bitwarden-browser/src/app/settings/change-password.component.ts

import {
    Component,
    OnInit,
} from '@angular/core';

import { ToasterService } from 'angular2-toaster';
import { Angulartics2 } from 'angulartics2';

import { ApiService } from 'jslib/abstractions/api.service';
import { CryptoService } from 'jslib/abstractions/crypto.service';
import { I18nService } from 'jslib/abstractions/i18n.service';
import { MessagingService } from 'jslib/abstractions/messaging.service';
import { PasswordGenerationService } from 'jslib/abstractions/passwordGeneration.service';
import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
import { UserService } from 'jslib/abstractions/user.service';

import { PasswordRequest } from 'jslib/models/request/passwordRequest';

@Component({
    selector: 'app-change-password',
    templateUrl: 'change-password.component.html',
})
export class ChangePasswordComponent implements OnInit {
    currentMasterPassword: string;
    newMasterPassword: string;
    confirmNewMasterPassword: string;
    formPromise: Promise<any>;
    masterPasswordScore: number;

    private masterPasswordStrengthTimeout: any;
    private email: string;

    constructor(private apiService: ApiService, private i18nService: I18nService,
        private analytics: Angulartics2, private toasterService: ToasterService,
        private cryptoService: CryptoService, private messagingService: MessagingService,
        private userService: UserService, private passwordGenerationService: PasswordGenerationService,
        private platformUtilsService: PlatformUtilsService) { }

    async ngOnInit() {
        this.email = await this.userService.getEmail();
    }

    async submit() {
        const hasEncKey = await this.cryptoService.hasEncKey();
        if (!hasEncKey) {
            this.toasterService.popAsync('error', null, this.i18nService.t('updateKey'));
            return;
        }

        if (this.currentMasterPassword == null || this.currentMasterPassword === '' ||
            this.newMasterPassword == null || this.newMasterPassword === '') {
            this.toasterService.popAsync('error', this.i18nService.t('errorOccurred'),
                this.i18nService.t('masterPassRequired'));
            return;
        }
        if (this.newMasterPassword.length < 8) {
            this.toasterService.popAsync('error', this.i18nService.t('errorOccurred'),
                this.i18nService.t('masterPassLength'));
            return;
        }
        if (this.newMasterPassword !== this.confirmNewMasterPassword) {
            this.toasterService.popAsync('error', this.i18nService.t('errorOccurred'),
                this.i18nService.t('masterPassDoesntMatch'));
            return;
        }

        const strengthResult = this.passwordGenerationService.passwordStrength(this.newMasterPassword,
            this.getPasswordStrengthUserInput());
        if (strengthResult != null && strengthResult.score < 3) {
            const result = await this.platformUtilsService.showDialog(this.i18nService.t('weakMasterPasswordDesc'),
                this.i18nService.t('weakMasterPassword'), this.i18nService.t('yes'), this.i18nService.t('no'),
                'warning');
            if (!result) {
                return;
            }
        }

        const request = new PasswordRequest();
        request.masterPasswordHash = await this.cryptoService.hashPassword(this.currentMasterPassword, null);
        const email = await this.userService.getEmail();
        const kdf = await this.userService.getKdf();
        const kdfIterations = await this.userService.getKdfIterations();
        const newKey = await this.cryptoService.makeKey(this.newMasterPassword, email, kdf, kdfIterations);
        request.newMasterPasswordHash = await this.cryptoService.hashPassword(this.newMasterPassword, newKey);
        const newEncKey = await this.cryptoService.remakeEncKey(newKey);
        request.key = newEncKey[1].encryptedString;
        try {
            this.formPromise = this.apiService.postPassword(request);
            await this.formPromise;
            this.analytics.eventTrack.next({ action: 'Changed Password' });
            this.toasterService.popAsync('success', this.i18nService.t('masterPasswordChanged'),
                this.i18nService.t('logBackIn'));
            this.messagingService.send('logout');
        } catch { }
    }

    updatePasswordStrength() {
        if (this.masterPasswordStrengthTimeout != null) {
            clearTimeout(this.masterPasswordStrengthTimeout);
        }
        this.masterPasswordStrengthTimeout = setTimeout(() => {
            const strengthResult = this.passwordGenerationService.passwordStrength(this.newMasterPassword,
                this.getPasswordStrengthUserInput());
            this.masterPasswordScore = strengthResult == null ? null : strengthResult.score;
        }, 300);
    }

