Rev 635 | Rev 983 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 635 | daniel-mar | 1 | /* |
| 2 | * OIDplus 2.0 |
||
| 3 | * Copyright 2019 - 2021 Daniel Marschall, ViaThinkSoft |
||
| 4 | * |
||
| 5 | * Licensed under the Apache License, Version 2.0 (the "License"); |
||
| 6 | * you may not use this file except in compliance with the License. |
||
| 7 | * You may obtain a copy of the License at |
||
| 8 | * |
||
| 9 | * http://www.apache.org/licenses/LICENSE-2.0 |
||
| 10 | * |
||
| 11 | * Unless required by applicable law or agreed to in writing, software |
||
| 12 | * distributed under the License is distributed on an "AS IS" BASIS, |
||
| 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||
| 14 | * See the License for the specific language governing permissions and |
||
| 15 | * limitations under the License. |
||
| 16 | */ |
||
| 17 | |||
| 18 | // see also setup/includes/setup_base.js |
||
| 19 | min_password_length = 10; |
||
| 20 | |||
| 21 | // see also setup/includes/setup_base.js |
||
| 22 | function hexToBase64(str) { |
||
| 23 | return btoa(String.fromCharCode.apply(null, |
||
| 24 | str.replace(/\r|\n/g, "").replace(/([\da-fA-F]{2}) ?/g, "0x$1 ").replace(/ +$/, "").split(" "))); |
||
| 25 | } |
||
| 26 | |||
| 27 | // see also setup/includes/setup_base.js |
||
| 28 | var bCryptWorker = null; |
||
| 29 | var g_prevBcryptPw = null; |
||
| 30 | var g_last_admPwdHash = null; |
||
| 31 | var g_last_pwComment = null; |
||
| 32 | |||
| 33 | var OIDplusPagePublicForgotPasswordAdmin = { |
||
| 34 | |||
| 35 | rehash_admin_pwd: function() { |
||
| 36 | var error = ""; |
||
| 37 | |||
| 38 | if ($("#admin_password")[0].value.length == 0) { |
||
| 39 | $("#config")[0].innerHTML = ""; |
||
| 40 | return; |
||
| 41 | } |
||
| 42 | |||
| 43 | if ($("#admin_password")[0].value.length < min_password_length) { |
||
| 44 | error += _L("Password is too short. Need at least %1 characters",min_password_length)+"<br>"; |
||
| 45 | } |
||
| 46 | |||
| 47 | if ($("#admin_password")[0].value != $("#admin_password2")[0].value) { |
||
| 48 | error += _L("Passwords do not match")+"<br>"; |
||
| 49 | } |
||
| 50 | |||
| 51 | if (error != "") { |
||
| 52 | $("#config")[0].innerHTML = error; |
||
| 53 | } else { |
||
| 54 | var pw = $("#admin_password")[0].value; |
||
| 55 | |||
| 56 | if (pw != g_prevBcryptPw) { |
||
| 57 | // sync call to calculate SHA3 |
||
| 58 | var admPwdHash = hexToBase64(sha3_512(pw)) |
||
| 59 | var pwComment = 'salted, base64 encoded SHA3-512 hash'; |
||
| 60 | $("#config")[0].innerHTML = 'OIDplus::baseConfig()->setValue(\'ADMIN_PASSWORD\', \'' + admPwdHash + '\'); // '+pwComment+'<br>'; |
||
| 61 | g_last_admPwdHash = admPwdHash; |
||
| 62 | g_last_pwComment = pwComment; |
||
| 63 | |||
| 64 | // "async" call to calculate bcrypt (via web-worker) |
||
| 65 | if (bCryptWorker != null) { |
||
| 66 | g_prevBcryptPw = null; |
||
| 67 | bCryptWorker.terminate(); |
||
| 68 | } |
||
| 69 | bCryptWorker = new Worker('bcrypt_worker.js'); |
||
| 70 | var rounds = 10; // TODO: make configurable |
||
| 71 | bCryptWorker.postMessage([pw, rounds]); |
||
| 72 | bCryptWorker.onmessage = function (event) { |
||
| 73 | var admPwdHash = event.data; |
||
| 74 | var pwComment = 'bcrypt encoded hash'; |
||
| 75 | $("#config")[0].innerHTML = 'OIDplus::baseConfig()->setValue(\'ADMIN_PASSWORD\', \'' + admPwdHash + '\'); // '+pwComment+'<br>'; |
||
| 76 | g_last_admPwdHash = admPwdHash; |
||
| 77 | g_last_pwComment = pwComment; |
||
| 78 | g_prevBcryptPw = pw; |
||
| 79 | }; |
||
| 80 | } else { |
||
| 81 | $("#config")[0].innerHTML = 'OIDplus::baseConfig()->setValue(\'ADMIN_PASSWORD\', \'' + g_last_admPwdHash + '\'); // '+g_last_pwComment+'<br>'; |
||
| 82 | } |
||
| 83 | } |
||
| 84 | } |
||
| 85 | |||
| 86 | }; |