finish encryption of password profiles feature

containers/backend/api/migrations/0007_create_encrypted_password_profiles.py

@@ -1,13 +1,9 @@
-# Generated by Django 3.0.7 on 2020-07-25 23:26
-import uuid
-import binascii
-import bcrypt
-import hashlib
-import json
+# Generated by Django 3.0.7 on 2020-11-07 21:53
 
 from django.conf import settings
 from django.db import migrations, models
 import django.db.models.deletion
+import uuid
 
 
 class Migration(migrations.Migration):
@@ -32,8 +28,8 @@ class Migration(migrations.Migration):
                 ('id', models.UUIDField(default=uuid.uuid4,
                                         editable=False, primary_key=True, serialize=False)),
                 ('password_profile', models.TextField()),
-                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE,
-                                           related_name='encrypted_password_profiles', to=settings.AUTH_USER_MODEL)),
+                ('user', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE,
+                                              related_name='encrypted_password_profiles', to=settings.AUTH_USER_MODEL)),
             ],
             options={
                 'abstract': False,

containers/backend/api/models.py

@@ -35,7 +35,7 @@ class LessPassUser(AbstractBaseUser):
     objects = LesspassUserManager()
 
     USERNAME_FIELD = 'email'
-    REQUIRED_FIELDS = ['email', 'key']
+    REQUIRED_FIELDS = ['key']
 
     def get_full_name(self):
         return self.email
@@ -95,8 +95,9 @@ class Password(DateMixin):
 
 class EncryptedPasswordProfiles(DateMixin):
     id = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False)
-    user = models.ForeignKey(
-        LessPassUser, on_delete=models.CASCADE, related_name='encrypted_password_profiles')
+    user = models.OneToOneField(
+        LessPassUser, on_delete=models.CASCADE,
+        related_name='encrypted_password_profiles')
     password_profile = models.TextField()
 
     def __str__(self):

packages/lesspass-pure/src/components/PasswordProfile.vue

@@ -24,9 +24,9 @@
     <div class="passwordProfile__info" v-on:click="setPassword()">
       <avatar v-bind:name="password.site"></avatar>
       <div class="passwordProfile__meta">
-        <b>{{password.site}}</b>
+        <b>{{ password.site }}</b>
         <br />
-        {{password.login}}
+        {{ password.login }}
       </div>
     </div>
     <div class="passwordProfile__actions">
@@ -53,7 +53,7 @@ export default {
   },
   methods: {
     deletePassword() {
-      this.$store.dispatch("deletePassword", { id: this.password.id });
+      this.$store.dispatch("deletePassword", { password: this.password });
     },
     setPassword() {
       this.$store.dispatch("savePassword", { password: this.password });

packages/lesspass-pure/src/store/actions.js

@@ -1,5 +1,6 @@
 import Password from "../api/password";
 import Profile from "../api/profile";
+import User from "../api/user";
 import LessPassCrypto from "lesspass-crypto";
 import * as urlParser from "../services/url-parser";
 import * as types from "./mutation-types";
@@ -43,45 +44,64 @@ export const logout = ({ commit }) => {
   commit(types.RESET_PASSWORD);
 };
 
-export const getPasswords = ({ commit }, { key, password }) => {
+export const getPasswords = ({ commit }, { encryptedKey }) => {
+  commit(types.SET_ENCRYPTED_KEY, { encryptedKey });
   return Profile.all().then(response => {
     if (response.data.results.length > 0) {
-      const encryptedPasswordProfiles = response.data.results[0].password_profile;
-      const encryptedKey = LessPassCrypto.encrypt(
-        key,
-        password
-      );
+      const encryptedPasswordProfiles = response.data.results[0];
       const passwords = JSON.parse(
-        LessPassCrypto.decrypt(encryptedPasswordProfiles, encryptedKey)
+        LessPassCrypto.decrypt(encryptedPasswordProfiles.password_profile, encryptedKey)
       );
       commit(types.LOGIN);
       commit(types.SET_PASSWORDS, { passwords });
+      commit(types.SET_ENCRYPTED_PASSWORD_PROFILES_ID, { id: encryptedPasswordProfiles.id });
       return
     }
   }).catch(() => logout({ commit }));;
 };
 
