Don't show password hash in the settings page

Laverna · Feb 8, 2016 · 50f4577 · 50f4577
1 parent 4170e8d
commit 50f4577
Show file tree

Hide file tree

Showing 4 changed files with 15 additions and 5 deletions.
diff --git a/app/locales/en/translation.json b/app/locales/en/translation.json
@@ -106,6 +106,8 @@
     "Download": "Download",
     "Everything": "Everything",
     "encryption": {
+        "provide password": "Please, provide your password",
+        "change password": "Type your password here to change it",
         "wait": "Please wait until the encryption is completed",
         "error": "Encryption error",
         "errorConfirm": "Error while decrypting data.\r\r If you changed encryption settings in another browser, **update your settings** in this browser too. Or try to import settings.\r\r And if you did not change anything, **try to login** again.",

diff --git a/app/scripts/apps/settings/show/templates/encryption.html b/app/scripts/apps/settings/show/templates/encryption.html
@@ -12,7 +12,7 @@
     <div class="form-group">
         <label class="col-sm-2 control-label" for="encryptPass">{{ i18n('Encryption Password') }}</label>
         <div class="col-sm-10">
-            <input type="password" id="encryptPass" name="encryptPass" value="{{models.encryptPass.toString()}}" class="form-control" >
+            <input type="password" id="encryptPass" name="encryptPass" value="" placeholder="{{passwordText()}}" class="form-control" />
         </div>
     </div>
     <div class="form-group">

diff --git a/app/scripts/apps/settings/show/views/encryption.js b/app/scripts/apps/settings/show/views/encryption.js
@@ -68,7 +68,14 @@ define([
                     }
 
                     return sjcl.codec.hex.fromBits(str);
-                }
+                },
+
+                passwordText: function() {
+                    if (this.models.encryptPass.length !== 0) {
+                        return $.t('encryption.change password');
+                    }
+                    return $.t('encryption.provide password');
+                },
             };
         },
 
@@ -93,7 +100,7 @@ define([
          * changed.
          */
         randomizeOnPassword: function() {
-            if (this.ui.password.val().trim() === this.collection.get('encryptPass').get('value').toString()) {
+            if (!this.ui.password.val().trim().length) {
                 return;
             }
 

diff --git a/app/scripts/collections/modules/configs.js b/app/scripts/collections/modules/configs.js
@@ -11,9 +11,10 @@ define([
     'q',
     'marionette',
     'backbone.radio',
+    'sjcl',
     'collections/modules/module',
     'collections/configs'
-], function(_, Q, Marionette, Radio, ModuleObject, Configs) {
+], function(_, Q, Marionette, Radio, sjcl, ModuleObject, Configs) {
     'use strict';
 
     /**
@@ -398,7 +399,7 @@ define([
             }
 
             // Additional check to make sure it's not the same password
-            var salt = Radio.request('encrypt', 'sha256', object.value);
+            var salt = sjcl.hash.sha256.hash(object.value);
             return (salt.toString() !== pass);
         },