Added an authentication page to allow getting the user pubkey

8 years ago · 0e8b55edc0
parent df9c312b7d
commit 0e8b55edc0
2 changed files with 60 additions and 0 deletions
--- a/www/auth/index.html
+++ b/www/auth/index.html
@ -0,0 +1,9 @@
 <!DOCTYPE html>
 <html class="cp">
 <head>
    <meta content="text/html; charset=utf-8" http-equiv="content-type"/>
    <script data-bootload="main.js" data-main="/common/boot.js" src="/bower_components/requirejs/require.js"></script>
 </head>
 <body class="html">
 </body>
 </html>
--- a/www/auth/main.js
+++ b/www/auth/main.js
@ -0,0 +1,51 @@
 define([
    'jquery',
    '/common/cryptpad-common.js',
    '/bower_components/tweetnacl/nacl-fast.min.js'
 ], function ($, Cryptpad) {
    var Nacl = window.nacl;
    var signMsg = function (msg, privKey) {
        var signKey = Nacl.util.decodeBase64(privKey);
        var buffer = Nacl.util.decodeUTF8(msg);
        return Nacl.util.encodeBase64(Nacl.sign(buffer, signKey));
    };
    // TODO: Allow authing for any domain as long as the user clicks an "accept" button
    //       inside of the iframe.
    var AUTHORIZED_DOMAINS = [
        /\.cryptpad\.fr$/,
        /^http(s)?:\/\/localhost\:/
    ];
    Cryptpad.ready(function () {
        console.log('IFRAME READY');
        $(window).on("message", function (jqe) {
            var evt = jqe.originalEvent;
            var data = JSON.parse(evt.data);
            var domain = evt.origin;
            var srcWindow = evt.source;
            var ret = { txid: data.txid };
            if (data.cmd === 'PING') {
                ret.res = 'PONG';
            } else if (data.cmd === 'SIGN') {
                if (!AUTHORIZED_DOMAINS.filter(function (x) { return x.test(domain); }).length) {
                    ret.error = "UNAUTH_DOMAIN";
                } else if (!Cryptpad.isLoggedIn()) {
                    ret.error = "NOT_LOGGED_IN";
                } else {
                    var proxy = Cryptpad.getStore().getProxy().proxy;
                    var sig = signMsg(data.data, proxy.edPrivate);
                    ret.res = {
                        uname: proxy.login_name,
                        edPublic: proxy.edPublic,
                        sig: sig
                    };
                }
            } else {
                ret.error = "UNKNOWN_CMD";
            }
            srcWindow.postMessage(JSON.stringify(ret), domain);
        });
    });
 });