grassrootseconomics/openethereum
7
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Remove existence & length checks on passwords & phrases (#3854)

Browse Source 
* Allow input to receive FormattedMessage errors

* Only do existence checks on phrases & passwords

* Add missing import

* Remove existence checks, display security reminder
This commit is contained in:
Jaco Greeff 2016-12-19 13:17:28 +01:00 committed by GitHub
parent 7185fb0f37
commit 1b59ceb7c1
13 changed files with 268 additions and 165 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
js/src/modals/CreateAccount/NewAccount/index.js
View File

@ -14,10 +14,4 @@
// You should have received a copy of the GNU General Public License // You should have received a copy of the GNU General Public License
// along with Parity. If not, see <http://www.gnu.org/licenses/>. // along with Parity. If not, see <http://www.gnu.org/licenses/>.
import { ERRORS } from './newAccount';
export default from './newAccount'; export default from './newAccount';
export {
ERRORS
};

80
js/src/modals/CreateAccount/NewAccount/newAccount.js
View File

@ -21,21 +21,10 @@ import ActionAutorenew from 'material-ui/svg-icons/action/autorenew';
import { Form, Input, IdentityIcon } from '~/ui'; import { Form, Input, IdentityIcon } from '~/ui';
import ERRORS from '../errors';
import styles from '../createAccount.css'; import styles from '../createAccount.css';
const ERRORS = {
noName: 'you need to specify a valid name for the account',
noPhrase: 'you need to specify the recovery phrase',
noKey: 'you need to provide the raw private key',
invalidKey: 'the raw key needs to be hex, 64 characters in length and contain the prefix "0x"',
invalidPassword: 'you need to specify a password >= 8 characters',
noMatchPassword: 'the supplied passwords does not match'
};
export {
ERRORS
};
export default class CreateAccount extends Component { export default class CreateAccount extends Component {
static contextTypes = { static contextTypes = {
api: PropTypes.object.isRequired, api: PropTypes.object.isRequired,
@ -49,15 +38,15 @@ export default class CreateAccount extends Component {
state = { state = {
accountName: '', accountName: '',
accountNameError: ERRORS.noName, accountNameError: ERRORS.noName,
accounts: null,
isValidName: false,
isValidPass: false,
passwordHint: '', passwordHint: '',
password1: '', password1: '',
password1Error: ERRORS.invalidPassword, password1Error: null,
password2: '', password2: '',
password2Error: ERRORS.noMatchPassword, password2Error: null,
accounts: null, selectedAddress: ''
selectedAddress: '',
isValidPass: false,
isValidName: false
} }
componentWillMount () { componentWillMount () {
@ -230,60 +219,55 @@ export default class CreateAccount extends Component {
}, this.updateParent); }, this.updateParent);
} }
onEditPasswordHint = (event, value) => { onEditPasswordHint = (event, passwordHint) => {
this.setState({ this.setState({
passwordHint: value passwordHint
}); });
} }
onEditAccountName = (event) => { onEditAccountName = (event) => {
const value = event.target.value; const accountName = event.target.value;
let error = null; let accountNameError = null;
if (!value || value.trim().length < 2) { if (!accountName || !accountName.trim().length) {
error = ERRORS.noName; accountNameError = ERRORS.noName;
} }
this.setState({ this.setState({
accountName: value, accountName,
accountNameError: error, accountNameError,
isValidName: !error isValidName: !accountNameError
}, this.updateParent); }, this.updateParent);
} }
onEditPassword1 = (event) => { onEditPassword1 = (event) => {
const value = event.target.value; const password1 = event.target.value;
let error1 = null; let password2Error = null;
let error2 = null;
if (!value || value.trim().length < 8) { if (password1 !== this.state.password2) {
error1 = ERRORS.invalidPassword; password2Error = ERRORS.noMatchPassword;
}
if (value !== this.state.password2) {
error2 = ERRORS.noMatchPassword;
} }
this.setState({ this.setState({
password1: value, password1,
password1Error: error1, password1Error: null,
password2Error: error2, password2Error,
isValidPass: !error1 && !error2 isValidPass: !password2Error
}, this.updateParent); }, this.updateParent);
} }
onEditPassword2 = (event) => { onEditPassword2 = (event) => {
const value = event.target.value; const password2 = event.target.value;
let error2 = null; let password2Error = null;
if (value !== this.state.password1) { if (password2 !== this.state.password1) {
error2 = ERRORS.noMatchPassword; password2Error = ERRORS.noMatchPassword;
} }
this.setState({ this.setState({
password2: value, password2,
password2Error: error2, password2Error,
isValidPass: !error2 isValidPass: !password2Error
}, this.updateParent); }, this.updateParent);
} }

