jeirmeister/Cockatrice
1
0
Fork 0
mirror of https://github.com/Cockatrice/Cockatrice.git synced 2026-06-10 16:24:45 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Webatrice: support hashed passwords in register and resetPassword (#4549)

Browse source 
* support hashed passwords in register and resetPassword

* lint

* support hashedPasswords for accountActivation

* use salt in post-register login step

Co-authored-by: Jeremy Letto <jeremy.letto@datasite.com>
This commit is contained in:
Jeremy Letto 2022-01-30 22:09:16 -06:00 committed by GitHub
parent 92f941a54c
commit 992e28797f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 64 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

52
webclient/src/websocket/commands/SessionCommands.ts
View file

@ -139,7 +139,29 @@ export class SessionCommands {
switch (raw.responseCode) {
case webClient.protobuf.controller.Response.ResponseCode.RespOk: {
const passwordSalt = raw['.Response_PasswordSalt.ext']?.passwordSalt;
SessionCommands.login(passwordSalt);
switch (webClient.options.reason) {
case WebSocketConnectReason.REGISTER: {
SessionCommands.register(passwordSalt);
break;
}
case WebSocketConnectReason.ACTIVATE_ACCOUNT: {
SessionCommands.activateAccount(passwordSalt);
break;
}
case WebSocketConnectReason.PASSWORD_RESET: {
SessionCommands.resetPassword(passwordSalt);
break;
}
case WebSocketConnectReason.LOGIN:
default: {
SessionCommands.login(passwordSalt);
}
}
break;
}
case webClient.protobuf.controller.Response.ResponseCode.RespRegistrationRequired: {
@ -155,19 +177,24 @@ export class SessionCommands {
});
}
static register(): void {
static register(passwordSalt?: string): void {
const { userName, password, email, country, realName } = webClient.options as unknown as ServerRegisterParams;
const registerConfig = {
const registerConfig: any = {
...webClient.clientConfig,
clientid: 'webatrice',
userName,
password,
email,
country,
realName,
};
if (passwordSalt) {
registerConfig.hashedPassword = hashPassword(passwordSalt, password);
} else {
registerConfig.password = password;
}
const CmdRegister = webClient.protobuf.controller.Command_Register.create(registerConfig);
const sc = webClient.protobuf.controller.SessionCommand.create({
@ -176,7 +203,7 @@ export class SessionCommands {
webClient.protobuf.sendSessionCommand(sc, raw => {
if (raw.responseCode === webClient.protobuf.controller.Response.ResponseCode.RespRegistrationAccepted) {
SessionCommands.login();
SessionCommands.login(passwordSalt);
return;
}
@ -219,7 +246,7 @@ export class SessionCommands {
});
};
static activateAccount(): void {
static activateAccount(passwordSalt?: string): void {
const { userName, token } = webClient.options as unknown as AccountActivationParams;
const accountActivationConfig = {
@ -238,7 +265,7 @@ export class SessionCommands {
webClient.protobuf.sendSessionCommand(sc, raw => {
if (raw.responseCode === webClient.protobuf.controller.Response.ResponseCode.RespActivationAccepted) {
SessionPersistence.accountActivationSuccess();
SessionCommands.login();
SessionCommands.login(passwordSalt);
} else {
SessionCommands.updateStatus(StatusEnum.DISCONNECTED, 'Account Activation Failed');
SessionCommands.disconnect();
@ -311,17 +338,22 @@ export class SessionCommands {
});
}
static resetPassword(): void {
static resetPassword(passwordSalt?: string): void {
const { userName, token, newPassword } = webClient.options as unknown as ForgotPasswordResetParams;
const forgotPasswordResetConfig = {
const forgotPasswordResetConfig: any = {
...webClient.clientConfig,
clientid: 'webatrice',
userName,
token,
newPassword,
};
if (passwordSalt) {
forgotPasswordResetConfig.hashedNewPassword = hashPassword(passwordSalt, newPassword);
} else {
forgotPasswordResetConfig.newPassword = newPassword;
}
const CmdForgotPasswordReset = webClient.protobuf.controller.Command_ForgotPasswordReset.create(forgotPasswordResetConfig);
const sc = webClient.protobuf.controller.SessionCommand.create({