mirror of
https://github.com/RoboSats/robosats.git
synced 2025-01-05 22:10:10 +00:00
Add pub_key and enc_priv_key fields. Store in cookies. Bug: misformed
This commit is contained in:
parent
191dfe0d3b
commit
789f9fbdb1
@ -425,6 +425,20 @@ def delete_lnpayment_at_order_deletion(sender, instance, **kwargs):
|
|||||||
class Profile(models.Model):
|
class Profile(models.Model):
|
||||||
user = models.OneToOneField(User, on_delete=models.CASCADE)
|
user = models.OneToOneField(User, on_delete=models.CASCADE)
|
||||||
|
|
||||||
|
# PGP keys, used for E2E chat encrytion. Priv key is encrypted with user's passphrase (highEntropyToken)
|
||||||
|
public_key = models.CharField(
|
||||||
|
max_length=999,
|
||||||
|
null=True,
|
||||||
|
default=None,
|
||||||
|
blank=True,
|
||||||
|
)
|
||||||
|
encrypted_private_key = models.CharField(
|
||||||
|
max_length=999,
|
||||||
|
null=True,
|
||||||
|
default=None,
|
||||||
|
blank=True,
|
||||||
|
)
|
||||||
|
|
||||||
# Total trades
|
# Total trades
|
||||||
total_contracts = models.PositiveIntegerField(null=False, default=0)
|
total_contracts = models.PositiveIntegerField(null=False, default=0)
|
||||||
|
|
||||||
|
13
api/views.py
13
api/views.py
@ -597,8 +597,14 @@ class UserView(APIView):
|
|||||||
|
|
||||||
# The new way. The token is never sent. Only its SHA256
|
# The new way. The token is never sent. Only its SHA256
|
||||||
token_sha256 = request.GET.get("token_sha256") # New way to gen users and get credentials
|
token_sha256 = request.GET.get("token_sha256") # New way to gen users and get credentials
|
||||||
|
public_key = request.GET.get("pub")
|
||||||
|
encrypted_private_key = request.GET.get("enc_priv")
|
||||||
ref_code = request.GET.get("ref_code")
|
ref_code = request.GET.get("ref_code")
|
||||||
|
|
||||||
|
if not public_key or not encrypted_private_key:
|
||||||
|
context["bad_request"] = "Must provide valid 'pub' and 'enc_priv' PGP keys"
|
||||||
|
return Response(context, status.HTTP_400_BAD_REQUEST)
|
||||||
|
|
||||||
# Now the server only receives a hash of the token. So server trusts the client
|
# Now the server only receives a hash of the token. So server trusts the client
|
||||||
# with computing length, counts and unique_values to confirm the high entropy of the token
|
# with computing length, counts and unique_values to confirm the high entropy of the token
|
||||||
# In any case, it is up to the client if they want to create a bad high entropy token.
|
# In any case, it is up to the client if they want to create a bad high entropy token.
|
||||||
@ -655,6 +661,8 @@ class UserView(APIView):
|
|||||||
context['referral_code'] = token_urlsafe(8)
|
context['referral_code'] = token_urlsafe(8)
|
||||||
user.profile.referral_code = context['referral_code']
|
user.profile.referral_code = context['referral_code']
|
||||||
user.profile.avatar = "static/assets/avatars/" + nickname + ".png"
|
user.profile.avatar = "static/assets/avatars/" + nickname + ".png"
|
||||||
|
user.profile.public_key = public_key
|
||||||
|
user.profile.encrypted_private_key = encrypted_private_key
|
||||||
|
|
||||||
# If the ref_code was created by another robot, this robot was referred.
|
# If the ref_code was created by another robot, this robot was referred.
|
||||||
queryset = Profile.objects.filter(referral_code=ref_code)
|
queryset = Profile.objects.filter(referral_code=ref_code)
|
||||||
@ -663,6 +671,9 @@ class UserView(APIView):
|
|||||||
user.profile.referred_by = queryset[0]
|
user.profile.referred_by = queryset[0]
|
||||||
|
|
||||||
user.profile.save()
|
user.profile.save()
|
||||||
|
|
||||||
|
context["public_key"] = public_key
|
||||||
|
context["encrypted_private_key"] = encrypted_private_key
|
||||||
return Response(context, status=status.HTTP_201_CREATED)
|
return Response(context, status=status.HTTP_201_CREATED)
|
||||||
|
|
||||||
else:
|
else:
|
||||||
@ -673,6 +684,8 @@ class UserView(APIView):
|
|||||||
if request.user.date_joined < (timezone.now() -
|
if request.user.date_joined < (timezone.now() -
|
||||||
timedelta(minutes=3)):
|
timedelta(minutes=3)):
|
||||||
context["found"] = "We found your Robot avatar. Welcome back!"
|
context["found"] = "We found your Robot avatar. Welcome back!"