1
js/src/modals/CreateAccount/NewGeth/newGeth.js
View File

@ -47,6 +47,7 @@ export default class NewGeth extends Component {
<div className={ styles.list }>There are currently no importable keys available from the Geth keystore, which are not already available on your Parity instance</div> <div className={ styles.list }>There are currently no importable keys available from the Geth keystore, which are not already available on your Parity instance</div>
); );
} }
const checkboxes = available.map((account) => { const checkboxes = available.map((account) => {
const label = ( const label = (
<div className={ styles.selection }> <div className={ styles.selection }>

53
js/src/modals/CreateAccount/NewImport/newImport.js
View File

@ -21,17 +21,13 @@ import EditorAttachFile from 'material-ui/svg-icons/editor/attach-file';
import { Form, Input } from '~/ui'; import { Form, Input } from '~/ui';
import ERRORS from '../errors';
import styles from '../createAccount.css'; import styles from '../createAccount.css';
const FAKEPATH = 'C:\\fakepath\\'; const FAKEPATH = 'C:\\fakepath\\';
const STYLE_HIDDEN = { display: 'none' }; const STYLE_HIDDEN = { display: 'none' };
const ERRORS = {
noName: 'you need to specify a valid name for the account',
noPassword: 'supply a valid password to confirm the transaction',
noFile: 'select a valid wallet file to import'
};
export default class NewImport extends Component { export default class NewImport extends Component {
static propTypes = { static propTypes = {
onChange: PropTypes.func.isRequired onChange: PropTypes.func.isRequired
@ -40,15 +36,15 @@ export default class NewImport extends Component {
state = { state = {
accountName: '', accountName: '',
accountNameError: ERRORS.noName, accountNameError: ERRORS.noName,
passwordHint: '', isValidFile: false,
password: '',
passwordError: ERRORS.noPassword,
walletFile: '',
walletFileError: ERRORS.noFile,
walletJson: '',
isValidPass: false, isValidPass: false,
isValidName: false, isValidName: false,
isValidFile: false password: '',
passwordError: null,
passwordHint: '',
walletFile: '',
walletFileError: ERRORS.noFile,
walletJson: ''
} }
componentWillMount () { componentWillMount () {
@ -143,39 +139,34 @@ export default class NewImport extends Component {
}); });
} }
onEditPasswordHint = (event, value) => { onEditPasswordHint = (event, passwordHint) => {
this.setState({ this.setState({
passwordHint: value passwordHint
}); });
} }
onEditAccountName = (event) => { onEditAccountName = (event) => {
const value = event.target.value; const accountName = event.target.value;
let error = null; let accountNameError = null;
if (!value || value.trim().length < 2) { if (!accountName || !accountName.trim().length) {
error = ERRORS.noName; accountNameError = ERRORS.noName;
} }
this.setState({ this.setState({
accountName: value, accountName,
accountNameError: error, accountNameError,
isValidName: !error isValidName: !accountNameError
}, this.updateParent); }, this.updateParent);
} }
onEditPassword = (event) => { onEditPassword = (event) => {
let error = null; const password = event.target.value;
const value = event.target.value;
if (!value || !value.length) {
error = ERRORS.noPassword;
}
this.setState({ this.setState({
password: value, password,
passwordError: error, passwordError: null,
isValidPass: !error isValidPass: true
}, this.updateParent); }, this.updateParent);
} }
} }

