From 5b84487aac696cf4cf769f18e1082f26d91abc87 Mon Sep 17 00:00:00 2001
From: azivner <adam.zivner@gmail.com>
Date: Tue, 12 Sep 2017 23:04:17 -0400
Subject: [PATCH] encryption timeout is now configurable in the db

---
 src/app.py              |  2 ++
 src/settings_api.py     | 33 +++++++++++++++++++++++++++++++++
 src/templates/app.html  | 12 +++++++++++-
 src/tree_api.py         |  1 +
 static/js/encryption.js |  5 +----
 static/js/settings.js   | 29 +++++++++++++++++++++++++++++
 static/js/tree.js       |  2 ++
 7 files changed, 79 insertions(+), 5 deletions(-)
 create mode 100644 src/settings_api.py

diff --git a/src/app.py b/src/app.py
index 5959428a7..d54f532bd 100644
--- a/src/app.py
+++ b/src/app.py
@@ -11,6 +11,7 @@ from sql import connect, getOption
 from tree_api import tree_api
 from notes_move_api import notes_move_api
 from password_api import password_api
+from settings_api import settings_api
 import config_provider
 import my_scrypt
 
@@ -31,6 +32,7 @@ app.register_blueprint(tree_api)
 app.register_blueprint(notes_api)
 app.register_blueprint(notes_move_api)
 app.register_blueprint(password_api)
+app.register_blueprint(settings_api)
 
 class User(UserMixin):
     pass
diff --git a/src/settings_api.py b/src/settings_api.py
new file mode 100644
index 000000000..6aef4d274
--- /dev/null
+++ b/src/settings_api.py
@@ -0,0 +1,33 @@
+from flask import Blueprint, jsonify, request
+from flask_login import login_required
+
+import sql
+
+settings_api = Blueprint('settings_api', __name__)
+
+allowed_options = [ 'encryption_session_timeout' ]
+
+@settings_api.route('/settings', methods = ['GET'])
+@login_required
+def get_settings():
+    dict = {}
+
+    settings = sql.getResults("SELECT opt_name, opt_value FROM options WHERE opt_name IN (%s)" % ',' . join('?'*len(allowed_options)), allowed_options)
+
+    for set in settings:
+        dict[set['opt_name']] = set['opt_value']
+
+    return jsonify(dict)
+
+@settings_api.route('/settings', methods = ['POST'])
+@login_required
+def set_settings():
+    req = request.get_json(force=True)
+
+    if req['name'] in allowed_options:
+        sql.setOption(req['name'], req['value'])
+        sql.commit()
+
+        return jsonify({})
+    else:
+        return jsonify("not allowed option to set")
\ No newline at end of file
diff --git a/src/templates/app.html b/src/templates/app.html
index ed03a8005..4993e0e69 100644
--- a/src/templates/app.html
+++ b/src/templates/app.html
@@ -152,7 +152,17 @@
           </form>
         </div>
         <div id="encryptionTimeout">
-          <p>Morbi tincidunt, dui sit amet facilisis feugiat, odio metus gravida ante, ut pharetra massa metus id nunc. Duis scelerisque molestie turpis. Sed fringilla, massa eget luctus malesuada, metus eros molestie lectus, ut tempus eros massa ut dolor. Aenean aliquet fringilla sem. Suspendisse sed ligula in ligula suscipit aliquam. Praesent in eros vestibulum mi adipiscing adipiscing. Morbi facilisis. Curabitur ornare consequat nunc. Aenean vel metus. Ut posuere viverra nulla. Aliquam erat volutpat. Pellentesque convallis. Maecenas feugiat, tellus pellentesque pretium posuere, felis lorem euismod felis, eu ornare leo nisi vel felis. Mauris consectetur tortor et purus.</p>
+          <p>Encryption timeout is a time period after which the encryption key and encrypted data is wiped out from
+            browser's memory. This is measured from the last encryption / decryption activity.</p>
+
+          <form id="encryptionTimeoutForm">
+            <div class="form-group">
+              <label for="encryptionTimeoutInSeconds">Encryption timeout (in seconds)</label>
+              <input class="form-control" id="encryptionTimeoutInSeconds" type="number">
+            </div>
+
+            <button class="btn btn-sm">Save</button>
+          </form>
         </div>
       </div>
     </div>
diff --git a/src/tree_api.py b/src/tree_api.py
index 8f54bffd3..28729c54b 100644
--- a/src/tree_api.py
+++ b/src/tree_api.py
@@ -42,5 +42,6 @@ def getTree():
     retObject['start_note_id'] = getSingleResult('select * from options where opt_name = "start_node"')['opt_value'];
     retObject['verification_salt'] = getOption('verification_salt')
     retObject['encryption_salt'] = getOption('encryption_salt')
+    retObject['encryption_session_timeout'] = getOption('encryption_session_timeout')
 
