diff --git a/customize.dist/login.js b/customize.dist/login.js index c0daaec91..035a11d72 100644 --- a/customize.dist/login.js +++ b/customize.dist/login.js @@ -528,8 +528,6 @@ define([ if (!proxy[Constants.displayNameKey]) { proxy[Constants.displayNameKey] = uname; } - LocalStore.eraseTempSessionValues(); - if (result.blockHash) { LocalStore.setBlockHash(result.blockHash); diff --git a/www/common/cryptpad-common.js b/www/common/cryptpad-common.js index 2084cb1e1..91e5692b1 100644 --- a/www/common/cryptpad-common.js +++ b/www/common/cryptpad-common.js @@ -232,17 +232,6 @@ define([ }; postMessage("MIGRATE_ANON_DRIVE", data, cb); }; - // Settings - common.deleteAccount = function (cb) { - postMessage("DELETE_ACCOUNT", null, function (obj) { - if (obj.state) { - Feedback.send('DELETE_ACCOUNT_AUTOMATIC'); - } else { - Feedback.send('DELETE_ACCOUNT_MANUAL'); - } - cb(obj); - }); - }; // Drive common.userObjectCommand = function (data, cb) { postMessage("DRIVE_USEROBJECT", data, cb); @@ -1674,6 +1663,79 @@ define([ }; + var getBlockKeys = function (data, cb) { + var accountName = LocalStore.getAccountName(); + var password = data.password; + var Cred, Block, Login; + var blockKeys; + + var hash = LocalStore.getUserHash(); + if (!hash) { return void cb({ error: 'E_NOT_LOGGED_IN' }); } + var blockHash = LocalStore.getBlockHash(); + + Nthen(function (waitFor) { + require([ + '/common/common-credential.js', + '/common/outer/login-block.js', + '/customize/login.js' + ], waitFor(function (_Cred, _Block, _Login) { + Cred = _Cred; + Block = _Block; + Login = _Login; + })); + }).nThen(function (waitFor) { + // confirm that the provided password is correct + Cred.deriveFromPassphrase(accountName, password, Login.requiredBytes, + waitFor(function (bytes) { + var allocated = Login.allocateBytes(bytes); + blockKeys = allocated.blockKeys; + if (blockHash) { + if (blockHash !== allocated.blockHash) { + // incorrect password + console.log("provided password did not yield the correct blockHash"); + waitFor.abort(); + return void cb({ error: 'INVALID_PASSWORD', }); + } + } else { + // otherwise they're a legacy user, and we should check against the User_hash + if (hash !== allocated.userHash) { + // incorrect password + console.log("provided password did not yield the correct userHash"); + waitFor.abort(); + return void cb({ error: 'INVALID_PASSWORD', }); + } + } + })); + }).nThen(function () { + cb({ + Cred: Cred, + Block: Block, + Login: Login, + blockKeys: blockKeys + }); + }); + }; + common.deleteAccount = function (data, cb) { + data = data || {}; + + // Confirm that the provided password is corrct and get the block keys + getBlockKeys(data, function (obj) { + if (obj && obj.error) { return void cb(obj); } + var blockKeys = obj.blockKeys; + var removeData = obj.Block.remove(blockKeys); + + postMessage("DELETE_ACCOUNT", { + removeData: removeData + }, function (obj) { + if (obj.state) { + Feedback.send('DELETE_ACCOUNT_AUTOMATIC'); + } else { + Feedback.send('DELETE_ACCOUNT_MANUAL'); + } + cb(obj); + }); + }); + }; common.changeUserPassword = function (Crypt, edPublic, data, cb) { if (!edPublic) { return void cb({ @@ -1699,40 +1761,15 @@ define([ var Cred, Block, Login; Nthen(function (waitFor) { - require([ - '/common/common-credential.js', - '/common/outer/login-block.js', - '/customize/login.js' - ], waitFor(function (_Cred, _Block, _Login) { - Cred = _Cred; - Block = _Block; - Login = _Login; - })); - }).nThen(function (waitFor) { - // confirm that the provided password is correct - Cred.deriveFromPassphrase(accountName, password, Login.requiredBytes, waitFor(function (bytes) { - var allocated = Login.allocateBytes(bytes); - oldBlockKeys = allocated.blockKeys; - if (blockHash) { - if (blockHash !