2024-06-22 14:55:32 +01:00
|
|
|
// @license magnet:?xt=urn:btih:0b31508aeb0634b347b8270c7bee4d411b5d4109&dn=agpl-3.0.txt AGPL-3.0
|
|
|
|
|
|
2024-06-26 18:59:16 +01:00
|
|
|
if (localStorage.getItem("DONOTSHARE-secretkey") !== null || localStorage.getItem("DONOTSHARE-password") !== null) {
|
2024-04-28 23:48:03 +01:00
|
|
|
window.location.replace("/app/")
|
2024-03-12 18:34:05 +00:00
|
|
|
document.body.innerHTML = "Redirecting..."
|
|
|
|
|
throw new Error();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let remote = localStorage.getItem("homeserverURL")
|
|
|
|
|
if (remote == null) {
|
|
|
|
|
localStorage.setItem("homeserverURL", "https://notes.hectabit.org")
|
|
|
|
|
remote = "https://notes.hectabit.org"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let usernameBox = document.getElementById("usernameBox")
|
|
|
|
|
let passwordBox = document.getElementById("passwordBox")
|
|
|
|
|
let statusBox = document.getElementById("statusBox")
|
|
|
|
|
let signupButton = document.getElementById("signupButton")
|
|
|
|
|
let inputNameBox = document.getElementById("inputNameBox")
|
|
|
|
|
let backButton = document.getElementById("backButton")
|
2024-06-21 16:49:44 +01:00
|
|
|
let opButton = document.getElementById("opButton")
|
2024-03-12 18:34:05 +00:00
|
|
|
|
2024-07-02 18:13:28 +01:00
|
|
|
async function loginFetch(username, password, changePass, newPass) {
|
|
|
|
|
if (localStorage.getItem("legacy") !== true) {
|
|
|
|
|
return await fetch(remote + "/api/login", {
|
|
|
|
|
method: "POST",
|
|
|
|
|
body: JSON.stringify({
|
|
|
|
|
username: username,
|
|
|
|
|
password: password,
|
|
|
|
|
}),
|
|
|
|
|
headers: {
|
|
|
|
|
"Content-Type": "application/json; charset=UTF-8",
|
|
|
|
|
"X-Burgernotes-Version": "200"
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
} else {
|
|
|
|
|
let passwordChange, newPassChecked
|
|
|
|
|
if (changePass) {
|
|
|
|
|
passwordChange = "yes"
|
|
|
|
|
newPassChecked = newPass
|
|
|
|
|
} else {
|
|
|
|
|
passwordChange = "no"
|
|
|
|
|
newPassChecked = password
|
2024-06-26 18:59:16 +01:00
|
|
|
}
|
2024-07-02 18:13:28 +01:00
|
|
|
return await fetch(remote + "/api/login", {
|
|
|
|
|
method: "POST",
|
|
|
|
|
body: JSON.stringify({
|
|
|
|
|
username: username,
|
|
|
|
|
password: password,
|
|
|
|
|
passwordchange: passwordChange,
|
|
|
|
|
newpass: newPassChecked
|
|
|
|
|
}),
|
|
|
|
|
headers: {
|
|
|
|
|
"Content-Type": "application/json; charset=UTF-8",
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
}
|
2024-06-26 18:59:16 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function addLegacyPassword(secretKey, password) {
|
|
|
|
|
return await fetch(remote + "/api/v2/addlegacypassword", {
|
|
|
|
|
method: "POST",
|
|
|
|
|
body: JSON.stringify({
|
|
|
|
|
secretKey: secretKey,
|
|
|
|
|
legacyPassword: password,
|
|
|
|
|
}),
|
|
|
|
|
headers: {
|
|
|
|
|
"Content-Type": "application/json; charset=UTF-8",
|
|
|
|
|
"X-Burgernotes-Version": "200"
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function migrateLegacyPassword(secretKey, password) {
|
|
|
|
|
return await fetch(remote + "/api/changepassword", {
|
|
|
|
|
method: "POST",
|
|
|
|
|
body: JSON.stringify({
|
|
|
|
|
secretKey: secretKey,
|
|
|
|
|
newPassword: password,
|
|
|
|
|
}),
|
|
|
|
|
headers: {
|
|
|
|
|
"Content-Type": "application/json; charset=UTF-8",
|
|
|
|
|
"X-Burgernotes-Version": "200"
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function hashpassold(pass) {
|
|
|
|
|
return await hashwasm.argon2id({
|
|
|
|
|