     return jsonify(retObject)
\ No newline at end of file
diff --git a/static/js/encryption.js b/static/js/encryption.js
index 2bd4995a3..22ccb48c5 100644
--- a/static/js/encryption.js
+++ b/static/js/encryption.js
@@ -24,9 +24,6 @@ function handleEncryption(requireEncryption, modal, callback) {
     }
 }
 
-// currently not configurable
-const globalEncryptionKeyTimeToLive = 10 * 60 * 1000; // in milliseconds
-
 let globalEncryptionKey = null;
 let globalLastEncryptionOperationDate = null;
 
@@ -119,7 +116,7 @@ $("#encryptionPasswordForm").submit(function() {
 });
 
 setInterval(function() {
-    if (globalLastEncryptionOperationDate !== null && new Date().getTime() - globalLastEncryptionOperationDate.getTime() > globalEncryptionKeyTimeToLive) {
+    if (globalLastEncryptionOperationDate !== null && new Date().getTime() - globalLastEncryptionOperationDate.getTime() > globalEncryptionSessionTimeout * 1000) {
         globalEncryptionKey = null;
 
         if (globalCurrentNote.detail.encryption > 0) {
diff --git a/static/js/settings.js b/static/js/settings.js
index 575967522..637ccda91 100644
--- a/static/js/settings.js
+++ b/static/js/settings.js
@@ -1,4 +1,13 @@
 function displaySettings() {
+    $.ajax({
+        url: baseUrl + 'settings',
+        type: 'GET',
+        success: function (result) {
+            $("#encryptionTimeoutInSeconds").val(result['encryption_session_timeout']);
+        },
+        error: () => alert("Error getting settings.")
+    });
+
     $("#settingsDialog").dialog({
         modal: true,
         width: 600
@@ -40,5 +49,25 @@ $("#changePasswordForm").submit(() => {
         error: () => alert("Error occurred during changing password.")
     });
 
+    return false;
+});
+
+$("#encryptionTimeoutForm").submit(() => {
+    const encryptionTimeout = $("#encryptionTimeoutInSeconds").val();
+
+    $.ajax({
+        url: baseUrl + 'settings',
+        type: 'POST',
+        data: JSON.stringify({
+            name: 'encryption_session_timeout',
+            value: encryptionTimeout
+        }),
+        contentType: "application/json",
+        success: function () {
+            alert("Encryption timeout has been changed.");
+         },
+        error: () => alert("Error occurred during changing encryption timeout.")
+    });
+
     return false;
 });
\ No newline at end of file
diff --git a/static/js/tree.js b/static/js/tree.js
index aad76a946..ffc6d5746 100644
--- a/static/js/tree.js
+++ b/static/js/tree.js
@@ -85,6 +85,7 @@ function setExpandedToServer(note_id, is_expanded) {
 
 let globalVerificationSalt;
 let globalEncryptionSalt;
+let globalEncryptionSessionTimeout;
 
 $(function(){
     $.get(baseUrl + 'tree').then(resp => {
@@ -92,6 +93,7 @@ $(function(){
         let startNoteId = resp.start_note_id;
         globalVerificationSalt = resp.verification_salt;
         globalEncryptionSalt = resp.encryption_salt;
+        globalEncryptionSessionTimeout = resp.encryption_session_timeout;
 
         if (document.location.hash) {
             startNoteId = document.location.hash.substr(1); // strip initial #