infra
/
cryptpad
2
1
Fork 0
Code Issues Pull Requests Projects Releases 1 Activity

complete modern user registration/login. general cleanup

Browse Source
pull/1/head
ansuz 7 years ago
parent 3d4b693722
commit a15e232469
2 changed files with 54 additions and 107 deletions
Show Stats Download Patch File Download Diff File

156
customize.dist/login.js
Unescape Escape View File

@ -80,18 +80,10 @@ define([
var loginOptionsFromBlock = function (blockInfo) { // userHash var loginOptionsFromBlock = function (blockInfo) { // userHash
var opt = {}; var opt = {};
var parsed = Hash.getSecrets('pad', blockInfo.User_hash);
var secrets = Hash.getSecrets('drive', blockInfo.userHash); opt.channelHex = parsed.channel;
opt.keys = parsed.keys;
console.log(opt, blockInfo); opt.edPublic = blockInfo.edPublic;
opt.channelHex = secrets.channel;
opt.keys = secrets.keys;
opt.edPublic = blockInfo.edPublic; // XXX make sure everything that creates a block serializes the edPublic
// XXX maybe it's a good idea to include edPrivate too
console.log(opt);
return opt; return opt;
}; };
@ -153,10 +145,7 @@ define([
nThen(function (waitFor) { nThen(function (waitFor) {
// derive a predefined number of bytes from the user's inputs, // derive a predefined number of bytes from the user's inputs,
// and allocate them in a deterministic fashion // and allocate them in a deterministic fashion
console.log('allocating bytes from user input')
Cred.deriveFromPassphrase(uname, passwd, Exports.requiredBytes, waitFor(function (bytes) { Cred.deriveFromPassphrase(uname, passwd, Exports.requiredBytes, waitFor(function (bytes) {
console.log("allocated first set of bytes");
res.opt = allocateBytes(bytes); res.opt = allocateBytes(bytes);
blockHash = res.opt.blockHash; blockHash = res.opt.blockHash;
blockKeys = res.opt.blockKeys; blockKeys = res.opt.blockKeys;
@ -182,15 +171,12 @@ define([
return; return;
} }
console.log("found a block");
var decryptedBlock = Block.decrypt(block, blockKeys); var decryptedBlock = Block.decrypt(block, blockKeys);
if (!decryptedBlock) { if (!decryptedBlock) {
console.error("Found a login block but failed to decrypt"); console.error("Found a login block but failed to decrypt");
return; return;
} }
res.blockInfo = decryptedBlock; res.blockInfo = decryptedBlock;
console.log("valid block", decryptedBlock);
})); }));
}).nThen(function (waitFor) { }).nThen(function (waitFor) {
// we assume that if there is a block, it was created in a valid manner // we assume that if there is a block, it was created in a valid manner
@ -199,26 +185,15 @@ define([
var opt = res.opt; var opt = res.opt;
console.log("preparing to load legacy user object");
// load the user's object using the legacy credentials // load the user's object using the legacy credentials
loadUserObject(opt, waitFor(function (err, rt) { loadUserObject(opt, waitFor(function (err, rt) {
if (err) { return void cb(err); } if (err) { return void cb(err); }
if (isRegister && isProxyEmpty(rt.proxy)) {
console.log("legacy user object loaded"); // If they are trying to register,
// and the proxy is empty, then there is no 'legacy user' either
if (isRegister) { // so we should just shut down this session and disconnect.
if (isProxyEmpty(rt.proxy)) { rt.network.disconnect();
console.log("proxy is empty"); return; // proceed to the next async block
// If they are trying to register,
// and the proxy is empty, then there is no 'legacy user' either
// so we should just shut down this session and disconnect.
rt.network.disconnect();
return; // proceed to the next async block
} else {
// they're trying to register but legacy proxy is not empty
}
} }
// they tried to just log in but there's no such user // they tried to just log in but there's no such user
@ -243,7 +218,6 @@ define([
// so setting them is just a precaution to keep things in good shape // so setting them is just a precaution to keep things in good shape
res.proxy = rt.proxy; res.proxy = rt.proxy;
res.realtime = rt.realtime; res.realtime = rt.realtime;
res.network = rt.network;
// they're registering... // they're registering...
res.userHash = opt.userHash; res.userHash = opt.userHash;
@ -271,9 +245,6 @@ define([
Realtime.whenRealtimeSyncs(rt.realtime, function () { Realtime.whenRealtimeSyncs(rt.realtime, function () {
// the following stages are there to initialize a new drive // the following stages are there to initialize a new drive
// if you are registering // if you are registering
// XXX maybe this should be off in the UI function ?
