From 6d35d3d6089646f38bc1b6592e93d0d8c313b2dc Mon Sep 17 00:00:00 2001
From: maru21 <k.muhrer@gmail.com>
Date: Tue, 3 Oct 2023 19:05:06 +0200
Subject: [PATCH] started with cookie implementation

---
 js/9.8/scripts.js | 75 ++++++++++++++++++++++++-----------------------
 1 file changed, 39 insertions(+), 36 deletions(-)

diff --git a/js/9.8/scripts.js b/js/9.8/scripts.js
index 3903c7e..65b4219 100644
--- a/js/9.8/scripts.js
+++ b/js/9.8/scripts.js
@@ -70,6 +70,7 @@ function setPassword() {
 
     document.getElementById("login").style.display = "none";
     window.sessionStorage.setItem(sha256("verified"), XORCipher.encode(sha256("passwordHash"), passwordHash));
+    setCookie(sha256("verified"), XORCipher.encode(sha256("passwordHash"), passwordHash.toString()), 10)
   }
 }
 
@@ -79,45 +80,47 @@ export function getUsrId() {
 }
 
 export function sessionVerification() {
-  let verfiedStatus = window.sessionStorage.getItem(sha256("verified"));
-  if (verfiedStatus == '') {verfiedStatus = null}
-  if (verfiedStatus != null) {
-    //user logged in
 
-    //write verifiedStatus content into passwordHash for decode check later
-    //passwordHash.set(XORCipher.decode(sha256("passwordHash"), verfiedStatus));
-    //document.getElementById("login").style.display = "none";
-    //load NavigationBar with templates according to server
-
-    let data;
-    try {
-      data = window.sessionStorage.getItem(sha256(passwordHash.name));
-    } catch (e) {
-      verfiedStatus = null;
-    }
-    if (data === null) verfiedStatus = null;
-
-    let tF = retrieveData("templateFiles");
-    try {
-      tF = JSON.parse(tF);
-    } catch(e) {
-      verfiedStatus = null;
-    }
-
-  } else {
-    //check if cookie exists
-    if (getCookie(sha256("verified")) != null) {
-      //passwordHash.set(XORCipher.decode(sha256("passwordHash"), getCookie(sha256("verified"))));
-      //document.getElementById("login").style.display = "none";
-      //load NavigationBar with templates according to server
-      //initweb();
-    } else {
-      //document.getElementById("login").style.display = "block";
-    }
+  //check if cookie exists
+  if (getCookie(sha256("verified")) != null) {
+    passwordHash.set(XORCipher.decode(sha256("passwordHash"), getCookie(sha256("verified"))));
+    window.sessionStorage.setItem(sha256("verified"), XORCipher.encode(sha256("passwordHash"), passwordHash));
   }
 
-  if (verfiedStatus == null) window.stop();
-  console.log('v: ',verfiedStatus);
+  let verfiedStatus = window.sessionStorage.getItem(sha256("verified"));
+  let data;
+  try {
+    data = window.sessionStorage.getItem(sha256(passwordHash.name));
+  } catch (e) {
+    verfiedStatus = null;
+  }
+  if (data === null) verfiedStatus = null;
+
+  //if (verfiedStatus != data) verfiedStatus = null
+  let vsString;
+  let pnString;
+  try {
+    vsString = XORCipher.decode(sha256("passwordHash"), verfiedStatus);
+    pnString = XORCipher.decode(passwordHash.name, data);
+    if (vsString != pnString) verfiedStatus = null;
+  } catch (e) {
+    verfiedStatus = null;
+  }
+
+  let tF = retrieveData("templateFiles");
+  try {
+    tF = JSON.parse(tF);
+  } catch(e) {
+    verfiedStatus = null;
+  }
+
+  if (verfiedStatus == null) {
+    console.log('v: ',verfiedStatus);
+    alert("Decryption failed; are you authenticated?");
+    window.location.reload();
+    return;
+  }
+  
 }
 
 const cyrb53 = (str, seed = 21) => {