From c642bce98425c2941c6f7c1b0992d669bb085015 Mon Sep 17 00:00:00 2001
From: ansuz <ansuz@transitiontech.ca>
Date: Thu, 9 Feb 2017 10:31:00 +0100
Subject: [PATCH 1/3] restore disabled listener

---
 www/user/main.js | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/www/user/main.js b/www/user/main.js
index 039316ef5..18958cd15 100644
--- a/www/user/main.js
+++ b/www/user/main.js
@@ -161,6 +161,9 @@ define([
         });
     };
 
+    addEnterListener($confirm, function () {
+        $register.click();
+    });
     addEnterListener($password_register, function () {
         $login.click();
     });
@@ -354,7 +357,9 @@ define([
 
             APP.setNotice(Cryptpad.Messages.login_hashing);
 
+            // inform the user that we're hashing their password
             revealNotice(true);
+
             revealLogin(false, function () {
                 window.setTimeout(function () {
                     resetUI();

From e100110741305bca7468f7a7adf2d04b55738235 Mon Sep 17 00:00:00 2001
From: ansuz <ansuz@transitiontech.ca>
Date: Thu, 9 Feb 2017 16:31:57 +0100
Subject: [PATCH 2/3] implement log in as an api

---
 www/{user => common}/credential.js |   0
 www/common/login.js                | 112 +++++++++++++++++++++++++++++
 www/user/main.js                   |   7 +-
 3 files changed, 116 insertions(+), 3 deletions(-)
 rename www/{user => common}/credential.js (100%)
 create mode 100644 www/common/login.js

diff --git a/www/user/credential.js b/www/common/credential.js
similarity index 100%
rename from www/user/credential.js
rename to www/common/credential.js
diff --git a/www/common/login.js b/www/common/login.js
new file mode 100644
index 000000000..bf3848c70
--- /dev/null
+++ b/www/common/login.js
@@ -0,0 +1,112 @@
+define([
+    '/bower_components/chainpad-listmap/chainpad-listmap.js',
+    '/bower_components/chainpad-crypto/crypto.js',
+    '/common/cryptpad-common.js',
+    '/common/credential.js',
+    '/bower_components/tweetnacl/nacl-fast.min.js',
+    '/bower_components/scrypt-async/scrypt-async.min.js', // better load speed
+    '/bower_components/jquery/dist/jquery.min.js',
+], function (Listmap, Crypto, Cryptpad, Cred) {
+    var Exports = {
+        Cred: Cred,
+    };
+
+    var allocateBytes = function (bytes) {
+        var dispense = Cred.dispenser(bytes);
+
+        var opt = {};
+
+        // dispense 18 bytes of entropy for your encryption key
+        var encryptionSeed = dispense(18);
+        // 16 bytes for a deterministic channel key
+        var channelSeed = dispense(16);
+        // 32 bytes for a curve key
+        var curveSeed = opt.curveSeed = dispense(32);
+        // 32 more for a signing key
+        var edSeed = opt.edSeed = dispense(32);
+
+        var keys = opt.keys = Crypto.createEditCryptor(null, encryptionSeed);
+
+        // 24 bytes of base64
+        keys.editKeyStr = keys.editKeyStr.replace(/\//g, '-');
+
+        // 32 bytes of hex
+        var channelHex = opt.channelHex = Cryptpad.uint8ArrayToHex(channelSeed);
+
+        // should never happen
+        if (channelHex.length !== 32) { throw new Error('invalid channel id'); }
+
+        var channel64 = opt.channel64 = Cryptpad.hexToBase64(channelHex);
+
+        var userHash = opt.userHash = '/1/edit/' + [opt.channel64, opt.keys.editKeyStr].join('/');
+
+        return opt;
+    };
+
+    var loadUserObject = function (opt, cb) {
+        var config = {
+            websocketURL: Cryptpad.getWebsocketURL(),
+            channel: opt.channelHex,
+            data: {},
+            validateKey: opt.keys.validateKey, // derived validation key
+            crypto: Crypto.createEncryptor(opt.keys),
+            logLevel: 1,
+        };
+
+        var rt = opt.rt = Listmap.create(config);
+        rt.proxy
+        .on('ready', function (info) {
+            cb(void 0, rt);
+        })
+        .on('disconnect', function (info) {
+            cb('E_DISCONNECT', info);
+        });
+    };
+
+    var isProxyEmpty = function (proxy) {
+        return Object.keys(proxy).length === 0;
+    };
+
+    Exports.loginOrRegister = function (uname, passwd, isRegister, cb) {
+        if (typeof(cb) !== 'function') { return; }
+
+        // validate inputs
+        if (!Cred.isValidUsername(uname)) { return void cb('INVAL_USER'); }
+        if (!Cred.isValidPassword(passwd)) { return void cb('INVAL_PASS'); }
+
+        Cred.deriveFromPassphrase(uname, passwd, 128, function (bytes) {
+            // results...
+            var res = {
+                register: isRegister,
+            };
+
+            // run scrypt to derive the user's keys
+            var opt = res.opt = allocateBytes(bytes);
+
+            // use the derived key to generate an object
+            loadUserObject(opt, function (err, rt) {
+                if (err) { return void cb(err); }
+
+                res.proxy = rt.proxy;
+                res.realtime = rt.realtime;
+                res.network = rt.network;
+
+                // they tried to just log in but there's no such user
+                if (!isRegister && isProxyEmpty(rt.proxy)) {
+                    rt.network.disconnect(); // clean up after yourself
+                    return void cb('NO_SUCH_USER', res);
+                }
+
+                // they're registering...
+
+                res.userHash = opt.userHash;
+                res.userName = uname;
+                //res.displayName // TODO
+
+                cb(void 0, res);
+            });
+        });
+    };
+
+    return Exports;
+});
diff --git a/www/user/main.js b/www/user/main.js
index 18958cd15..8d86d6b9c 100644
--- a/www/user/main.js
+++ b/www/user/main.js
@@ -1,13 +1,13 @@
 define([
-    '/api/config?cb=' + Math.random().toString(16).substring(2),
     '/bower_components/chainpad-listmap/chainpad-listmap.js',
     '/bower_components/chainpad-crypto/crypto.js',
     '/common/cryptpad-common.js',
-    'credential.js',
+    '/common/credential.js',
+    '/common/login.js',
     '/bower_components/tweetnacl/nacl-fast.min.js',
     '/bower_components/scrypt-async/scrypt-async.min.js', // better load speed
     '/bower_components/jquery/dist/jquery.min.js',
-], function (Config, Listmap, Crypto, Cryptpad, Cred) {
+], function (Listmap, Crypto, Cryptpad, Cred, Login) {
     var $ = window.jQuery;
     var Nacl = window.nacl;
 