console.log("persisting login");
LocalStore.login(res.userHash, res.userName, function () { LocalStore.login(res.userHash, res.userName, function () {
setTimeout(function () { cb(void 0, res); }); setTimeout(function () { cb(void 0, res); });
}); });
@ -281,14 +252,8 @@ define([
}); });
})); }));
}).nThen(function (waitFor) { // MODERN REGISTRATION }).nThen(function (waitFor) { // MODERN REGISTRATION
// allocate some random bytes
var opt; var opt;
if (res.blockInfo && isRegister) { if (res.blockInfo) {
// XXX they probably want to log in with their existing creds
// load the object specified in their block
// and confirm that the object is in good standing
console.log("the user is trying to register, but a block already exists here");
opt = loginOptionsFromBlock(res.blockInfo); opt = loginOptionsFromBlock(res.blockInfo);
} else { } else {
console.log("allocating random bytes for a new user object"); console.log("allocating random bytes for a new user object");
@ -296,8 +261,6 @@ define([
userHash = opt.userHash; userHash = opt.userHash;
} }
console.log("loading new user object");
// according to the location derived from the credentials which you entered // according to the location derived from the credentials which you entered
loadUserObject(opt, waitFor(function (err, rt) { loadUserObject(opt, waitFor(function (err, rt) {
if (err) { if (err) {
@ -305,57 +268,56 @@ define([
return void cb('MODERN_REGISTRATION_INIT'); return void cb('MODERN_REGISTRATION_INIT');
} }
console.log("object loaded");
console.log(JSON.stringify(rt.proxy));
// XXX validate the rest of this logic
// export the realtime object you checked // export the realtime object you checked
RT = rt; RT = rt;
var proxy = rt.proxy;
if (isRegister && !isProxyEmpty(proxy) && (!proxy.edPublic || !proxy.edPrivate)) {
console.error("INVALID KEYS");
console.log(JSON.stringify(proxy));
return;
}
res.proxy = rt.proxy; res.proxy = rt.proxy;
res.realtime = rt.realtime; res.realtime = rt.realtime;
res.network = rt.network;
// they're registering... // they're registering...
res.userHash = opt.userHash; res.userHash = false;
res.userName = uname; res.userName = uname;
// export their signing key // somehow they have a block present, but nothing in the user object it specifies
res.edPrivate = opt.edPrivate || rt.edPrivate; // this shouldn't happen, but let's send feedback if it does
res.edPublic = opt.edPublic || rt.edPublic;
res.curvePrivate = opt.curvePrivate || rt.curvePrivate;
res.curvePublic = opt.curvePublic || rt.curvePublic;
// they tried to just log in but there's no such user
// XXX in fact you should get NO_SUCH_USER if the block does not exist
// and the proxy from above was empty
// tl;dr this shouldn't be here.
if (!isRegister && isProxyEmpty(rt.proxy)) { if (!isRegister && isProxyEmpty(rt.proxy)) {
// this really shouldn't happen, but let's handle it anyway
Feedback.send('EMPTY_LOGIN_WITH_BLOCK');
rt.network.disconnect(); // clean up after yourself rt.network.disconnect(); // clean up after yourself
waitFor.abort(); waitFor.abort();
return void cb('NO_SUCH_USER', res); return void cb('NO_SUCH_USER', res);
} }
// they tried to register, but those exact credentials exist // they tried to register, but those exact credentials exist
// XXX we should not need to worry about randomly landing on an existing channel
// ALREADY_REGISTERED should depend on whether or not a block exists, at this point
// XXX also this block should be up higher
if (isRegister && !isProxyEmpty(rt.proxy)) { if (isRegister && !isProxyEmpty(rt.proxy)) {
rt.network.disconnect(); rt.network.disconnect();
waitFor.abort(); waitFor.abort();
res.blockHash = blockHash;
res.userHash = false;
return void cb('ALREADY_REGISTERED', res); return void cb('ALREADY_REGISTERED', res);
} }
if (!isRegister && !isProxyEmpty(rt.proxy)) {
LocalStore.setBlockHash(blockHash);
waitFor.abort();
return void LocalStore.login(false, uname, function () {
cb(void 0, res);
});
}
if (isRegister && isProxyEmpty(rt.proxy)) { if (isRegister && isProxyEmpty(rt.proxy)) {
console.log("handling registration in object"); proxy.edPublic = opt.edPublic;
console.log(JSON.stringify(rt.proxy)); proxy.edPrivate = opt.edPrivate;
var proxy = rt.proxy; proxy.curvePublic = opt.curvePublic;
proxy.edPublic = res.edPublic || proxy.edPublic; proxy.curvePrivate = opt.curvePrivate;
proxy.edPrivate = res.edPrivate || proxy.edPrivate;
proxy.curvePublic = res.curvePublic || proxy.curvePublic;
