infra
/
cryptpad
2
1
Fork 0
Code Issues Pull Requests Projects Releases 1 Activity

Delete block when deleting account

pull/1/head
yflory 2021-03-02 17:47:05 +01:00
parent 9d6cc55642
commit eb7f7aaa89
5 changed files with 140 additions and 98 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

125
www/common/cryptpad-common.js
View File

@ -232,17 +232,6 @@ define([
};
postMessage("MIGRATE_ANON_DRIVE", data, cb);
};
// Settings
common.deleteAccount = function (cb) {
postMessage("DELETE_ACCOUNT", null, function (obj) {
if (obj.state) {
Feedback.send('DELETE_ACCOUNT_AUTOMATIC');
} else {
Feedback.send('DELETE_ACCOUNT_MANUAL');
}
cb(obj);
});
};
// Drive
common.userObjectCommand = function (data, cb) {
postMessage("DRIVE_USEROBJECT", data, cb);
@ -1674,6 +1663,79 @@ define([
};
var getBlockKeys = function (data, cb) {
var accountName = LocalStore.getAccountName();
var password = data.password;
var Cred, Block, Login;
var blockKeys;
var hash = LocalStore.getUserHash();
if (!hash) { return void cb({ error: 'E_NOT_LOGGED_IN' }); }
var blockHash = LocalStore.getBlockHash();
Nthen(function (waitFor) {
require([
'/common/common-credential.js',
'/common/outer/login-block.js',
'/customize/login.js'
], waitFor(function (_Cred, _Block, _Login) {
Cred = _Cred;
Block = _Block;
Login = _Login;
}));
}).nThen(function (waitFor) {
// confirm that the provided password is correct
Cred.deriveFromPassphrase(accountName, password, Login.requiredBytes,
waitFor(function (bytes) {
var allocated = Login.allocateBytes(bytes);
blockKeys = allocated.blockKeys;
if (blockHash) {
if (blockHash !== allocated.blockHash) {
// incorrect password
console.log("provided password did not yield the correct blockHash");
waitFor.abort();
return void cb({ error: 'INVALID_PASSWORD', });
}
} else {
// otherwise they're a legacy user, and we should check against the User_hash
if (hash !== allocated.userHash) {
// incorrect password
console.log("provided password did not yield the correct userHash");
waitFor.abort();
return void cb({ error: 'INVALID_PASSWORD', });
}
}
}));
}).nThen(function () {
cb({
Cred: Cred,
Block: Block,
Login: Login,
blockKeys: blockKeys
});
});
};
common.deleteAccount = function (data, cb) {
data = data || {};
// Confirm that the provided password is corrct and get the block keys
getBlockKeys(data, function (obj) {
if (obj && obj.error) { return void cb(obj); }
var blockKeys = obj.blockKeys;
var removeData = obj.Block.remove(blockKeys);
postMessage("DELETE_ACCOUNT", {
removeData: removeData
}, function (obj) {
if (obj.state) {
Feedback.send('DELETE_ACCOUNT_AUTOMATIC');
} else {
Feedback.send('DELETE_ACCOUNT_MANUAL');
}
cb(obj);
});
});
};
common.changeUserPassword = function (Crypt, edPublic, data, cb) {
if (!edPublic) {
return void cb({
@ -1699,40 +1761,15 @@ define([
var Cred, Block, Login;
Nthen(function (waitFor) {
require([
'/common/common-credential.js',
'/common/outer/login-block.js',
'/customize/login.js'
], waitFor(function (_Cred, _Block, _Login) {
Cred = _Cred;
Block = _Block;
Login = _Login;
}));
}).nThen(function (waitFor) {
// confirm that the provided password is correct
Cred.deriveFromPassphrase(accountName, password, Login.requiredBytes, waitFor(function (bytes) {
var allocated = Login.allocateBytes(bytes);
oldBlockKeys = allocated.blockKeys;
if (blockHash) {
if (blockHash !== allocated.blockHash) {
console.log("provided password did not yield the correct blockHash");
// incorrect password probably
waitFor.abort();
return void cb({
error: 'INVALID_PASSWORD',
});
}
// the user has already created a block, so you should compare against that
} else {
// otherwise they're a legacy user, and we should check against the User_hash
if (hash !== allocated.userHash) {
console.log("provided password did not yield the correct userHash");
waitFor.abort();
return void cb({
error: 'INVALID_PASSWORD',
});
}
getBlockKeys(data, waitFor(function (obj) {
if (obj && obj.error) {
waitFor.abort();
return void cb(obj);
}
oldBlockKeys = obj.blockKeys;
Cred = obj.Cred;
Login = obj.Login;
Block = obj.Block;
}));
}).nThen(function (waitFor) {
// Check if our drive is already owned

