated and \
-            session['auth_source_manager']['current_source'] not in [
-                KERBEROS, OAUTH2, WEBSERVER] and \
+            'auth_source_manager' in session and \
+            session['auth_source_manager']['current_source'] not in \
+            [KERBEROS, OAUTH2, WEBSERVER] and \
                 current_app.keyManager.get() is None and \
                 request.endpoint not in ('security.login', 'security.logout'):
             logout_user()
diff --git a/web/pgadmin/utils/master_password.py b/web/pgadmin/utils/master_password.py
@@ -28,20 +28,23 @@ def get_crypt_key():
     :return: the key
     """
     enc_key = current_app.keyManager.get()
-    # if desktop mode and master pass and local os secret is
-    # disabled then use the password hash
-    if not config.MASTER_PASSWORD_REQUIRED and\
-            not config.USE_OS_SECRET_STORAGE and not config.SERVER_MODE:
-        return True, current_user.password
-    # if desktop mode and master pass enabled
-    elif (config.MASTER_PASSWORD_REQUIRED or config.USE_OS_SECRET_STORAGE) \
-            and enc_key is None:
-        return False, None
-    elif not config.MASTER_PASSWORD_REQUIRED and config.SERVER_MODE and \
-            'pass_enc_key' in session:
-        return True, session['pass_enc_key']
+    if config.SERVER_MODE:
+        if config.MASTER_PASSWORD_REQUIRED and enc_key is None:
+            return False, None
+        if 'pass_enc_key' in session:
+            return True, session['pass_enc_key']
     else:
-        return True, enc_key
+        # if desktop mode and master pass and
+        # local os secret is disabled then use the password hash
+        if not config.MASTER_PASSWORD_REQUIRED and\
+                not config.USE_OS_SECRET_STORAGE:
+            return True, current_user.password
+        # and master pass enabled or local os secret enabled
+        # but enc key is none
+        if (config.MASTER_PASSWORD_REQUIRED or config.USE_OS_SECRET_STORAGE) \
+                and enc_key is None:
+            return False, None
+    return True, enc_key
 
 
 def get_master_password_key_from_os_secret():
@@ -79,7 +82,7 @@ def validate_master_password(password):
         else:
             return True
     except Exception:
-        False
+        return False
 
 
 def set_masterpass_check_text(password, clear=False):
