new change email api with enc key

This commit is contained in:
Kyle Spearrin 2017-05-31 16:16:21 -04:00
parent 2106e48e0e
commit f5720cf20e
3 changed files with 52 additions and 66 deletions

View File

@ -204,7 +204,7 @@ angular
}; };
}; };
_service.updateKey = function (masterPassword, success, error) { _service.updateKey = function (masterPasswordHash, success, error) {
var madeEncKey = cryptoService.makeEncKey(null); var madeEncKey = cryptoService.makeEncKey(null);
encKey = madeEncKey.encKey; encKey = madeEncKey.encKey;
var encKeyEnc = madeEncKey.encKeyEnc; var encKeyEnc = madeEncKey.encKeyEnc;
@ -238,7 +238,7 @@ angular
return $q.all([loginsPromise, foldersPromise]).then(function () { return $q.all([loginsPromise, foldersPromise]).then(function () {
var request = { var request = {
masterPasswordHash: cryptoService.hashPassword(masterPassword), masterPasswordHash: masterPasswordHash,
ciphers: reencryptedLogins, ciphers: reencryptedLogins,
folders: reencryptedFolders, folders: reencryptedFolders,
privateKey: reencryptedPrivateKey, privateKey: reencryptedPrivateKey,

View File

@ -4,84 +4,69 @@
.controller('settingsChangeEmailController', function ($scope, $state, apiService, $uibModalInstance, cryptoService, .controller('settingsChangeEmailController', function ($scope, $state, apiService, $uibModalInstance, cryptoService,
cipherService, authService, $q, toastr, $analytics) { cipherService, authService, $q, toastr, $analytics) {
$analytics.eventTrack('settingsChangeEmailController', { category: 'Modal' }); $analytics.eventTrack('settingsChangeEmailController', { category: 'Modal' });
var _masterPasswordHash, var _masterPasswordHash,
_newMasterPasswordHash, _masterPassword,
_newKey; _newEmail;
$scope.token = function (model) { $scope.token = function (model) {
_masterPasswordHash = cryptoService.hashPassword(model.masterPassword); _masterPassword = model.masterPassword;
var newEmail = model.newEmail.toLowerCase(); _masterPasswordHash = cryptoService.hashPassword(_masterPassword);
_newEmail = model.newEmail.toLowerCase();
var encKey = cryptoService.getEncKey();
if (encKey) {
$scope.tokenPromise = requestToken(model);
}
else {
// User is not using an enc key, let's make them one
$scope.tokenPromise = cipherService.updateKey(_masterPasswordHash, function () {
return requestToken(model);
}, processError);
}
};
function requestToken(model) {
var request = { var request = {
newEmail: newEmail, newEmail: _newEmail,
masterPasswordHash: _masterPasswordHash masterPasswordHash: _masterPasswordHash
}; };
$scope.tokenPromise = apiService.accounts.emailToken(request, function () { return apiService.accounts.emailToken(request, function () {
_newKey = cryptoService.makeKey(model.masterPassword, newEmail);
_newMasterPasswordHash = cryptoService.hashPassword(model.masterPassword, _newKey);
$scope.tokenSent = true; $scope.tokenSent = true;
}).$promise; }).$promise;
}; }
$scope.confirm = function (model) { $scope.confirm = function (model) {
$scope.processing = true; $scope.processing = true;
var reencryptedLogins = []; var newKey = cryptoService.makeKey(_masterPassword, _newEmail);
var loginsPromise = apiService.logins.list({}, function (encryptedLogins) { var encKey = cryptoService.getEncKey();
var filteredEncryptedLogins = []; var newEncKey = cryptoService.encrypt(encKey.key, newKey, 'raw');
for (var i = 0; i < encryptedLogins.Data.length; i++) {
if (encryptedLogins.Data[i].OrganizationId) {
continue;
}
filteredEncryptedLogins.push(encryptedLogins.Data[i]); var request = {
} token: model.token,
newEmail: _newEmail,
masterPasswordHash: _masterPasswordHash,
newMasterPasswordHash: cryptoService.hashPassword(_masterPassword, newKey),
key: newEncKey
};
var unencryptedLogins = cipherService.decryptLogins(filteredEncryptedLogins); $scope.confirmPromise = apiService.accounts.email(request).$promise.then(function () {
reencryptedLogins = cipherService.encryptLogins(unencryptedLogins, _newKey); $uibModalInstance.dismiss('cancel');
}).$promise; authService.logOut();
$analytics.eventTrack('Changed Email');
var reencryptedFolders = []; return $state.go('frontend.login.info');
var foldersPromise = apiService.folders.list({}, function (encryptedFolders) { }, processError).then(function () {
var unencryptedFolders = cipherService.decryptFolders(encryptedFolders.Data); toastr.success('Please log back in.', 'Email Changed');
reencryptedFolders = cipherService.encryptFolders(unencryptedFolders, _newKey); }, processError);
}).$promise;
var privateKey = cryptoService.getPrivateKey('raw'),
reencryptedPrivateKey = null;
if (privateKey) {
reencryptedPrivateKey = cryptoService.encrypt(privateKey, _newKey, 'raw');
}
$q.all([loginsPromise, foldersPromise]).then(function () {
var request = {
token: model.token,
newEmail: model.newEmail.toLowerCase(),
masterPasswordHash: _masterPasswordHash,
newMasterPasswordHash: _newMasterPasswordHash,
data: {
ciphers: reencryptedLogins,
folders: reencryptedFolders,
privateKey: reencryptedPrivateKey
}
};
$scope.confirmPromise = apiService.accounts.email(request, function () {
$uibModalInstance.dismiss('cancel');
$analytics.eventTrack('Changed Email');
authService.logOut();
$state.go('frontend.login.info').then(function () {
toastr.success('Please log back in.', 'Email Changed');
});
}, function () {
$uibModalInstance.dismiss('cancel');
toastr.error('Something went wrong.', 'Oh No!');
}).$promise;
});
}; };
function processError() {
$uibModalInstance.dismiss('cancel');
toastr.error('Something went wrong.', 'Oh No!');
}
$scope.close = function () { $scope.close = function () {
$uibModalInstance.dismiss('cancel'); $uibModalInstance.dismiss('cancel');
}; };

View File

@ -31,7 +31,8 @@
} }
else { else {
// User is not using an enc key, let's make them one // User is not using an enc key, let's make them one
$scope.savePromise = cipherService.updateKey(model.masterPassword, function () { var mpHash = cryptoService.hashPassword(model.masterPassword);
$scope.savePromise = cipherService.updateKey(mpHash, function () {
return changePassword(model); return changePassword(model);
}, processError); }, processError);
} }
@ -54,9 +55,9 @@
$uibModalInstance.dismiss('cancel'); $uibModalInstance.dismiss('cancel');
authService.logOut(); authService.logOut();
$analytics.eventTrack('Changed Password'); $analytics.eventTrack('Changed Password');
$state.go('frontend.login.info').then(function () { return $state.go('frontend.login.info');
toastr.success('Please log back in.', 'Master Password Changed'); }, processError).then(function () {
}); toastr.success('Please log back in.', 'Master Password Changed');
}, processError); }, processError);
} }