nextcloud/passman
1
1
Fork 0
mirror of https://github.com/nextcloud/passman.git synced 2024-09-20 14:56:21 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'challengePassword'

Browse source
This commit is contained in:
brantje 2016-09-30 21:04:13 +02:00
parent 04b0261cd3 3af9e39488
commit 5476c0d1ba
No known key found for this signature in database
GPG key ID: 5FF1D117F918687F
12 changed files with 93 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
README.md
View file

@ -34,3 +34,8 @@ To watch for changes use `grunt watch`
## Contributors
Add yours when creating a pull request!
- None
## FAQ
**Are you adding something to check if malicious code is executing on the browser?**
No, because malitous code could edit the functions that check for malicious code.

21
controller/vaultcontroller.php
View file

@ -38,9 +38,26 @@ class VaultController extends ApiController {
* @NoAdminRequired
*/
public function listVaults() {
$result = array();
$vaults = $this->vaultService->getByUser($this->userId);
return new JSONResponse($vaults);
$protected_credential_fields = array('getDescription','getEmail','getUsername','getPassword');
foreach($vaults as $vault){
$credential = $this->credentialService->getRandomCredentialByVaultId($vault->getId(), $this->userId);
$secret_field = $protected_credential_fields[array_rand($protected_credential_fields)];
array_push($result, array(
'vault_id' => $vault->getId(),
'guid' => $vault->getGuid(),
'name' => $vault->getName(),
'created' => $vault->getCreated(),
'public_sharing_key' => $vault->getPublicSharingKey(),
'last_access' => $vault->getlastAccess(),
'challenge_password' => $credential->{$secret_field}()
));
}
return new JSONResponse($result);
}
/**

2
js/app/controllers/credential.js
View file

@ -22,7 +22,7 @@ angular.module('passmanApp')
_vault.vaultKey = angular.copy(SettingsService.getSetting('defaultVaultPass'));
VaultService.setActiveVault(_vault);
$scope.active_vault = _vault;
console.log(_vault)
//@TODO check if vault exists
}

22
js/app/controllers/edit_credential.js
View file

@ -18,13 +18,25 @@ angular.module('passmanApp')
} else {
if (SettingsService.getSetting('defaultVault') && SettingsService.getSetting('defaultVaultPass')) {
var _vault = angular.copy(SettingsService.getSetting('defaultVault'));
_vault.vaultKey = angular.copy(SettingsService.getSetting('defaultVaultPass'));
VaultService.setActiveVault(_vault);
$scope.active_vault = _vault;
VaultService.getVault(_vault).then(function (vault) {
vault.vaultKey = angular.copy(SettingsService.getSetting('defaultVaultPass'));
VaultService.setActiveVault(vault);
$scope.active_vault = vault;
//@TODO check if vault exists
$scope.pwSettings = VaultService.getVaultSetting('pwSettings',
{
'length': 12,
'useUppercase': true,
'useLowercase': true,
'useDigits': true,
'useSpecialChars': true,
'minimumDigitCount': 3,
'avoidAmbiguousCharacters': false,
'requireEveryCharType': true,
'generateOnCreate': true
})
})
}
}
$scope.tabs = [{

23
js/app/controllers/revision.js
View file

@ -18,12 +18,27 @@ angular.module('passmanApp')
} else {
if (SettingsService.getSetting('defaultVault') && SettingsService.getSetting('defaultVaultPass')) {
var _vault = angular.copy(SettingsService.getSetting('defaultVault'));
_vault.vaultKey = angular.copy(SettingsService.getSetting('defaultVaultPass'));
VaultService.setActiveVault(_vault);
$scope.active_vault = _vault;
VaultService.getVault(_vault).then(function (vault) {
vault.vaultKey = SettingsService.getSetting('defaultVaultPass');
VaultService.setActiveVault(vault);
$scope.active_vault = vault;
$scope.$parent.selectedVault = true;
$scope.vault_settings.pwSettings = VaultService.getVaultSetting('pwSettings',
{
'length': 12,
'useUppercase': true,
'useLowercase': true,
'useDigits': true,
'useSpecialChars': true,
'minimumDigitCount': 3,
'avoidAmbiguousCharacters': false,
'requireEveryCharType': true,
'generateOnCreate': true
})
})
}
}
if ($scope.active_vault) {
$scope.$parent.selectedVault = true;
}

