Implement a challenge password

controller/vaultcontroller.php

@@ -38,9 +38,28 @@ class VaultController extends ApiController {
 	 * @NoAdminRequired
 	 */
 	public function listVaults() {
-
+		$result = array();
 		$vaults = $this->vaultService->getByUser($this->userId);
-		return new JSONResponse($vaults);
+
+		$protected_credential_fields = array('getDescription','getEmail','getUsername','getPassword');
+
+		foreach($vaults as $vault){
+			$credential = $this->credentialService->getRandomCredentialByVaultId($vault->getId(), $this->userId);
+			$secret_field = $protected_credential_fields[array_rand($protected_credential_fields)];
+			$challenge_password = $credential->{$secret_field}();
+			$vault = array(
+				'vault_id' => $vault->getId(),
+				'guid' => $vault->getGuid(),
+				'name' => $vault->getName(),
+				'created' => $vault->getCreated(),
+				'public_sharing_key' => $vault->getPublicSharingKey(),
+				'last_access' => $vault->getlastAccess(),
+				'challenge_password' => $challenge_password
+			);
+			array_push($result, $vault);
+		}
+
+		return new JSONResponse($result);
 	}
 
 	/**

js/app/controllers/vault.js

@@ -101,19 +101,20 @@ angular.module('passmanApp')
 			_vault.vaultKey = angular.copy(vault_key);
 
 			VaultService.setActiveVault(_vault);
-			VaultService.getVault(vault).then(function (vault) {
-				var credential = vault.credentials[0];
-				try {
-					var c = CredentialService.decryptCredential(credential);
-					if ($scope.remember_vault_password) {
-						SettingsService.setSetting('defaultVaultPass', vault_key);
-					}
-					_loginToVault(vault, vault_key);
 
-				} catch (e) {
-					$scope.error = 'Incorrect vault password!'
+
+			var challenge_password = vault.challenge_password;
+			try {
+				var c = EncryptService.decryptString(challenge_password);
+				if ($scope.remember_vault_password) {
+					SettingsService.setSetting('defaultVaultPass', vault_key);
 				}
-			})
+				_loginToVault(vault, vault_key);
+
+			} catch (e) {
+				$scope.error = 'Incorrect vault password!'
+			}
+
 		};
 
 

lib/Db/CredentialMapper.php

@@ -32,6 +32,12 @@ class CredentialMapper extends Mapper {
 		return $this->findEntities($sql, [$user_id, $vault_id]);
 	}
 
+	public function getRandomCredentialByVaultId($vault_id, $user_id) {
+		$sql = 'SELECT * FROM `*PREFIX*passman_credentials` ' .
+			'WHERE `user_id` = ? and vault_id = ? ORDER BY RAND() LIMIT 1';
+		return $this->findEntities($sql, [$user_id, $vault_id]);
+	}
+
 	public function getExpiredCredentials($timestamp){
 		$sql = 'SELECT * FROM `*PREFIX*passman_credentials` ' .
 			'WHERE `expire_time` > 0 AND `expire_time` < ?';

lib/Db/Vault.php

@@ -33,6 +33,9 @@ use \OCP\AppFramework\Db\Entity;
  * @method integer getSharingKeysGenerated()
  * @method void setVaultSettings(integer $value)
  * @method integer getVaultSettings()
+ * @method void setVaultPass(string $value)
+ * @method string getVaultPass()
+
  */
 
 
@@ -49,6 +52,7 @@ class Vault extends Entity implements  \JsonSerializable{
 	protected $privateSharingKey;
 	protected $sharingKeysGenerated;
 	protected $vaultSettings;
+	protected $vaultPass;
 
 	public function __construct() {
 		// add types in constructor

lib/Service/CredentialService.php

@@ -44,6 +44,10 @@ class CredentialService {
 		return $this->credentialMapper->getCredentialsByVaultId($vault_id, $user_id);
 	}
 
+	public function getRandomCredentialByVaultId($vault_id, $user_id) {
+		return array_pop($this->credentialMapper->getRandomCredentialByVaultId($vault_id, $user_id));
+	}
+
 	public function getExpiredCredentials($timestamp) {
 		return $this->credentialMapper->getExpiredCredentials($timestamp);
 	}