    private getPasswordStrengthUserInput() {
        let userInput: string[] = [];
        const atPosition = this.email.indexOf('@');
        if (atPosition > -1) {
            userInput = userInput.concat(this.email.substr(0, atPosition).trim().toLowerCase().split(/[^A-Za-z0-9]/));
        }
        return userInput;
    }
}
stub out change email/password components 2018-06-21 17:47:23 +02:00			`import {`
			`Component,`
getPasswordStrengthUserInput on password change 2018-11-13 05:26:00 +01:00			`OnInit,`
stub out change email/password components 2018-06-21 17:47:23 +02:00			`} from '@angular/core';`

			`import { ToasterService } from 'angular2-toaster';`
			`import { Angulartics2 } from 'angulartics2';`

			`import { ApiService } from 'jslib/abstractions/api.service';`
change master password implementation 2018-06-21 21:30:17 +02:00			`import { CryptoService } from 'jslib/abstractions/crypto.service';`
stub out change email/password components 2018-06-21 17:47:23 +02:00			`import { I18nService } from 'jslib/abstractions/i18n.service';`
change master password implementation 2018-06-21 21:30:17 +02:00			`import { MessagingService } from 'jslib/abstractions/messaging.service';`
weak password checks on master password change 2018-11-13 05:00:58 +01:00			`import { PasswordGenerationService } from 'jslib/abstractions/passwordGeneration.service';`
			`import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';`
change master password implementation 2018-06-21 21:30:17 +02:00			`import { UserService } from 'jslib/abstractions/user.service';`
weak password checks on master password change 2018-11-13 05:00:58 +01:00
change master password implementation 2018-06-21 21:30:17 +02:00			`import { PasswordRequest } from 'jslib/models/request/passwordRequest';`
stub out change email/password components 2018-06-21 17:47:23 +02:00
			`@Component({`
			`selector: 'app-change-password',`
			`templateUrl: 'change-password.component.html',`
			`})`
getPasswordStrengthUserInput on password change 2018-11-13 05:26:00 +01:00			`export class ChangePasswordComponent implements OnInit {`
change master password implementation 2018-06-21 21:30:17 +02:00			`currentMasterPassword: string;`
			`newMasterPassword: string;`
			`confirmNewMasterPassword: string;`
stub out change email/password components 2018-06-21 17:47:23 +02:00			`formPromise: Promise<any>;`
weak password checks on master password change 2018-11-13 05:00:58 +01:00			`masterPasswordScore: number;`

			`private masterPasswordStrengthTimeout: any;`
getPasswordStrengthUserInput on password change 2018-11-13 05:26:00 +01:00			`private email: string;`
stub out change email/password components 2018-06-21 17:47:23 +02:00
			`constructor(private apiService: ApiService, private i18nService: I18nService,`
change master password implementation 2018-06-21 21:30:17 +02:00			`private analytics: Angulartics2, private toasterService: ToasterService,`
			`private cryptoService: CryptoService, private messagingService: MessagingService,`
weak password checks on master password change 2018-11-13 05:00:58 +01:00			`private userService: UserService, private passwordGenerationService: PasswordGenerationService,`
			`private platformUtilsService: PlatformUtilsService) { }`
stub out change email/password components 2018-06-21 17:47:23 +02:00
getPasswordStrengthUserInput on password change 2018-11-13 05:26:00 +01:00			`async ngOnInit() {`
			`this.email = await this.userService.getEmail();`
			`}`

