Dockery/Trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-11-01 10:55:55 +01:00
Code Issues Packages Projects Releases Activity

refactoring of password change and preparations for server side encryption

Browse Source
This commit is contained in:
azivner
2017-11-09 23:25:23 -05:00
parent 433982e7bc
commit 8f1eedfe0d
7 changed files with 116 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
routes/api/login.js
View File

@@ -6,8 +6,11 @@ const options = require('../../services/options');
const utils = require('../../services/utils');
const migration = require('../../services/migration');
const SOURCE_ID = require('../../services/source_id');
const auth = require('../../services/auth');
const password_encryption = require('../../services/password_encryption');
const protected_session = require('../../services/protected_session');
router.post('', async (req, res, next) => {
router.post('/sync', async (req, res, next) => {
const timestamp = req.body.timestamp;
const now = utils.nowTimestamp();
@@ -41,4 +44,25 @@ router.post('', async (req, res, next) => {
});
});
// this is for entering protected mode so user has to be already logged-in (that's the reason we don't require username)
router.post('protected', auth.checkApiAuth, async (req, res, next) => {
const password = req.body.password;
if (!await password_encryption.verifyPassword(password)) {
return {
success: false,
message: "Given current password doesn't match hash"
};
}
const decryptedDataKey = password_encryption.getDecryptedDataKey(password);
const protectedSessionId = protected_session.setDataKey(req, decryptedDataKey);
res.send({
success: true,
protectedSessionId: protectedSessionId
});
});
module.exports = router;

6
routes/api/migration.js
View File

@@ -8,8 +8,8 @@ const migration = require('../../services/migration');
router.get('', auth.checkApiAuthWithoutMigration, async (req, res, next) => {
res.send({
'db_version': parseInt(await options.getOption('db_version')),
'app_db_version': migration.APP_DB_VERSION
db_version: parseInt(await options.getOption('db_version')),
app_db_version: migration.APP_DB_VERSION
});
});
@@ -17,7 +17,7 @@ router.post('', auth.checkApiAuthWithoutMigration, async (req, res, next) => {
const migrations = await migration.migrate();
res.send({
'migrations': migrations
migrations: migrations
});
});