🐛 Re-encrypt OTP key on account password change

pull/5/head
KaKi87 3 years ago
parent 1d59208f2a
commit cc27d5bfd1

@ -23,7 +23,8 @@ const account = username => {
verifyPassword: async password => await argon2.verify(fs.readFileSync(userPasswordFile(), 'utf8'), password),
createOrUpdatePassword: async password => fs.writeFileSync(userPasswordFile(), await argon2.hash(password), 'utf8'),
isOtpEnabled: () => fs.existsSync(userKeyFile()),
verifyOtp: (password, code) => otp.verify(code, aes.decrypt(fs.readFileSync(userKeyFile(), 'utf8'), password)),
getOtpKey: password => aes.decrypt(fs.readFileSync(userKeyFile(), 'utf8'), password),
verifyOtp: (password, code) => otp.verify(code, _account.getOtpKey(password)),
setOtpKey: (password, key) => fs.writeFileSync(userKeyFile(), aes.encrypt(key, password)),
disableOtp: () => fs.unlinkSync(userKeyFile()),
unregister: () => {
@ -126,6 +127,7 @@ const Account = function(username, password){
_requireOtp(code, true);
await _account.createOrUpdatePassword(newPassword);
try { _account.setData(newPassword, _getData()); } catch(_){}
try { _account.setOtpKey(newPassword, _account.getOtpKey(password)) } catch(_){}
password = newPassword;
return true;
};

Loading…
Cancel
Save