Mirrors/overte-lubosz
3
0
Fork 0
mirror of https://github.com/lubosz/overte.git synced 2025-04-27 11:55:25 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

bypass setup and password, and convert old wallets to account based

Browse source 
before lockering
This commit is contained in:
Howard Stearns 2018-08-15 11:23:50 -07:00
parent ef1aacd226
commit 13629f6870
4 changed files with 48 additions and 12 deletions
interface
resources/qml/hifi/commerce/wallet
Help.qmlWallet.qml
src/commerce
Ledger.cppWallet.cpp

11
interface/resources/qml/hifi/commerce/wallet/Help.qml
View file

@ -114,11 +114,9 @@ In your Wallet's Send Money tab, choose from your list of connections, or choose
ListElement {
isExpanded: false;
question: "What is a Security Pic?"
answer: "Your Security Pic is an encrypted image that you select during Wallet Setup. \
It acts as an extra layer of Wallet security. \
When you see your Security Pic, you know that your actions and data are securely making use of your private keys.\
<br><br>Don't enter your passphrase anywhere that doesn't display your Security Pic! \
If you don't see your Security Pic on a page that requests your Wallet passphrase, someone untrustworthy may be trying to access your Wallet.";
answer: "Your Security Pic acts as an extra layer of Wallet security. \
When you see your Security Pic, you know that your actions and data are securely making use of your account. \
<b><font color='#0093C5'><a href='#securitypic'>Tap here to change your Security Pic.</a></font></b>";
}
ListElement {
isExpanded: false;
@ -260,6 +258,9 @@ At the moment, there is currently no way to convert HFC to other currencies. Sta
}
} else if (link === "#support") {
Qt.openUrlExternally("mailto:support@highfidelity.com");
} else if (link === "#securitypic") {
console.log("HRS FIXME here");
sendSignalToWallet({method: 'walletSecurity_changeSecurityImage'});
}
}
}

24
interface/resources/qml/hifi/commerce/wallet/Wallet.qml
View file

@ -257,9 +257,9 @@ Rectangle {
Connections {
onSendSignalToWallet: {
if (msg.method === 'walletSecurity_changeSecurityImageCancelled') {
root.activeView = "security";
root.activeView = "walletHome"; // was "security";
} else if (msg.method === 'walletSecurity_changeSecurityImageSuccess') {
root.activeView = "security";
root.activeView = "walletHome"; // was "security";
} else {
sendToScript(msg);
}
@ -399,6 +399,9 @@ Rectangle {
onSendSignalToWallet: {
if (msg.method === 'walletReset' || msg.method === 'passphraseReset') {
sendToScript(msg);
} else if (msg.method === 'walletSecurity_changeSecurityImage') {
securityImageChange.initModel();
root.activeView = "securityImageChange";
}
}
}
@ -607,7 +610,7 @@ Rectangle {
}
RalewaySemiBold {
text: "SECURITY";
text: "PURCHASES"; // was "SECURITY";
// Text size
size: 16;
// Anchors
@ -629,8 +632,11 @@ Rectangle {
anchors.fill: parent;
hoverEnabled: enabled;
onClicked: {
sendToScript({method: 'goToPurchases_fromWalletHome'});
/* was
root.activeView = "security";
tabButtonsContainer.resetTabButtonColors();
*/
}
onEntered: parent.color = hifi.colors.blueHighlight;
onExited: parent.color = root.activeView === "security" ? hifi.colors.blueAccent : hifi.colors.black;
@ -803,12 +809,24 @@ Rectangle {
}
function walletResetSetup() {
/* Bypass all this and do it automatically
root.activeView = "walletSetup";
var timestamp = new Date();
walletSetup.startingTimestamp = timestamp;
walletSetup.setupAttemptID = generateUUID();
UserActivityLogger.commerceWalletSetupStarted(timestamp, walletSetup.setupAttemptID, walletSetup.setupFlowVersion, walletSetup.referrer ? walletSetup.referrer : "wallet app",
(AddressManager.placename || AddressManager.hostname || '') + (AddressManager.pathname ? AddressManager.pathname.match(/\/[^\/]+/)[0] : ''));
*/
var randomNumber = Math.floor(Math.random() * 34) + 1;
var securityImagePath = "images/" + addLeadingZero(randomNumber) + ".jpg";
Commerce.getWalletAuthenticatedStatus(); // before writing security image, ensures that salt/account password is set.
Commerce.chooseSecurityImage(securityImagePath);
Commerce.generateKeyPair();
}
function addLeadingZero(n) {
return n < 10 ? '0' + n : '' + n;
}
function followReferrer(msg) {

