2024-06-22 14:57:50 +01:00
// @license magnet:?xt=urn:btih:0b31508aeb0634b347b8270c7bee4d411b5d4109&dn=agpl-3.0.txt AGPL-3.0
2024-07-30 11:23:22 +01:00
if ( localStorage . getItem ( "PRIVATE-secretKey" ) !== null || localStorage . getItem ( "PRIVATE-cryptoKey" ) !== null ) {
2024-04-28 23:48:03 +01:00
window . location . replace ( "/app/" )
2024-03-12 18:34:05 +00:00
document . body . innerHTML = "Redirecting..."
throw new Error ( ) ;
}
2024-07-30 11:23:22 +01:00
let remote = localStorage . getItem ( "SETTING-homeServer" )
2024-03-12 18:34:05 +00:00
if ( remote == null ) {
2024-08-07 17:00:16 +01:00
localStorage . setItem ( "SETTING-homeServer" , "https://notes.canary.hectabit.org" )
remote = "https://notes.canary.hectabit.org"
2024-03-12 18:34:05 +00:00
}
let usernameBox = document . getElementById ( "usernameBox" )
let passwordBox = document . getElementById ( "passwordBox" )
let statusBox = document . getElementById ( "statusBox" )
let signupButton = document . getElementById ( "signupButton" )
2024-06-21 16:49:44 +01:00
let opButton = document . getElementById ( "opButton" )
2024-03-12 18:34:05 +00:00
Fixed the labels not being hidden in inoutdivs, made inoutdivs use a flexbox or table to avoid the use of a calc() and a transform(), updated to AES-256 GCM Native crypto from CryptoJS, added a migration page to migrate from CryptoJS, remove the Argon2 Compatibility thing, remove all backwards-compatibility measures, updated the changelog to be accurate, made NoScript cancel-able, made the inoutdiv dynamically scale, told people what a homeserver is, switched to argon2id from sha-3 and sha-512, add a PoW captcha using WASM, make a really long commit message.
If you are still reading this, I admire your dedication. I spent 8 hours and 33 minutes on this commit alone.
2024-07-20 17:12:25 +01:00
// Leave these variables alone, they are used in the WASM code.
async function hashpass ( pass ) {
2024-06-26 18:59:16 +01:00
return await hashwasm . argon2id ( {
password : pass ,
Fixed the labels not being hidden in inoutdivs, made inoutdivs use a flexbox or table to avoid the use of a calc() and a transform(), updated to AES-256 GCM Native crypto from CryptoJS, added a migration page to migrate from CryptoJS, remove the Argon2 Compatibility thing, remove all backwards-compatibility measures, updated the changelog to be accurate, made NoScript cancel-able, made the inoutdiv dynamically scale, told people what a homeserver is, switched to argon2id from sha-3 and sha-512, add a PoW captcha using WASM, make a really long commit message.
If you are still reading this, I admire your dedication. I spent 8 hours and 33 minutes on this commit alone.
2024-07-20 17:12:25 +01:00
salt : new TextEncoder ( ) . encode ( "I munch Burgers!!" ) ,
2024-06-26 18:59:16 +01:00
parallelism : 1 ,
Fixed the labels not being hidden in inoutdivs, made inoutdivs use a flexbox or table to avoid the use of a calc() and a transform(), updated to AES-256 GCM Native crypto from CryptoJS, added a migration page to migrate from CryptoJS, remove the Argon2 Compatibility thing, remove all backwards-compatibility measures, updated the changelog to be accurate, made NoScript cancel-able, made the inoutdiv dynamically scale, told people what a homeserver is, switched to argon2id from sha-3 and sha-512, add a PoW captcha using WASM, make a really long commit message.
If you are still reading this, I admire your dedication. I spent 8 hours and 33 minutes on this commit alone.
2024-07-20 17:12:25 +01:00
iterations : 32 ,
memorySize : 19264 ,
2024-06-26 18:59:16 +01:00
hashLength : 32 ,
Fixed the labels not being hidden in inoutdivs, made inoutdivs use a flexbox or table to avoid the use of a calc() and a transform(), updated to AES-256 GCM Native crypto from CryptoJS, added a migration page to migrate from CryptoJS, remove the Argon2 Compatibility thing, remove all backwards-compatibility measures, updated the changelog to be accurate, made NoScript cancel-able, made the inoutdiv dynamically scale, told people what a homeserver is, switched to argon2id from sha-3 and sha-512, add a PoW captcha using WASM, make a really long commit message.
If you are still reading this, I admire your dedication. I spent 8 hours and 33 minutes on this commit alone.
