|
|
@@ -1068,8 +1068,8 @@
|
|
|
{:restore-pwd-failed (str "decrypt-pwd failed, salt: " salt-value)}
|
|
|
(swap! pwd-map assoc-in [graph-uuid :pwd] pwd)))))))))
|
|
|
|
|
|
-(defn ensure-pwd-exists!
|
|
|
- [repo graph-uuid]
|
|
|
+(defn- ensure-pwd-exists!
|
|
|
+ [repo graph-uuid *stopped?]
|
|
|
(go
|
|
|
(let [pwd (get-in @pwd-map [graph-uuid :pwd])]
|
|
|
(when (nil? pwd)
|
|
|
@@ -1079,10 +1079,11 @@
|
|
|
(state/pub-event! [:modal/remote-encryption-input-pw-dialog repo {:GraphUUID graph-uuid} :input-pwd-remote
|
|
|
#(restore-pwd! graph-uuid)])))
|
|
|
(loop []
|
|
|
- (<! pwd-map-changed-chan)
|
|
|
- (let [pwd (get-in @pwd-map [graph-uuid :pwd])]
|
|
|
- (when (nil? pwd) (recur)))))
|
|
|
- (get-in @pwd-map [graph-uuid :pwd]))))
|
|
|
+ (println :ensure-pwd-exists! @*stopped?)
|
|
|
+ (when-not @*stopped?
|
|
|
+ (async/alts! [(timeout 1000) pwd-map-changed-chan])
|
|
|
+ (let [pwd (get-in @pwd-map [graph-uuid :pwd])]
|
|
|
+ (when (nil? pwd) (recur)))))))))
|
|
|
|
|
|
(defn clear-pwd!
|
|
|
"- clear pwd in `pwd-map`
|
|
|
@@ -1094,42 +1095,45 @@
|
|
|
(defn ensure-pwd+keys-exists!
|
|
|
"ensure password persisted,
|
|
|
and ensure public&private keys exists at server"
|
|
|
- [graph-uuid repo]
|
|
|
+ [graph-uuid repo *stopped?]
|
|
|
+ {:post [(s/valid? ::state %)]}
|
|
|
(go
|
|
|
- (<! (ensure-pwd-exists! repo graph-uuid))
|
|
|
- (let [pwd (get-in @pwd-map [graph-uuid :pwd])
|
|
|
- {:keys [public-key encrypted-private-key] :as r}
|
|
|
- (<! (get-graph-encrypt-keys remoteapi graph-uuid))]
|
|
|
- (if (and (nil? public-key)
|
|
|
- (nil? encrypted-private-key)
|
|
|
- (-> r ex-data :err :status (= 404)))
|
|
|
- ;; when public+private keys not stored at server
|
|
|
- ;; generate a new key pair and upload them
|
|
|
- (let [{public-key :publicKey private-key :secretKey}
|
|
|
- (<! (key-gen rsapi))
|
|
|
- encrypted-private-key (<! (encrypt-content private-key pwd))
|
|
|
- upload-r (<! (upload-graph-encrypt-keys remoteapi graph-uuid public-key encrypted-private-key))]
|
|
|
- (if (instance? ExceptionInfo upload-r)
|
|
|
- (do (js/console.log "upload-graph-encrypt-keys err" upload-r)
|
|
|
- ::stop)
|
|
|
- (do (swap! pwd-map assoc-in [graph-uuid :public-key] public-key)
|
|
|
- (swap! pwd-map assoc-in [graph-uuid :private-key] private-key)
|
|
|
- (<! (set-env rsapi config/FILE-SYNC-PROD? private-key public-key))
|
|
|
- ::idle)))
|
|
|
-
|
|
|
- (let [private-key (<! (decrypt-content encrypted-private-key pwd))]
|
|
|
- (if (and private-key
|
|
|
- (string/starts-with?
