upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-04-26 00:27:49 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 29
nextcloud/apps/files_sharing/src/utils/GeneratePassword.js
Vincent Petry e9f7ea11bb
Improve password generation for link shares 
Use web crypto when generating password for link shares
whenever the password policy app is disabled.

Signed-off-by: Vincent Petry <vincent@nextcloud.com>
2023-01-16 14:35:08 +01:00

61 lines
2.1 KiB
JavaScript
Raw Blame History

/**
* @copyright Copyright (c) 2020 John Molakvoæ <skjnldsv@protonmail.com>
*
* @author John Molakvoæ <skjnldsv@protonmail.com>
*
* @license AGPL-3.0-or-later
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
import axios from '@nextcloud/axios'
import Config from '../services/ConfigService'
import { showError, showSuccess } from '@nextcloud/dialogs'
const config = new Config()
// note: some chars removed on purpose to make them human friendly when read out
const passwordSet = 'abcdefgijkmnopqrstwxyzABCDEFGHJKLMNPQRSTWXYZ23456789'
/**
* Generate a valid policy password or
* request a valid password if password_policy
* is enabled
*
* @return {string} a valid password
*/
export default async function() {
// password policy is enabled, let's request a pass
if (config.passwordPolicy.api && config.passwordPolicy.api.generate) {
try {
const request = await axios.get(config.passwordPolicy.api.generate)
if (request.data.ocs.data.password) {
showSuccess(t('files_sharing', 'Password created successfully'))
return request.data.ocs.data.password
}
} catch (error) {
console.info('Error generating password from password_policy', error)
showError(t('files_sharing', 'Error generating password from password policy'))
}
}
const array = new Uint8Array(10)
const ratio = passwordSet.length / 255
self.crypto.getRandomValues(array)
let password = ''
for (let i = 0; i < array.length; i++) {
password += passwordSet.charAt(array[i] * ratio)
}
return password
}
Reference in a new issue View git blame Copy permalink