diff --git a/interface/resources/qml/hifi/commerce/wallet/Help.qml b/interface/resources/qml/hifi/commerce/wallet/Help.qml
index b453509712..e38f23e5a5 100644
--- a/interface/resources/qml/hifi/commerce/wallet/Help.qml
+++ b/interface/resources/qml/hifi/commerce/wallet/Help.qml
@@ -114,11 +114,9 @@ In your Wallet's Send Money tab, choose from your list of connections, or choose
ListElement {
isExpanded: false;
question: "What is a Security Pic?"
- answer: "Your Security Pic is an encrypted image that you select during Wallet Setup. \
-It acts as an extra layer of Wallet security. \
-When you see your Security Pic, you know that your actions and data are securely making use of your private keys.\
-
Don't enter your passphrase anywhere that doesn't display your Security Pic! \
-If you don't see your Security Pic on a page that requests your Wallet passphrase, someone untrustworthy may be trying to access your Wallet.";
+ answer: "Your Security Pic acts as an extra layer of Wallet security. \
+When you see your Security Pic, you know that your actions and data are securely making use of your account. \
+Tap here to change your Security Pic.";
}
ListElement {
isExpanded: false;
@@ -260,6 +258,9 @@ At the moment, there is currently no way to convert HFC to other currencies. Sta
}
} else if (link === "#support") {
Qt.openUrlExternally("mailto:support@highfidelity.com");
+ } else if (link === "#securitypic") {
+ console.log("HRS FIXME here");
+ sendSignalToWallet({method: 'walletSecurity_changeSecurityImage'});
}
}
}
diff --git a/interface/resources/qml/hifi/commerce/wallet/Wallet.qml b/interface/resources/qml/hifi/commerce/wallet/Wallet.qml
index 603d7fb676..f48553a4d0 100644
--- a/interface/resources/qml/hifi/commerce/wallet/Wallet.qml
+++ b/interface/resources/qml/hifi/commerce/wallet/Wallet.qml
@@ -257,9 +257,9 @@ Rectangle {
Connections {
onSendSignalToWallet: {
if (msg.method === 'walletSecurity_changeSecurityImageCancelled') {
- root.activeView = "security";
+ root.activeView = "walletHome"; // was "security";
} else if (msg.method === 'walletSecurity_changeSecurityImageSuccess') {
- root.activeView = "security";
+ root.activeView = "walletHome"; // was "security";
} else {
sendToScript(msg);
}
@@ -399,6 +399,9 @@ Rectangle {
onSendSignalToWallet: {
if (msg.method === 'walletReset' || msg.method === 'passphraseReset') {
sendToScript(msg);
+ } else if (msg.method === 'walletSecurity_changeSecurityImage') {
+ securityImageChange.initModel();
+ root.activeView = "securityImageChange";
}
}
}
@@ -607,7 +610,7 @@ Rectangle {
}
RalewaySemiBold {
- text: "SECURITY";
+ text: "PURCHASES"; // was "SECURITY";
// Text size
size: 16;
// Anchors
@@ -629,8 +632,11 @@ Rectangle {
anchors.fill: parent;
hoverEnabled: enabled;
onClicked: {
+ sendToScript({method: 'goToPurchases_fromWalletHome'});
+ /* was
root.activeView = "security";
tabButtonsContainer.resetTabButtonColors();
+ */
}
onEntered: parent.color = hifi.colors.blueHighlight;
onExited: parent.color = root.activeView === "security" ? hifi.colors.blueAccent : hifi.colors.black;
@@ -803,12 +809,24 @@ Rectangle {
}
function walletResetSetup() {
+ /* Bypass all this and do it automatically
root.activeView = "walletSetup";
var timestamp = new Date();
walletSetup.startingTimestamp = timestamp;
walletSetup.setupAttemptID = generateUUID();
UserActivityLogger.commerceWalletSetupStarted(timestamp, walletSetup.setupAttemptID, walletSetup.setupFlowVersion, walletSetup.referrer ? walletSetup.referrer : "wallet app",
(AddressManager.placename || AddressManager.hostname || '') + (AddressManager.pathname ? AddressManager.pathname.match(/\/[^\/]+/)[0] : ''));
+ */
+
+ var randomNumber = Math.floor(Math.random() * 34) + 1;
+ var securityImagePath = "images/" + addLeadingZero(randomNumber) + ".jpg";
+ Commerce.getWalletAuthenticatedStatus(); // before writing security image, ensures that salt/account password is set.
