Dockery/Trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-11-01 19:05:59 +01:00
Code Issues Packages Projects Releases Activity

server side encryption WIP

Browse Source
This commit is contained in:
azivner
2017-11-10 22:55:19 -05:00
parent 8f1eedfe0d
commit ec49bf0cca
11 changed files with 101 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
routes/api/login.js
View File

@@ -45,17 +45,19 @@ router.post('/sync', async (req, res, next) => {
});
// this is for entering protected mode so user has to be already logged-in (that's the reason we don't require username)
router.post('protected', auth.checkApiAuth, async (req, res, next) => {
router.post('/protected', auth.checkApiAuth, async (req, res, next) => {
const password = req.body.password;
if (!await password_encryption.verifyPassword(password)) {
return {
res.send({
success: false,
message: "Given current password doesn't match hash"
};
});
return;
}
const decryptedDataKey = password_encryption.getDecryptedDataKey(password);
const decryptedDataKey = await password_encryption.getDecryptedDataKey(password);
const protectedSessionId = protected_session.setDataKey(req, decryptedDataKey);

13
routes/api/tree.js
View File

@@ -7,6 +7,8 @@ const options = require('../../services/options');
const utils = require('../../services/utils');
const auth = require('../../services/auth');
const log = require('../../services/log');
const protected_session = require('../../services/protected_session');
const data_encryption = require('../../services/data_encryption');
router.get('/', auth.checkApiAuth, async (req, res, next) => {
const notes = await sql.getResults("select "
@@ -24,7 +26,13 @@ router.get('/', auth.checkApiAuth, async (req, res, next) => {
const root_notes = [];
const notes_map = {};
const dataKey = protected_session.getDataKey(req);
for (const note of notes) {
if (note['encryption']) {
note.note_title = data_encryption.decrypt(dataKey, note.note_title);
}
note.children = [];
if (!note.note_pid) {
@@ -50,11 +58,6 @@ router.get('/', auth.checkApiAuth, async (req, res, next) => {
res.send({
notes: root_notes,
start_note_id: await options.getOption('start_node'),
password_verification_salt: await options.getOption('password_verification_salt'),
password_derived_key_salt: await options.getOption('password_derived_key_salt'),
encrypted_data_key: await options.getOption('encrypted_data_key'),
encryption_session_timeout: await options.getOption('encryption_session_timeout'),
browser_id: utils.randomString(12),
tree_load_time: utils.nowTimestamp()
});
});