6
www/common/outer/async-store.js
View File

@ -741,6 +741,7 @@ define([
Store.deleteAccount = function (clientId, data, cb) {
var edPublic = store.proxy.edPublic;
var removeData = data && data.removeData;
Store.anonRpcMsg(clientId, {
msg: 'GET_METADATA',
data: store.driveChannel
@ -769,8 +770,11 @@ define([
channel: store.driveChannel,
force: true
}, waitFor());
}).nThen(function (waitFor) {
if (!removeData) { return; }
// Delete the block. Don't abort if it fails, it doesn't leak any data.
store.rpc.removeLoginBlock(removeData, waitFor());
}).nThen(function () {
// TODO delete block
// Log out current worker
postMessage(clientId, "DELETE_ACCOUNT", token, function () {});
store.network.disconnect();

2
www/settings/app-settings.less
View File

@ -85,7 +85,7 @@
}
}
.cp-settings-change-password, .cp-settings-own-drive {
.cp-settings-change-password, .cp-settings-own-drive, .cp-settings-delete {
[type="password"], [type="text"] {
width: @sidebar_button-width;
flex: unset;

103
www/settings/inner.js
View File

@ -469,63 +469,64 @@ define([
});
}, true);
create['delete'] = function() {
if (!common.isLoggedIn()) { return; }
var $div = $('<div>', { 'class': 'cp-settings-delete cp-sidebarlayout-element' });
makeBlock('delete', function(cb) { // Msg.settings_deleteHint, .settings_deleteTitle
if (!common.isLoggedIn()) { return cb(false); }
$('<span>', { 'class': 'label' }).text(Messages.settings_deleteTitle).appendTo($div);
var button = h('button.btn.btn-danger', Messages.settings_deleteButton);
var form = h('div', [
UI.passwordInput({
id: 'cp-settings-delete-account',
placeholder: Messages.settings_changePasswordCurrent
}, true),
button
]);
var $form = $(form);
var $button = $(button);
var spinner = UI.makeSpinner($form);
$('<span>', { 'class': 'cp-sidebarlayout-description' })
.append(Messages.settings_deleteHint).appendTo($div);
var $ok = $('<span>', { 'class': 'fa fa-check', title: Messages.saved });
var $spinner = $('<span>', { 'class': 'fa fa-spinner fa-pulse' });
var $button = $('<button>', { 'id': 'cp-settings-delete', 'class': 'btn btn-danger' })
.text(Messages.settings_deleteButton).appendTo($div);
$button.click(function() {
$spinner.show();
UI.confirm(Messages.settings_deleteConfirm, function(yes) {
if (!yes) { return void $spinner.hide(); }
sframeChan.query("Q_SETTINGS_DELETE_ACCOUNT", null, function(err, data) {
// Owned drive
if (data.state === true) {
sframeChan.query('Q_SETTINGS_LOGOUT', null, function() {});
UI.alert(Messages.settings_deleted, function() {
common.gotoURL('/');
});
$ok.show();
$spinner.hide();
return;
UI.confirmButton(button, {
classes: 'btn-danger'
}, function() {
$button.prop('disabled', 'disabled');
spinner.spin();
var password = $form.find('#cp-settings-delete-account').val();
if (!password) {
return void UI.warn(Messages.error);
}
sframeChan.query("Q_SETTINGS_DELETE_ACCOUNT", {
password: password
}, function(err, data) {
if (data && data.error) {
spinner.hide();
$button.prop('disabled', '');
if (data.error === 'INVALID_PASSWORD') {
return void UI.warn(Messages.drive_sfPasswordError);
}
// Not owned drive
var msg = h('div.cp-app-settings-delete-alert', [
h('p', Messages.settings_deleteModal),
h('pre', JSON.stringify(data, 0, 2))
]);
UI.alert(msg);
$spinner.hide();
});
console.error(data.error);
return void UI.warn(Messages.error);
}
// Owned drive
if (data.state === true) {
sframeChan.query('Q_SETTINGS_LOGOUT', null, function() {});
UI.alert(Messages.settings_deleted, function() {
common.gotoURL('/');
});
spinner.done();
return;
}
// Not owned drive
var msg = h('div.cp-app-settings-delete-alert', [
h('p', Messages.settings_deleteModal),
h('pre', JSON.stringify(data, 0, 2))
]);
UI.alert(msg);
spinner.done();
$button.prop('disabled', '');
});
// TODO
/*
UI.confirm("Are you sure?", function (yes) {
// Logout everywhere
// Disconnect other tabs
// Remove owned pads
// Remove owned drive
// Remove pinstore
// Alert: "Account deleted", press OK to be redirected to the home page
$spinner.hide();
});*/
});
$spinner.hide().appendTo($div);
$ok.hide().appendTo($div);
return $div;
};
cb(form);
}, true);
create['change-password'] = function() {
if (!common.isLoggedIn()) { return; }

2
www/settings/main.js
View File

@ -67,7 +67,7 @@ define([
Cryptpad.mergeAnonDrive(cb);
});
sframeChan.on('Q_SETTINGS_DELETE_ACCOUNT', function (data, cb) {
Cryptpad.deleteAccount(cb);
Cryptpad.deleteAccount(data, cb);
});
sframeChan.on('Q_COLORTHEME_CHANGE', function (data, cb) {
localStorage['CRYPTPAD_STORE|colortheme'] = data.theme;