From 1486476571a89915142e316002f0feab09a6da90 Mon Sep 17 00:00:00 2001 From: einhornimmond Date: Tue, 12 Oct 2021 15:24:14 +0200 Subject: [PATCH 1/4] add auto correct keys to apollo, copy also disabled field of user --- backend/src/graphql/model/User.ts | 3 +-- backend/src/graphql/resolver/UserResolver.ts | 17 ++++++++++++++++- login_server/src/cpp/Crypto/Passphrase.cpp | 1 + .../cpp/JSONInterface/JsonRequestHandler.cpp | 16 ++++++++++++---- .../src/cpp/JSONInterface/JsonUnsecureLogin.cpp | 8 ++++++++ login_server/src/cpp/model/Session.cpp | 2 +- 6 files changed, 39 insertions(+), 8 deletions(-) diff --git a/backend/src/graphql/model/User.ts b/backend/src/graphql/model/User.ts index 21bf1b464..03a0908b1 100644 --- a/backend/src/graphql/model/User.ts +++ b/backend/src/graphql/model/User.ts @@ -19,6 +19,7 @@ export class User { this.pubkey = json.public_hex this.language = json.language this.publisherId = json.publisher_id + this.disabled = json.disabled } @Field(() => String) @@ -56,10 +57,8 @@ export class User { @Field(() => String) language: string - /* @Field(() => Boolean) disabled: boolean - */ /* I suggest to have a group as type here @Field(() => ID) diff --git a/backend/src/graphql/resolver/UserResolver.ts b/backend/src/graphql/resolver/UserResolver.ts index 820e493c6..f5638692e 100644 --- a/backend/src/graphql/resolver/UserResolver.ts +++ b/backend/src/graphql/resolver/UserResolver.ts @@ -47,7 +47,21 @@ export class UserResolver { const user = new User(result.data.user) // read additional settings from settings table const userRepository = getCustomRepository(UserRepository) - const userEntity = await userRepository.findByPubkeyHex(user.pubkey) + let userEntity: void | DbUser = await userRepository.findByPubkeyHex(user.pubkey).catch(() => {}) + if(!userEntity) { + // create user if it don't exist with this pubkey + userEntity = new DbUser + userEntity.firstName = user.firstName + userEntity.lastName = user.lastName + userEntity.username = user.username + userEntity.email = user.email + userEntity.pubkey = Buffer.from(fromHex(user.pubkey)) + userEntity.disabled = user.disabled + + userEntity.save().catch(() => { + throw new Error('error by save userEntity') + }) + } const userSettingRepository = getCustomRepository(UserSettingRepository) const coinanimation = await userSettingRepository @@ -111,6 +125,7 @@ export class UserResolver { dbuser.firstName = user.firstName dbuser.lastName = user.lastName dbuser.username = user.username + dbuser.disabled = user.disabled dbuser.save().catch(() => { throw new Error('error saving user') diff --git a/login_server/src/cpp/Crypto/Passphrase.cpp b/login_server/src/cpp/Crypto/Passphrase.cpp index 6b3df0c5d..0b733777d 100644 --- a/login_server/src/cpp/Crypto/Passphrase.cpp +++ b/login_server/src/cpp/Crypto/Passphrase.cpp @@ -328,6 +328,7 @@ const Poco::UInt16* Passphrase::getWordIndices() const bool Passphrase::checkIfValid() { + if (!mWordSource) return false; std::istringstream iss(mPassphraseString); std::vector results(std::istream_iterator{iss}, std::istream_iterator()); diff --git a/login_server/src/cpp/JSONInterface/JsonRequestHandler.cpp b/login_server/src/cpp/JSONInterface/JsonRequestHandler.cpp index feab7043b..15846913b 100644 --- a/login_server/src/cpp/JSONInterface/JsonRequestHandler.cpp +++ b/login_server/src/cpp/JSONInterface/JsonRequestHandler.cpp @@ -81,22 +81,30 @@ void JsonRequestHandler::handleRequest(Poco::Net::HTTPServerRequest& request, Po } if (json_result) { + NotificationList errors; if (!json_result->isNull("session_id")) { int session_id = 0; try { json_result->get("session_id").convert(session_id); } catch (Poco::Exception& e) { - NotificationList erros; - erros.addError(new Error("json request", "invalid session_id")); - erros.sendErrorsAsEmail(); + errors.addError(new Error("json request", "invalid session_id")); } if (session_id) { auto session = SessionManager::getInstance()->getSession(session_id); response.addCookie(session->getLoginCookie()); } } - json_result->stringify(responseStream); + try { + json_result->stringify(responseStream); + } + catch (Poco::Exception& e) { + errors.addError(new ParamError("json request", "error on stringify from json result:", e.message())); + errors.addError(new ParamError("json request", "caller url", request.getURI())); + } + if (errors.errorCount()) { + errors.sendErrorsAsEmail(); + } delete json_result; } diff --git a/login_server/src/cpp/JSONInterface/JsonUnsecureLogin.cpp b/login_server/src/cpp/JSONInterface/JsonUnsecureLogin.cpp index 5d337df41..0335448aa 100644 --- a/login_server/src/cpp/JSONInterface/JsonUnsecureLogin.cpp +++ b/login_server/src/cpp/JSONInterface/JsonUnsecureLogin.cpp @@ -108,6 +108,14 @@ Poco::JSON::Object* JsonUnsecureLogin::handle(Poco::Dynamic::Var params) auto user_state = session->loadUser(email, password); auto user_model = session->getNewUser()->getModel(); Poco::JSON::Array infos; + + // AUTOMATIC ERROR CORRECTION + // if something went wrong by initial key generation for user, generate keys