7
js/app/controllers/share.js
View file

@ -105,12 +105,15 @@ angular.module('passmanApp')
var list = $scope.share_settings.credentialSharedWithUserAndGroup;
console.log(list);
for (var i = 0; i < list.length; i++){
console.log(list[i]);
if (list[i].type == "user") {
ShareService.getVaultsByUser(list[i].userId).then(function (data) {
console.log(list);
console.log(i);
list[i].vaults = data;
console.log(data);
var start = new Date().getTime() / 1000;
;
ShareService.cypherRSAStringWithPublicKeyBulkAsync(data, key)
.progress(function (data) {
console.log(data);
@ -131,7 +134,7 @@ angular.module('passmanApp')
list[i].vaults = data;
console.log(data);
var start = new Date().getTime() / 1000;
;
ShareService.cypherRSAStringWithPublicKeyBulkAsync(data, key)
.progress(function (data) {
console.log(data);

22
js/app/controllers/vault.js
View file

@ -101,19 +101,17 @@ angular.module('passmanApp')
_vault.vaultKey = angular.copy(vault_key);
VaultService.setActiveVault(_vault);
VaultService.getVault(vault).then(function (vault) {
var credential = vault.credentials[0];
try {
var c = CredentialService.decryptCredential(credential);
if ($scope.remember_vault_password) {
SettingsService.setSetting('defaultVaultPass', vault_key);
}
_loginToVault(vault, vault_key);
} catch (e) {
$scope.error = 'Incorrect vault password!'
try {
var c = EncryptService.decryptString(vault.challenge_password);
if ($scope.remember_vault_password) {
SettingsService.setSetting('defaultVaultPass', vault_key);
}
})
_loginToVault(vault, vault_key);
} catch (e) {
$scope.error = 'Incorrect vault password!'
}
};

2
js/templates.js
View file

File diff suppressed because one or more lines are too long

6
lib/Db/CredentialMapper.php
View file

@ -32,6 +32,12 @@ class CredentialMapper extends Mapper {
return $this->findEntities($sql, [$user_id, $vault_id]);
}
public function getRandomCredentialByVaultId($vault_id, $user_id) {
$sql = 'SELECT * FROM `*PREFIX*passman_credentials` ' .
'WHERE `user_id` = ? and vault_id = ? ORDER BY RAND() LIMIT 1';
return $this->findEntities($sql, [$user_id, $vault_id]);
}
public function getExpiredCredentials($timestamp){
$sql = 'SELECT * FROM `*PREFIX*passman_credentials` ' .
'WHERE `expire_time` > 0 AND `expire_time` < ?';

2
lib/Db/Vault.php
View file

@ -49,7 +49,7 @@ class Vault extends Entity implements \JsonSerializable{
protected $privateSharingKey;
protected $sharingKeysGenerated;
protected $vaultSettings;
public function __construct() {
// add types in constructor
$this->addType('created', 'integer');

4
lib/Service/CredentialService.php
View file

@ -44,6 +44,10 @@ class CredentialService {
return $this->credentialMapper->getCredentialsByVaultId($vault_id, $user_id);
}
public function getRandomCredentialByVaultId($vault_id, $user_id) {
return array_pop($this->credentialMapper->getRandomCredentialByVaultId($vault_id, $user_id));
}
public function getExpiredCredentials($timestamp) {
return $this->credentialMapper->getExpiredCredentials($timestamp);
}

9
templates/views/show_vault.html
View file

@ -57,6 +57,7 @@
</div>
</div>
</div>
{{filtered_credentials}}
<div off-click="closeSelected()">
<div class="loaderContainer" ng-if="show_spinner">
@ -71,9 +72,9 @@
ng-class="{'selected': selectedCredential.credential_id == credential.credential_id}">
<td>
<span class="icon"><i class="fa fa-lock"></i> </span>
<span class="label">{{credential.label}}</span>
<span class="label">{{ ::credential.label}}</span>
<span class="tags">
<span class="tag" ng-repeat="tag in credential.tags_raw">{{tag.text}}</span>
<span class="tag" ng-repeat="tag in credential.tags_raw">{{ ::tag.text}}</span>
</span>
</td>
@ -85,9 +86,9 @@
ng-click="selectCredential(credential)"
use-theme type="'border-color'">
<div class="credential_content" >
<div class="label">{{credential.label}}</div>
<div class="label">{{ ::credential.label}}</div>
<div class="tags">
<div class="tag" ng-repeat="tag in credential.tags_raw">{{tag.text}}</div>
<div class="tag" ng-repeat="tag in credential.tags_raw">{{ ::tag.text}}</div>
</div>
</div>
</li>