coryHawkvelt/gatehouse-api
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fix(webauthn): ensure provider_data JSON changes are detected by SQLAlchemy

Browse Source 
Add flag_modified() calls after modifying provider_data dictionary to
explicitly mark the field as changed. SQLAlchemy does not automatically
track mutations to JSON fields, which could result in changes not being
persisted to the database.
This commit is contained in:
Cory Hawklvelt
2026-01-16 11:34:40 +10:30
parent af0281281a
commit b2e084db33
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
gatehouse_app/services/webauthn_service.py
+8
View File
@@ -7,6 +7,7 @@ import json
from datetime import datetime, timedelta, timezone
from typing import Optional, Dict, Any, List
from flask import current_app
from sqlalchemy.orm.attributes import flag_modified
from gatehouse_app.extensions import db, redis_client
from gatehouse_app.models.user import User
@@ -557,6 +558,9 @@ class WebAuthnService:
auth_method.provider_data["last_used_at"] = datetime.now(timezone.utc).isoformat()
auth_method.last_used_at = datetime.now(timezone.utc)
# Flag provider_data as modified so SQLAlchemy detects the JSON change
flag_modified(auth_method, "provider_data")
db.session.commit()
# Log audit event
@@ -665,6 +669,10 @@ class WebAuthnService:
# Update name
auth_method.provider_data["name"] = name
# Flag provider_data as modified so SQLAlchemy detects the JSON change
flag_modified(auth_method, "provider_data")
db.session.commit()
# Log audit event