53
js/src/modals/CreateAccount/RawKey/rawKey.js
View File

@ -20,7 +20,7 @@ import { Form, Input } from '~/ui';
import styles from '../createAccount.css'; import styles from '../createAccount.css';
import { ERRORS } from '../NewAccount'; import ERRORS from '../errors';
export default class RawKey extends Component { export default class RawKey extends Component {
static contextTypes = { static contextTypes = {
@ -32,18 +32,18 @@ export default class RawKey extends Component {
} }
state = { state = {
rawKey: '',
rawKeyError: ERRORS.noKey,
accountName: '', accountName: '',
accountNameError: ERRORS.noName, accountNameError: ERRORS.noName,
isValidKey: false,
isValidName: false,
isValidPass: false,
passwordHint: '', passwordHint: '',
password1: '', password1: '',
password1Error: ERRORS.invalidPassword, password1Error: null,
password2: '', password2: '',
password2Error: ERRORS.noMatchPassword, password2Error: null,
isValidPass: false, rawKey: '',
isValidName: false, rawKeyError: ERRORS.noKey
isValidKey: false
} }
componentWillMount () { componentWillMount () {
@ -138,7 +138,7 @@ export default class RawKey extends Component {
const accountName = event.target.value; const accountName = event.target.value;
let accountNameError = null; let accountNameError = null;
if (!accountName || accountName.trim().length < 2) { if (!accountName || !accountName.trim().length) {
accountNameError = ERRORS.noName; accountNameError = ERRORS.noName;
} }
@ -150,38 +150,33 @@ export default class RawKey extends Component {
} }
onEditPassword1 = (event) => { onEditPassword1 = (event) => {
const value = event.target.value; const password1 = event.target.value;
let error1 = null; let password2Error = null;
let error2 = null;
if (!value || value.trim().length < 8) { if (password1 !== this.state.password2) {
error1 = ERRORS.invalidPassword; password2Error = ERRORS.noMatchPassword;
}
if (value !== this.state.password2) {
error2 = ERRORS.noMatchPassword;
} }
this.setState({ this.setState({
password1: value, password1,
password1Error: error1, password1Error: null,
password2Error: error2, password2Error,
isValidPass: !error1 && !error2 isValidPass: !password2Error
}, this.updateParent); }, this.updateParent);
} }
onEditPassword2 = (event) => { onEditPassword2 = (event) => {
const value = event.target.value; const password2 = event.target.value;
let error2 = null; let password2Error = null;
if (value !== this.state.password1) { if (password2 !== this.state.password1) {
error2 = ERRORS.noMatchPassword; password2Error = ERRORS.noMatchPassword;
} }
this.setState({ this.setState({
password2: value, password2,
password2Error: error2, password2Error,
isValidPass: !error2 isValidPass: !password2Error
}, this.updateParent); }, this.updateParent);
} }
} }

82
js/src/modals/CreateAccount/RecoveryPhrase/recoveryPhrase.js
View File

@ -21,7 +21,7 @@ import { Form, Input } from '~/ui';
import styles from '../createAccount.css'; import styles from '../createAccount.css';
import { ERRORS } from '../NewAccount'; import ERRORS from '../errors';
export default class RecoveryPhrase extends Component { export default class RecoveryPhrase extends Component {
static propTypes = { static propTypes = {
@ -29,19 +29,19 @@ export default class RecoveryPhrase extends Component {
} }
state = { state = {
recoveryPhrase: '',
recoveryPhraseError: ERRORS.noPhrase,
accountName: '', accountName: '',
accountNameError: ERRORS.noName, accountNameError: ERRORS.noName,
passwordHint: '',
password1: '',
password1Error: ERRORS.invalidPassword,
password2: '',
password2Error: ERRORS.noMatchPassword,
windowsPhrase: false,
isValidPass: false, isValidPass: false,
isValidName: false, isValidName: false,
isValidPhrase: false isValidPhrase: false,
passwordHint: '',
password1: '',
password1Error: null,
password2: '',
password2Error: null,
recoveryPhrase: '',
recoveryPhraseError: null,
windowsPhrase: false
} }
componentWillMount () { componentWillMount () {
@ -99,13 +99,13 @@ export default class RecoveryPhrase extends Component {
} }
updateParent = () => { updateParent = () => {
const { isValidName, isValidPass, isValidPhrase, accountName, passwordHint, password1, recoveryPhrase, windowsPhrase } = this.state; const { accountName, isValidName, isValidPass, isValidPhrase, password1, passwordHint, recoveryPhrase, windowsPhrase } = this.state;
const isValid = isValidName && isValidPass && isValidPhrase; const isValid = isValidName && isValidPass && isValidPhrase;
this.props.onChange(isValid, { this.props.onChange(isValid, {
name: accountName, name: accountName,
passwordHint,
password: password1, password: password1,
passwordHint,
phrase: recoveryPhrase, phrase: recoveryPhrase,
windowsPhrase windowsPhrase
}); });
@ -134,67 +134,57 @@ export default class RecoveryPhrase extends Component {
.split(' ') .split(' ')
.map((part) => part.trim()) .map((part) => part.trim())
.filter((part) => part.length); .filter((part) => part.length);
let recoveryPhraseError = null;
if (!recoveryPhrase || recoveryPhrase.length < 25 || phraseParts.length < 8) {
recoveryPhraseError = ERRORS.noPhrase;
}
this.setState({ this.setState({
recoveryPhrase: phraseParts.join(' '), recoveryPhrase: phraseParts.join(' '),
recoveryPhraseError, recoveryPhraseError: null,
isValidPhrase: !recoveryPhraseError isValidPhrase: true
}, this.updateParent); }, this.updateParent);
} }
onEditAccountName = (event) => { onEditAccountName = (event) => {
const value = event.target.value; const accountName = event.target.value;
let error = null; let accountNameError = null;
if (!value || value.trim().length < 2) { if (!accountName || !accountName.trim().length) {
error = ERRORS.noName; accountNameError = ERRORS.noName;
} }
this.setState({ this.setState({
accountName: value, accountName,
accountNameError: error, accountNameError,
isValidName: !error isValidName: !accountNameError
}, this.updateParent); }, this.updateParent);
} }
onEditPassword1 = (event) => { onEditPassword1 = (event) => {
const value = event.target.value; const password1 = event.target.value;
let error1 = null; let password2Error = null;
let error2 = null;
if (!value || value.trim().length < 8) { if (password1 !== this.state.password2) {
error1 = ERRORS.invalidPassword; password2Error = ERRORS.noMatchPassword;
}
if (value !== this.state.password2) {
error2 = ERRORS.noMatchPassword;
} }
this.setState({ this.setState({
password1: value, password1,
password1Error: error1, password1Error: null,
password2Error: error2, password2Error,
isValidPass: !error1 && !error2 isValidPass: !password2Error
}, this.updateParent); }, this.updateParent);
} }
onEditPassword2 = (event) => { onEditPassword2 = (event) => {
const value = event.target.value; const password2 = event.target.value;
let error2 = null; let password2Error = null;
if (value !== this.state.password1) { if (password2 !== this.state.password1) {
error2 = ERRORS.noMatchPassword; password2Error = ERRORS.noMatchPassword;
} }
this.setState({ this.setState({
password2: value, password2,
password2Error: error2, password2Error,
isValidPass: !error2 isValidPass: !password2Error
}, this.updateParent); }, this.updateParent);
} }
} }

