From 89884a690c0e89d58791f93d613e230bb1a458d5 Mon Sep 17 00:00:00 2001 From: Arzumify Date: Wed, 26 Jun 2024 18:59:16 +0100 Subject: [PATCH] Made client version 2.0-serverside compliant and fix some various CSS issues --- static/css/style.css | 49 +++-------- static/js/login.js | 191 ++++++++++++++++++++++--------------------- static/js/signup.js | 42 ++++++---- 3 files changed, 134 insertions(+), 148 deletions(-) diff --git a/static/css/style.css b/static/css/style.css index 4dfd21e..c4e33bd 100644 --- a/static/css/style.css +++ b/static/css/style.css @@ -139,10 +139,7 @@ h6 { h7 { display: block; font-size: 20px; - margin-top: 0.67em; - margin-bottom: 0.67em; - margin-left: 0; - margin-right: 0; + margin: 0.67em 0; } body { @@ -235,7 +232,6 @@ body { line-height: 41px; text-align: left; font-size: 16px; - cursor: pointer; margin-top: 5px; background-color: rgba(0, 0, 0, 0); border-radius: 99px; @@ -260,7 +256,6 @@ body { line-height: 41px; text-align: left; font-size: 16px; - cursor: pointer; margin-top: 5px; background-color: rgba(0, 0, 0, 0); border-radius: 8px; @@ -300,8 +295,7 @@ body { min-height: 35px; line-height: 0; padding: 10px; - margin: 5px; - margin-bottom: 0; + margin: 5px 5px 0; background-color: var(--bar); color: var(--unselected-note-button-text-color); border-radius: 8px; @@ -400,8 +394,7 @@ body { .noteBox.mobile { flex-direction: column-reverse; - margin: 0; - margin-top: 15px; + margin: 15px 0 0; height: calc(100% - 50px); } @@ -496,9 +489,7 @@ iframe#markdown { .optionsDiv .mfacheckbox { display: inline; - margin: 0; - margin-left: 5px; - margin-bottom: 12px; + margin: 0 0 12px 5px; padding: 0; height: 17px; width: 17px; @@ -569,7 +560,7 @@ iframe#markdown { } .optionsDiv .fontManipulator button { - width: 43.5px; + width: 44px; background-color: var(--nonimporant-theme-color); color: var(--nonimportant-text-color); transition: 0.125s; @@ -598,16 +589,14 @@ iframe#markdown { background-color: var(--session-color); border-radius: 8px; margin-bottom: 5px; - padding: 10px; - padding-bottom: 0; + padding: 10px 10px 0; display: flex; } .sessionDiv div p { display: inline; overflow-wrap: anywhere; - margin: 10px; - margin-top: 0; + margin: 0 10px 10px; } .sessionDiv div button { @@ -660,8 +649,6 @@ iframe#markdown { border-color: var(--border-color); border-width: 1px; border-radius: 6px; - - outline: 0.125s } .inoutdiv input:focus { @@ -672,10 +659,8 @@ iframe#markdown { .inoutdiv button { background-color: var(--theme-color); color: white; - padding: 10px; margin-right: 5px; - padding-left: 20px; - padding-right: 20px; + padding: 10px 20px; border: none; border-radius: 25px; @@ -866,7 +851,7 @@ iframe#markdown { } .downloadDiv p { - margin: 0px; + margin: 0; } .downloadDiv a { @@ -874,9 +859,7 @@ iframe#markdown { } .mainDiv a { - padding: 15px; - padding-left: 20px; - padding-right: 20px; + padding: 15px 20px; margin-right: auto; color: white; text-decoration: none; @@ -906,15 +889,11 @@ iframe#markdown { margin-bottom: 10px; margin-left: 12vh; margin-right: 12vh; - padding-left: 10px; - padding-right: 10px; - border: none; border-radius: 12px; - padding-top: 15px; font-size: 17px; - padding-bottom: 30px; + padding: 15px 10px 30px; overflow-x: auto; } @@ -944,8 +923,7 @@ iframe#markdown { background-color: #f8f8f8; } .mainDiv .feature h1 { - margin: 0; - margin-top: 10px; + margin: 10px 0 0; font-family: "Space Grotesk", sans-serif; font-optical-sizing: auto; font-size: 22px; @@ -966,8 +944,7 @@ iframe#markdown { text-decoration: none; background-color: var(--bar); color: var(--text-color); - padding: 10px; - padding-top: 2.5px; + padding: 3px 10px 10px; margin-bottom: 10px; border-radius: 10px; transition: background-color .2s; diff --git a/static/js/login.js b/static/js/login.js index 86c2dfa..b54c318 100644 --- a/static/js/login.js +++ b/static/js/login.js @@ -1,11 +1,6 @@ // @license magnet:?xt=urn:btih:0b31508aeb0634b347b8270c7bee4d411b5d4109&dn=agpl-3.0.txt AGPL-3.0 -if (localStorage.getItem("DONOTSHARE-secretkey") !