From a73afa9ded7a0fc9b1b616ffc316246e5de6aa3e Mon Sep 17 00:00:00 2001
From: azivner <adam.zivner@gmail.com>
Date: Mon, 6 Nov 2017 19:48:02 -0500
Subject: [PATCH] fix password change

---
 public/javascripts/dialogs/settings.js | 6 +++---
 routes/api/password.js                 | 2 +-
 services/change_password.js            | 6 +-----
 services/utils.js                      | 2 +-
 4 files changed, 6 insertions(+), 10 deletions(-)

diff --git a/public/javascripts/dialogs/settings.js b/public/javascripts/dialogs/settings.js
index 244b4b805..46115304c 100644
--- a/public/javascripts/dialogs/settings.js
+++ b/public/javascripts/dialogs/settings.js
@@ -87,15 +87,15 @@ settings.addModule((function() {
             contentType: "application/json",
             success: result => {
                 if (result.success) {
+                    alert("Password has been changed. Trilium will be reloaded after you press OK.");
+
                     // encryption password changed so current encryption session is invalid and needs to be cleared
                     encryption.resetEncryptionSession();
 
                     encryption.setEncryptedDataKey(result.new_encrypted_data_key);
-
-                    message("Password has been changed.");
                 }
                 else {
-                    message(result.message);
+                    error(result.message);
                 }
             },
             error: () => error("Error occurred during changing password.")
diff --git a/routes/api/password.js b/routes/api/password.js
index 6bddb114a..ebd6288d9 100644
--- a/routes/api/password.js
+++ b/routes/api/password.js
@@ -7,7 +7,7 @@ const changePassword = require('../../services/change_password');
 const auth = require('../../services/auth');
 
 router.post('/change', auth.checkApiAuth, async (req, res, next) => {
-    const result = await changePassword.changePassword(req.body['current_password'], req.body['new_password']);
+    const result = await changePassword.changePassword(req.body['current_password'], req.body['new_password'], req);
 
     res.send(result);
 });
diff --git a/services/change_password.js b/services/change_password.js
index 7e726c1b3..22c3826b9 100644
--- a/services/change_password.js
+++ b/services/change_password.js
@@ -8,7 +8,7 @@ const audit_category = require('./audit_category');
 const crypto = require('crypto');
 const aesjs = require('./aes');
 
-async function changePassword(currentPassword, newPassword, req = null) {
+async function changePassword(currentPassword, newPassword, req) {
     const current_password_hash = utils.toBase64(await my_scrypt.getVerificationHash(currentPassword));
 
     if (current_password_hash !== await options.getOption('password_verification_hash')) {
@@ -37,12 +37,8 @@ async function changePassword(currentPassword, newPassword, req = null) {
 
         const digest = crypto.createHash('sha256').update(plainTextBuffer).digest().slice(0, 4);
 
-        console.log("Digest:", digest);
-
         const encryptedBytes = aes.encrypt(Buffer.concat([digest, plainTextBuffer]));
 
-        console.log("Encrypted", encryptedBytes);
-
         return utils.toBase64(encryptedBytes);
     }
 
diff --git a/services/utils.js b/services/utils.js
index a19f73047..928a9edb3 100644
--- a/services/utils.js
+++ b/services/utils.js
@@ -41,7 +41,7 @@ function hmac(secret, value) {
 }
 
 function browserId(req) {
-    return req.get('x-browser-id');
+    return req == null ? null : req.get('x-browser-id');
 }
 
 function isElectron() {