20
js/src/modals/CreateAccount/createAccount.js
View File

@ -15,6 +15,7 @@
// along with Parity. If not, see <http://www.gnu.org/licenses/>. // along with Parity. If not, see <http://www.gnu.org/licenses/>.
import React, { Component, PropTypes } from 'react'; import React, { Component, PropTypes } from 'react';
import { FormattedMessage } from 'react-intl';
import ActionDone from 'material-ui/svg-icons/action/done'; import ActionDone from 'material-ui/svg-icons/action/done';
import ActionDoneAll from 'material-ui/svg-icons/action/done-all'; import ActionDoneAll from 'material-ui/svg-icons/action/done-all';
import ContentClear from 'material-ui/svg-icons/content/clear'; import ContentClear from 'material-ui/svg-icons/content/clear';
@ -22,7 +23,7 @@ import NavigationArrowBack from 'material-ui/svg-icons/navigation/arrow-back';
import NavigationArrowForward from 'material-ui/svg-icons/navigation/arrow-forward'; import NavigationArrowForward from 'material-ui/svg-icons/navigation/arrow-forward';
import PrintIcon from 'material-ui/svg-icons/action/print'; import PrintIcon from 'material-ui/svg-icons/action/print';
import { Button, Modal } from '~/ui'; import { Button, Modal, Warning } from '~/ui';
import AccountDetails from './AccountDetails'; import AccountDetails from './AccountDetails';
import AccountDetailsGeth from './AccountDetailsGeth'; import AccountDetailsGeth from './AccountDetailsGeth';
@ -86,6 +87,7 @@ export default class CreateAccount extends Component {
actions={ this.renderDialogActions() } actions={ this.renderDialogActions() }
current={ stage } current={ stage }
steps={ steps }> steps={ steps }>
{ this.renderWarning() }
{ this.renderPage() } { this.renderPage() }
</Modal> </Modal>
); );
@ -200,6 +202,22 @@ export default class CreateAccount extends Component {
} }
} }
renderWarning () {
const { createType, stage } = this.state;
if (stage !== 1 || ['fromJSON', 'fromPresale'].includes(createType)) {
return null;
}
return (
<Warning warning={
<FormattedMessage
id='createAccount.warning.insecurePassword'
defaultMessage='It is recommended that a strong password be used to secure your accounts. Empty and trivial passwords are a security risk.' />
} />
);
}
onNext = () => { onNext = () => {
this.setState({ this.setState({
stage: this.state.stage + 1 stage: this.state.stage + 1