2024-07-20 17:12:25 +01:00
outputType : "hex"
2024-06-26 18:59:16 +01:00
} )
}
2024-03-12 18:34:05 +00:00
function showElements ( yesorno ) {
if ( ! yesorno ) {
usernameBox . classList . add ( "hidden" )
passwordBox . classList . add ( "hidden" )
signupButton . classList . add ( "hidden" )
2024-06-21 16:49:44 +01:00
opButton . classList . add ( "hidden" )
Fixed the labels not being hidden in inoutdivs, made inoutdivs use a flexbox or table to avoid the use of a calc() and a transform(), updated to AES-256 GCM Native crypto from CryptoJS, added a migration page to migrate from CryptoJS, remove the Argon2 Compatibility thing, remove all backwards-compatibility measures, updated the changelog to be accurate, made NoScript cancel-able, made the inoutdiv dynamically scale, told people what a homeserver is, switched to argon2id from sha-3 and sha-512, add a PoW captcha using WASM, make a really long commit message.
If you are still reading this, I admire your dedication. I spent 8 hours and 33 minutes on this commit alone.
2024-07-20 17:12:25 +01:00
inputContainer . classList . add ( "hidden" )
2024-03-12 18:34:05 +00:00
}
else {
usernameBox . classList . remove ( "hidden" )
passwordBox . classList . remove ( "hidden" )
signupButton . classList . remove ( "hidden" )
2024-06-21 16:49:44 +01:00
opButton . classList . remove ( "hidden" )
Fixed the labels not being hidden in inoutdivs, made inoutdivs use a flexbox or table to avoid the use of a calc() and a transform(), updated to AES-256 GCM Native crypto from CryptoJS, added a migration page to migrate from CryptoJS, remove the Argon2 Compatibility thing, remove all backwards-compatibility measures, updated the changelog to be accurate, made NoScript cancel-able, made the inoutdiv dynamically scale, told people what a homeserver is, switched to argon2id from sha-3 and sha-512, add a PoW captcha using WASM, make a really long commit message.
If you are still reading this, I admire your dedication. I spent 8 hours and 33 minutes on this commit alone.
2024-07-20 17:12:25 +01:00
inputContainer . classList . remove ( "hidden" )
2024-03-12 18:34:05 +00:00
}
}
2024-06-21 16:49:44 +01:00
document . addEventListener ( "DOMContentLoaded" , function ( ) {
2024-03-12 18:34:05 +00:00
document . getElementById ( "homeserver" ) . innerText = "Your homeserver is: " + remote + ". "
} ) ;
2024-06-21 16:49:44 +01:00
opButton . addEventListener ( "click" , ( ) => {
window . location . href = "/login"
} ) ;
Fixed the labels not being hidden in inoutdivs, made inoutdivs use a flexbox or table to avoid the use of a calc() and a transform(), updated to AES-256 GCM Native crypto from CryptoJS, added a migration page to migrate from CryptoJS, remove the Argon2 Compatibility thing, remove all backwards-compatibility measures, updated the changelog to be accurate, made NoScript cancel-able, made the inoutdiv dynamically scale, told people what a homeserver is, switched to argon2id from sha-3 and sha-512, add a PoW captcha using WASM, make a really long commit message.
If you are still reading this, I admire your dedication. I spent 8 hours and 33 minutes on this commit alone.
2024-07-20 17:12:25 +01:00
complete = new Event ( "completed" ) ;
window . returnCode = undefined ;
window . returnVar = undefined ;
// This is for the WASM code to call when it's done. Do not remove it, even if it looks like it's never called.
function WASMComplete ( ) {
window . dispatchEvent ( complete ) ;
}
2024-04-28 23:48:03 +01:00
signupButton . addEventListener ( "click" , ( ) => {
2024-07-21 10:07:54 +01:00
let username = usernameBox . value
let password = passwordBox . value
2024-03-12 18:34:05 +00:00
2024-07-21 10:07:54 +01:00
if ( username === "" ) {
statusBox . innerText = "Username required!"
return
}
if ( ( username ) . length > 20 ) {
statusBox . innerText = "Username cannot be more than 20 characters!"
return
}
if ( password === "" ) {
statusBox . innerText = "Password required!"
return
}
if ( ( password ) . length < 8 ) {
statusBox . innerText = "Password must be at least 8 characters!"
return
}
showElements ( false )
statusBox . innerText = "Computing PoW Challenge... (this may take up to 5 minutes at worst, 3 seconds at best)"
/ *
* Compiled version of :
* hashcat - wasm ( https : //concord.hectabit.org/hectabit/hashcat-wasm)
* ( c ) Arzumify
* @ license AGPL - 3.0
* Since this is my software , if you use it with proprietary servers , I will make sure you will walk across hot coals ( just kidding , probably ) .
* I ' m not kidding about the license though .
