Compare commits
3 Commits
de3baedf0c
...
92ad1a5cff
| Author | SHA1 | Date | |
|---|---|---|---|
| 92ad1a5cff | |||
| 66e39a80b5 | |||
| 49fae38b7d |
4
.gitignore
vendored
4
.gitignore
vendored
@ -4,4 +4,6 @@
|
||||
/build/classes/kotlin/js/test/
|
||||
/build/classes/kotlin/jvm/main/
|
||||
/build/classes/kotlin/jvm/test/
|
||||
/.idea
|
||||
/.idea
|
||||
/.kotlin/
|
||||
/.gigaide/gigaide.properties
|
||||
|
||||
@ -1,15 +1,15 @@
|
||||
plugins {
|
||||
kotlin("multiplatform") version "1.7.21"
|
||||
kotlin("plugin.serialization") version "1.7.21"
|
||||
kotlin("multiplatform") version "2.1.0"
|
||||
kotlin("plugin.serialization") version "2.1.0"
|
||||
`maven-publish`
|
||||
}
|
||||
|
||||
val ktor_version="2.1.1"
|
||||
val ktor_version="2.3.12"
|
||||
val logback_version="1.2.10"
|
||||
|
||||
|
||||
group = "net.sergeych"
|
||||
version = "0.2.6"
|
||||
version = "0.3.1"
|
||||
|
||||
repositories {
|
||||
mavenCentral()
|
||||
@ -51,8 +51,7 @@ kotlin {
|
||||
val commonMain by getting {
|
||||
dependencies {
|
||||
implementation("org.jetbrains.kotlinx:kotlinx-coroutines-core:1.6.3")
|
||||
// api("net.sergeych:unikrypto:1.2.2-SNAPSHOT")
|
||||
api("net.sergeych:parsec3:0.4.6")
|
||||
api("net.sergeych:parsec3:0.5.2")
|
||||
api("net.sergeych:unikrypto:1.2.5")
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,4 +1,2 @@
|
||||
kotlin.code.style=official
|
||||
kotlin.mpp.enableGranularSourceSetsMetadata=true
|
||||
kotlin.native.enableDependencyPropagation=false
|
||||
kotlin.js.generate.executable.default=false
|
||||
|
||||
2
gradle/wrapper/gradle-wrapper.properties
vendored
2
gradle/wrapper/gradle-wrapper.properties
vendored
@ -1,5 +1,5 @@
|
||||
distributionBase=GRADLE_USER_HOME
|
||||
distributionPath=wrapper/dists
|
||||
distributionUrl=https\://services.gradle.org/distributions/gradle-7.4.2-bin.zip
|
||||
distributionUrl=https\://services.gradle.org/distributions/gradle-8.2-bin.zip
|
||||
zipStoreBase=GRADLE_USER_HOME
|
||||
zipStorePath=wrapper/dists
|
||||
|
||||
@ -15,8 +15,7 @@ import net.sergeych.mp_tools.globalLaunch
|
||||
import net.sergeych.parsec3.*
|
||||
import net.sergeych.superlogin.*
|
||||
import net.sergeych.superlogin.server.SuperloginRestoreAccessPayload
|
||||
import net.sergeych.unikrypto.SignedRecord
|
||||
import net.sergeych.unikrypto.SymmetricKey
|
||||
import net.sergeych.unikrypto.*
|
||||
import kotlin.reflect.KType
|
||||
import kotlin.reflect.typeOf
|
||||
|
||||
@ -394,7 +393,7 @@ class SuperloginClient<D, S : WithAdapter>(
|
||||
aco.payload.dataStorageKey
|
||||
)
|
||||
// new ACO with a new password key and payload (but the same secret!)