45
js/src/modals/CreateAccount/errors.js Normal file
View File

@ -0,0 +1,45 @@
// Copyright 2015, 2016 Parity Technologies (UK) Ltd.
// This file is part of Parity.
// Parity is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// Parity is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with Parity. If not, see <http://www.gnu.org/licenses/>.
import React from 'react';
import { FormattedMessage } from 'react-intl';
export default {
noFile:
<FormattedMessage
id='createAccount.error.noFile'
defaultMessage='select a valid wallet file to import' />,
noKey:
<FormattedMessage
id='createAccount.error.noKey'
defaultMessage='you need to provide the raw private key' />,
noMatchPassword:
<FormattedMessage
id='createAccount.error.noMatchPassword'
defaultMessage='the supplied passwords does not match' />,
noName:
<FormattedMessage
id='createAccount.error.noName'
defaultMessage='you need to specify a valid name for the account' />,
invalidKey:
<FormattedMessage
id='createAccount.error.invalidKey'
defaultMessage='the raw key needs to be hex, 64 characters in length and contain the prefix "0x"' />
};

5
js/src/ui/Form/Input/input.js
View File

@ -50,7 +50,7 @@ export default class Input extends Component {
children: PropTypes.node, children: PropTypes.node,
className: PropTypes.string, className: PropTypes.string,
disabled: PropTypes.bool, disabled: PropTypes.bool,
error: PropTypes.string, error: nodeOrStringProptype(),
readOnly: PropTypes.bool, readOnly: PropTypes.bool,
floatCopy: PropTypes.bool, floatCopy: PropTypes.bool,
hint: nodeOrStringProptype(), hint: nodeOrStringProptype(),
@ -96,8 +96,7 @@ export default class Input extends Component {
render () { render () {
const { value } = this.state; const { value } = this.state;
const { children, className, hideUnderline, disabled, error, label } = this.props; const { children, className, disabled, error, hideUnderline, hint, label, max, min, multiLine, rows, style, type } = this.props;
const { hint, multiLine, rows, type, min, max, style } = this.props;
const readOnly = this.props.readOnly || disabled; const readOnly = this.props.readOnly || disabled;

17
js/src/ui/Warning/index.js Normal file
View File

@ -0,0 +1,17 @@
// Copyright 2015, 2016 Parity Technologies (UK) Ltd.
// This file is part of Parity.
// Parity is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// Parity is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with Parity. If not, see <http://www.gnu.org/licenses/>.
export default from './warning';

26
js/src/ui/Warning/warning.css Normal file
View File

@ -0,0 +1,26 @@
/* Copyright 2015, 2016 Parity Technologies (UK) Ltd.
/* This file is part of Parity.
/*
/* Parity is free software: you can redistribute it and/or modify
/* it under the terms of the GNU General Public License as published by
/* the Free Software Foundation, either version 3 of the License, or
/* (at your option) any later version.
/*
/* Parity is distributed in the hope that it will be useful,
/* but WITHOUT ANY WARRANTY; without even the implied warranty of
/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
/* GNU General Public License for more details.
/*
/* You should have received a copy of the GNU General Public License
/* along with Parity. If not, see <http://www.gnu.org/licenses/>.
*/
.warning {
background: #f80;
border-radius: 0.5em;
color: white;
font-size: 0.75em;
margin-bottom: 1em;
padding: 0.75em;
text-align: center;
}

41
js/src/ui/Warning/warning.js Normal file
View File

@ -0,0 +1,41 @@
// Copyright 2015, 2016 Parity Technologies (UK) Ltd.
// This file is part of Parity.
// Parity is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// Parity is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with Parity. If not, see <http://www.gnu.org/licenses/>.
import React, { Component } from 'react';
import { nodeOrStringProptype } from '~/util/proptypes';
import styles from './warning.css';
export default class Warning extends Component {
static propTypes = {
warning: nodeOrStringProptype()
};
render () {
const { warning } = this.props;
if (!warning) {
return null;
}
return (
<div className={ styles.warning }>
{ warning }
</div>
);
}
}

4
js/src/ui/index.js
View File

@ -49,6 +49,7 @@ import Tags from './Tags';
import Tooltips, { Tooltip } from './Tooltips'; import Tooltips, { Tooltip } from './Tooltips';
import TxHash from './TxHash'; import TxHash from './TxHash';
import TxList from './TxList'; import TxList from './TxList';
import Warning from './Warning';
export { export {
Actionbar, Actionbar,
@ -99,5 +100,6 @@ export {
Tooltips, Tooltips,
TxHash, TxHash,
TxList, TxList,
TypedInput TypedInput,
Warning
}; };