|
|
|
- private-key "AGE-SECRET-KEY"))
|
|
|
- (do (swap! pwd-map assoc-in [graph-uuid :public-key] public-key)
|
|
|
- (swap! pwd-map assoc-in [graph-uuid :private-key] private-key)
|
|
|
- (<! (set-env rsapi config/FILE-SYNC-PROD? private-key public-key))
|
|
|
- ::idle)
|
|
|
-
|
|
|
- ;; bad pwd
|
|
|
- (do (notification/show! "wrong password" :error false)
|
|
|
- (clear-pwd! graph-uuid)
|
|
|
- ::need-password)))))))
|
|
|
+ (<! (ensure-pwd-exists! repo graph-uuid *stopped?))
|
|
|
+ (if @*stopped?
|
|
|
+ ::stop
|
|
|
+ (let [pwd (get-in @pwd-map [graph-uuid :pwd])
|
|
|
+ {:keys [public-key encrypted-private-key] :as r}
|
|
|
+ (<! (get-graph-encrypt-keys remoteapi graph-uuid))]
|
|
|
+ (if (and (nil? public-key)
|
|
|
+ (nil? encrypted-private-key)
|
|
|
+ (-> r ex-data :err :status (= 404)))
|
|
|
+ ;; when public+private keys not stored at server
|
|
|
+ ;; generate a new key pair and upload them
|
|
|
+ (let [{public-key :publicKey private-key :secretKey}
|
|
|
+ (<! (key-gen rsapi))
|
|
|
+ encrypted-private-key (<! (encrypt-content private-key pwd))
|
|
|
+ upload-r (<! (upload-graph-encrypt-keys remoteapi graph-uuid public-key encrypted-private-key))]
|
|
|
+ (if (instance? ExceptionInfo upload-r)
|
|
|
+ (do (js/console.log "upload-graph-encrypt-keys err" upload-r)
|
|
|
+ ::stop)
|
|
|
+ (do (swap! pwd-map assoc-in [graph-uuid :public-key] public-key)
|
|
|
+ (swap! pwd-map assoc-in [graph-uuid :private-key] private-key)
|
|
|
+ (<! (set-env rsapi config/FILE-SYNC-PROD? private-key public-key))
|
|
|
+ ::idle)))
|
|
|
+
|
|
|
+ (let [private-key (<! (decrypt-content encrypted-private-key pwd))]
|
|
|
+ (if (and private-key
|
|
|
+ (string/starts-with?
|
|
|
+ private-key "AGE-SECRET-KEY"))
|
|
|
+ (do (swap! pwd-map assoc-in [graph-uuid :public-key] public-key)
|
|
|
+ (swap! pwd-map assoc-in [graph-uuid :private-key] private-key)
|
|
|
+ (<! (set-env rsapi config/FILE-SYNC-PROD? private-key public-key))
|
|
|
+ ::idle)
|
|
|
+
|
|
|
+ ;; bad pwd
|
|
|
+ (do (notification/show! "wrong password" :error false)
|
|
|
+ (clear-pwd! graph-uuid)
|
|
|
+ ::need-password))))))))
|
|
|
|
|
|
;;; ### sync state
|
|
|
|
|
|
@@ -1547,7 +1551,7 @@
|
|
|
(need-password
|
|
|
[this]
|
|
|
(go
|
|
|
- (let [next-state (<! (ensure-pwd+keys-exists! graph-uuid (state/get-current-repo)))]
|
|
|
+ (let [next-state (<! (ensure-pwd+keys-exists! graph-uuid (state/get-current-repo) *stopped?))]
|
|
|
(.schedule this next-state nil))))
|
|
|
|
|
|
(idle [this]
|
|
|
@@ -1727,7 +1731,9 @@
|
|
|
(<! (set-env rsapi config/FILE-SYNC-PROD? nil nil))
|
|
|
(state/set-file-sync-state repo @*sync-state)
|
|
|
(state/set-file-sync-manager sm)
|
|
|
- (<! (ensure-pwd+keys-exists! graph-uuid repo))
|
|
|
+ (let [*stop-after-5s (volatile! false)]
|
|
|
+ (go (<! (timeout 5000)) (vreset! *stop-after-5s true))
|
|
|
+ (<! (ensure-pwd+keys-exists! graph-uuid repo *stop-after-5s)))
|
|
|
;; wait seconds to receive all file change events,
|
|
|
;; and then drop all of them.
|
|
|
;; WHY: when opening a graph(or switching to another graph),
|
rcmerci