+ Commerce.chooseSecurityImage(securityImagePath);
+ Commerce.generateKeyPair();
+ }
+
+ function addLeadingZero(n) {
+ return n < 10 ? '0' + n : '' + n;
}
function followReferrer(msg) {
diff --git a/interface/src/commerce/Ledger.cpp b/interface/src/commerce/Ledger.cpp
index 4ab76c42f5..18d22057fd 100644
--- a/interface/src/commerce/Ledger.cpp
+++ b/interface/src/commerce/Ledger.cpp
@@ -307,6 +307,7 @@ void Ledger::accountSuccess(QNetworkReply* reply) {
wallet->setCKey(ckey);
if (!locker.isEmpty()) {
wallet->setWallet(locker);
+ wallet->setPassphrase("ACCOUNT"); // We only locker wallets that have been converted to account-based auth.
}
QString keyStatus = "ok";
diff --git a/interface/src/commerce/Wallet.cpp b/interface/src/commerce/Wallet.cpp
index fb6a0c9b03..84e90544ff 100644
--- a/interface/src/commerce/Wallet.cpp
+++ b/interface/src/commerce/Wallet.cpp
@@ -131,7 +131,7 @@ bool Wallet::writeBackupInstructions() {
QFile outputFile(outputFilename);
bool retval = false;
- if (getKeyFilePath() == "")
+ if (getKeyFilePath().isEmpty())
{
return false;
}
@@ -360,7 +360,7 @@ Wallet::Wallet() {
uint status;
QString keyStatus = result.contains("data") ? result["data"].toObject()["keyStatus"].toString() : "";
- if (wallet->getKeyFilePath() == "" || !wallet->getSecurityImage()) {
+ if (wallet->getKeyFilePath().isEmpty() || !wallet->getSecurityImage()) {
if (keyStatus == "preexisting") {
status = (uint) WalletStatus::WALLET_STATUS_PREEXISTING;
} else{
@@ -550,15 +550,23 @@ bool Wallet::walletIsAuthenticatedWithPassphrase() {
// FIXME: initialize OpenSSL elsewhere soon
initialize();
+ qCDebug(commerce) << "walletIsAuthenticatedWithPassphrase: checking" << (!_passphrase || !_passphrase->isEmpty());
// this should always be false if we don't have a passphrase
// cached yet
if (!_passphrase || _passphrase->isEmpty()) {
- return false;
+ if (!getKeyFilePath().isEmpty()) { // If file exists, then it is an old school file that has not been lockered. Must get user's passphrase.
+ qCDebug(commerce) << "walletIsAuthenticatedWithPassphrase: No passphrase, but there is an existing wallet.";
+ return false;
+ } else {
+ qCDebug(commerce) << "walletIsAuthenticatedWithPassphrase: New setup.";
+ setPassphrase("ACCOUNT"); // Going forward, consider this an account-based client.
+ }
}
if (_publicKeys.count() > 0) {
// we _must_ be authenticated if the publicKeys are there
DependencyManager::get()->setWalletStatus((uint)WalletStatus::WALLET_STATUS_READY);
+ qCDebug(commerce) << "walletIsAuthenticatedWithPassphrase: wallet was ready";
return true;
}
@@ -571,10 +579,15 @@ bool Wallet::walletIsAuthenticatedWithPassphrase() {
// be sure to add the public key so we don't do this over and over
_publicKeys.push_back(publicKey.toBase64());
+
+ if (*_passphrase != "ACCOUNT") {
+ changePassphrase("ACCOUNT"); // Rewrites with salt and constant, and will be lockered that way.
+ }
+ qCDebug(commerce) << "walletIsAuthenticatedWithPassphrase: wallet now ready";
return true;
}
}
-
+ qCDebug(commerce) << "walletIsAuthenticatedWithPassphrase: wallet not ready";
return false;
}
@@ -585,6 +598,7 @@ bool Wallet::generateKeyPair() {
qCInfo(commerce) << "Generating keypair.";
auto keyPair = generateECKeypair();
if (!keyPair.first) {
+ qCWarning(commerce) << "Empty keypair";
return false;
}
@@ -692,11 +706,13 @@ void Wallet::chooseSecurityImage(const QString& filename) {
// there _is_ a keyfile, we need to update it (similar to changing the
// passphrase, we need to do so into a temp file and move it).
if (!QFile(keyFilePath()).exists()) {
+ qCDebug(commerce) << "initial security pic set for empty wallet";
emit securityImageResult(true);
return;
}
bool success = writeWallet();
+ qCDebug(commerce) << "updated security pic" << success;
emit securityImageResult(success);
}