Mirrors/notesnook
1
0
Fork 0
mirror of https://github.com/streetwriters/notesnook.git synced 2025-12-22 22:49:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

core: hash old password before deriving new crypto key

Browse Source
This commit is contained in:
Abdullah Atta
2024-12-23 19:24:32 +05:00
committed by Abdullah Atta
parent 76a1025f59
commit b526dc4d39
1 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
packages/core/src/api/user-manager.ts
View File

@@ -540,6 +540,11 @@ class UserManager {
if (data.encryptionKey) await this.db.sync({ type: "fetch", force: true });
if (old_password)
old_password = await this.db.storage().hash(old_password, email, {
usesFallback: await this.usesFallbackPWHash(old_password)
});
await this.db.storage().deriveCryptoKey({
password: new_password,
salt
@@ -558,10 +563,6 @@ class UserManager {
await this.updateUser({ attachmentsKey: user.attachmentsKey });
}
if (old_password)
old_password = await this.db.storage().hash(old_password, email, {
usesFallback: await this.usesFallbackPWHash(old_password)
});
if (new_password)
new_password = await this.db.storage().hash(new_password, email);