diff --git a/package.json b/package.json index 9b67f19..244f464 100644 --- a/package.json +++ b/package.json @@ -39,7 +39,7 @@ "mocha": "1.17.1", "should": "3.1.2" }, - "main": "server.coffee", + "main": "build/server.js", "scripts": { "test": "cake --use-js tests", "start": "node build/server.js", diff --git a/server/controllers/accounts.coffee b/server/controllers/accounts.coffee index 021076a..a5bd0c5 100644 --- a/server/controllers/accounts.coffee +++ b/server/controllers/accounts.coffee @@ -115,10 +115,3 @@ module.exports.resetKeys = (req, res, next) -> return next err if err res.status(204).send success: true - - -#DELETE /accounts/ -## TODO : Remove this function (wait proxy updating) -module.exports.deleteKeys = (req, res) -> - res.status(204).send success: true - diff --git a/server/controllers/routes.coffee b/server/controllers/routes.coffee index 3c467c4..d1d5bdf 100644 --- a/server/controllers/routes.coffee +++ b/server/controllers/routes.coffee @@ -328,8 +328,3 @@ module.exports = account.checkPermissions account.resetKeys ] - 'accounts/': - delete: [ - account.checkPermissions - account.deleteKeys - ] diff --git a/server/lib/encryption.coffee b/server/lib/encryption.coffee index a2be205..7e2a77d 100644 --- a/server/lib/encryption.coffee +++ b/server/lib/encryption.coffee @@ -11,7 +11,6 @@ user = new User() cryptoTools = new CryptoTools() -masterKey = null slaveKey = null day = 24 * 60 * 60 * 1000 @@ -48,7 +47,7 @@ getBody = (domain) -> resetTimeout = -> timeout = null sendMailNow = -> - if (masterKey? and slaveKey?) + if slaveKey? return resetTimeout() user.getUser (err, user) -> @@ -79,12 +78,10 @@ sendMail = -> ## function updateKeys (oldKey,password, encryptedslaveKey, callback) -## @oldKey {string} Old master key ## @password {string} user's password -## @encryptedslaveKey {string} encrypted slave key ## @callback {function} Continuation to pass control back to when complete. ## Update keys, return in data new encrypted slave key and new salt -updateKeys = (oldKey, password, encryptedslaveKey, callback) -> +updateKeys = (password, callback) -> salt = cryptoTools.genSalt(32 - password.length) masterKey = cryptoTools.genHashWithSalt password, salt encryptedSlaveKey = cryptoTools.encrypt masterKey, slaveKey @@ -98,28 +95,25 @@ updateKeys = (oldKey, password, encryptedslaveKey, callback) -> ## Return encrypted password exports.encrypt = (password) -> if password? and process.env.NODE_ENV isnt "development" - if masterKey? and slaveKey? + if slaveKey? newPwd = cryptoTools.encrypt slaveKey, password return newPwd else sendMail() - err = new Error "master key and slave key don't exist" + err = new Error "slave key doesn't exist" logger.error err.message throw err else return password -exports.get = -> return masterKey - - ## function decrypt (password, callback) ## @password {string} document password ## @callback {function} Continuation to pass control back to when complete. ## Return decrypted password if password was encrypted exports.decrypt = (password) -> if password? and process.env.NODE_ENV isnt "development" - if masterKey? and slaveKey? + if slaveKey? newPwd = password try newPwd = cryptoTools.decrypt slaveKey, password @@ -178,18 +172,12 @@ exports.logIn = (password, user, callback) -> ## @callback {function} Continuation to pass control back to when complete. ## Update keys when user changes his password exports.update = (password, user, callback) -> - unless masterKey? and slaveKey? - err = errors.http 400, "masterKey and slaveKey don't exist" - logger.error "[update] : #{err}" - return callback err - - if masterKey.length isnt 32 - err = errors.http 400, """ - password to initialize keys is different than user password""" + unless slaveKey? + err = errors.http 400, "slaveKey doesn't exist" logger.error "[update] : #{err}" return callback err - updateKeys masterKey, password, slaveKey, (data) -> + updateKeys password, (data) -> db.merge user._id, data, (err, res) -> if err logger.error "[update] : #{err}" @@ -211,6 +199,6 @@ exports.reset = (user, callback) -> callback() ## function isLog () -## Return if keys exist so if user is connected +## Return true if slaveKey exists, which indicates if user is connected exports.isLog = -> - return slaveKey? and masterKey? + return slaveKey? diff --git a/tests/account_tests.coffee b/tests/account_tests.coffee index 158625e..100d19b 100644 --- a/tests/account_tests.coffee +++ b/tests/account_tests.coffee @@ -5,8 +5,6 @@ prefix = helpers.prefix Crypto = require "#{prefix}server/lib/crypto_tools" User = require "#{prefix}server/lib/user" randomString = require("#{prefix}server/lib/random").randomString -encryption = require "#{prefix}server/lib/encryption" -getMasterKey = encryption.get db = require("#{prefix}server/helpers/db_connect_helper").db_connect() client = helpers.getClient() crypto = new Crypto() @@ -88,17 +86,12 @@ describe "Account handling tests", -> should.not.equal @salt, undefined @salt.length.should.equal 24 - it "And master key should be initialized", -> - @masterKey = crypto.genHashWithSalt @cozyPwd, @salt - key = getMasterKey() - should.not.equal key, null - key.should.equal @masterKey - it "And object 'User' should have a slave key", -> @body.should.have.property 'slaveKey' @encryptedSlaveKey = @body.slaveKey it "And the length of the slave key should be equal to 32", -> + @masterKey = crypto.genHashWithSalt @cozyPwd, @salt @slaveKey = crypto.decrypt @masterKey, @encryptedSlaveKey @slaveKey.length.should.be.equal 32 @@ -125,17 +118,12 @@ describe "Account handling tests", -> should.not.equal @salt, undefined @salt.length.should.equal 24 - it "And master key should be initialized", -> - @masterKey = crypto.genHashWithSalt @cozyPwd, @salt - key = getMasterKey() - should.not.equal key, null - key.should.equal @masterKey - it "And object 'User' should have a slave key", -> @body.should.have.property 'slaveKey' @encryptedSlaveKey = @body.slaveKey it "And the length of the slave key should be equal to 32", -> + @masterKey = crypto.genHashWithSalt @cozyPwd, @salt @slaveKey = crypto.decrypt @masterKey, @encryptedSlaveKey @slaveKey.length.should.be.equal 32 diff --git a/tests/encryption_tests.coffee b/tests/encryption_tests.coffee index 19514ab..764fdbc 100644 --- a/tests/encryption_tests.coffee +++ b/tests/encryption_tests.coffee @@ -3,8 +3,6 @@ helpers = require './helpers' Crypto = require "#{helpers.prefix}server/lib/crypto_tools" User = require "#{helpers.prefix}server/lib/user" -randomString = require("#{helpers.prefix}server/lib/random").randomString -getMasterKey = require("#{helpers.prefix}server/lib/encryption").get # connection to DB for "hand work" db = require("#{helpers.prefix}server/helpers/db_connect_helper").db_connect() @@ -157,4 +155,4 @@ describe "Encryption handling tests", -> it "When I add a document with password", (done) -> client.post '/request/user/all/', {}, (err, res, body) => body[0].value.password.should.equal "password" - done() \ No newline at end of file + done()