feat(app): basic password authentication #2940

korhaliv · 2019-10-07T11:29:28Z

Description:

Continues #2860

This PR adds a number of improvements:

Stores hashes of password in OS secure storage (keychain on macOS, credentials manager on Windows, gnome keyring on Ubuntu)
Adds ability to change password via dialog
Adds ability to disable/enable password via dialog
Adds infrastructure for password protected functionality (password prompt)
Resolves security for wallet (pin / password) #1387

How Has This Been Tested?

Manually

Screenshots (if appropriate):

Types of changes:

New feature

Checklist:

My code follows the code style of this project.
I have reviewed and updated the documentation accordingly.
I have read the CONTRIBUTING document.
I have added tests to cover my changes where needed.
All new and existing tests passed.
My commits have been squashed into a concise set of changes.

mrfelton

Some comments

renderer/containers/Initializer.js

utils/crypto.js

test/unit/components/UI/__snapshots__/Countdown.spec.js.snap

renderer/store/schema/account.js

renderer/reducers/modal.js

renderer/reducers/account.js

renderer/components/Settings/Security/hooks.js

renderer/components/Settings/Security/PasswordState.js

korhaliv · 2019-10-08T20:37:05Z

@mrfelton PR updated

mrfelton

Nice one. A few things @korhaliv

renderer/components/Login/Login.js

electron/secureStorage/service.js

renderer/reducers/utils/waitForIpc.js

test/unit/utils/sha256.spec.js

translations/de-DE.json

coveralls · 2019-10-09T15:15:00Z

Coverage increased (+0.03%) to 22.911% when pulling 673418c on korhaliv:feat/app-password into 39fea5d on LN-Zap:next.

mrfelton

A few minor comments on the code @korhaliv .

renderer/components/Login/messages.js

webpack/webpack.config.e2e.js

renderer/reducers/utils/waitForIpc.js

electron/secureStorage/ipcCRUD.js

renderer/reducers/account.js

mrfelton

Tested ACK dc95517

korhaliv added type: enhancement New feature or request scope: security issues that are security related labels Oct 7, 2019

korhaliv added this to the v0.6.0-beta milestone Oct 7, 2019

korhaliv requested a review from mrfelton October 7, 2019 11:29

korhaliv self-assigned this Oct 7, 2019

korhaliv force-pushed the feat/app-password branch 3 times, most recently from 504b823 to e03f278 Compare October 7, 2019 17:17

mrfelton mentioned this pull request Oct 7, 2019

feat(app): basic password authentication #2860

Closed

6 tasks

mrfelton suggested changes Oct 8, 2019

View reviewed changes

korhaliv force-pushed the feat/app-password branch from e03f278 to 823ff7d Compare October 8, 2019 20:34

korhaliv requested a review from mrfelton October 8, 2019 20:37

korhaliv force-pushed the feat/app-password branch from 823ff7d to 11ed8a3 Compare October 8, 2019 20:44

mrfelton suggested changes Oct 9, 2019

View reviewed changes

korhaliv force-pushed the feat/app-password branch 4 times, most recently from 467e1e3 to 7687671 Compare October 9, 2019 13:58

korhaliv requested a review from mrfelton October 9, 2019 13:58

korhaliv added scope: devops issues that affect devops scope: tests issues relating to the test suit and removed scope: devops issues that affect devops labels Oct 9, 2019

korhaliv requested a review from JimmyMow October 9, 2019 14:00

korhaliv force-pushed the feat/app-password branch from 7687671 to 2864d1b Compare October 9, 2019 14:45

korhaliv force-pushed the feat/app-password branch 2 times, most recently from c862ded to 62d9922 Compare October 10, 2019 18:04

mrfelton suggested changes Oct 10, 2019

View reviewed changes

korhaliv force-pushed the feat/app-password branch from 62d9922 to 9887fe0 Compare October 10, 2019 20:55

mrfelton and others added 25 commits October 11, 2019 12:45

refactor: show loading bolt if login is required

4152467

docs(storybook): add Login container example

a1f670e

fix(ui): add password field tooltip

a94fb9d

fix(ui): prevent Toggle from selecting text when clicked

8d15568

refactor(utils): add sha256digest util

98cbe6a

test(utils): add sha256digest util test

26ec01c

refactor: introduce secureStorage service

1816c48

refactor: add PasswordState component

828f68d

refactor: add PasswordPromptDialog component

49eac06

refactor: add ChangePasswordDialog component

3e666a4

docs(storybook): add password dialog stories

ab2d78f

refactor: introduce common dialog reducer

32ff953

feat(ui): allow changing and toggling app password via dialogs

892d592

refactor: add useFormError hook

7e1930e

test(unit): update snapshots

c0ce1c2

refactor(utils): introduce waitForIpc util

2630b56

refactor: use keystore as single source of truth for password state

c04d21d

test(e2e): ensure e2e won't encounter app password

6bfd014

refactor: introduce CRUD provider for the secure storage <-> ipc

b406a22

test: add integration tests for ipcCRUD provider

d9cd1d5

refactor: add LoginNotAllowed component

488ada5

docs(storybook): add LoginNotAllowed component

8ca8d63

feat(ui): prohibit login if secure storage is not available

56f2169

test(e2e): use mock keytar when running e2e on linux

404036a

refactor: make account a persistent reducer

dc95517

korhaliv force-pushed the feat/app-password branch from 673418c to dc95517 Compare October 11, 2019 09:58

mrfelton approved these changes Oct 11, 2019

View reviewed changes

mrfelton merged commit 12fcf31 into LN-Zap:next Oct 11, 2019

korhaliv mentioned this pull request Oct 15, 2019

Refactor: use new approach to dialog visibility control #3003

Closed

bolatovumar mentioned this pull request Oct 17, 2019

Fix misleading information on recover wallet page #2978

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat(app): basic password authentication #2940

feat(app): basic password authentication #2940

korhaliv commented Oct 7, 2019 •

edited

Loading

mrfelton left a comment

korhaliv commented Oct 8, 2019

mrfelton left a comment

coveralls commented Oct 9, 2019 •

edited

Loading

mrfelton left a comment

mrfelton left a comment

feat(app): basic password authentication #2940

feat(app): basic password authentication #2940

Conversation

korhaliv commented Oct 7, 2019 • edited Loading

Description:

How Has This Been Tested?

Screenshots (if appropriate):

Types of changes:

Checklist:

mrfelton left a comment

Choose a reason for hiding this comment

korhaliv commented Oct 8, 2019

mrfelton left a comment

Choose a reason for hiding this comment

coveralls commented Oct 9, 2019 • edited Loading

mrfelton left a comment

Choose a reason for hiding this comment

mrfelton left a comment

Choose a reason for hiding this comment

korhaliv commented Oct 7, 2019 •

edited

Loading

coveralls commented Oct 9, 2019 •

edited

Loading