import sha256 from "./sha256.min.js"; import XORCipher from "./xorc.js"; import getBrowserFingerprint from "./identify.js" import { loadNavBar } from "./web.js"; export const passwordHash = { toString: () => { let fp = getBrowserFingerprint( { hardwareOnly: true } ); let data; try { data = window.sessionStorage.getItem(sha256(fp)); } catch (e) { return "none"; } if (data === null) return "none"; return XORCipher.decode(fp, data); }, set: (pw) => { let fp = getBrowserFingerprint( { hardwareOnly: true } ); window.sessionStorage.setItem(sha256(fp), XORCipher.encode(fp, pw)); } } function setPassword() { let x = document.getElementById("loginForm"); let usr = x.elements[0].value; let pw = x.elements[1].value; let cookieFlag = x.elements[1].value; if (pw != "" || pw !== "undefined") { let pwOld = pw; //console.log(sha256(pw)); passwordHash.set(sha256(pw)); let data = window.localStorage.getItem(sha256('chk')); if (data !== null) { let chk = XORCipher.decode(passwordHash.toString(), data); if (chk != "") { try { JSON.parse(chk); } catch (e) { document.getElementById("wrongPWAlert").style.display = "block"; const alertTimeout = setTimeout(() => { document.getElementById("wrongPWAlert").style.display = "none"; }, 5000); passwordHash.set(pwOld); x.elements[0].value = ""; x.elements[1].value = ""; window.localStorage.removeItem(sha256('chk')); return; } } } else { checkAuth(usr, pw, cookieFlag); return; } //user logged in //load NavigationBar with templates according to server //set cookie if flag is true loadNavBar(); document.getElementById("login").style.display = "none"; window.sessionStorage.setItem(sha256("verified"), XORCipher.encode(sha256("passwordHash"), passwordHash.toString())); if (cookieFlag == 'on') { setCookie(sha256("verified"), XORCipher.encode(sha256("passwordHash"), passwordHash.toString()), 30) } } } function checkAuth(usr, pw, cookieFlag) { let state; let msg; var xhttp = new XMLHttpRequest(); xhttp.onreadystatechange = function () { if (this.readyState == 4 && this.status == 200) { let resCode = this.responseText; switch(resCode) { case '0': state = 'verified'; msg = 'login successful' break; case '1': state = 'error'; msg = 'wrong password' break; case '2': state = 'error'; msg = 'user not found' break; case '3': state = 'error'; msg = 'query error' break; default: state = 'error'; msg = 'no response' break; } if (state == 'error') { document.getElementById("wrongPWAlert").style.display = "block"; let orgMsg = document.getElementById("wrongPWAlertMsg").innerHtml; document.getElementById("wrongPWAlertMsg").innerHTML = msg; const alertTimeout = setTimeout(() => { document.getElementById("wrongPWAlert").style.display = "none"; document.getElementById("wrongPWAlertMsg").innerHTML = orgMsg; }, 5000); } else { loadNavBar(); document.getElementById("login").style.display = "none"; window.sessionStorage.setItem(sha256("verified"), XORCipher.encode(sha256("passwordHash"), passwordHash.toString())); window.localStorage.setItem(sha256("chk"), XORCipher.encode(sha256(pw), JSON.stringify({verified: sha256(pw)}))); if (cookieFlag == 'on') { setCookie(sha256("verified"), XORCipher.encode(sha256("passwordHash"), passwordHash.toString()), 30) } } } }; xhttp.open("GET", "api/auth/m21"+sha256(pw)+"/m22"+sha256(usr), true); xhttp.send(); } export function logoutServer() { var xhttp = new XMLHttpRequest(); xhttp.onreadystatechange = function () { if (this.readyState == 4 && this.status == 200) { let resCode = this.responseText; console.log(resCode); } }; xhttp.open("GET", "api/auth/logout", true); xhttp.send(); } export function getUsrId() { const fingerprint = getBrowserFingerprint( { hardwareOnly: true } ); return cyrb53(fingerprint + passwordHash); } const cyrb53 = (str, seed = 21) => { let h1 = 0xdeadbeef ^ seed, h2 = 0x41c6ce57 ^ seed; for (let i = 0, ch; i < str.length; i++) { ch = str.charCodeAt(i); h1 = Math.imul(h1 ^ ch, 2654435761); h2 = Math.imul(h2 ^ ch, 1597334677); } h1 = Math.imul(h1 ^ (h1 >>> 16), 2246822507) ^ Math.imul(h2 ^ (h2 >>> 13), 3266489909); h2 = Math.imul(h2 ^ (h2 >>> 16), 2246822507) ^ Math.imul(h1 ^ (h1 >>> 13), 3266489909); return 4294967296 * (2097151 & h2) + (h1 >>> 0); }; function setCookie(cname, cvalue, exdays) { const d = new Date(); d.setTime(d.getTime() + (exdays * 24 * 60 * 60 * 1000)); let expires = "expires="+d.toUTCString(); document.cookie = cname + "=" + cvalue + ";" + expires + ";path=/"; } export function getCookie(cname) { let name = cname + "="; let ca = document.cookie.split(';'); for(let i = 0; i < ca.length; i++) { let c = ca[i]; while (c.charAt(0) == ' ') { c = c.substring(1); } if (c.indexOf(name) == 0) { return c.substring(name.length, c.length); } } return null; } export default setPassword;