1
interface/src/commerce/Ledger.cpp
View file

@ -307,6 +307,7 @@ void Ledger::accountSuccess(QNetworkReply* reply) {
wallet->setCKey(ckey);
if (!locker.isEmpty()) {
wallet->setWallet(locker);
wallet->setPassphrase("ACCOUNT"); // We only locker wallets that have been converted to account-based auth.
}
QString keyStatus = "ok";

24
interface/src/commerce/Wallet.cpp
View file

@ -131,7 +131,7 @@ bool Wallet::writeBackupInstructions() {
QFile outputFile(outputFilename);
bool retval = false;
if (getKeyFilePath() == "")
if (getKeyFilePath().isEmpty())
{
return false;
}
@ -360,7 +360,7 @@ Wallet::Wallet() {
uint status;
QString keyStatus = result.contains("data") ? result["data"].toObject()["keyStatus"].toString() : "";
if (wallet->getKeyFilePath() == "" || !wallet->getSecurityImage()) {
if (wallet->getKeyFilePath().isEmpty() || !wallet->getSecurityImage()) {
if (keyStatus == "preexisting") {
status = (uint) WalletStatus::WALLET_STATUS_PREEXISTING;
} else{
@ -550,15 +550,23 @@ bool Wallet::walletIsAuthenticatedWithPassphrase() {
// FIXME: initialize OpenSSL elsewhere soon
initialize();
qCDebug(commerce) << "walletIsAuthenticatedWithPassphrase: checking" << (!_passphrase || !_passphrase->isEmpty());
// this should always be false if we don't have a passphrase
// cached yet
if (!_passphrase || _passphrase->isEmpty()) {
return false;
if (!getKeyFilePath().isEmpty()) { // If file exists, then it is an old school file that has not been lockered. Must get user's passphrase.
qCDebug(commerce) << "walletIsAuthenticatedWithPassphrase: No passphrase, but there is an existing wallet.";
return false;
} else {
qCDebug(commerce) << "walletIsAuthenticatedWithPassphrase: New setup.";
setPassphrase("ACCOUNT"); // Going forward, consider this an account-based client.
}
}
if (_publicKeys.count() > 0) {
// we _must_ be authenticated if the publicKeys are there
DependencyManager::get<WalletScriptingInterface>()->setWalletStatus((uint)WalletStatus::WALLET_STATUS_READY);
qCDebug(commerce) << "walletIsAuthenticatedWithPassphrase: wallet was ready";
return true;
}
@ -571,10 +579,15 @@ bool Wallet::walletIsAuthenticatedWithPassphrase() {
// be sure to add the public key so we don't do this over and over
_publicKeys.push_back(publicKey.toBase64());
if (*_passphrase != "ACCOUNT") {
changePassphrase("ACCOUNT"); // Rewrites with salt and constant, and will be lockered that way.
}
qCDebug(commerce) << "walletIsAuthenticatedWithPassphrase: wallet now ready";
return true;
}
}
qCDebug(commerce) << "walletIsAuthenticatedWithPassphrase: wallet not ready";
return false;
}
@ -585,6 +598,7 @@ bool Wallet::generateKeyPair() {
qCInfo(commerce) << "Generating keypair.";
auto keyPair = generateECKeypair();
if (!keyPair.first) {
qCWarning(commerce) << "Empty keypair";
return false;
}
@ -692,11 +706,13 @@ void Wallet::chooseSecurityImage(const QString& filename) {
// there _is_ a keyfile, we need to update it (similar to changing the
// passphrase, we need to do so into a temp file and move it).
if (!QFile(keyFilePath()).exists()) {
qCDebug(commerce) << "initial security pic set for empty wallet";
emit securityImageResult(true);
return;
}
bool success = writeWallet();
qCDebug(commerce) << "updated security pic" << success;
emit securityImageResult(success);
}