From 9d01bba170309fc39f21282ceaf4bf98e27f7cb5 Mon Sep 17 00:00:00 2001 From: Kyle Spearrin Date: Mon, 12 Nov 2018 23:00:58 -0500 Subject: [PATCH] weak password checks on master password change --- .../settings/change-password.component.html | 5 ++-- src/app/settings/change-password.component.ts | 29 ++++++++++++++++++- 2 files changed, 31 insertions(+), 3 deletions(-) diff --git a/src/app/settings/change-password.component.html b/src/app/settings/change-password.component.html index 70d3fba782..52247ddbf9 100644 --- a/src/app/settings/change-password.component.html +++ b/src/app/settings/change-password.component.html @@ -13,8 +13,9 @@
- + +
diff --git a/src/app/settings/change-password.component.ts b/src/app/settings/change-password.component.ts index 75f76ea236..edd5b6b4be 100644 --- a/src/app/settings/change-password.component.ts +++ b/src/app/settings/change-password.component.ts @@ -9,7 +9,10 @@ import { ApiService } from 'jslib/abstractions/api.service'; import { CryptoService } from 'jslib/abstractions/crypto.service'; import { I18nService } from 'jslib/abstractions/i18n.service'; import { MessagingService } from 'jslib/abstractions/messaging.service'; +import { PasswordGenerationService } from 'jslib/abstractions/passwordGeneration.service'; +import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service'; import { UserService } from 'jslib/abstractions/user.service'; + import { PasswordRequest } from 'jslib/models/request/passwordRequest'; @Component({ @@ -21,11 +24,15 @@ export class ChangePasswordComponent { newMasterPassword: string; confirmNewMasterPassword: string; formPromise: Promise; + masterPasswordScore: number; + + private masterPasswordStrengthTimeout: any; constructor(private apiService: ApiService, private i18nService: I18nService, private analytics: Angulartics2, private toasterService: ToasterService, private cryptoService: CryptoService, private messagingService: MessagingService, - private userService: UserService) { } + private userService: UserService, private passwordGenerationService: PasswordGenerationService, + private platformUtilsService: PlatformUtilsService) { } async submit() { const hasEncKey = await this.cryptoService.hasEncKey(); @@ -51,6 +58,16 @@ export class ChangePasswordComponent { return; } + const strengthResult = this.passwordGenerationService.passwordStrength(this.newMasterPassword, null); + if (strengthResult != null && strengthResult.score < 3) { + const result = await this.platformUtilsService.showDialog(this.i18nService.t('weakMasterPasswordDesc'), + this.i18nService.t('weakMasterPassword'), this.i18nService.t('yes'), this.i18nService.t('no'), + 'warning'); + if (!result) { + return; + } + } + const request = new PasswordRequest(); request.masterPasswordHash = await this.cryptoService.hashPassword(this.currentMasterPassword, null); const email = await this.userService.getEmail(); @@ -69,4 +86,14 @@ export class ChangePasswordComponent { this.messagingService.send('logout'); } catch { } } + + updatePasswordStrength() { + if (this.masterPasswordStrengthTimeout != null) { + clearTimeout(this.masterPasswordStrengthTimeout); + } + this.masterPasswordStrengthTimeout = setTimeout(() => { + const strengthResult = this.passwordGenerationService.passwordStrength(this.newMasterPassword, null); + this.masterPasswordScore = strengthResult == null ? null : strengthResult.score; + }, 300); + } }