From 2f28ec495d5ba2f9368020391dd52da16ed008cd Mon Sep 17 00:00:00 2001 From: Bennett Date: Sun, 3 May 2020 16:07:02 +0200 Subject: Add password hashing to lock password (#694) --- src/containers/auth/LockedScreen.js | 4 +++- src/containers/settings/EditSettingsScreen.js | 18 ++++++++++++++++-- 2 files changed, 19 insertions(+), 3 deletions(-) (limited to 'src/containers') diff --git a/src/containers/auth/LockedScreen.js b/src/containers/auth/LockedScreen.js index 8f6ce85c3..a04107072 100644 --- a/src/containers/auth/LockedScreen.js +++ b/src/containers/auth/LockedScreen.js @@ -4,6 +4,8 @@ import { inject, observer } from 'mobx-react'; import Locked from '../../components/auth/Locked'; import SettingsStore from '../../stores/SettingsStore'; +import { hash } from '../../helpers/password-helpers'; + export default @inject('stores', 'actions') @observer class LockedScreen extends Component { state = { error: false, @@ -24,7 +26,7 @@ export default @inject('stores', 'actions') @observer class LockedScreen extends correctPassword = ''; } - if (String(password) === String(correctPassword)) { + if (hash(String(password)) === String(correctPassword)) { this.props.actions.settings.update({ type: 'app', data: { diff --git a/src/containers/settings/EditSettingsScreen.js b/src/containers/settings/EditSettingsScreen.js index f6c2d4360..3dba3bc11 100644 --- a/src/containers/settings/EditSettingsScreen.js +++ b/src/containers/settings/EditSettingsScreen.js @@ -16,6 +16,7 @@ import { import { config as spellcheckerConfig } from '../../features/spellchecker'; import { getSelectOptions } from '../../helpers/i18n-helpers'; +import { hash } from '../../helpers/password-helpers'; import EditSettingsForm from '../../components/settings/settings/EditSettingsForm'; import ErrorBoundary from '../../components/util/ErrorBoundary'; @@ -185,6 +186,14 @@ export default @inject('stores', 'actions') @observer class EditSettingsScreen e intl: intlShape, }; + constructor(props) { + super(props); + + this.state = { + lockedPassword: '', + }; + } + onSubmit(settingsData) { const { todos, workspaces } = this.props.stores; const { @@ -195,6 +204,10 @@ export default @inject('stores', 'actions') @observer class EditSettingsScreen e workspaces: workspaceActions, } = this.props.actions; + this.setState({ + lockedPassword: settingsData.lockedPassword, + }); + app.launchOnStartup({ enable: settingsData.autoLaunchOnStart, openInBackground: settingsData.autoLaunchInBackground, @@ -217,7 +230,7 @@ export default @inject('stores', 'actions') @observer class EditSettingsScreen e predefinedTodoServer: settingsData.predefinedTodoServer, customTodoServer: settingsData.customTodoServer, lockingFeatureEnabled: settingsData.lockingFeatureEnabled, - lockedPassword: settingsData.lockedPassword, + lockedPassword: hash(String(settingsData.lockedPassword)), useTouchIdToUnlock: settingsData.useTouchIdToUnlock, inactivityLock: settingsData.inactivityLock, scheduledDNDEnabled: settingsData.scheduledDNDEnabled, @@ -273,6 +286,7 @@ export default @inject('stores', 'actions') @observer class EditSettingsScreen e app, settings, user, todos, workspaces, } = this.props.stores; const { intl } = this.context; + const { lockedPassword } = this.state; const locales = getSelectOptions({ locales: APP_LOCALES, @@ -395,7 +409,7 @@ export default @inject('stores', 'actions') @observer class EditSettingsScreen e }, lockedPassword: { label: intl.formatMessage(messages.lockPassword), - value: settings.all.app.lockedPassword, + value: lockedPassword, default: '', type: 'password', }, -- cgit v1.2.3-70-g09d2