Made changing passwords work correctly and made the legacy password migration set the migrate flag serverside
This commit is contained in:
parent
1a94acba76
commit
60b58143e7
|
@ -41,6 +41,7 @@ async function migrateLegacyPassword(secretKey, password) {
|
|||
body: JSON.stringify({
|
||||
secretKey: secretKey,
|
||||
newPassword: password,
|
||||
migration: true
|
||||
}),
|
||||
headers: {
|
||||
"Content-Type": "application/json; charset=UTF-8",
|
||||
|
@ -179,10 +180,17 @@ signupButton.addEventListener("click", () => {
|
|||
hashLength: 32,
|
||||
outputType: "hex"
|
||||
}))
|
||||
await migrateLegacyPassword(loginDataOld["key"], hashedPass)
|
||||
statusBox.innerText = "Migrating password..."
|
||||
let status = await migrateLegacyPassword(loginDataOld["key"], hashedPass)
|
||||
if (status.status === 200) {
|
||||
statusBox.innerText = "Welcome back!"
|
||||
await new Promise(r => setTimeout(r, 200))
|
||||
window.location.href = "/app/"
|
||||
} else {
|
||||
statusBox.innerText = (await status.json())["error"]
|
||||
showInput(1)
|
||||
showElements(true)
|
||||
}
|
||||
} else {
|
||||
statusBox.innerText = loginDataOld["error"]
|
||||
showInput(1)
|
||||
|
|
|
@ -416,11 +416,15 @@ document.addEventListener("DOMContentLoaded", function() {
|
|||
}
|
||||
|
||||
async function hashpass(pass) {
|
||||
let key = pass
|
||||
for (let i = 0; i < 128; i++) {
|
||||
key = await hashwasm.sha3(key)
|
||||
}
|
||||
return key
|
||||
return await hashwasm.argon2id({
|
||||
password: pass,
|
||||
salt: new TextEncoder().encode("I munch Burgers!!"),
|
||||
parallelism: 1,
|
||||
iterations: 32,
|
||||
memorySize: 19264,
|
||||
hashLength: 32,
|
||||
outputType: "hex"
|
||||
})
|
||||
}
|
||||
|
||||
changePasswordButton.addEventListener("click", () => {
|
||||
|
@ -435,7 +439,8 @@ document.addEventListener("DOMContentLoaded", function() {
|
|||
method: "POST",
|
||||
body: JSON.stringify({
|
||||
secretKey: secretkey,
|
||||
newPassword: await hashpass(oldPass)
|
||||
newPassword: await hashpass(oldPass),
|
||||
migration: false
|
||||
}),
|
||||
headers: {
|
||||
"Content-Type": "application/json; charset=UTF-8",
|
||||
|
@ -466,7 +471,15 @@ document.addEventListener("DOMContentLoaded", function() {
|
|||
await waitForConfirm()
|
||||
const oldPass = errorInput.value
|
||||
errorInput.classList.add("hidden")
|
||||
if (await hashwasm.sha512(oldPass) !== password) {
|
||||
if (await hashwasm.argon2id({
|
||||
password: password,
|
||||
salt: new TextEncoder().encode("I love Burgernotes!"),
|
||||
parallelism: 1,
|
||||
iterations: 32,
|
||||
memorySize: 19264,
|
||||
hashLength: 32,
|
||||
outputType: "hex"
|
||||
}) !== password) {
|
||||
displayError("Incorrect password!")
|
||||
} else {
|
||||
errorInput.value = ""
|
||||
|
@ -496,7 +509,15 @@ document.addEventListener("DOMContentLoaded", function() {
|
|||
if (response.status === 200) {
|
||||
let notes = await exportNotes()
|
||||
let passwordBackup = password
|
||||
password = await hashwasm.sha512(newPass)
|
||||
password = await hashwasm.argon2id({
|
||||
password: password,
|
||||
salt: new TextEncoder().encode("I love Burgernotes!"),
|
||||
parallelism: 1,
|
||||
iterations: 32,
|
||||
memorySize: 19264,
|
||||
hashLength: 32,
|
||||
outputType: "hex"
|
||||
})
|
||||
localStorage.setItem("DONOTSHARE-password", password)
|
||||
let purgeNotes = await fetch(remote + "/api/purgenotes", {
|
||||
method: "POST",
|
||||
|
|
Reference in New Issue