change key name and generates AES encrypted key

containers/backend/api/migrations/0007_create_encrypted_password_profiles.py

@@ -24,7 +24,7 @@ class Migration(migrations.Migration):
         ),
         migrations.AddField(
             model_name='lesspassuser',
-            name='encryption_key',
+            name='user_key',
             field=models.TextField(null=True),
         ),
         migrations.CreateModel(

containers/backend/api/models.py

@@ -31,11 +31,12 @@ class LessPassUser(AbstractBaseUser):
     is_active = models.BooleanField(default=True)
     is_admin = models.BooleanField(default=False)
     has_password_profile_encrypted = models.BooleanField(default=False)
-    encryption_key = models.TextField(null=True)
+    user_key = models.TextField(null=True)
 
     objects = LesspassUserManager()
 
     USERNAME_FIELD = 'email'
+    REQUIRED_FIELDS = ['email', 'user_key']
 
     def get_full_name(self):
         return self.email

packages/lesspass-crypto/index.js

@@ -1,3 +1,5 @@
+const crypto = require("crypto");
+
 function stringToArrayBuffer(string) {
   const base64String = unescape(encodeURIComponent(string));
   const charList = base64String.split("");
@@ -17,7 +19,7 @@ function arrayBufferToHex(arrayBuffer) {
   return str;
 }
 
-function getAlgorithm(algorithm){
+function getAlgorithm(algorithm) {
   const algorithms = {
     sha1: "SHA-1",
     "sha-1": "SHA-1",
@@ -29,8 +31,17 @@ function getAlgorithm(algorithm){
   return algorithms[algorithm.toLowerCase()]
 }
 
+function encryptKey(key, password) {
+  console.log(key, password);
+  var cipher = crypto.createCipher('aes-128-cbc', password);
+  var new_key = cipher.update(key, 'utf8', 'hex')
+  new_key += cipher.final('hex');
+  return new_key;
+}
+
 module.exports = {
   stringToArrayBuffer,
   arrayBufferToHex,
-  getAlgorithm
+  getAlgorithm,
+  encryptKey
 };

packages/lesspass-entropy/src/index.js

@@ -1,4 +1,5 @@
 const pbkdf2 = require("./pbkdf2");
+const crypto = require("crypto");
 
 function calcEntropy(profile, masterPassword) {
   const { site, login, options, crypto } = profile;
@@ -10,6 +11,22 @@ function calcEntropy(profile, masterPassword) {
   return pbkdf2(masterPassword, salt, iterations, keylen, digest);
 }
 
+function generateUserKey() {
+  const { iterations, keylen, digest } = {
+    iterations: 100000,
+    keylen: 32,
+    digest: "sha256"
+  };
+  random_key = pbkdf2(
+    crypto.randomBytes(16),
+    crypto.randomBytes(16),
+    iterations,
+    keylen,
+    digest
+  );
+  return random_key;
+}
+
 function isSupported() {
   try {
     return calcEntropy(
@@ -48,5 +65,6 @@ function isSupported() {
 
 module.exports = {
   isSupported,
-  calcEntropy
+  calcEntropy,
+  generateUserKey
 };

packages/lesspass-pure/src/api/user.js

@@ -4,6 +4,9 @@ export default {
   login({ email, password }) {
     return http.post("/api/auth/jwt/create/", { email, password });
   },
+  getLoggedUserInformation() {
+    return http.get('/api/auth/users/me');
+  },
   register({ email, password }) {
     return http.post("/api/auth/users/", { email, password });
   },

packages/lesspass-pure/src/views/Login.vue

@@ -76,6 +76,10 @@ import User from "../api/user";
 import { defaultbaseURL } from "../api/default";
 import MasterPassword from "../components/MasterPassword.vue";
 import message from "../services/message";
+import LessPassVue from "lesspass-pure/src/LessPass.vue";
+import LessPassEntropy from "lesspass-entropy";
+import LessPassCrypto from "lesspass-crypto";
+import { random } from "lodash";
 
 export default {
   data() {
@@ -107,6 +111,16 @@ export default {
         this.$store.dispatch("setBaseURL", { baseURL });
         User.login({ email: this.email, password: this.password })
           .then(response => {
+            User.getLoggedUserInformation().then(response => {
+              if (response.data.user_key === null) {
+                LessPassEntropy.generateUserKey().then(random_key => {
+                  const key = LessPassCrypto.encryptKey(
+                    random_key,
+                    this.password
+                  );
+                });
+              }
+            });
             this.$store.dispatch("login", response.data);
             this.$store.dispatch("cleanMessage");
             this.$router.push({ name: "home" });