From a1e506eb85df51374ed6dce655055bfb0cc06ffc Mon Sep 17 00:00:00 2001
From: Manav Rathi <manav@mnvr.in>
Date: Fri, 6 Jun 2025 16:52:20 +0530
Subject: [PATCH] Impl

---
 web/packages/base/session.ts | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/web/packages/base/session.ts b/web/packages/base/session.ts
index 42f679623e..e0ebf7ad03 100644
--- a/web/packages/base/session.ts
+++ b/web/packages/base/session.ts
@@ -163,11 +163,22 @@ export const haveAuthenticatedSession = async () => {
     return !!lsToken;
 };
 
+/**
+ * Save the user's encypted key encryption key ("key") in session store
+ * temporarily, until we get back here after completing the second factor.
+ *
+ * See:  [Note: Stashing KEK in session store]
+ *
+ * @param kek The user's key encryption key (as a base64 string).
+ */
+export const stashKeyEncryptionKeyInSessionStore = (kek: string) =>
+    saveKeyInSessionStore("keyEncryptionKey", kek);
+
 /**
  * Return the decrypted user's key encryption key ("kek") from session storage
  * if present, otherwise return `undefined`.
  *
- * [Note: Stashing kek in session store]
+ * [Note: Stashing KEK in session store]
  *
  * During login, if the user has set a second factor (passkey or TOTP), then we
  * need to redirect them to the accounts app or TOTP page to verify the second