From 7b3d8c049c822a43f9e10e412ab124a32ecaa123 Mon Sep 17 00:00:00 2001
From: Levminer <33373714+Levminer@users.noreply.github.com>
Date: Mon, 11 Apr 2022 18:28:47 +0200
Subject: [PATCH] Experimental change passwords #183

---
 .github/ISSUE_TEMPLATE/bug_report.yml      | 26 ++----
 .github/ISSUE_TEMPLATE/feature_request.yml |  4 +-
 .github/workflows/codeql.yml               | 31 --------
 app/settings/src/js/index.js               | 26 ++++--
 app/settings/src/js/security.js            | 93 +++++++++++++++++++++-
 5 files changed, 118 insertions(+), 62 deletions(-)
 delete mode 100644 .github/workflows/codeql.yml

diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml
index f1c54505..450db1ab 100644
--- a/.github/ISSUE_TEMPLATE/bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yml
@@ -1,6 +1,6 @@
 name: Bug Report
 description: Use this template for reporting a bug.
-labels: "Type: Bug"
+labels: ["Type: Bug"]
 assignees:
   - Levminer
 body:
@@ -9,29 +9,15 @@ body:
     label: Before the bug report.
     description: Please ensure you've completed all of the following.
     options:
-      - label: I have searched the [Github Issues](https://www.github.com/electron/levminer/issues) for a bug that matches the one I want to file, without success.
+      - label: I have searched the [Github Issues](https://www.github.com/levminer/authme/issues) for a bug that matches the one I want to file, without success.
         required: true
-- type: dropdown
-  attributes:
-    label: What operating system are you using?
-    options:
-      - Windows
-      - Mac
-      - Linux
-  validations:
-    required: true
-- type: input
-  attributes:
-    label: Operating system version
-    description: On Windows, click Start button > Settings > System > About. On macOS, click the Apple Menu > About This Mac. On Linux, use lsb_release or uname -a.
-    placeholder: "Windows 10 21H1"
-  validations:
-    required: true
 - type: textarea
   attributes:
-    label: Authme version info
-    description: Paste version informations here (Top menu > Info > About Dialog > Copy).
+    label: Authme/System information
+    description: Paste the version information here (Top menu > Info > About Dialog > Copy) or Ctrl/Cmd + O.
     placeholder: "Authme: 2.6.0 ..."
+  validations:
+    required: true
 - type: textarea
   attributes:
     label: Authme log
diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml
index d0e2ee06..33d064fc 100644
--- a/.github/ISSUE_TEMPLATE/feature_request.yml
+++ b/.github/ISSUE_TEMPLATE/feature_request.yml
@@ -1,6 +1,6 @@
 name: Feature Request
 description: Use this template for creating a feature request.
-labels: "Type: Feature"
+labels: ["Type: Feature"]
 assignees:
   - Levminer
 body:
@@ -9,7 +9,7 @@ body:
     label: Before the feature request.
     description: Please ensure you've completed all of the following.
     options:
-      - label: I have searched the [Github Issues](https://www.github.com/electron/levminer/issues) for a feature request that matches the one I want to file, without success.
+      - label: I have searched the [Github Issues](https://www.github.com/levminer/authme/issues) for a feature request that matches the one I want to file, without success.
         required: true
 - type: textarea
   attributes:
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
deleted file mode 100644
index a9e08094..00000000
--- a/.github/workflows/codeql.yml
+++ /dev/null
@@ -1,31 +0,0 @@
-name: CodeQL
-on:
-    push:
-        branches: [main, dev]
-    pull_request:
-        branches: [main, dev]
-    schedule:
-        - cron: "43 17 * * 4"
-jobs:
-    analyze:
-        name: Analyze
-        runs-on: windows-latest
-
-        strategy:
-            fail-fast: false
-            matrix:
-                language: ["javascript"]
-        steps:
-            - name: Checkout repository
-              uses: actions/checkout@v2
-            - uses: actions/setup-node@v2
-              with:
-                node-version: '16'
-            - name: Initialize CodeQL
-              uses: github/codeql-action/init@v1
-              with:
-                  languages: ${{ matrix.language }}
-            - name: Autobuild
-              uses: github/codeql-action/autobuild@v1
-            - name: Perform CodeQL Analysis
-              uses: github/codeql-action/analyze@v1
diff --git a/app/settings/src/js/index.js b/app/settings/src/js/index.js
index 2e562eee..9cb3668f 100644
--- a/app/settings/src/js/index.js
+++ b/app/settings/src/js/index.js
@@ -1,5 +1,5 @@
 const { shell, app, dialog, BrowserWindow } = require("@electron/remote")
-const { convert, localization, time } = require("@levminer/lib")
+const { convert, localization, time, password } = require("@levminer/lib")
 const logger = require("@levminer/lib/logger/renderer")
 const { ipcRenderer: ipc } = require("electron")
 const bcrypt = require("bcryptjs")
@@ -910,24 +910,36 @@ const showPassword = (id) => {
 
