Mirroristas/gun
2
0
Fork 0
mirror of https://github.com/amark/gun.git synced 2025-06-06 14:16:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

IndexedDB wiping to auth bootstrap to prevent use of previous (User's) CryptoKeys

Browse Source
This commit is contained in:
mhelander 2017-09-18 13:23:39 +03:00
parent 9157b0de6b
commit f9646a8b16
1 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
sea.js
View File

@ -198,19 +198,24 @@
return !persist || SEA.enc(persist, pin).then(function(encrypted){ return !persist || SEA.enc(persist, pin).then(function(encrypted){
return encrypted && SEA.write(encrypted, priv).then(function(signed){ return encrypted && SEA.write(encrypted, priv).then(function(signed){
return new Promise(function(resolve){ return new Promise(function(resolve){
SEA._callonstore_(function(store){ SEA._callonstore_(function(store) { // Wipe IndexedDB completedy!
store.put({id: props.alias, auth: signed}); var act = store.clear();
}, function(){ resolve() }); act.onsuccess = function(){};
}, function(){ // Then set encrypted auth props
SEA._callonstore_(function(store){
store.put({id: props.alias, auth: signed});
}, function(){ resolve() });
});
}); });
}).catch(reject); }).catch(reject);
}).catch(reject); }).catch(reject);
}).then(function(){ resolve(props) }) }).then(function(){ resolve(props) })
.catch(function(e){ reject({err: 'Session persisting failed!'}) }); .catch(function(e){ reject({err: 'Session persisting failed!'}) });
} }
// TODO: remove IndexedDB when using random PIN // WIping IndexedDB completely when using random PIN
return new Promise(function(resolve){ return new Promise(function(resolve){
SEA._callonstore_(function(store) { SEA._callonstore_(function(store) {
var act = store.clear(); // Wipes whole IndexedDB var act = store.clear();
act.onsuccess = function(){}; act.onsuccess = function(){};
}, function(){ resolve() }); }, function(){ resolve() });
}).then(function(){ }).then(function(){
@ -382,7 +387,6 @@
// This internal func executes logout actions // This internal func executes logout actions
function authleave(root, alias){ function authleave(root, alias){
return function(resolve, reject){ return function(resolve, reject){
// remove persisted authentication
var user = root._.user; var user = root._.user;
alias = alias || (user._ && user._.alias); alias = alias || (user._ && user._.alias);
var doIt = function(){ var doIt = function(){
@ -394,6 +398,7 @@
// Let's use default // Let's use default
resolve({ok: 0}); resolve({ok: 0});
}; };
// Removes persisted authentication & CryptoKeys
authpersist(alias && {alias: alias}).then(doIt).catch(doIt); authpersist(alias && {alias: alias}).then(doIt).catch(doIt);
}; };
} }