Experimental change passwords #183

Levminer · Apr 11, 2022 · 7b3d8c0 · 7b3d8c0
1 parent e7e5a7f
commit 7b3d8c0
Show file tree

Hide file tree

Showing 5 changed files with 118 additions and 62 deletions.
diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml
@@ -1,6 +1,6 @@
 name: Bug Report
 description: Use this template for reporting a bug.
-labels: "Type: Bug"
+labels: ["Type: Bug"]
 assignees:
   - Levminer
 body:
@@ -9,29 +9,15 @@ body:
     label: Before the bug report.
     description: Please ensure you've completed all of the following.
     options:
-      - label: I have searched the [Github Issues](https://www.github.com/electron/levminer/issues) for a bug that matches the one I want to file, without success.
+      - label: I have searched the [Github Issues](https://www.github.com/levminer/authme/issues) for a bug that matches the one I want to file, without success.
         required: true
-- type: dropdown
-  attributes:
-    label: What operating system are you using?
-    options:
-      - Windows
-      - Mac
-      - Linux
-  validations:
-    required: true
-- type: input
-  attributes:
-    label: Operating system version
-    description: On Windows, click Start button > Settings > System > About. On macOS, click the Apple Menu > About This Mac. On Linux, use lsb_release or uname -a.
-    placeholder: "Windows 10 21H1"
-  validations:
-    required: true
 - type: textarea
   attributes:
-    label: Authme version info
-    description: Paste version informations here (Top menu > Info > About Dialog > Copy).
+    label: Authme/System information
+    description: Paste the version information here (Top menu > Info > About Dialog > Copy) or Ctrl/Cmd + O.
     placeholder: "Authme: 2.6.0 ..."
+  validations:
+    required: true
 - type: textarea
   attributes:
     label: Authme log

diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml
@@ -1,6 +1,6 @@
 name: Feature Request
 description: Use this template for creating a feature request.
-labels: "Type: Feature"
+labels: ["Type: Feature"]
 assignees:
   - Levminer
 body:
@@ -9,7 +9,7 @@ body:
     label: Before the feature request.
     description: Please ensure you've completed all of the following.
     options:
-      - label: I have searched the [Github Issues](https://www.github.com/electron/levminer/issues) for a feature request that matches the one I want to file, without success.
+      - label: I have searched the [Github Issues](https://www.github.com/levminer/authme/issues) for a feature request that matches the one I want to file, without success.
         required: true
 - type: textarea
   attributes:

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
diff --git a/app/settings/src/js/index.js b/app/settings/src/js/index.js
@@ -1,5 +1,5 @@
 const { shell, app, dialog, BrowserWindow } = require("@electron/remote")
-const { convert, localization, time } = require("@levminer/lib")
+const { convert, localization, time, password } = require("@levminer/lib")
 const logger = require("@levminer/lib/logger/renderer")
 const { ipcRenderer: ipc } = require("electron")
 const bcrypt = require("bcryptjs")
@@ -910,24 +910,36 @@ const showPassword = (id) => {
 
 /* Show/hide load backup file dialog */
 const loadBackupFileDialog = () => {
-	const /** @type{LibDialogElement} */ dialog = document.querySelector(".dialog1")
+	const /** @type{LibDialogElement} */ dialog1 = document.querySelector(".dialog1")
 	const close_dialog = document.querySelector(".dialog1Close")
 
 	close_dialog.addEventListener("click", () => {
-		dialog.close()
+		dialog1.close()
 	})
 
-	dialog.showModal()
+	dialog1.showModal()
 }
 
 /* Show/hide change password dialog */
 const changePasswordDialog = () => {
-	const /** @type{LibDialogElement} */ dialog = document.querySelector(".dialog0")
+	const /** @type{LibDialogElement} */ dialog0 = document.querySelector(".dialog0")
 	const close_dialog = document.querySelector(".dialog0Close")
 
 	close_dialog.addEventListener("click", () => {
-		dialog.close()
+		dialog0.close()
 	})
 
