From a146f6acc9533a28b98b9471706f4a62c39f3586 Mon Sep 17 00:00:00 2001 From: yflory Date: Fri, 22 Jun 2018 10:37:54 +0200 Subject: [PATCH] Change user account password function --- customize.dist/translations/messages.js | 1 + www/common/common-constants.js | 3 +- www/common/cryptpad-common.js | 103 +++++++++++++++++++----- www/common/sframe-common-outer.js | 4 +- www/common/sframe-protocol.js | 2 +- www/settings/inner.js | 48 +++-------- 6 files changed, 99 insertions(+), 62 deletions(-) diff --git a/customize.dist/translations/messages.js b/customize.dist/translations/messages.js index 4b3dddd81..d6cf83ddc 100644 --- a/customize.dist/translations/messages.js +++ b/customize.dist/translations/messages.js @@ -613,6 +613,7 @@ define(function () { out.settings_changePasswordNew = "New password"; // XXX out.settings_changePasswordNewConfirm = "Confirm new password"; // XXX out.settings_changePasswordConfirm = "Are you sure?"; // XXX + out.settings_changePasswordError = "Error {0}"; // XXX out.upload_title = "File upload"; out.upload_modal_title = "File upload options"; diff --git a/www/common/common-constants.js b/www/common/common-constants.js index ce96bb66b..908134bec 100644 --- a/www/common/common-constants.js +++ b/www/common/common-constants.js @@ -12,6 +12,7 @@ define(function () { oldStorageKey: 'CryptPad_RECENTPADS', storageKey: 'filesData', tokenKey: 'loginToken', - displayPadCreationScreen: 'displayPadCreationScreen' + displayPadCreationScreen: 'displayPadCreationScreen', + deprecatedKey: 'deprecated' }; }); diff --git a/www/common/cryptpad-common.js b/www/common/cryptpad-common.js index 1193e7303..7cef662b5 100644 --- a/www/common/cryptpad-common.js +++ b/www/common/cryptpad-common.js @@ -699,25 +699,43 @@ define([ }); }; - common.ownUserDrive = function (Crypt, edPublic, cb) { - var hash = LocalStore.getUserHash(); - //var href = '/drive/#' + hash; + common.changeUserPassword = function (Crypt, edPublic, data, cb) { + if (!edPublic) { + return void cb({ + error: 'E_NOT_LOGGED_IN' + }); + } + var accountName = LocalStore.getAccountName(); + var hash = LocalStore.getUserHash(); // To load your old drive + var password = data.password; // To remove your old block + var newPassword = data.newPassword; // To create your new block var secret = Hash.getSecrets('drive', hash); - var newHash, newHref, newSecret; + var newHash, newHref, newSecret, newBlockSeed; + var oldIsOwned = false; + + // XXX ansuz: check that the old password is correct + throw new Error("XXX"); + + var blockHash = LocalStore.getBlockHash(); + var Cred, Block; Nthen(function (waitFor) { + require([ + '/customize/credential.js', + '/common/outer/login-block.js' + ], waitFor(function (_Cred, _Block) { + Cred = _Cred; + Block = _Block; + })); + }).nThen(function (waitFor) { // Check if our drive is already owned common.anonRpcMsg('GET_METADATA', secret.channel, waitFor(function (err, obj) { if (err || obj.error) { return; } if (obj.owners && Array.isArray(obj.owners) && obj.owners.indexOf(edPublic) !== -1) { - waitFor.abort(); - cb({ - error: 'ALREADY_OWNED' - }); + oldIsOwned = true; } })); }).nThen(function (waitFor) { - waitFor.abort(); // TODO remove this line // Create a new user hash // Get the current content, store it in the new user file // and make sure the new user drive is owned @@ -742,26 +760,67 @@ define([ }), optsPut); })); }).nThen(function (waitFor) { - // Migration success - // TODO: Replace user hash in login block + // Drive content copied: get the new block location + Cred.deriveFromPassphrase(accountName, newPassword, 192, waitFor(function (bytes) { + newBlockSeed = null; // XXX + })); + }).nThen(function (waitFor) { + // Write the new login block + var keys = Block.genkeys(newBlockSeed); + var content = Block.serialize(JSON.stringify({ + User_name: accountName, + User_hash: newHash + }), keys); + common.writeLoginBlock(content, waitFor(function (obj) { + var newBlockHash = Block.getBlockHash(keys); + LocalStore.setBlockHash(newBlockHash); + if (obj && obj.error) { + waitFor.abort(); + return void cb(obj); + } + })); }).nThen(function (waitFor) { // New drive hash is in login block, unpin the old one and pin the new one common.unpinPads([secret.channel], waitFor()); common.pinPads([newSecret.channel], waitFor()); }).nThen(function (waitFor) { - // Login block updated - // TODO: logout everywhere - // * It should wipe localStorage.User_hash, ... - // * login