trilium/services/change_password.js

"use strict";

const sql = require('./sql');
const options = require('./options');
const my_scrypt = require('./my_scrypt');
const utils = require('./utils');
const password_encryption = require('./password_encryption');

async function changePassword(currentPassword, newPassword, req) {
    if (!await password_encryption.verifyPassword(currentPassword)) {
        return {
            success: false,
            message: "Given current password doesn't match hash"
        };
    }

    const newPasswordVerificationKey = utils.toBase64(await my_scrypt.getVerificationHash(newPassword));
    const decryptedDataKey = await password_encryption.getDataKey(currentPassword);

    await sql.doInTransaction(async () => {
        await password_encryption.setDataKey(newPassword, decryptedDataKey);

        await options.setOption('password_verification_hash', newPasswordVerificationKey);
    });

    return {
        success: true
    };
}

module.exports = {
    changePassword
};
use strict in all JS files 2017-10-22 09:10:33 +08:00			`"use strict";`

backend ported to node.js (work in progress) 2017-10-15 11:31:44 +08:00			`const sql = require('./sql');`
sync of options 2017-11-03 08:48:02 +08:00			`const options = require('./options');`
backend ported to node.js (work in progress) 2017-10-15 11:31:44 +08:00			`const my_scrypt = require('./my_scrypt');`
			`const utils = require('./utils');`
refactoring of password change and preparations for server side encryption 2017-11-10 12:25:23 +08:00			`const password_encryption = require('./password_encryption');`
backend ported to node.js (work in progress) 2017-10-15 11:31:44 +08:00
fix password change 2017-11-07 08:48:02 +08:00			`async function changePassword(currentPassword, newPassword, req) {`
refactoring of password change and preparations for server side encryption 2017-11-10 12:25:23 +08:00			`if (!await password_encryption.verifyPassword(currentPassword)) {`
backend ported to node.js (work in progress) 2017-10-15 11:31:44 +08:00			`return {`
refactoring of password change and preparations for server side encryption 2017-11-10 12:25:23 +08:00			`success: false,`
			`message: "Given current password doesn't match hash"`
backend ported to node.js (work in progress) 2017-10-15 11:31:44 +08:00			`};`
			`}`

			`const newPasswordVerificationKey = utils.toBase64(await my_scrypt.getVerificationHash(newPassword));`
cleaned up "CBC" from methods since we don't have CTR 2017-11-19 01:53:17 +08:00			`const decryptedDataKey = await password_encryption.getDataKey(currentPassword);`
backend ported to node.js (work in progress) 2017-10-15 11:31:44 +08:00
synchronization of transactions using promise so only one can be active 2017-11-29 06:24:08 +08:00			`await sql.doInTransaction(async () => {`
			`await password_encryption.setDataKey(newPassword, decryptedDataKey);`
backend ported to node.js (work in progress) 2017-10-15 11:31:44 +08:00
synchronization of transactions using promise so only one can be active 2017-11-29 06:24:08 +08:00			`await options.setOption('password_verification_hash', newPasswordVerificationKey);`
better transaction handling with rollback on exception 2017-10-30 06:50:28 +08:00			`});`
backend ported to node.js (work in progress) 2017-10-15 11:31:44 +08:00
			`return {`
fix undefined variable 2017-11-23 09:36:07 +08:00			`success: true`
backend ported to node.js (work in progress) 2017-10-15 11:31:44 +08:00			`};`
			`}`

			`module.exports = {`
			`changePassword`
			`};`