+
 export const saveOrUpdatePassword = ({ commit, state }) => {
   const site = state.password.site;
   const login = state.password.login;
-  const existingPassword = state.passwords.find(password => {
-    return password.site === site && password.login === login;
+  let passwords = state.passwords.filter(password => {
+    return password.site !== site && password.login !== login;
+  });
+  passwords.push(state.password);
+  const encryptedKey = state.encryptedKey;
+  const data = JSON.stringify(passwords);
+  const encryptedPasswordProfiles = LessPassCrypto.encrypt(
+    data,
+    encryptedKey
+  );
+  Profile.update({
+    id: state.encryptedPasswordProfilesId,
+    password_profile: encryptedPasswordProfiles
+  }).then(() => {
+    getPasswords({ commit, state }, { encryptedKey });
   });
-  if (existingPassword) {
-    const newPassword = Object.assign({}, existingPassword, state.password);
-    Password.update(newPassword, state).then(() => {
-      getPasswords({ commit, state });
-    });
-  } else {
-    Password.create(state.password, state).then(() => {
-      getPasswords({ commit, state });
-    });
-  }
 };
 
-export const deletePassword = ({ commit, state }, payload) => {
-  Password.delete(payload, state).then(() => {
-    commit(types.DELETE_PASSWORD, payload);
+export const deletePassword = ({ commit, state }, { password }) => {
+  const site = password.site;
+  const login = password.login;
+  let passwords = state.passwords.filter(password => {
+    return password.site !== site && password.login !== login;
+  });
+  if (state.password && state.password.site === site && state.password.login == login) {
+    state.password = Object.assign({}, state.defaultPassword);
+  }
+  const encryptedKey = state.encryptedKey;
+  const data = JSON.stringify(passwords);
+  const encryptedPasswordProfiles = LessPassCrypto.encrypt(
+    data,
+    encryptedKey
+  );
+  Profile.update({
+    id: state.encryptedPasswordProfilesId,
+    password_profile: encryptedPasswordProfiles
+  }).then(() => {
+    getPasswords({ commit, state }, { encryptedKey });
   });
 };
 

packages/lesspass-pure/src/store/mutation-types.js

@@ -11,3 +11,5 @@ export const SET_SITE = "SET_SITE";
 export const LOAD_PASSWORD_PROFILE = "LOAD_PASSWORD_PROFILE";
 export const DELETE_PASSWORD = "DELETE_PASSWORD";
 export const CLEAN_MESSAGE = "CLEAN_MESSAGE";
+export const SET_ENCRYPTED_PASSWORD_PROFILES_ID = "SET_ENCRYPTED_PASSWORD_PROFILES_ID";
+export const SET_ENCRYPTED_KEY = "SET_ENCRYPTED_KEY";

packages/lesspass-pure/src/store/mutations.js

@@ -28,14 +28,6 @@ export default {
   [types.SET_PASSWORDS](state, { passwords }) {
     state.passwords = passwords;
   },
-  [types.DELETE_PASSWORD](state, { id }) {
-    state.passwords = state.passwords.filter(password => {
-      return password.id !== id;
-    });
-    if (state.password && state.password.id === id) {
-      state.password = Object.assign({}, state.defaultPassword);
-    }
-  },
   [types.SET_BASE_URL](state, { baseURL }) {
     localStorage.setItem("baseURL", baseURL);
   },
@@ -64,5 +56,12 @@ export default {
   },
   [types.CLEAN_MESSAGE](state) {
     state.message = { text: "", status: "success" };
+  },
+  [types.SET_ENCRYPTED_PASSWORD_PROFILES_ID](state, { id }) {
+    state.encryptedPasswordProfilesId = id;
+  },
+  [types.SET_ENCRYPTED_KEY](state, { encryptedKey }) {
+    state.encryptedKey = encryptedKey;
+    console.log('state encrypted key', state.encryptedKey)
   }
 };

packages/lesspass-pure/src/views/Login.vue

@@ -130,7 +130,8 @@ export default {
                           uppercase: password.uppercase,
                           symbols: password.symbols,
                           numbers: password.numbers,
-                          length: password.length
+                          length: password.length,
+                          counter: password.counter
                         };
                       }
                     );
@@ -144,16 +145,18 @@ export default {
                     }).then(() => {
                       User.patch({ key });
                       this.$store.dispatch("getPasswords", {
-                        key: key,
-                        password: this.password
+                        encryptedKey
                       });
                     });
                   });
                 });
               } else {
+                const encryptedKey = LessPassCrypto.encrypt(
+                  response.data.key,
+                  this.password
+                );
                 this.$store.dispatch("getPasswords", {
-                  key: response.data.key,
-                  password: this.password
+                  encryptedKey
                 });
               }
             });