proxy.curvePrivate = res.curvePrivate || proxy.curvePrivate;
proxy.login_name = uname; proxy.login_name = uname;
proxy[Constants.displayNameKey] = uname; proxy[Constants.displayNameKey] = uname;
setCreateReadme(); setCreateReadme();
@ -365,17 +327,8 @@ define([
Feedback.send('LOGIN', true); Feedback.send('LOGIN', true);
} }
console.log(JSON.stringify(rt.proxy));
setTimeout(waitFor(function () { setTimeout(waitFor(function () {
Realtime.whenRealtimeSyncs(RT.realtime, waitFor(function () { Realtime.whenRealtimeSyncs(rt.realtime, waitFor());
// the following stages are there to initialize a new drive
// if you are registering
//waitFor.abort();
/*
LocalStore.login(res.userHash, res.userName, waitFor(function () {
setTimeout(function () { cb(void 0, res); });
}));*/
}));
})); }));
})); }));
}).nThen(function (waitFor) { }).nThen(function (waitFor) {
@ -386,9 +339,7 @@ define([
}).nThen(function (waitFor) { }).nThen(function (waitFor) {
// send an RPC to store the block which you created. // send an RPC to store the block which you created.
console.log("initializing rpc interface"); console.log("initializing rpc interface");
// XXX missing edPrivate signing key.
console.error(RT);
Pinpad.create(RT.network, RT.proxy, waitFor(function (e, _rpc) { Pinpad.create(RT.network, RT.proxy, waitFor(function (e, _rpc) {
if (e) { if (e) {
waitFor.abort(); waitFor.abort();
@ -402,27 +353,19 @@ define([
console.log("creating request to publish a login block"); console.log("creating request to publish a login block");
// Finally, create the login block for the object you just created. // Finally, create the login block for the object you just created.
var toPublish = { var toPublish = {};
userHash: userHash,
edPublic: res.edPublic,
};
console.log(toPublish); toPublish[Constants.userHashKey] = userHash;
toPublish.edPublic = RT.proxy.edPublic;
toPublish.edPrivate = RT.proxy.edPrivate;
var blockRequest = Block.serialize(JSON.stringify(toPublish), res.opt.blockKeys); var blockRequest = Block.serialize(JSON.stringify(toPublish), res.opt.blockKeys);
console.log("about to send block request:", blockRequest);
rpc.writeLoginBlock(blockRequest, waitFor(function (e) { rpc.writeLoginBlock(blockRequest, waitFor(function (e) {
if (e) { return void console.error(e); } if (e) { return void console.error(e); }
console.log("login block published"); console.log("blockInfo available at:", blockHash);
console.log(e);
console.log("blockInfo should be available at:", blockHash);
LocalStore.setBlockHash(blockHash); LocalStore.setBlockHash(blockHash);
LocalStore.login(false, uname, function () { LocalStore.login(false, uname, function () {
cb(void 0, res); cb(void 0, res);
}); });
@ -471,10 +414,6 @@ define([
var proxy; var proxy;
if (result) { proxy = result.proxy; } if (result) { proxy = result.proxy; }
console.log('finished registering.');
console.log(err, result);
//return;
if (err) { if (err) {
switch (err) { switch (err) {
case 'NO_SUCH_USER': case 'NO_SUCH_USER':
@ -509,7 +448,6 @@ define([
}); });
break; break;
case 'ALREADY_REGISTERED': case 'ALREADY_REGISTERED':
// logMeIn should reset registering = false
UI.removeLoadingScreen(function () { UI.removeLoadingScreen(function () {
UI.confirm(Messages.register_alreadyRegistered, function (yes) { UI.confirm(Messages.register_alreadyRegistered, function (yes) {
if (!yes) { if (!yes) {
@ -522,6 +460,12 @@ define([
proxy[Constants.displayNameKey] = uname; proxy[Constants.displayNameKey] = uname;
} }
LocalStore.eraseTempSessionValues(); LocalStore.eraseTempSessionValues();
if (result.blockHash) {
LocalStore.setBlockHash(result.blockHash);
}
LocalStore.login(result.userHash, result.userName, function () { LocalStore.login(result.userHash, result.userName, function () {
setTimeout(function () { proceed(result); }); setTimeout(function () { proceed(result); });
}); });

5
www/common/cryptpad-common.js
Unescape Escape View File

@ -1068,7 +1068,10 @@ define([
// put your userhash into localStorage // put your userhash into localStorage
try { try {
var block_info = Block.decrypt(arraybuffer, parsed.keys); var block_info = Block.decrypt(arraybuffer, parsed.keys);
//if (block_info[Constants.userHashKey]) { LocalStore.setUserHash(block_info[Constants.userHashKey]); } if (!block_info) {
console.error("Failed to decrypt !");
return;
}
userHash = block_info[Constants.userHashKey]; userHash = block_info[Constants.userHashKey];
} catch (e) { } catch (e) {
console.error(e); console.error(e);

Write Preview
Loading…
Cancel
Save