== allocated.blockHash) { - console.log("provided password did not yield the correct blockHash"); - // incorrect password probably - waitFor.abort(); - return void cb({ - error: 'INVALID_PASSWORD', - }); - } - // the user has already created a block, so you should compare against that - } else { - // otherwise they're a legacy user, and we should check against the User_hash - if (hash !== allocated.userHash) { - console.log("provided password did not yield the correct userHash"); - waitFor.abort(); - return void cb({ - error: 'INVALID_PASSWORD', - }); - } + getBlockKeys(data, waitFor(function (obj) { + if (obj && obj.error) { + waitFor.abort(); + return void cb(obj); } + oldBlockKeys = obj.blockKeys; + Cred = obj.Cred; + Login = obj.Login; + Block = obj.Block; })); }).nThen(function (waitFor) { // Check if our drive is already owned diff --git a/www/common/outer/async-store.js b/www/common/outer/async-store.js index 22181c5bb..13064db8a 100644 --- a/www/common/outer/async-store.js +++ b/www/common/outer/async-store.js @@ -741,6 +741,7 @@ define([ Store.deleteAccount = function (clientId, data, cb) { var edPublic = store.proxy.edPublic; + var removeData = data && data.removeData; Store.anonRpcMsg(clientId, { msg: 'GET_METADATA', data: store.driveChannel @@ -769,8 +770,11 @@ define([ channel: store.driveChannel, force: true }, waitFor()); + }).nThen(function (waitFor) { + if (!removeData) { return; } + // Delete the block. Don't abort if it fails, it doesn't leak any data. + store.rpc.removeLoginBlock(removeData, waitFor()); }).nThen(function () { - // TODO delete block // Log out current worker postMessage(clientId, "DELETE_ACCOUNT", token, function () {}); store.network.disconnect(); diff --git a/www/settings/app-settings.less b/www/settings/app-settings.less index a789ad3e4..3d4577e99 100644 --- a/www/settings/app-settings.less +++ b/www/settings/app-settings.less @@ -85,7 +85,7 @@ } } - .cp-settings-change-password, .cp-settings-own-drive { + .cp-settings-change-password, .cp-settings-own-drive, .cp-settings-delete { [type="password"], [type="text"] { width: @sidebar_button-width; flex: unset; diff --git a/www/settings/inner.js b/www/settings/inner.js index 8feef06e4..38969f823 100644 --- a/www/settings/inner.js +++ b/www/settings/inner.js @@ -469,63 +469,65 @@ define([ }); }, true); - create['delete'] = function() { - if (!common.isLoggedIn()) { return; } - var $div = $('
', { 'class': 'cp-settings-delete cp-sidebarlayout-element' }); + makeBlock('delete', function(cb) { // Msg.settings_deleteHint, .settings_deleteTitle + if (!common.isLoggedIn()) { return cb(false); } - $('', { 'class': 'label' }).text(Messages.settings_deleteTitle).appendTo($div); + var button = h('button.btn.btn-danger', Messages.settings_deleteButton); + var form = h('div', [ + UI.passwordInput({ + id: 'cp-settings-delete-account', + placeholder: Messages.settings_changePasswordCurrent + }, true), + button + ]); + var $form = $(form); + var $button = $(button); + var spinner = UI.makeSpinner($form); - $('', { 'class': 'cp-sidebarlayout-description' }) - .append(Messages.settings_deleteHint).appendTo($div); - - var $ok = $('', { 'class': 'fa fa-check', title: Messages.saved }); - var $spinner = $('', { 'class': 'fa fa-spinner fa-pulse' }); - - var $button = $('