Integration with Have I been pwned (#47)

* Add password check. * Fix indention, update messages.
2018-02-28 16:53:18 +01:00 · 2018-02-28 16:53:18 +01:00 · df9d79ab7d
parent 06a543c913
commit df9d79ab7d
4 changed files with 39 additions and 1 deletions
--- a/src/app/services/services.module.ts
+++ b/src/app/services/services.module.ts
@ -22,6 +22,7 @@ import { Analytics } from 'jslib/misc/analytics';

 import { ApiService } from 'jslib/services/api.service';
 import { AppIdService } from 'jslib/services/appId.service';
+import { AuditService } from 'jslib/services/audit.service';
 import { AuthService } from 'jslib/services/auth.service';
 import { CipherService } from 'jslib/services/cipher.service';
 import { CollectionService } from 'jslib/services/collection.service';
@ -42,6 +43,7 @@ import { UtilsService } from 'jslib/services/utils.service';

 import { ApiService as ApiServiceAbstraction } from 'jslib/abstractions/api.service';
 import { AppIdService as AppIdServiceAbstraction } from 'jslib/abstractions/appId.service';
+import { AuditService as AuditServiceAbstraction } from 'jslib/abstractions/audit.service';
 import { AuthService as AuthServiceAbstraction } from 'jslib/abstractions/auth.service';
 import { CipherService as CipherServiceAbstraction } from 'jslib/abstractions/cipher.service';
 import { CollectionService as CollectionServiceAbstraction } from 'jslib/abstractions/collection.service';
@ -99,6 +101,7 @@ const containerService = new ContainerService(cryptoService, platformUtilsServic
 const authService = new AuthService(cryptoService, apiService,
    userService, tokenService, appIdService, i18nService, platformUtilsService, constantsService,
    messagingService);
+const auditService = new AuditService(cryptoService);

 const analytics = new Analytics(window, () => isDev(), platformUtilsService, storageService, appIdService);
 containerService.attachToWindow(window);
@ -143,6 +146,7 @@ function initFactory(): Function {
    providers: [
        ValidationService,
        AuthGuardService,
+        { provide: AuditServiceAbstraction, useValue: auditService },
        { provide: AuthServiceAbstraction, useValue: authService },
        { provide: CipherServiceAbstraction, useValue: cipherService },
        { provide: FolderServiceAbstraction, useValue: folderService },
--- a/src/app/vault/add-edit.component.html
+++ b/src/app/vault/add-edit.component.html
@ -35,6 +35,10 @@
                                       [(ngModel)]="cipher.login.password">
                            </div>
                            <div class="action-buttons">
+                                <a class="row-btn" href="#" appStopClick appBlurClick
+                                    title="{{'checkPassword' | i18n}}" (click)="checkPassword()">
+                                    <i class="fa fa-lg fa-check-circle"></i>
+                                </a>
                                <a class="row-btn" href="#" appStopClick appBlurClick
                                   title="{{'toggleVisibility' | i18n}}" (click)="togglePassword()">
                                    <i class="fa fa-lg"
--- a/src/app/vault/add-edit.component.ts
+++ b/src/app/vault/add-edit.component.ts
@ -15,6 +15,7 @@ import { CipherType } from 'jslib/enums/cipherType';
 import { FieldType } from 'jslib/enums/fieldType';
 import { SecureNoteType } from 'jslib/enums/secureNoteType';

+import { AuditService } from 'jslib/abstractions/audit.service';
 import { CipherService } from 'jslib/abstractions/cipher.service';
 import { FolderService } from 'jslib/abstractions/folder.service';
 import { I18nService } from 'jslib/abstractions/i18n.service';
@ -60,7 +61,8 @@ export class AddEditComponent implements OnChanges {

    constructor(private cipherService: CipherService, private folderService: FolderService,
        private i18nService: I18nService, private platformUtilsService: PlatformUtilsService,
-        private analytics: Angulartics2, private toasterService: ToasterService) {
+        private analytics: Angulartics2, private toasterService: ToasterService,
+        private auditService: AuditService) {
        this.typeOptions = [
            { name: i18nService.t('typeLogin'), value: CipherType.Login },
            { name: i18nService.t('typeCard'), value: CipherType.Card },
@ -212,6 +214,19 @@ export class AddEditComponent implements OnChanges {
        document.getElementById('loginPassword').focus();
    }

+    async checkPassword() {
+        this.analytics.eventTrack.next({ action: 'Check Password' });
+
+        const match = await this.auditService.passwordLeaked(this.cipher.login.password);
+
+        if (match > 0) {
+            this.toasterService.popAsync('error', this.i18nService.t('errorOccurred'),
+                this.i18nService.t('passwordExposed', match.toString()));
+        } else {
+            this.toasterService.popAsync('success', null, this.i18nService.t('passwordSafe'));
+        }
+    }
+
    toggleFieldValue(field: FieldView) {
        const f = (field as any);
        f.showValue = !f.showValue;
--- a/src/locales/en/messages.json
+++ b/src/locales/en/messages.json
@ -957,5 +957,20 @@
  },
  "window": {
    "message": "Window"
+  },
+  "checkPassword": {
+    "message": "Check if this password has been previously exposed."
+  },
+  "passwordExposed": {
+    "message": "This password has been exposed in $VALUE$ data breach(es)! You should change it.",
+    "placeholders": {
+      "value": {
+        "content": "$1",
+        "example": "1"
+      }
+    }
+  },
+  "passwordSafe": {
+    "message": "This password was not found in any known data breaches. It should be safe to use."
  }
 }