will get the new value from loginBlock and store it in localStorage - // * SharedWorker will reconnect with the new value in other locations - // TODO: then DISCONNECT here - common.logoutFromAll(waitFor(function () { - postMessage("DISCONNECT"); - })); + // Remove block hash + if (blockHash) { + var removeData = Block.remove(keys); + common.removeLoginBlock(removeData, waitFor(function (obj) { + if (obj && obj.error) { return void console.error(obj.error); } + })); + } + }).nThen(function (waitFor) { + if (oldIsOwned) { + common.removeOwnedChannel(secret.channel, waitFor(function (obj) { + if (obj && obj.error) { + // Deal with it as if it was not owned + oldIsOwned = false; + return; + } + common.logoutFromAll(waitFor(function () { + postMessage("DISCONNECT"); + })); + })); + } + }).nThen(function (waitFor) { + if (!oldIsOwned) { + postMessage("SET", { + key: [Constants.deprecatedKey], + value: true + }, waitFor(function (obj) { + if (obj && obj.error) { + console.error(obj.error); + } + common.logoutFromAll(waitFor(function () { + postMessage("DISCONNECT"); + })); + })); + } }).nThen(function () { // We have the new drive, with the new login block - // TODO: maybe reload automatically? - cb({ state: true }); + window.location.reload(); }); }; diff --git a/www/common/sframe-common-outer.js b/www/common/sframe-common-outer.js index 1caabfe4c..6009b35cc 100644 --- a/www/common/sframe-common-outer.js +++ b/www/common/sframe-common-outer.js @@ -661,8 +661,8 @@ define([ Cryptpad.changePadPassword(Cryptget, href, data.password, edPublic, cb); }); - sframeChan.on('Q_OWN_USER_DRIVE', function (data, cb) { - Cryptpad.ownUserDrive(Cryptget, edPublic, cb); + sframeChan.on('Q_CHANGE_USER_PASSWORD', function (data, cb) { + Cryptpad.changeUserPassword(Cryptget, edPublic, data, cb); }); sframeChan.on('Q_WRITE_LOGIN_BLOCK', function (data, cb) { diff --git a/www/common/sframe-protocol.js b/www/common/sframe-protocol.js index 26251938f..d65062fa8 100644 --- a/www/common/sframe-protocol.js +++ b/www/common/sframe-protocol.js @@ -239,7 +239,7 @@ define({ 'Q_PAD_PASSWORD_CHANGE': true, // Migrate drive to owned drive - 'Q_OWN_USER_DRIVE': true, + 'Q_CHANGE_USER_PASSWORD': true, // Loading events to display in the loading screen 'EV_LOADING_INFO': true, diff --git a/www/settings/inner.js b/www/settings/inner.js index f05f58052..a0be1f9df 100644 --- a/www/settings/inner.js +++ b/www/settings/inner.js @@ -53,7 +53,7 @@ define([ 'cp-settings-thumbnails', 'cp-settings-userfeedback', 'cp-settings-change-password', - 'cp-settings-migrate', + //'cp-settings-migrate', 'cp-settings-delete' ], 'creation': [ @@ -407,43 +407,11 @@ define([ $(form).appendTo($div); var updateBlock = function (data, cb) { - sframeChan.query('Q_WRITE_LOGIN_BLOCK', data, function (err, obj) { + sframeChan.query('Q_CHANGE_USER_PASSWORD', data, function (err, obj) { if (err || obj.error) { return void cb ({error: err || obj.error}); } cb (obj); }); }; -/* - var removeBlock = function (data, cb) { - sframeChan.query('Q_REMOVE_LOGIN_BLOCK', data, function (err, obj) { - if (err || obj.error) { return void cb ({error: err || obj.error}); } - cb (obj); - }); - };*/ - - - // XXX - if (false) { // STUBBED, just for development purposes - console.error("TRYING TO WRITE A BLOCK"); - - var keys = Block.genkeys(Block.seed()); - var data = Block.serialize(JSON.stringify({ - a: 5, - b: 6, - User_hash: "XXX", /// TODO encode newly derived User_hash here - }), keys); - - updateBlock(data, function (err, thing) { - console.log(err, thing); - - console.log(Block.getBlockHash(keys)); - - return; - /* - removeBlock(Block.remove(keys), function (err, obj) { - console.log(err, obj); - });*/ - }); - } var todo = function () { var oldPassword = $(form).find('#cp-settings-change-password-current').val(); @@ -466,8 +434,15 @@ define([ UI.confirm(Messages.settings_changePasswordConfirm, function (yes) { if (!yes) { return; } - // TODO - console.log(oldPassword, newPassword, newPasswordConfirm); + updateBlock({ + password: oldPassword, + newPassword: newPassword + }, function (obj) { + if (obj && obj.error) { + // TODO + UI.alert(Messages.settings_changePasswordError); + } + }); }, { ok: Messages.register_writtenPassword, cancel: Messages.register_cancel, @@ -496,6 +471,7 @@ define([ }; create['migrate'] = function () { + return; // TODO // if (!loginBlock) { return; } // if (alreadyMigrated) { return; }