new change email api with enc key

2017-05-31 16:16:21 -04:00 · 2017-05-31 16:16:21 -04:00 · f5720cf20e
parent 2106e48e0e
commit f5720cf20e
3 changed files with 52 additions and 66 deletions
--- a/src/app/services/cipherService.js
+++ b/src/app/services/cipherService.js
@ -204,7 +204,7 @@ angular
            };
        };
-        _service.updateKey = function (masterPassword, success, error) {
+        _service.updateKey = function (masterPasswordHash, success, error) {
            var madeEncKey = cryptoService.makeEncKey(null);
            encKey = madeEncKey.encKey;
            var encKeyEnc = madeEncKey.encKeyEnc;
@ -238,7 +238,7 @@ angular
            return $q.all([loginsPromise, foldersPromise]).then(function () {
                var request = {
-                    masterPasswordHash: cryptoService.hashPassword(masterPassword),
+                    masterPasswordHash: masterPasswordHash,
                    ciphers: reencryptedLogins,
                    folders: reencryptedFolders,
                    privateKey: reencryptedPrivateKey,
--- a/src/app/settings/settingsChangeEmailController.js
+++ b/src/app/settings/settingsChangeEmailController.js
@ -4,83 +4,68 @@
    .controller('settingsChangeEmailController', function ($scope, $state, apiService, $uibModalInstance, cryptoService,
        cipherService, authService, $q, toastr, $analytics) {
        $analytics.eventTrack('settingsChangeEmailController', { category: 'Modal' });
        var _masterPasswordHash,
-            _newMasterPasswordHash,
+            _masterPassword,
-            _newKey;
+            _newEmail;
        $scope.token = function (model) {
-            _masterPasswordHash = cryptoService.hashPassword(model.masterPassword);
+            _masterPassword = model.masterPassword;
-            var newEmail = model.newEmail.toLowerCase();
+            _masterPasswordHash = cryptoService.hashPassword(_masterPassword);
            _newEmail = model.newEmail.toLowerCase();
            var encKey = cryptoService.getEncKey();
            if (encKey) {
                $scope.tokenPromise = requestToken(model);
            }
            else {
                // User is not using an enc key, let's make them one
                $scope.tokenPromise = cipherService.updateKey(_masterPasswordHash, function () {
                    return requestToken(model);
                }, processError);
            }
        };
        function requestToken(model) {
            var request = {
-                newEmail: newEmail,
+                newEmail: _newEmail,
                masterPasswordHash: _masterPasswordHash
            };
-            $scope.tokenPromise = apiService.accounts.emailToken(request, function () {
+            return apiService.accounts.emailToken(request, function () {
                _newKey = cryptoService.makeKey(model.masterPassword, newEmail);
                _newMasterPasswordHash = cryptoService.hashPassword(model.masterPassword, _newKey);
                $scope.tokenSent = true;
            }).$promise;
-        };
+        }
        $scope.confirm = function (model) {
            $scope.processing = true;
-            var reencryptedLogins = [];
+            var newKey = cryptoService.makeKey(_masterPassword, _newEmail);
-            var loginsPromise = apiService.logins.list({}, function (encryptedLogins) {
+            var encKey = cryptoService.getEncKey();
-                var filteredEncryptedLogins = [];
+            var newEncKey = cryptoService.encrypt(encKey.key, newKey, 'raw');
                for (var i = 0; i < encryptedLogins.Data.length; i++) {
                    if (encryptedLogins.Data[i].OrganizationId) {
                        continue;
                    }
                    filteredEncryptedLogins.push(encryptedLogins.Data[i]);
                }
                var unencryptedLogins = cipherService.decryptLogins(filteredEncryptedLogins);
                reencryptedLogins = cipherService.encryptLogins(unencryptedLogins, _newKey);
            }).$promise;
            var reencryptedFolders = [];
            var foldersPromise = apiService.folders.list({}, function (encryptedFolders) {
                var unencryptedFolders = cipherService.decryptFolders(encryptedFolders.Data);
                reencryptedFolders = cipherService.encryptFolders(unencryptedFolders, _newKey);
            }).$promise;
            var privateKey = cryptoService.getPrivateKey('raw'),
                reencryptedPrivateKey = null;
            if (privateKey) {
                reencryptedPrivateKey = cryptoService.encrypt(privateKey, _newKey, 'raw');
            }
            $q.all([loginsPromise, foldersPromise]).then(function () {
            var request = {
                token: model.token,
-                    newEmail: model.newEmail.toLowerCase(),
+                newEmail: _newEmail,
                masterPasswordHash: _masterPasswordHash,
-                    newMasterPasswordHash: _newMasterPasswordHash,
+                newMasterPasswordHash: cryptoService.hashPassword(_masterPassword, newKey),
-                    data: {
+                key: newEncKey
                        ciphers: reencryptedLogins,
                        folders: reencryptedFolders,
                        privateKey: reencryptedPrivateKey
                    }
            };
-                $scope.confirmPromise = apiService.accounts.email(request, function () {
+            $scope.confirmPromise = apiService.accounts.email(request).$promise.then(function () {
                $uibModalInstance.dismiss('cancel');
                    $analytics.eventTrack('Changed Email');
                authService.logOut();
-                    $state.go('frontend.login.info').then(function () {
+                $analytics.eventTrack('Changed Email');
                return $state.go('frontend.login.info');
            }, processError).then(function () {
                toastr.success('Please log back in.', 'Email Changed');
-                    });
+            }, processError);
-                }, function () {
+        };
        function processError() {
            $uibModalInstance.dismiss('cancel');
            toastr.error('Something went wrong.', 'Oh No!');
-                }).$promise;
+        }
            });
        };
        $scope.close = function () {
            $uibModalInstance.dismiss('cancel');
--- a/src/app/settings/settingsChangePasswordController.js
+++ b/src/app/settings/settingsChangePasswordController.js
@ -31,7 +31,8 @@
            }
            else {
                // User is not using an enc key, let's make them one
-                $scope.savePromise = cipherService.updateKey(model.masterPassword, function () {
+                var mpHash = cryptoService.hashPassword(model.masterPassword);
                $scope.savePromise = cipherService.updateKey(mpHash, function () {
                    return changePassword(model);
                }, processError);
            }
@ -54,9 +55,9 @@
                $uibModalInstance.dismiss('cancel');
                authService.logOut();
                $analytics.eventTrack('Changed Password');
-                $state.go('frontend.login.info').then(function () {
+                return $state.go('frontend.login.info');
            }, processError).then(function () {
                toastr.success('Please log back in.', 'Master Password Changed');
                });
            }, processError);
        }