stub out change email/password components 2018-06-21 17:47:23 +02:00			`async submit() {`
hasEncKey checks 2018-07-12 23:09:09 +02:00			`const hasEncKey = await this.cryptoService.hasEncKey();`
			`if (!hasEncKey) {`
change master password implementation 2018-06-21 21:30:17 +02:00			`this.toasterService.popAsync('error', null, this.i18nService.t('updateKey'));`
			`return;`
			`}`
stub out change email/password components 2018-06-21 17:47:23 +02:00
change master password implementation 2018-06-21 21:30:17 +02:00			`if (this.currentMasterPassword == null \|\| this.currentMasterPassword === '' \|\|`
			`this.newMasterPassword == null \|\| this.newMasterPassword === '') {`
			`this.toasterService.popAsync('error', this.i18nService.t('errorOccurred'),`
			`this.i18nService.t('masterPassRequired'));`
			`return;`
			`}`
			`if (this.newMasterPassword.length < 8) {`
			`this.toasterService.popAsync('error', this.i18nService.t('errorOccurred'),`
			`this.i18nService.t('masterPassLength'));`
			`return;`
			`}`
			`if (this.newMasterPassword !== this.confirmNewMasterPassword) {`
			`this.toasterService.popAsync('error', this.i18nService.t('errorOccurred'),`
			`this.i18nService.t('masterPassDoesntMatch'));`
			`return;`
			`}`

getPasswordStrengthUserInput on password change 2018-11-13 05:26:00 +01:00			`const strengthResult = this.passwordGenerationService.passwordStrength(this.newMasterPassword,`
			`this.getPasswordStrengthUserInput());`
weak password checks on master password change 2018-11-13 05:00:58 +01:00			`if (strengthResult != null && strengthResult.score < 3) {`
			`const result = await this.platformUtilsService.showDialog(this.i18nService.t('weakMasterPasswordDesc'),`
			`this.i18nService.t('weakMasterPassword'), this.i18nService.t('yes'), this.i18nService.t('no'),`
			`'warning');`
			`if (!result) {`
			`return;`
			`}`
			`}`

change master password implementation 2018-06-21 21:30:17 +02:00			`const request = new PasswordRequest();`
			`request.masterPasswordHash = await this.cryptoService.hashPassword(this.currentMasterPassword, null);`
			`const email = await this.userService.getEmail();`
prelogin kdf info 2018-08-14 21:14:04 +02:00			`const kdf = await this.userService.getKdf();`
			`const kdfIterations = await this.userService.getKdfIterations();`
			`const newKey = await this.cryptoService.makeKey(this.newMasterPassword, email, kdf, kdfIterations);`
change master password implementation 2018-06-21 21:30:17 +02:00			`request.newMasterPasswordHash = await this.cryptoService.hashPassword(this.newMasterPassword, newKey);`
remakeEncKey when changing password/email 2018-08-28 01:09:26 +02:00			`const newEncKey = await this.cryptoService.remakeEncKey(newKey);`
			`request.key = newEncKey[1].encryptedString;`
change master password implementation 2018-06-21 21:30:17 +02:00			`try {`
			`this.formPromise = this.apiService.postPassword(request);`
			`await this.formPromise;`
			`this.analytics.eventTrack.next({ action: 'Changed Password' });`
			`this.toasterService.popAsync('success', this.i18nService.t('masterPasswordChanged'),`
			`this.i18nService.t('logBackIn'));`
			`this.messagingService.send('logout');`
			`} catch { }`
stub out change email/password components 2018-06-21 17:47:23 +02:00			`}`
weak password checks on master password change 2018-11-13 05:00:58 +01:00
			`updatePasswordStrength() {`
			`if (this.masterPasswordStrengthTimeout != null) {`
			`clearTimeout(this.masterPasswordStrengthTimeout);`
			`}`
			`this.masterPasswordStrengthTimeout = setTimeout(() => {`
getPasswordStrengthUserInput on password change 2018-11-13 05:26:00 +01:00			`const strengthResult = this.passwordGenerationService.passwordStrength(this.newMasterPassword,`
			`this.getPasswordStrengthUserInput());`
weak password checks on master password change 2018-11-13 05:00:58 +01:00			`this.masterPasswordScore = strengthResult == null ? null : strengthResult.score;`
			`}, 300);`
			`}`
getPasswordStrengthUserInput on password change 2018-11-13 05:26:00 +01:00
			`private getPasswordStrengthUserInput() {`
			`let userInput: string[] = [];`
			`const atPosition = this.email.indexOf('@');`
			`if (atPosition > -1) {`
			`userInput = userInput.concat(this.email.substr(0, atPosition).trim().toLowerCase().split(/[^A-Za-z0-9]/));`
			`}`
			`return userInput;`
			`}`
stub out change email/password components 2018-06-21 17:47:23 +02:00			`}`