Rev 448 | Rev 476 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 448 | Rev 456 | ||
---|---|---|---|
Line 67... | Line 67... | ||
67 | function adminGeneratePassword(password) { |
67 | function adminGeneratePassword(password) { |
68 | var salt = generateRandomString(password_salt_length); |
68 | var salt = generateRandomString(password_salt_length); |
69 | return salt+'$'+hexToBase64(sha3_512(salt+password)); |
69 | return salt+'$'+hexToBase64(sha3_512(salt+password)); |
70 | } |
70 | } |
71 | 71 | ||
- | 72 | var bCryptWorker = null; |
|
- | 73 | var g_prevBcryptPw = null; |
|
- | 74 | var g_last_admPwdHash = null; |
|
- | 75 | var g_last_pwComment = null; |
|
- | 76 | ||
72 | function rebuild() { |
77 | function rebuild() { |
- | 78 | var pw = document.getElementById('admin_password').value; |
|
- | 79 | ||
- | 80 | if (pw != g_prevBcryptPw) { |
|
- | 81 | // sync call to calculate SHA3 |
|
- | 82 | var admPwdHash = adminGeneratePassword(pw); |
|
- | 83 | var pwComment = 'salted, base64 encoded SHA3-512 hash'; |
|
- | 84 | doRebuild(admPwdHash, pwComment); |
|
- | 85 | ||
- | 86 | // "async" call to calculate bcrypt (via web-worker) |
|
- | 87 | if (bCryptWorker != null) { |
|
- | 88 | g_prevBcryptPw = null; |
|
- | 89 | bCryptWorker.terminate(); |
|
- | 90 | } |
|
- | 91 | bCryptWorker = new Worker('bcrypt_worker.js'); |
|
- | 92 | bCryptWorker.postMessage(pw); |
|
- | 93 | bCryptWorker.onmessage = function (event) { |
|
- | 94 | var admPwdHash = event.data; |
|
- | 95 | var pwComment = 'bcrypt encoded hash'; |
|
- | 96 | doRebuild(admPwdHash, pwComment); |
|
- | 97 | g_prevBcryptPw = pw; |
|
- | 98 | }; |
|
- | 99 | } else { |
|
- | 100 | doRebuild(g_last_admPwdHash, g_last_pwComment); |
|
- | 101 | } |
|
- | 102 | } |
|
- | 103 | ||
- | 104 | function doRebuild(admPwdHash, pwComment) { |
|
- | 105 | g_last_admPwdHash = admPwdHash; |
|
- | 106 | g_last_pwComment = pwComment; |
|
- | 107 | ||
73 | var error = false; |
108 | var error = false; |
74 | 109 | ||
75 | if (document.getElementById('config') == null) return; |
110 | if (document.getElementById('config') == null) return; |
76 | 111 | ||
77 | // Check 1: Has the password the correct length? |
112 | // Check 1: Has the password the correct length? |
Line 112... | Line 147... | ||
112 | '<br>' + |
147 | '<br>' + |
113 | 'OIDplus::baseConfig()->setValue(\'CONFIG_VERSION\', 2.1);<br>' + |
148 | 'OIDplus::baseConfig()->setValue(\'CONFIG_VERSION\', 2.1);<br>' + |
114 | '<br>' + |
149 | '<br>' + |
115 | // Passwords are Base64 encoded to avoid that passwords can be read upon first sight, |
150 | // Passwords are Base64 encoded to avoid that passwords can be read upon first sight, |
116 | // e.g. if collegues are looking over your shoulder while you accidently open (and quickly close) userdata/baseconfig/config.inc.php |
151 | // e.g. if collegues are looking over your shoulder while you accidently open (and quickly close) userdata/baseconfig/config.inc.php |
117 | 'OIDplus::baseConfig()->setValue(\'ADMIN_PASSWORD\', \'' + adminGeneratePassword(document.getElementById('admin_password').value) + '\'); // salted, base64 encoded SHA3-512 hash<br>' + |
152 | 'OIDplus::baseConfig()->setValue(\'ADMIN_PASSWORD\', \'' + admPwdHash + '\'); // '+pwComment+'<br>' + |
118 | '<br>' + |
153 | '<br>' + |
119 | 'OIDplus::baseConfig()->setValue(\'DATABASE_PLUGIN\', \''+strPlugin+'\');<br>'; |
154 | 'OIDplus::baseConfig()->setValue(\'DATABASE_PLUGIN\', \''+strPlugin+'\');<br>'; |
120 | for (var i = 0; i < rebuild_config_callbacks.length; i++) { |
155 | for (var i = 0; i < rebuild_config_callbacks.length; i++) { |
121 | var f = rebuild_config_callbacks[i]; |
156 | var f = rebuild_config_callbacks[i]; |
122 | var cont = f(); |
157 | var cont = f(); |