== null) { - window.location.replace("/app/") - document.body.innerHTML = "Redirecting..." - throw new Error(); -} -if (localStorage.getItem("DONOTSHARE-password") !== null) { +if (localStorage.getItem("DONOTSHARE-secretkey") !== null || localStorage.getItem("DONOTSHARE-password") !== null) { window.location.replace("/app/") document.body.innerHTML = "Redirecting..." throw new Error(); @@ -25,6 +20,68 @@ let inputNameBox = document.getElementById("inputNameBox") let backButton = document.getElementById("backButton") let opButton = document.getElementById("opButton") +async function loginFetch(username, password) { + return await fetch(remote + "/api/login", { + method: "POST", + body: JSON.stringify({ + username: username, + password: password, + }), + headers: { + "Content-Type": "application/json; charset=UTF-8", + "X-Burgernotes-Version": "200" + } + }) +} + +async function addLegacyPassword(secretKey, password) { + return await fetch(remote + "/api/v2/addlegacypassword", { + method: "POST", + body: JSON.stringify({ + secretKey: secretKey, + legacyPassword: password, + }), + headers: { + "Content-Type": "application/json; charset=UTF-8", + "X-Burgernotes-Version": "200" + } + }) +} + +async function migrateLegacyPassword(secretKey, password) { + return await fetch(remote + "/api/changepassword", { + method: "POST", + body: JSON.stringify({ + secretKey: secretKey, + newPassword: password, + }), + headers: { + "Content-Type": "application/json; charset=UTF-8", + "X-Burgernotes-Version": "200" + } + }) +} + +async function hashpassold(pass) { + return await hashwasm.argon2id({ + password: pass, + salt: await hashwasm.sha512(pass), + parallelism: 1, + iterations: 256, + memorySize: 512, + hashLength: 32, + outputType: "encoded" + }) +} + +async function hashpass(pass) { + let key = pass + for (let i = 0; i < 128; i++) { + key = await hashwasm.sha3(key) + } + return key +} + usernameBox.classList.remove("hidden") inputNameBox.innerText = "Username:" @@ -37,7 +94,7 @@ function showInput(inputType) { backButton.classList.add("hidden") opButton.classList.remove("hidden") inputNameBox.innerText = "Username:" - statusBox.innerText = "Use your Burgernotes account" + statusBox.innerText = "Sign in with your Burgernotes account" currentInputType = 0 } else if (inputType === 1) { usernameBox.classList.add("hidden") @@ -108,94 +165,38 @@ signupButton.addEventListener("click", () => { showElements(true) statusBox.innerText = "Signing in..." - async function hashpassold(pass) { - return await hashwasm.argon2id({ - password: pass, - salt: await hashwasm.sha512(pass), - parallelism: 1, - iterations: 256, - memorySize: 512, - hashLength: 32, - outputType: "encoded" - }) - } - - async function hashpass(pass) { - let key = pass - for (let i = 0; i < 128; i++) { - key = await hashwasm.sha3(key) - } - return key - } - - fetch(remote + "/api/login", { - method: "POST", - body: JSON.stringify({ - username: username, - password: await hashpass(password), - passwordchange: "no", - newpass: "null" - }), - headers: { - "Content-Type": "application/json; charset=UTF-8" - } - }) - .then((response) => response) - .then((response) => { - async function doStuff() { - let responseData = await response.json() - if (response.status === 200) { - localStorage.setItem("DONOTSHARE-secretkey", responseData["key"]) - localStorage.setItem("DONOTSHARE-password", await hashwasm.sha512(password)) - - window.location.href = "/app/" - } - else if (response.status === 401) { - console.log("Trying oldhash") - fetch(remote + "/api/login", { - method: "POST", - body: JSON.stringify({ - username: username, - password: await hashpassold(password), - passwordchange: "yes", - newpass: await hashpass(password) - }), - headers: { - "Content-Type": "application/json; charset=UTF-8" - } - }) - .then((response) => response) - .then((response) => { - async function doStuff2() { - let responseData = await response.json() - if (response.status === 200) { - localStorage.setItem("DONOTSHARE-secretkey", responseData["key"]) - localStorage.setItem("DONOTSHARE-password", await