|
||||||
|
context["public_key"] = request.user.profile.public_key
|
||||||
|
context["encrypted_private_key"] = request.user.profile.encrypted_private_key
|
||||||
return Response(context, status=status.HTTP_202_ACCEPTED)
|
return Response(context, status=status.HTTP_202_ACCEPTED)
|
||||||
else:
|
else:
|
||||||
# It is unlikely, but maybe the nickname is taken (1 in 20 Billion change)
|
# It is unlikely, but maybe the nickname is taken (1 in 20 Billion change)
|
||||||
|
@ -13,6 +13,7 @@ import { RoboSatsNoTextIcon } from "./Icons";
|
|||||||
|
|
||||||
import { sha256 } from 'js-sha256';
|
import { sha256 } from 'js-sha256';
|
||||||
import { genBase62Token, tokenStrength } from "../utils/token";
|
import { genBase62Token, tokenStrength } from "../utils/token";
|
||||||
|
import { genKey } from "../utils/pgp";
|
||||||
import { getCookie, writeCookie } from "../utils/cookies";
|
import { getCookie, writeCookie } from "../utils/cookies";
|
||||||
|
|
||||||
|
|
||||||
@ -49,9 +50,18 @@ class UserGenPage extends Component {
|
|||||||
}
|
}
|
||||||
|
|
||||||
getGeneratedUser=(token)=>{
|
getGeneratedUser=(token)=>{
|
||||||
var strength = tokenStrength(token)
|
|
||||||
|
|
||||||
fetch('/api/user' + '?token_sha256=' + sha256(token) + '&unique_values=' + strength.uniqueValues +'&counts=' + strength.counts +'&length=' + token.length + '&ref_code=' + this.refCode)
|
var strength = tokenStrength(token);
|
||||||
|
|
||||||
|
genKey(token).then((key) =>
|
||||||
|
fetch('/api/user' +
|
||||||
|
'?token_sha256=' + sha256(token) +
|
||||||
|
'&pub=' + key.publicKeyArmored +
|
||||||
|
'&enc_priv=' + key.encryptedPrivateKeyArmored +
|
||||||
|
'&unique_values=' + strength.uniqueValues +
|
||||||
|
'&counts=' + strength.counts +
|
||||||
|
'&length=' + token.length +
|
||||||
|
'&ref_code=' + this.refCode)
|
||||||
.then((response) => response.json())
|
.then((response) => response.json())
|
||||||
.then((data) => {
|
.then((data) => {
|
||||||
this.setState({
|
this.setState({
|
||||||
@ -74,11 +84,12 @@ class UserGenPage extends Component {
|
|||||||
nickname: data.nickname,
|
nickname: data.nickname,
|
||||||
token: token,
|
token: token,
|
||||||
avatarLoaded: false,
|
avatarLoaded: false,
|
||||||
})) & writeCookie("robot_token",token))
|
})) & writeCookie("robot_token",token) & writeCookie("pub_key",data.public_key) & writeCookie("enc_priv_key",data.encrypted_private_key))
|
||||||
&
|
&
|
||||||
// If the robot has been found (recovered) we assume the token is backed up
|
// If the robot has been found (recovered) we assume the token is backed up
|
||||||
(data.found ? this.props.setAppState({copiedToken:true}) : null)
|
(data.found ? this.props.setAppState({copiedToken:true}) : null)
|
||||||
});
|
})
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
delGeneratedUser() {
|
delGeneratedUser() {
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
import * as openpgp from 'openpgp/lightweight';
|
import * as openpgp from 'openpgp/lightweight';
|
||||||
|
|
||||||
// Generate KeyPair. Private Key is encrypted with the highEntropyToken
|
// Generate KeyPair. Private Key is encrypted with the highEntropyToken
|
||||||
export async function genKeys(highEntropyToken) {
|
export async function genKey(highEntropyToken) {
|
||||||
|
|
||||||
const keyPair = await openpgp.generateKey({
|
const keyPair = await openpgp.generateKey({
|
||||||
type: 'ecc', // Type of the key, defaults to ECC
|
type: 'ecc', // Type of the key, defaults to ECC
|
||||||
@ -11,12 +11,7 @@ export async function genKeys(highEntropyToken) {
|
|||||||
format: 'armored'
|
format: 'armored'
|
||||||
})
|
})
|
||||||
|
|
||||||
console.log(keyPair)
|
return {publicKeyArmored: keyPair.publicKey, encryptedPrivateKeyArmored: keyPair.privateKey}
|
||||||
|
|
||||||
const publicKeyArmored = keyPair.publicKey;
|
|
||||||
const privateKeyArmored = keyPair.privateKey; // encrypted private key
|
|
||||||
|
|
||||||
return {publicKeyArmored: publicKeyArmored, privateKeyArmored: privateKeyArmored}
|
|
||||||
};
|
};
|
||||||
|
|
||||||
// Encrypt and sign a message
|
// Encrypt and sign a message
|
||||||
|
Loading…
Reference in New Issue
Block a user