-	dialog.showModal()
+	if (settings.security.require_password == true) {
+		dialog0.showModal()
+	} else {
+		dialog.showMessageBox(BrowserWindow.getFocusedWindow(), {
+			title: "Authme",
+			buttons: [lang.button.close],
+			defaultId: 1,
+			cancelId: 1,
+			noLink: true,
+			type: "error",
+			message: "You are using Authme without a password! \n\n You can't change your generated password!",
+		})
+	}
 }
diff --git a/app/settings/src/js/security.js b/app/settings/src/js/security.js
@@ -1,5 +1,7 @@
+// @ts-nocheck
 const { shell, app, dialog, BrowserWindow, screen } = require("@electron/remote")
-const { aes } = require("@levminer/lib")
+const { aes, sha } = require("@levminer/lib")
+const fs = require("fs")
 
 module.exports = {
 	backupFile: async () => {
@@ -41,5 +43,92 @@ module.exports = {
 		})
 	},
 
-	changePassword: () => {},
+	loadBackupFile: () => {},
+
+	changePassword: async () => {
+		const password_input0 = document.querySelector("#password_input1").value
+		const password_input1 = document.querySelector("#password_input2").value
+		const password_input2 = document.querySelector("#password_input3").value
+		const text = document.querySelector(".passwordText")
+
+		const hashPasswords = async () => {
+			const password_input = Buffer.from(document.querySelector("#password_input1").value)
+
+			const salt = await bcrypt.genSalt(10)
+			const hashed = await bcrypt.hash(password_input.toString(), salt)
+
+			/**
+			 * Read settings
+			 * @type {LibSettings}
+			 */
+			settings = JSON.parse(fs.readFileSync(path.join(folder_path, "settings", "settings.json"), "utf-8"))
+
+			settings.security.require_password = true
+			settings.security.password = hashed
+			settings.security.key = aes.generateSalt().toString("base64")
+
+			/** @type{LibStorage} */ storage = dev ? JSON.parse(localStorage.getItem("dev_storage")) : JSON.parse(localStorage.getItem("storage"))
+
+			storage.require_password = settings.security.require_password
+			storage.password = hashed
+			storage.key = settings.security.key
+
+			fs.writeFileSync(path.join(folder_path, "settings", "settings.json"), JSON.stringify(settings, null, "\t"))
+
+			dev ? localStorage.setItem("dev_storage", JSON.stringify(storage)) : localStorage.setItem("storage", JSON.stringify(storage))
+
+			// get saved codes
+
+			password_input.fill(0)
+
+			app.relaunch()
+			app.quit()
+		}
+
+		const validateNewPass = () => {
+			if (password_input1.toString().length > 64) {
+				text.style.color = "#CC001B"
+				text.textContent = lang.landing_text.maximum_password
+			} else if (password_input1.toString().length < 8) {
+				text.style.color = "#CC001B"
+				text.textContent = lang.landing_text.minimum_password
+			} else {
+				if (password_input1.toString() == password_input2.toString()) {
+					if (!password.search(password_input1.toString())) {
+						logger.log("Passwords match!")
+
+						text.style.color = "#28A443"
+						text.textContent = lang.landing_text.passwords_match
+						text.textContent = "WIP!!!"
+
+						hashPasswords()
+					} else {
+						text.style.color = "#CC001B"
+						text.textContent = lang.landing_text.top_1000_password
+					}
+				} else {
+					logger.warn("Passwords dont match!")
+
+					text.style.color = "#CC001B"
+					text.textContent = lang.landing_text.passwords_dont_match
+				}
+			}
+		}
+
+		const compare = await bcrypt.compare(Buffer.from(password_input0).toString(), settings.security.password).then(logger.log("Passwords compared!"))
+
+		if (compare === true) {
+			validateNewPass()
+		} else {
+			dialog.showMessageBox(BrowserWindow.getFocusedWindow(), {
+				title: "Authme",
+				buttons: [lang.button.close],
+				defaultId: 1,
+				cancelId: 1,
+				noLink: true,
+				type: "error",
+				message: "This is not your current password. \n\n Please try again!",
+			})
+		}
+	},
 }