password: pass,
|
|
|
|
|
salt: await hashwasm.sha512(pass),
|
|
|
|
|
parallelism: 1,
|
|
|
|
|
iterations: 256,
|
|
|
|
|
memorySize: 512,
|
|
|
|
|
hashLength: 32,
|
|
|
|
|
outputType: "encoded"
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function hashpass(pass) {
|
|
|
|
|
let key = pass
|
|
|
|
|
for (let i = 0; i < 128; i++) {
|
|
|
|
|
key = await hashwasm.sha3(key)
|
|
|
|
|
}
|
|
|
|
|
return key
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-12 18:34:05 +00:00
|
|
|
usernameBox.classList.remove("hidden")
|
|
|
|
|
inputNameBox.innerText = "Username:"
|
|
|
|
|
|
|
|
|
|
let currentInputType = 0
|
|
|
|
|
|
|
|
|
|
function showInput(inputType) {
|
2024-04-28 23:48:03 +01:00
|
|
|
if (inputType === 0) {
|
2024-03-12 18:34:05 +00:00
|
|
|
usernameBox.classList.remove("hidden")
|
|
|
|
|
passwordBox.classList.add("hidden")
|
|
|
|
|
backButton.classList.add("hidden")
|
2024-06-21 16:49:44 +01:00
|
|
|
opButton.classList.remove("hidden")
|
2024-03-12 18:34:05 +00:00
|
|
|
inputNameBox.innerText = "Username:"
|
2024-06-26 18:59:16 +01:00
|
|
|
statusBox.innerText = "Sign in with your Burgernotes account"
|
2024-03-12 18:34:05 +00:00
|
|
|
currentInputType = 0
|
2024-04-28 23:48:03 +01:00
|
|
|
} else if (inputType === 1) {
|
2024-03-12 18:34:05 +00:00
|
|
|
usernameBox.classList.add("hidden")
|
|
|
|
|
passwordBox.classList.remove("hidden")
|
|
|
|
|
backButton.classList.remove("hidden")
|
2024-06-21 16:49:44 +01:00
|
|
|
opButton.classList.add("hidden")
|
2024-03-12 18:34:05 +00:00
|
|
|
inputNameBox.innerText = "Password:"
|
|
|
|
|
currentInputType = 1
|
2024-04-28 23:48:03 +01:00
|
|
|
} else if (inputType === 2) {
|
2024-03-12 18:34:05 +00:00
|
|
|
usernameBox.classList.add("hidden")
|
|
|
|
|
passwordBox.classList.add("hidden")
|
|
|
|
|
signupButton.classList.add("hidden")
|
|
|
|
|
backButton.classList.add("hidden")
|
|
|
|
|
inputNameBox.classList.add("hidden")
|
2024-06-21 16:49:44 +01:00
|
|
|
opButton.classList.add("hidden")
|
2024-03-12 18:34:05 +00:00
|
|
|
inputNameBox.innerText = "Password:"
|
|
|
|
|
currentInputType = 2
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function showElements(yesorno) {
|
|
|
|
|
if (!yesorno) {
|
|
|
|
|
usernameBox.classList.add("hidden")
|
|
|
|
|
passwordBox.classList.add("hidden")
|
|
|
|
|
signupButton.classList.add("hidden")
|
|
|
|
|
backButton.classList.add("hidden")
|
|
|
|
|
inputNameBox.classList.add("hidden")
|
|
|
|
|
showInput(currentInputType)
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
usernameBox.classList.remove("hidden")
|
|
|
|
|
passwordBox.classList.remove("hidden")
|
|
|
|
|
signupButton.classList.remove("hidden")
|
|
|
|
|
backButton.classList.remove("hidden")
|
|
|
|
|
inputNameBox.classList.remove("hidden")
|
|
|
|
|
showInput(currentInputType)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2024-06-21 16:49:44 +01:00
|
|
|
document.addEventListener("DOMContentLoaded", function() {
|
2024-03-12 18:34:05 +00:00
|
|
|
document.getElementById("homeserver").innerText = "Your homeserver is: " + remote + ". "
|
|
|
|
|
});
|
|
|
|
|
|
2024-06-21 16:49:44 +01:00
|
|
|
opButton.addEventListener("click", () => {
|
|
|
|
|
window.location.href = "/signup"
|
|
|
|
|
});
|
|
|
|
|
|
2024-04-28 23:48:03 +01:00
|
|
|
signupButton.addEventListener("click", () => {
|
2024-03-12 18:34:05 +00:00
|
|
|
if (passwordBox.classList.contains("hidden")) {
|
2024-04-28 23:48:03 +01:00
|
|
|
if (usernameBox.value === "") {
|
2024-06-21 16:49:44 +01:00
|
|
|
statusBox.innerText = "Username required!"