hashwasm.sha512(password)) - - window.location.href = "/app/" - } - else if (response.status === 401) { - statusBox.innerText = "Wrong username or password..." - showInput(1) - showElements(true) - } - else { - statusBox.innerText = "Something went wrong! (error code: " + response.status + ")" - showInput(1) - showElements(true) - } - } - doStuff2() - }); - } - else { - statusBox.innerText = "Something went wrong! (error code: " + response.status + ")" - showInput(1) - showElements(true) - } + const login = await loginFetch(username, await hashpass(password)) + const loginData = await login.json() + if (login.status === 401) { + // Trying hashpassold + const loginOld = await loginFetch(username, await hashpassold(password)) + const loginDataOld = await loginOld.json() + if (loginOld.status === 401) { + statusBox.innerText = "Username or password incorrect!" + showInput(1) + } else if (loginOld.status === 200) { + localStorage.setItem("DONOTSHARE-secretkey", loginDataOld["key"]) + localStorage.setItem("DONOTSHARE-password", await hashwasm.sha512(password)) + if (loginDataOld["legacyPasswordNeeded"] === true) { + await addLegacyPassword(username, await hashpass(await hashpassold(password))) } - doStuff() - }); + await migrateLegacyPassword(loginDataOld["key"], await hashpass(password)) + window.location.replace("/app/") + } else { + statusBox.innerText = loginDataOld["error"] + showInput(1) + } + } else if (login.status === 200) { + localStorage.setItem("DONOTSHARE-secretkey", loginData["key"]) + localStorage.setItem("DONOTSHARE-password", await hashwasm.sha512(password)) + if (loginData["legacyPasswordNeeded"] === true) { + await addLegacyPassword(username, await hashpass(await hashpassold(password))) + } + window.location.replace("/app/") + } else { + statusBox.innerText = loginData["error"] + showInput(1) + } } doStuff() } @@ -207,4 +208,4 @@ backButton.addEventListener("click", () => { showInput(0) -// @license-end \ No newline at end of file +// @license-endc \ No newline at end of file diff --git a/static/js/signup.js b/static/js/signup.js index 579c91a..f11b3bc 100644 --- a/static/js/signup.js +++ b/static/js/signup.js @@ -1,11 +1,6 @@ // @license magnet:?xt=urn:btih:0b31508aeb0634b347b8270c7bee4d411b5d4109&dn=agpl-3.0.txt AGPL-3.0 -if (localStorage.getItem("DONOTSHARE-secretkey") !== null) { - window.location.replace("/app/") - document.body.innerHTML = "Redirecting..." - throw new Error(); -} -if (localStorage.getItem("DONOTSHARE-password") !== null) { +if (localStorage.getItem("DONOTSHARE-secretkey") !== null || localStorage.getItem("DONOTSHARE-password") !== null) { window.location.replace("/app/") document.body.innerHTML = "Redirecting..." throw new Error(); @@ -23,6 +18,26 @@ let statusBox = document.getElementById("statusBox") let signupButton = document.getElementById("signupButton") let opButton = document.getElementById("opButton") +async function hashpassold(pass) { + return await hashwasm.argon2id({ + password: pass, + salt: await hashwasm.sha512(pass), + parallelism: 1, + iterations: 256, + memorySize: 512, + hashLength: 32, + outputType: "encoded" + }) +} + +async function hashpass(pass) { + let key = pass + for (let i = 0; i < 128; i++) { + key = await hashwasm.sha3(key) + } + return key +} + function showElements(yesorno) { if (!yesorno) { usernameBox.classList.add("hidden") @@ -71,23 +86,16 @@ signupButton.addEventListener("click", () => { showElements(false) statusBox.innerText = "Creating account, please hold on..." - async function hashpass(pass) { - let key = pass - for (let i = 0; i < 128; i++) { - key = await hashwasm.sha3(key) - } - return key - } - - fetch(remote + "/api/signup", { method: "POST", body: JSON.stringify({ username: username, - password: await hashpass(password) + password: await hashpass(password), + legacyPassword: await hashpass(await hashpassold(password)) }), headers: { - "Content-Type": "application/json; charset=UTF-8" + "Content-Type": "application/json; charset=UTF-8", + "X-Burgernotes-Version": "200" } }) .then((response) => response)