infra
/
cryptpad
2
1
Fork 0
Code Issues Pull Requests Projects Releases 1 Activity

Change user account password function

pull/1/head
yflory 2018-06-22 10:37:54 +02:00
parent 6fde027a6c
commit a146f6acc9
6 changed files with 99 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
customize.dist/translations/messages.js
View File

@ -613,6 +613,7 @@ define(function () {
out.settings_changePasswordNew = "New password"; // XXX
out.settings_changePasswordNewConfirm = "Confirm new password"; // XXX
out.settings_changePasswordConfirm = "Are you sure?"; // XXX
out.settings_changePasswordError = "Error {0}"; // XXX
out.upload_title = "File upload";
out.upload_modal_title = "File upload options";

3
www/common/common-constants.js
View File

@ -12,6 +12,7 @@ define(function () {
oldStorageKey: 'CryptPad_RECENTPADS',
storageKey: 'filesData',
tokenKey: 'loginToken',
displayPadCreationScreen: 'displayPadCreationScreen'
displayPadCreationScreen: 'displayPadCreationScreen',
deprecatedKey: 'deprecated'
};
});

103
www/common/cryptpad-common.js
View File

@ -699,25 +699,43 @@ define([
});
};
common.ownUserDrive = function (Crypt, edPublic, cb) {
var hash = LocalStore.getUserHash();
//var href = '/drive/#' + hash;
common.changeUserPassword = function (Crypt, edPublic, data, cb) {
if (!edPublic) {
return void cb({
error: 'E_NOT_LOGGED_IN'
});
}
var accountName = LocalStore.getAccountName();
var hash = LocalStore.getUserHash(); // To load your old drive
var password = data.password; // To remove your old block
var newPassword = data.newPassword; // To create your new block
var secret = Hash.getSecrets('drive', hash);
var newHash, newHref, newSecret;
var newHash, newHref, newSecret, newBlockSeed;
var oldIsOwned = false;
// XXX ansuz: check that the old password is correct
throw new Error("XXX");
var blockHash = LocalStore.getBlockHash();
var Cred, Block;
Nthen(function (waitFor) {
require([
'/customize/credential.js',
'/common/outer/login-block.js'
], waitFor(function (_Cred, _Block) {
Cred = _Cred;
Block = _Block;
}));
}).nThen(function (waitFor) {
// Check if our drive is already owned
common.anonRpcMsg('GET_METADATA', secret.channel, waitFor(function (err, obj) {
if (err || obj.error) { return; }
if (obj.owners && Array.isArray(obj.owners) &&
obj.owners.indexOf(edPublic) !== -1) {
waitFor.abort();
cb({
error: 'ALREADY_OWNED'
});
oldIsOwned = true;
}
}));
}).nThen(function (waitFor) {
waitFor.abort(); // TODO remove this line
// Create a new user hash
// Get the current content, store it in the new user file
// and make sure the new user drive is owned
@ -742,26 +760,67 @@ define([
}), optsPut);
}));
}).nThen(function (waitFor) {
// Migration success
// TODO: Replace user hash in login block
// Drive content copied: get the new block location
Cred.deriveFromPassphrase(accountName, newPassword, 192, waitFor(function (bytes) {
newBlockSeed = null; // XXX
}));
}).nThen(function (waitFor) {
// Write the new login block
var keys = Block.genkeys(newBlockSeed);
var content = Block.serialize(JSON.stringify({
User_name: accountName,
User_hash: newHash
}), keys);
common.writeLoginBlock(content, waitFor(function (obj) {
var newBlockHash = Block.getBlockHash(keys);
LocalStore.setBlockHash(newBlockHash);
if (obj && obj.error) {
waitFor.abort();
return void cb(obj);
}
}));
}).nThen(function (waitFor) {
// New drive hash is in login block, unpin the old one and pin the new one
common.unpinPads([secret.channel], waitFor());
common.pinPads([newSecret.channel], waitFor());
}).nThen(function (waitFor) {
// Login block updated
// TODO: logout everywhere
// * It should wipe localStorage.User_hash, ...
// * login will get the new value from loginBlock and store it in localStorage
// * SharedWorker will reconnect with the new value in other locations
// TODO: then DISCONNECT here
common.logoutFromAll(waitFor(function () {
postMessage("DISCONNECT");
}));
// Remove block hash
if (blockHash) {
var removeData = Block.remove(keys);
common.removeLoginBlock(removeData, waitFor(function (obj) {
if (obj && obj.error) { return void console.error(obj.error); }
}));
}
}).nThen(function (waitFor) {
if (oldIsOwned) {
common.removeOwnedChannel(secret.channel, waitFor(function (obj) {
if (obj && obj.error) {
// Deal with it as if it was not owned
oldIsOwned = false;
return;
}
common.logoutFromAll(waitFor(function () {
postMessage("DISCONNECT");
}));
}));
}
}).nThen(function (waitFor) {
if (!oldIsOwned) {
postMessage("SET", {
key: [Constants.deprecatedKey],
value: true
}, waitFor(function (obj) {
if (obj && obj.error) {
console.error(obj.error);
}
common.logoutFromAll(waitFor(function () {
postMessage("DISCONNECT");
}));
}));
}
}).nThen(function () {
// We have the new drive, with the new login block
// TODO: maybe reload automatically?
cb({ state: true });
window.location.reload();
});
};

