Dockery/Trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-10-31 18:36:30 +01:00
Code Issues Packages Projects Releases Activity

server side encryption WIP

Browse Source
This commit is contained in:
azivner
2017-11-10 22:55:19 -05:00
parent 8f1eedfe0d
commit ec49bf0cca
11 changed files with 101 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
routes/api/login.js
View File

@@ -45,17 +45,19 @@ router.post('/sync', async (req, res, next) => {
});
// this is for entering protected mode so user has to be already logged-in (that's the reason we don't require username)
router.post('protected', auth.checkApiAuth, async (req, res, next) => {
router.post('/protected', auth.checkApiAuth, async (req, res, next) => {
const password = req.body.password;
if (!await password_encryption.verifyPassword(password)) {
return {
res.send({
success: false,
message: "Given current password doesn't match hash"
};
});
return;
}
const decryptedDataKey = password_encryption.getDecryptedDataKey(password);
const decryptedDataKey = await password_encryption.getDecryptedDataKey(password);
const protectedSessionId = protected_session.setDataKey(req, decryptedDataKey);