@@ -16,6 +16,7 @@ define([
     var APP = window.APP = {
         Cryptpad: Cryptpad,
         Crypto: Crypto,
+        Login: Login,
     };
 
     // login elements

From 88af104ce8fc32b3bb27792b9aa7b34aec5fe669 Mon Sep 17 00:00:00 2001
From: ansuz <ansuz@transitiontech.ca>
Date: Thu, 9 Feb 2017 18:50:28 +0100
Subject: [PATCH 3/3] basic registration page to replace user page

---
 www/register/index.html | 67 +++++++++++++++++++++++++++++++++++++++++
 www/register/main.js    | 43 ++++++++++++++++++++++++++
 2 files changed, 110 insertions(+)
 create mode 100644 www/register/index.html
 create mode 100644 www/register/main.js

diff --git a/www/register/index.html b/www/register/index.html
new file mode 100644
index 000000000..0976f9360
--- /dev/null
+++ b/www/register/index.html
@@ -0,0 +1,67 @@
+<!DOCTYPE html>
+<html class="cp">
+<head>
+    <meta content="text/html; charset=utf-8" http-equiv="content-type"/>
+    <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+    <title>Cryptpad: login</title>
+    <script data-main="main" src="/bower_components/requirejs/require.js"></script>
+    <link rel="stylesheet" href="/customize/main.css" />
+    <style>
+        html, body{
+            padding: 0px;
+            margin: 0px;
+            height: 100% !important;
+            width: 100%;
+            box-sizing: border-box;
+        }
+        body {
+            padding: 45px;
+        }
+        div.panel{
+            width: 70%;
+            margin: auto;
+            border: 1px solid black;
+            padding: 15px;
+            display: none;
+            border-radius: 5px;
+        }
+
+        .register {
+            display: none;
+        }
+
+        @media (max-width: 1000px) {
+            div.panel { width: 90%; }
+        }
+        input[type="text"], input[type="password"] {
+            width: 80%;
+        }
+
+        hr.choice {
+            margin-top: 45px;
+            margin-bottom: 45px;
+        }
+
+        #notice-panel {
+            text-align: center;
+            font-size: 25px;
+        }
+    </style>
+</head>
+<body id="main">
+
+<div id="login-panel" class="panel" style="display:block;">
+    <input id="username" type="text" autocomplete="off" autocorrect="off"
+        autocapitalize="off" spellcheck="false" data-localization-placeholder="login_username" autofocus/><br />
+
+    <input id="password" type="password" data-localization-placeholder="login_password"/><br />
+    <input id="password-confirm" type="password" data-localization-placeholder="login_confirm"/><br />
+
+<!-- TODO translate labels -->
+    <input id="import-recent" type="checkbox" /><label for="import-recent">Import recent pads from your browser (Optional)</label><br />
+    <input id="accept-terms" type="checkbox" /><label for="accept-terms">Accept the terms and conditions</label><br />
+    <input id="promise" type="checkbox" /><label for="promise">I promise to remember my username and password</label><br />
+
+    <button id="register" class="btn btn-primary" data-localization="login_login">Sign up</button>
+</div>
+
diff --git a/www/register/main.js b/www/register/main.js
new file mode 100644
index 000000000..5c42872bf
--- /dev/null
+++ b/www/register/main.js
@@ -0,0 +1,43 @@
+define([
+    '/common/login.js',
+    '/common/credential.js',
+    '/bower_components/jquery/dist/jquery.min.js',
+], function (Login) {
+    var $ = window.jQuery;
+
+    // text and password input fields
+    var $uname = $('#username');
+    var $passwd = $('#password');
+    var $confirm = $('#password-confirm');
+
+    // checkboxes
+    var $checkImport = $('#import-recent');
+    var $checkAcceptTerms = $('#accept-terms');
+    var $checkPromise = $('#promise');
+
+    var $register = $('button#register');
+
+    $register.click(function () {
+        var uname = $uname.val();
+        var passwd = $passwd.val();
+        var confirmPassword = $confirm.val();
+
+        var shouldImport = $checkImport[0].checked;
+        var doesAccept = $checkAcceptTerms[0].checked;
+        var doesPromise = $checkPromise[0].checked;
+
+        /* basic validation */
+
+        // do their passwords match?
+
+        if (passwd !== confirmPassword) {
+            alert('invalid password');
+            return;
+        }
+
+        Login.loginOrRegister(uname, passwd, true, function (err, out) {
+            if (err) { alert(err); }
+            console.log(out);
+        })
+    });
+});