 /* Show/hide load backup file dialog */
 const loadBackupFileDialog = () => {
-	const /** @type{LibDialogElement} */ dialog = document.querySelector(".dialog1")
+	const /** @type{LibDialogElement} */ dialog1 = document.querySelector(".dialog1")
 	const close_dialog = document.querySelector(".dialog1Close")
 
 	close_dialog.addEventListener("click", () => {
-		dialog.close()
+		dialog1.close()
 	})
 
-	dialog.showModal()
+	dialog1.showModal()
 }
 
 /* Show/hide change password dialog */
 const changePasswordDialog = () => {
-	const /** @type{LibDialogElement} */ dialog = document.querySelector(".dialog0")
+	const /** @type{LibDialogElement} */ dialog0 = document.querySelector(".dialog0")
 	const close_dialog = document.querySelector(".dialog0Close")
 
 	close_dialog.addEventListener("click", () => {
-		dialog.close()
+		dialog0.close()
 	})
 
-	dialog.showModal()
+	if (settings.security.require_password == true) {
+		dialog0.showModal()
+	} else {
+		dialog.showMessageBox(BrowserWindow.getFocusedWindow(), {
+			title: "Authme",
+			buttons: [lang.button.close],
+			defaultId: 1,
+			cancelId: 1,
+			noLink: true,
+			type: "error",
+			message: "You are using Authme without a password! \n\n You can't change your generated password!",
+		})
+	}
 }
diff --git a/app/settings/src/js/security.js b/app/settings/src/js/security.js
index a0728bbd..e02bd3f2 100644
--- a/app/settings/src/js/security.js
+++ b/app/settings/src/js/security.js
@@ -1,5 +1,7 @@
+// @ts-nocheck
 const { shell, app, dialog, BrowserWindow, screen } = require("@electron/remote")
-const { aes } = require("@levminer/lib")
+const { aes, sha } = require("@levminer/lib")
+const fs = require("fs")
 
 module.exports = {
 	backupFile: async () => {
@@ -41,5 +43,92 @@ module.exports = {
 		})
 	},
 
-	changePassword: () => {},
+	loadBackupFile: () => {},
+
+	changePassword: async () => {
+		const password_input0 = document.querySelector("#password_input1").value
+		const password_input1 = document.querySelector("#password_input2").value
+		const password_input2 = document.querySelector("#password_input3").value
+		const text = document.querySelector(".passwordText")
+
+		const hashPasswords = async () => {
+			const password_input = Buffer.from(document.querySelector("#password_input1").value)
+
+			const salt = await bcrypt.genSalt(10)
+			const hashed = await bcrypt.hash(password_input.toString(), salt)
+
+			/**
+			 * Read settings
+			 * @type {LibSettings}
+			 */
+			settings = JSON.parse(fs.readFileSync(path.join(folder_path, "settings", "settings.json"), "utf-8"))
+
+			settings.security.require_password = true
+			settings.security.password = hashed
+			settings.security.key = aes.generateSalt().toString("base64")
+
+			/** @type{LibStorage} */ storage = dev ? JSON.parse(localStorage.getItem("dev_storage")) : JSON.parse(localStorage.getItem("storage"))
+
+			storage.require_password = settings.security.require_password
+			storage.password = hashed
+			storage.key = settings.security.key
+
+			fs.writeFileSync(path.join(folder_path, "settings", "settings.json"), JSON.stringify(settings, null, "\t"))
+
+			dev ? localStorage.setItem("dev_storage", JSON.stringify(storage)) : localStorage.setItem("storage", JSON.stringify(storage))
+
+			// get saved codes
+
+			password_input.fill(0)
+
+			app.relaunch()
+			app.quit()
+		}
+
+		const validateNewPass = () => {
+			if (password_input1.toString().length > 64) {
+				text.style.color = "#CC001B"
+				text.textContent = lang.landing_text.maximum_password
+			} else if (password_input1.toString().length < 8) {
+				text.style.color = "#CC001B"
+				text.textContent = lang.landing_text.minimum_password
+			} else {
+				if (password_input1.toString() == password_input2.toString()) {
+					if (!password.search(password_input1.toString())) {
+						logger.log("Passwords match!")
+
+						text.style.color = "#28A443"
+						text.textContent = lang.landing_text.passwords_match
+						text.textContent = "WIP!!!"
+
+						hashPasswords()
+					} else {
+						text.style.color = "#CC001B"
+						text.textContent = lang.landing_text.top_1000_password
+					}
+				} else {
+					logger.warn("Passwords dont match!")
+
+					text.style.color = "#CC001B"
+					text.textContent = lang.landing_text.passwords_dont_match
+				}
+			}
+		}
+
+		const compare = await bcrypt.compare(Buffer.from(password_input0).toString(), settings.security.password).then(logger.log("Passwords compared!"))
+
+		if (compare === true) {
+			validateNewPass()
+		} else {
+			dialog.showMessageBox(BrowserWindow.getFocusedWindow(), {
+				title: "Authme",
+				buttons: [lang.button.close],
+				defaultId: 1,
+				cancelId: 1,
+				noLink: true,
+				type: "error",
+				message: "This is not your current password. \n\n Please try again!",
+			})
+		}
+	},
 }