4
www/common/sframe-common-outer.js
View File

@ -661,8 +661,8 @@ define([
Cryptpad.changePadPassword(Cryptget, href, data.password, edPublic, cb);
});
sframeChan.on('Q_OWN_USER_DRIVE', function (data, cb) {
Cryptpad.ownUserDrive(Cryptget, edPublic, cb);
sframeChan.on('Q_CHANGE_USER_PASSWORD', function (data, cb) {
Cryptpad.changeUserPassword(Cryptget, edPublic, data, cb);
});
sframeChan.on('Q_WRITE_LOGIN_BLOCK', function (data, cb) {

2
www/common/sframe-protocol.js
View File

@ -239,7 +239,7 @@ define({
'Q_PAD_PASSWORD_CHANGE': true,
// Migrate drive to owned drive
'Q_OWN_USER_DRIVE': true,
'Q_CHANGE_USER_PASSWORD': true,
// Loading events to display in the loading screen
'EV_LOADING_INFO': true,

48
www/settings/inner.js
View File

@ -53,7 +53,7 @@ define([
'cp-settings-thumbnails',
'cp-settings-userfeedback',
'cp-settings-change-password',
'cp-settings-migrate',
//'cp-settings-migrate',
'cp-settings-delete'
],
'creation': [
@ -407,43 +407,11 @@ define([
$(form).appendTo($div);
var updateBlock = function (data, cb) {
sframeChan.query('Q_WRITE_LOGIN_BLOCK', data, function (err, obj) {
sframeChan.query('Q_CHANGE_USER_PASSWORD', data, function (err, obj) {
if (err || obj.error) { return void cb ({error: err || obj.error}); }
cb (obj);
});
};
/*
var removeBlock = function (data, cb) {
sframeChan.query('Q_REMOVE_LOGIN_BLOCK', data, function (err, obj) {
if (err || obj.error) { return void cb ({error: err || obj.error}); }
cb (obj);
});
};*/
// XXX
if (false) { // STUBBED, just for development purposes
console.error("TRYING TO WRITE A BLOCK");
var keys = Block.genkeys(Block.seed());
var data = Block.serialize(JSON.stringify({
a: 5,
b: 6,
User_hash: "XXX", /// TODO encode newly derived User_hash here
}), keys);
updateBlock(data, function (err, thing) {
console.log(err, thing);
console.log(Block.getBlockHash(keys));
return;
/*
removeBlock(Block.remove(keys), function (err, obj) {
console.log(err, obj);
});*/
});
}
var todo = function () {
var oldPassword = $(form).find('#cp-settings-change-password-current').val();
@ -466,8 +434,15 @@ define([
UI.confirm(Messages.settings_changePasswordConfirm,
function (yes) {
if (!yes) { return; }
// TODO
console.log(oldPassword, newPassword, newPasswordConfirm);
updateBlock({
password: oldPassword,
newPassword: newPassword
}, function (obj) {
if (obj && obj.error) {
// TODO
UI.alert(Messages.settings_changePasswordError);
}
});
}, {
ok: Messages.register_writtenPassword,
cancel: Messages.register_cancel,
@ -496,6 +471,7 @@ define([
};
create['migrate'] = function () {
return;
// TODO
// if (!loginBlock) { return; }
// if (alreadyMigrated) { return; }