mirror/ezbookkeeping
1
0
Fork 0
mirror of https://github.com/mayswind/ezbookkeeping.git synced 2026-05-19 01:04:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

code refactor

Browse Source
This commit is contained in:
MaysWind
2020-11-22 16:01:34 +08:00
parent 5a57eb3c5d
commit 349ea1775a
2 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/lib/userstate.js
+2 -2
View File
@@ -3,7 +3,7 @@ import CryptoJS from 'crypto-js';
import settings from './settings.js'; import settings from './settings.js';
import utils from './utils.js'; import utils from './utils.js';
const APP_LOCK_SECRET_BASE_STRING_PREFIX = 'LAB_LOCK_SECRET_'; const appLockSecretBaseStringPrefix = 'LAB_LOCK_SECRET_';
const tokenLocalStorageKey = 'lab_user_token'; const tokenLocalStorageKey = 'lab_user_token';
const webauthnConfigLocalStorageKey = 'lab_user_webauthn_config'; const webauthnConfigLocalStorageKey = 'lab_user_webauthn_config';
@@ -13,7 +13,7 @@ const tokenSessionStorageKey = 'lab_user_session_token';
const appLockSecretSessionStorageKey = 'lab_user_app_lock_secret'; const appLockSecretSessionStorageKey = 'lab_user_app_lock_secret';
function getAppLockSecret(pinCode) { function getAppLockSecret(pinCode) {
const hashedPinCode = CryptoJS.SHA256(APP_LOCK_SECRET_BASE_STRING_PREFIX + pinCode).toString(); const hashedPinCode = CryptoJS.SHA256(appLockSecretBaseStringPrefix + pinCode).toString();
return hashedPinCode.substr(0, 24); // put secret into user id of webauthn (user id total length must less 64 bytes) return hashedPinCode.substr(0, 24); // put secret into user id of webauthn (user id total length must less 64 bytes)
} }
src/lib/webauthn.js
+4 -4
View File
@@ -2,7 +2,7 @@ import CBOR from 'cbor-js';
import logger from './logger.js'; import logger from './logger.js';
import utils from './utils.js'; import utils from './utils.js';
const PUBLIC_KEY_CREDENTIAL_CREATION_OPTIONS_TEMPLATE = { const publicKeyCredentialCreationOptionsBaseTemplate = {
attestation: "none", attestation: "none",
authenticatorSelection: { authenticatorSelection: {
authenticatorAttachment: 'platform', authenticatorAttachment: 'platform',
@@ -17,7 +17,7 @@ const PUBLIC_KEY_CREDENTIAL_CREATION_OPTIONS_TEMPLATE = {
timeout: 1800000 timeout: 1800000
}; };
const PUBLIC_KEY_CREDENTIAL_REQUEST_OPTIONS_TEMPLATE = { const publicKeyCredentialRequestOptionsBaseTemplate = {
allowCredentials: [{ allowCredentials: [{
type: 'public-key' type: 'public-key'
}], }],
@@ -53,7 +53,7 @@ function registerCredential({ username, nickname }, userSecret) {
const challenge = utils.generateRandomString(); const challenge = utils.generateRandomString();
const userId = `${username}|${userSecret}`; // username 32bytes(max) + userSecret 24bytes = 56bytes(max) const userId = `${username}|${userSecret}`; // username 32bytes(max) + userSecret 24bytes = 56bytes(max)
const publicKeyCredentialCreationOptions = Object.assign({}, PUBLIC_KEY_CREDENTIAL_CREATION_OPTIONS_TEMPLATE, { const publicKeyCredentialCreationOptions = Object.assign({}, publicKeyCredentialCreationOptionsBaseTemplate, {
challenge: utils.stringToArrayBuffer(challenge), challenge: utils.stringToArrayBuffer(challenge),
rp: { rp: {
name: window.location.hostname, name: window.location.hostname,
@@ -132,7 +132,7 @@ function verifyCredential({ username }, credentialId) {
} }
const challenge = utils.generateRandomString(); const challenge = utils.generateRandomString();
const publicKeyCredentialRequestOptions = Object.assign({}, PUBLIC_KEY_CREDENTIAL_REQUEST_OPTIONS_TEMPLATE, { const publicKeyCredentialRequestOptions = Object.assign({}, publicKeyCredentialRequestOptionsBaseTemplate, {
challenge: utils.stringToArrayBuffer(challenge), challenge: utils.stringToArrayBuffer(challenge),
rpId: window.location.hostname rpId: window.location.hostname
}); });