|
||||
var newAco = aco.updatePasswordKey(keys.loginAccessKey).updatePayload(newSlp)
|
||||
val newAco = aco.updatePasswordKey(keys.loginAccessKey).updatePayload(newSlp)
|
||||
// trying to update
|
||||
val result = invoke(
|
||||
serverApi.slChangePasswordAndLogin, ChangePasswordArgs(
|
||||
@ -422,14 +421,18 @@ class SuperloginClient<D, S : WithAdapter>(
|
||||
}
|
||||
|
||||
/**
|
||||
* Change password for a logged-in user using its known password. It is a long operation
|
||||
* Change password for a logged-in user using its known password. It is a long operation.
|
||||
*
|
||||
* @param oldPassword existing password (re-request it from a user!)
|
||||
* @param newPassword new password. we do not chek it but it should be strong - check it on your end
|
||||
* @param newPassword new password. we do not check it, but it should be strong - check it on your end
|
||||
* for example with [net.sergeych.unikrypto.Passwords] tools
|
||||
* @param passwordDerivationParams at this point derivation parameters are alwaus updated so it is possible
|
||||
* @param passwordDerivationParams at this point derivation parameters are always updated so it is possible
|
||||
* to set it to desired
|
||||
* @param loginKeyStrength login key is regenerateed so its strength could be updated here
|
||||
* @return true if the password has been successfully changed
|
||||
* @param loginKeyStrength login key is regenerated so its strength could be updated here
|
||||
*
|
||||
* @return true if the password has been successfully changed, false if the server didn't allow it.
|
||||
*
|
||||
* @throws InvalidPasswordError if the oldPassword is wrong
|
||||
*/
|
||||
suspend fun changePassword(
|
||||
oldPassword: String, newPassword: String,
|
||||
@ -441,10 +444,24 @@ class SuperloginClient<D, S : WithAdapter>(
|
||||
val dp = invoke(serverApi.slRequestDerivationParams, loginName)
|
||||
val keys = DerivedKeys.derive(oldPassword, dp)
|
||||
val data = invoke(serverApi.slRequestACOByLoginName, RequestACOByLoginNameArgs(loginName, keys.loginId))
|
||||
return AccessControlObject.unpackWithKey<SuperloginRestoreAccessPayload>(data.packedACO, keys.loginAccessKey)
|
||||
?.let {
|
||||
changePasswordWithACO(it, newPassword, passwordDerivationParams, loginKeyStrength)
|
||||
} ?: false
|
||||
try {
|
||||
return AccessControlObject.unpackWithKey<SuperloginRestoreAccessPayload>(
|
||||
data.packedACO,
|
||||
keys.loginAccessKey
|
||||
)
|
||||
?.let {
|
||||
changePasswordWithACO(it, newPassword, passwordDerivationParams, loginKeyStrength)
|
||||
} ?: false
|
||||
} catch (e: Exception) {
|
||||
when (e) {
|
||||
is Container.StructureError,
|
||||
is Container.DecryptionError,
|
||||
is EncryptedBinaryStorage.DecryptionFailed ->
|
||||
throw InvalidPasswordError()
|
||||
|
||||
else -> throw e
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -218,14 +218,15 @@ internal class WsServerKtTest {
|
||||
val api = TestApiServer<WithAdapter>()
|
||||
val slc = SuperloginClient<TestData, S1>(client)
|
||||
assertEquals(LoginState.LoggedOut, slc.state.value)
|
||||
var rt = slc.register("foo", "passwd", TestData("bar!"))
|
||||
var rt = slc.register("foo", "passwd", TestData("bar!"), 2048, 140)
|
||||
val dk1 = slc.dataKey!!
|
||||
assertIs<Registration.Result.Success>(rt)
|
||||
val secret = rt.secret
|
||||
var token = rt.loginToken
|
||||
|
||||
assertFalse(slc.changePassword("wrong", "new"))
|
||||
assertTrue(slc.changePassword("passwd", "newpass1"))
|
||||
assertTrue(slc.changePassword("passwd", "newpass1",
|
||||
PasswordDerivationParams(300), 2048))
|
||||
assertTrue { slc.isLoggedIn }
|
||||
assertEquals("foo", slc.call(api.loginName))
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user