Notes/services/change_password.js

"use strict";

const sql = require('./sql');
const options = require('./options');
const my_scrypt = require('./my_scrypt');
const utils = require('./utils');
const audit_category = require('./audit_category');
const password_encryption = require('./password_encryption');

async function changePassword(currentPassword, newPassword, req) {
    if (!await password_encryption.verifyPassword(currentPassword)) {
        return {
            success: false,
            message: "Given current password doesn't match hash"
        };
    }

    const newPasswordVerificationKey = utils.toBase64(await my_scrypt.getVerificationHash(newPassword));
    const newPasswordDerivedKey = await my_scrypt.getPasswordDerivedKey(newPassword);

    const decryptedDataKey = await password_encryption.getDataKey(currentPassword);

    await sql.doInTransaction(async () => {
        await password_encryption.setDataKey(newPasswordDerivedKey, decryptedDataKey);

        await options.setOption('password_verification_hash', newPasswordVerificationKey);

        await sql.addAudit(audit_category.CHANGE_PASSWORD, utils.browserId(req));
    });

    return {
        success: true,
        new_encrypted_data_key: newEncryptedDataKey
    };
}

module.exports = {
    changePassword
};
use strict in all JS files 2017-10-21 21:10:33 -04:00			`"use strict";`

backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`const sql = require('./sql');`
sync of options 2017-11-02 20:48:02 -04:00			`const options = require('./options');`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`const my_scrypt = require('./my_scrypt');`
			`const utils = require('./utils');`
			`const audit_category = require('./audit_category');`
refactoring of password change and preparations for server side encryption 2017-11-09 23:25:23 -05:00			`const password_encryption = require('./password_encryption');`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00
fix password change 2017-11-06 19:48:02 -05:00			`async function changePassword(currentPassword, newPassword, req) {`
refactoring of password change and preparations for server side encryption 2017-11-09 23:25:23 -05:00			`if (!await password_encryption.verifyPassword(currentPassword)) {`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`return {`
refactoring of password change and preparations for server side encryption 2017-11-09 23:25:23 -05:00			`success: false,`
			`message: "Given current password doesn't match hash"`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`};`
			`}`

			`const newPasswordVerificationKey = utils.toBase64(await my_scrypt.getVerificationHash(newPassword));`
refactoring of password change and preparations for server side encryption 2017-11-09 23:25:23 -05:00			`const newPasswordDerivedKey = await my_scrypt.getPasswordDerivedKey(newPassword);`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00
cleaned up "CBC" from methods since we don't have CTR 2017-11-18 12:53:17 -05:00			`const decryptedDataKey = await password_encryption.getDataKey(currentPassword);`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00
better transaction handling with rollback on exception 2017-10-29 18:50:28 -04:00			`await sql.doInTransaction(async () => {`
data key is not encrypted with aes-cbc as well 2017-11-15 23:39:50 -05:00			`await password_encryption.setDataKey(newPasswordDerivedKey, decryptedDataKey);`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00
sync of options 2017-11-02 20:48:02 -04:00			`await options.setOption('password_verification_hash', newPasswordVerificationKey);`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00
more granular detection of changes which forces less disruptive realoding. Refactoring of audit functions 2017-11-05 10:41:54 -05:00			`await sql.addAudit(audit_category.CHANGE_PASSWORD, utils.browserId(req));`
better transaction handling with rollback on exception 2017-10-29 18:50:28 -04:00			`});`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00
			`return {`
refactoring of password change and preparations for server side encryption 2017-11-09 23:25:23 -05:00			`success: true,`
			`new_encrypted_data_key: newEncryptedDataKey`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`};`
			`}`

			`module.exports = {`
			`changePassword`
			`};`