* I should stop including comments into JS and possibly minify this code . Oh , well .
* /
window . resourceExtra = "I love Burgernotes!"
const go = new Go ( ) ;
WebAssembly . instantiateStreaming ( fetch ( "/static/wasm/hashcat.wasm" ) , go . importObject ) . then ( ( result ) => {
go . run ( result . instance ) ;
} )
window . addEventListener ( "completed" , async ( ) => {
if ( window . returnCode === 1 ) {
statusBox . innerText = "Please do not expose your computer to cosmic rays (an impossible logical event has occurred)."
showElements ( true )
2024-03-12 18:34:05 +00:00
return
2024-07-21 10:07:54 +01:00
} else if ( window . returnCode === 2 ) {
statusBox . innerText = "The PoW Challenge has failed. Please try again."
showElements ( true )
2024-03-12 18:34:05 +00:00
return
}
2024-07-21 10:07:54 +01:00
statusBox . innerText = "Hashing password..."
let hashedPassword = await hashpass ( password )
statusBox . innerText = "Contacting server..."
fetch ( remote + "/api/signup" , {
method : "POST" ,
body : JSON . stringify ( {
username : username ,
password : hashedPassword ,
stamp : window . returnVar ,
} ) ,
headers : {
"Content-Type" : "application/json; charset=UTF-8" ,
Fixed the labels not being hidden in inoutdivs, made inoutdivs use a flexbox or table to avoid the use of a calc() and a transform(), updated to AES-256 GCM Native crypto from CryptoJS, added a migration page to migrate from CryptoJS, remove the Argon2 Compatibility thing, remove all backwards-compatibility measures, updated the changelog to be accurate, made NoScript cancel-able, made the inoutdiv dynamically scale, told people what a homeserver is, switched to argon2id from sha-3 and sha-512, add a PoW captcha using WASM, make a really long commit message.
If you are still reading this, I admire your dedication. I spent 8 hours and 33 minutes on this commit alone.
2024-07-20 17:12:25 +01:00
}
2024-07-21 10:07:54 +01:00
} )
. then ( ( response ) => response )
. then ( async ( response ) => {
let responseData = await response . json ( )
if ( response . status === 200 ) {
statusBox . innerText = "Setting up encryption keys..."
2024-07-30 11:23:22 +01:00
localStorage . setItem ( "PRIVATE-secretKey" , responseData [ "key" ] )
localStorage . setItem ( "PRIVATE-cryptoKey" , await hashwasm . argon2id ( {
2024-07-21 10:07:54 +01:00
password : password ,
salt : new TextEncoder ( ) . encode ( "I love Burgernotes!" ) ,
parallelism : 1 ,
iterations : 32 ,
memorySize : 19264 ,
hashLength : 32 ,
outputType : "hex"
} ) )
statusBox . innerText = "Welcome!"
await new Promise ( r => setTimeout ( r , 200 ) )
window . location . href = "/app/"
} else if ( response . status === 409 ) {
2024-07-30 17:04:04 +01:00
if ( responseData [ "error" ] === "Stamp already spent" ) {
2024-07-30 15:37:37 +01:00
statusBox . innerText = "Pure bad luck... your PoW challenge was accepted, but someone else used the same PoW challenge as you. Please try again. (error: Stamp already spent)"
} else {
statusBox . innerText = "Username already taken!"
}
2024-07-21 10:07:54 +01:00
showElements ( true )
} else if ( response . status === 429 ) {
statusBox . innerText = "Please don't sign up to new accounts that quickly. If you are using a VPN, please turn it off!"
showElements ( true )
} else if ( response . status === 500 ) {
statusBox . innerText = responseData [ "error" ]
showElements ( true )
} else {
statusBox . innerText = "Something went wrong! (error: " + responseData [ "error" ] + ")"
showElements ( true )
Fixed the labels not being hidden in inoutdivs, made inoutdivs use a flexbox or table to avoid the use of a calc() and a transform(), updated to AES-256 GCM Native crypto from CryptoJS, added a migration page to migrate from CryptoJS, remove the Argon2 Compatibility thing, remove all backwards-compatibility measures, updated the changelog to be accurate, made NoScript cancel-able, made the inoutdiv dynamically scale, told people what a homeserver is, switched to argon2id from sha-3 and sha-512, add a PoW captcha using WASM, make a really long commit message.
If you are still reading this, I admire your dedication. I spent 8 hours and 33 minutes on this commit alone.
2024-07-20 17:12:25 +01:00
}
} )
2024-07-21 10:07:54 +01:00
} )
2024-03-12 18:34:05 +00:00
} ) ;
2024-06-22 14:57:50 +01:00
2024-07-13 17:32:59 +01:00
// @license-end