|
2024-03-12 18:34:05 +00:00
|
|
|
return
|
|
|
|
|
} else {
|
|
|
|
|
statusBox.innerText = "Welcome back, " + usernameBox.value + "!"
|
|
|
|
|
}
|
|
|
|
|
showInput(1)
|
|
|
|
|
} else {
|
|
|
|
|
async function doStuff() {
|
|
|
|
|
let username = usernameBox.value
|
|
|
|
|
let password = passwordBox.value
|
|
|
|
|
|
2024-04-28 23:48:03 +01:00
|
|
|
if (password === "") {
|
2024-03-12 18:34:05 +00:00
|
|
|
statusBox.innerText = "A password is required!"
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
showInput(2)
|
|
|
|
|
showElements(true)
|
|
|
|
|
statusBox.innerText = "Signing in..."
|
|
|
|
|
|
2024-07-02 18:13:28 +01:00
|
|
|
const hashedPass = await hashpass(password)
|
|
|
|
|
const login = await loginFetch(username, hashedPass, false, "")
|
2024-06-26 18:59:16 +01:00
|
|
|
const loginData = await login.json()
|
|
|
|
|
if (login.status === 401) {
|
|
|
|
|
// Trying hashpassold
|
2024-07-02 18:13:28 +01:00
|
|
|
const loginOld = await loginFetch(username, await hashpassold(password), true, hashedPass)
|
2024-06-26 18:59:16 +01:00
|
|
|
const loginDataOld = await loginOld.json()
|
|
|
|
|
if (loginOld.status === 401) {
|
|
|
|
|
statusBox.innerText = "Username or password incorrect!"
|
|
|
|
|
showInput(1)
|
2024-06-26 19:03:42 +01:00
|
|
|
showElements(true)
|
2024-06-26 18:59:16 +01:00
|
|
|
} else if (loginOld.status === 200) {
|
|
|
|
|
localStorage.setItem("DONOTSHARE-secretkey", loginDataOld["key"])
|
|
|
|
|
localStorage.setItem("DONOTSHARE-password", await hashwasm.sha512(password))
|
|
|
|
|
if (loginDataOld["legacyPasswordNeeded"] === true) {
|
|
|
|
|
await addLegacyPassword(username, await hashpass(await hashpassold(password)))
|
|
|
|
|
}
|
2024-07-02 18:13:28 +01:00
|
|
|
await migrateLegacyPassword(loginDataOld["key"], hashedPass)
|
2024-06-26 18:59:16 +01:00
|
|
|
window.location.replace("/app/")
|
|
|
|
|
} else {
|
|
|
|
|
statusBox.innerText = loginDataOld["error"]
|
|
|
|
|
showInput(1)
|
2024-06-26 19:03:42 +01:00
|
|
|
showElements(true)
|
2024-03-12 18:34:05 +00:00
|
|
|
}
|
2024-06-26 18:59:16 +01:00
|
|
|
} else if (login.status === 200) {
|
|
|
|
|
localStorage.setItem("DONOTSHARE-secretkey", loginData["key"])
|
|
|
|
|
localStorage.setItem("DONOTSHARE-password", await hashwasm.sha512(password))
|
|
|
|
|
if (loginData["legacyPasswordNeeded"] === true) {
|
|
|
|
|
await addLegacyPassword(username, await hashpass(await hashpassold(password)))
|
2024-03-12 18:34:05 +00:00
|
|
|
}
|
2024-06-26 18:59:16 +01:00
|
|
|
window.location.replace("/app/")
|
|
|
|
|
} else {
|
|
|
|
|
statusBox.innerText = loginData["error"]
|
|
|
|
|
showInput(1)
|
2024-06-26 19:03:42 +01:00
|
|
|
showElements(true)
|
2024-06-26 18:59:16 +01:00
|
|
|
}
|
2024-03-12 18:34:05 +00:00
|
|
|
}
|
|
|
|
|
doStuff()
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
|
2024-04-28 23:48:03 +01:00
|
|
|
backButton.addEventListener("click", () => {
|
2024-03-12 18:34:05 +00:00
|
|
|
showInput(0)
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
showInput(0)
|
2024-06-22 14:56:13 +01:00
|
|
|
|
2024-07-02 18:13:28 +01:00
|
|
|
// @license-end
|