again + if (user_state >= USER_LOADED_FROM_DB && !user_model->getPublicKey()) { + if (mSession->generateKeys(true, true)) { + user_state = session->getNewUser()->getUserState(); + } + } switch (user_state) { case USER_EMPTY: diff --git a/login_server/src/cpp/model/Session.cpp b/login_server/src/cpp/model/Session.cpp index cf380929d..2fdd9ff2f 100644 --- a/login_server/src/cpp/model/Session.cpp +++ b/login_server/src/cpp/model/Session.cpp @@ -746,7 +746,7 @@ void Session::detectSessionState() bool cryptedPassphrase = userBackups.size() > 0; for (auto it = userBackups.begin(); it != userBackups.end(); it++) { auto passphrase = (*it)->getModel()->getPassphrase(); - Mnemonic* wordSource = nullptr; + const Mnemonic* wordSource = Passphrase::detectMnemonic(passphrase); auto passphrase_obj = Passphrase::create(passphrase, wordSource); if (!passphrase_obj.isNull() && passphrase_obj->checkIfValid()) { auto key_pair = KeyPairEd25519::create(passphrase_obj); From 86efd0de80cedb571c6fe781df4e1aa60aa723ae Mon Sep 17 00:00:00 2001 From: einhornimmond Date: Tue, 12 Oct 2021 15:34:50 +0200 Subject: [PATCH 2/4] fix bug --- login_server/src/cpp/JSONInterface/JsonUnsecureLogin.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/login_server/src/cpp/JSONInterface/JsonUnsecureLogin.cpp b/login_server/src/cpp/JSONInterface/JsonUnsecureLogin.cpp index 0335448aa..25cda34ca 100644 --- a/login_server/src/cpp/JSONInterface/JsonUnsecureLogin.cpp +++ b/login_server/src/cpp/JSONInterface/JsonUnsecureLogin.cpp @@ -112,7 +112,7 @@ Poco::JSON::Object* JsonUnsecureLogin::handle(Poco::Dynamic::Var params) // AUTOMATIC ERROR CORRECTION // if something went wrong by initial key generation for user, generate keys again if (user_state >= USER_LOADED_FROM_DB && !user_model->getPublicKey()) { - if (mSession->generateKeys(true, true)) { + if (session->generateKeys(true, true)) { user_state = session->getNewUser()->getUserState(); } } From 0640eb24d57b7f5215611731e15f2c9825851f88 Mon Sep 17 00:00:00 2001 From: einhornimmond Date: Tue, 12 Oct 2021 15:42:48 +0200 Subject: [PATCH 3/4] remove copy user disabled field --- backend/src/graphql/model/User.ts | 3 ++- backend/src/graphql/resolver/UserResolver.ts | 3 +-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/backend/src/graphql/model/User.ts b/backend/src/graphql/model/User.ts index 03a0908b1..21bf1b464 100644 --- a/backend/src/graphql/model/User.ts +++ b/backend/src/graphql/model/User.ts @@ -19,7 +19,6 @@ export class User { this.pubkey = json.public_hex this.language = json.language this.publisherId = json.publisher_id - this.disabled = json.disabled } @Field(() => String) @@ -57,8 +56,10 @@ export class User { @Field(() => String) language: string + /* @Field(() => Boolean) disabled: boolean + */ /* I suggest to have a group as type here @Field(() => ID) diff --git a/backend/src/graphql/resolver/UserResolver.ts b/backend/src/graphql/resolver/UserResolver.ts index f5638692e..9be7ba3b3 100644 --- a/backend/src/graphql/resolver/UserResolver.ts +++ b/backend/src/graphql/resolver/UserResolver.ts @@ -56,7 +56,7 @@ export class UserResolver { userEntity.username = user.username userEntity.email = user.email userEntity.pubkey = Buffer.from(fromHex(user.pubkey)) - userEntity.disabled = user.disabled + userEntity.save().catch(() => { throw new Error('error by save userEntity') @@ -125,7 +125,6 @@ export class UserResolver { dbuser.firstName = user.firstName dbuser.lastName = user.lastName dbuser.username = user.username - dbuser.disabled = user.disabled dbuser.save().catch(() => { throw new Error('error saving user') From 3ecf960ab6231e7c5bbc566d5b71c2a7d6e30f8c Mon Sep 17 00:00:00 2001 From: einhornimmond Date: Tue, 12 Oct 2021 15:56:02 +0200 Subject: [PATCH 4/4] fix lint --- backend/src/graphql/resolver/UserResolver.ts | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/backend/src/graphql/resolver/UserResolver.ts b/backend/src/graphql/resolver/UserResolver.ts index 9be7ba3b3..8cf059f32 100644 --- a/backend/src/graphql/resolver/UserResolver.ts +++ b/backend/src/graphql/resolver/UserResolver.ts @@ -47,20 +47,21 @@ export class UserResolver { const user = new User(result.data.user) // read additional settings from settings table const userRepository = getCustomRepository(UserRepository) - let userEntity: void | DbUser = await userRepository.findByPubkeyHex(user.pubkey).catch(() => {}) - if(!userEntity) { - // create user if it don't exist with this pubkey - userEntity = new DbUser + let userEntity: void | DbUser + userEntity = await userRepository.findByPubkeyHex(user.pubkey).catch(() => { + userEntity = new DbUser() userEntity.firstName = user.firstName userEntity.lastName = user.lastName userEntity.username = user.username userEntity.email = user.email userEntity.pubkey = Buffer.from(fromHex(user.pubkey)) - userEntity.save().catch(() => { throw new Error('error by save userEntity') }) + }) + if (!userEntity) { + throw new Error('error with cannot happen') } const userSettingRepository = getCustomRepository(UserSettingRepository)