diff options
author | Javier Sánchez Parra <jsanchez@soleta.eu> | 2022-04-21 17:30:12 +0200 |
---|---|---|
committer | Javier Sánchez Parra <jsanchez@soleta.eu> | 2022-04-22 13:02:30 +0200 |
commit | c7b0024d2405d29e5c36445b6d28af046b2213f1 (patch) | |
tree | 4987ac0135c1f264ac90b20c6d479261d45baca7 /ogcp/static/js/ogcp.js | |
parent | 1f9a3d3b4156aef3562efec41da3f2b6cc8ec74b (diff) |
Add password hashing
The front-end now hashes passwords before sending them to the back-end.
It uses SHA-512.
This commit adds a hidden input which sends the password hash to not
interfere with browsers' save password functionality.
Also change passwords of the template configuration file for their
hashed/digested versions.
Diffstat (limited to 'ogcp/static/js/ogcp.js')
-rw-r--r-- | ogcp/static/js/ogcp.js | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/ogcp/static/js/ogcp.js b/ogcp/static/js/ogcp.js index 86a9282..6a7e625 100644 --- a/ogcp/static/js/ogcp.js +++ b/ogcp/static/js/ogcp.js @@ -207,3 +207,27 @@ function RemovePartition(evt) { }); }); } + +async function digestMessage(msg) { + const msgUint8 = new TextEncoder().encode(msg); + const hashBuffer = await crypto.subtle.digest('SHA-512', msgUint8); + const hashArray = Array.from(new Uint8Array(hashBuffer)); + const hashHex = hashArray.map(b => b.toString(16).padStart(2, '0')).join(''); + return hashHex; +} + +function digestLoginPassword() { + const loginForm = $('#login-form') + loginForm.one('submit', async function (event) { + event.preventDefault() + + const pwdInput = $('#pwd'); + const pwdHashInput = $('#pwd_hash'); + const pwdStr = pwdInput.val(); + const pwdStrHash = await digestMessage(pwdStr); + + pwdInput.prop( "disabled", true ); + pwdHashInput.val(pwdStrHash); + $(this).submit() + }); +} |