mirror of
https://github.com/KevinMidboe/zoff.git
synced 2025-10-29 18:00:23 +00:00
Major update on cryptosystem, all passwords now obsolete..
This commit is contained in:
Kasper Rynning-Tønnesen
2
server/public/assets/dist/embed.min.js
vendored
2
server/public/assets/dist/embed.min.js
vendored
File diff suppressed because one or more lines are too long
2
server/public/assets/dist/main.min.js
vendored
2
server/public/assets/dist/main.min.js
vendored
File diff suppressed because one or more lines are too long
@@ -98,11 +98,11 @@ var Admin = {
|
||||
pw: function(msg)
|
||||
{
|
||||
w_p = false;
|
||||
adminpass = msg;
|
||||
adminpass = Crypt.tmp_pass;
|
||||
names = ["vote","addsongs","longsongs","frontpage", "allvideos",
|
||||
"removeplay", "skip", "shuffle", "userpass"];
|
||||
|
||||
Crypt.set_pass(chan.toLowerCase(), Crypt.decrypt_pass(msg));
|
||||
Crypt.set_pass(chan.toLowerCase(), Crypt.tmp_pass);
|
||||
|
||||
for (var i = 0; i < names.length; i++) {
|
||||
$("input[name="+names[i]+"]").attr("disabled", false);
|
||||
|
||||
@@ -2,6 +2,7 @@ var Crypt = {
|
||||
|
||||
conf_pass: undefined,
|
||||
user_pass: undefined,
|
||||
tmp_pass: "",
|
||||
|
||||
init: function(){
|
||||
|
||||
@@ -36,9 +37,11 @@ var Crypt = {
|
||||
if(Crypt.getCookie(name) === undefined) {
|
||||
cookie = Crypt.create_cookie(name);
|
||||
}
|
||||
|
||||
var key = btoa("0103060703080703080701") + btoa("0103060703080703080701");
|
||||
key = key.substring(0,32);
|
||||
key = btoa(key);
|
||||
var decrypted = CryptoJS.AES.decrypt(
|
||||
cookie,"0103060703080703080701",
|
||||
cookie,key,
|
||||
{
|
||||
mode: CryptoJS.mode.CBC,
|
||||
padding: CryptoJS.pad.Pkcs7
|
||||
@@ -49,8 +52,11 @@ var Crypt = {
|
||||
},
|
||||
|
||||
decrypt_pass: function(pass){
|
||||
var key = btoa(socket.id) + btoa(socket.id);
|
||||
key = key.substring(0,32);
|
||||
key = btoa(key);
|
||||
var decrypted = CryptoJS.AES.decrypt(
|
||||
pass,socket.id,
|
||||
pass,key,
|
||||
{
|
||||
mode: CryptoJS.mode.CBC,
|
||||
padding: CryptoJS.pad.Pkcs7
|
||||
@@ -62,10 +68,12 @@ var Crypt = {
|
||||
|
||||
encrypt: function(json_formated, cookie){
|
||||
var to_encrypt = JSON.stringify(json_formated);
|
||||
|
||||
var key = btoa("0103060703080703080701") + btoa("0103060703080703080701");
|
||||
key = key.substring(0,32);
|
||||
key = btoa(key);
|
||||
var encrypted = CryptoJS.AES.encrypt(
|
||||
to_encrypt,
|
||||
"0103060703080703080701",
|
||||
key,
|
||||
{
|
||||
mode: CryptoJS.mode.CBC,
|
||||
padding: CryptoJS.pad.Pkcs7
|
||||
@@ -81,18 +89,6 @@ var Crypt = {
|
||||
}
|
||||
},
|
||||
|
||||
encrypt_string: function(string){
|
||||
var encrypted = CryptoJS.AES.encrypt(
|
||||
string,
|
||||
socket.id,
|
||||
{
|
||||
mode: CryptoJS.mode.CBC,
|
||||
padding: CryptoJS.pad.Pkcs7
|
||||
}
|
||||
);
|
||||
return encrypted.toString();
|
||||
},
|
||||
|
||||
get_volume: function(){
|
||||
return Crypt.decrypt(Crypt.getCookie("_opt"), "_opt").volume;
|
||||
//return conf_arr.volume;
|
||||
@@ -118,10 +114,12 @@ var Crypt = {
|
||||
else cookie_object = {passwords: {}};
|
||||
|
||||
var string_it = JSON.stringify(cookie_object);
|
||||
|
||||
var key = btoa("0103060703080703080701") + btoa("0103060703080703080701");
|
||||
key = key.substring(0,32);
|
||||
key = btoa(key);
|
||||
var encrypted = CryptoJS.AES.encrypt(
|
||||
string_it,
|
||||
"0103060703080703080701",
|
||||
key,
|
||||
{
|
||||
mode: CryptoJS.mode.CBC,
|
||||
padding: CryptoJS.pad.Pkcs7
|
||||
@@ -196,15 +194,32 @@ var Crypt = {
|
||||
},
|
||||
|
||||
crypt_pass: function(pass){
|
||||
Crypt.tmp_pass = pass;
|
||||
var key = btoa(socket.id) + btoa(socket.id);
|
||||
key = key.substring(0,32);
|
||||
key = btoa(key);
|
||||
var iv = btoa(Crypt.makeiv());
|
||||
var encrypted = CryptoJS.AES.encrypt(
|
||||
pass,
|
||||
socket.id,
|
||||
CryptoJS.enc.Base64.parse(key),
|
||||
{
|
||||
mode: CryptoJS.mode.CBC,
|
||||
padding: CryptoJS.pad.Pkcs7
|
||||
padding: CryptoJS.pad.Pkcs7,
|
||||
iv: CryptoJS.enc.Base64.parse(iv),
|
||||
}
|
||||
);
|
||||
return encrypted.toString();
|
||||
window.encrypted = encrypted;
|
||||
return encrypted.toString() + "$" + iv;
|
||||
},
|
||||
|
||||
makeiv: function(){
|
||||
var text = "";
|
||||
var possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
|
||||
|
||||
for( var i=0; i < 16; i++ )
|
||||
text += possible.charAt(Math.floor(Math.random() * possible.length));
|
||||
|
||||
return text;
|
||||
},
|
||||
|
||||
get_width: function(){
|
||||
|
||||
@@ -366,7 +366,7 @@ var List = {
|
||||
}, 305);
|
||||
if(removed) {
|
||||
$("#"+deleted).remove();
|
||||
full_playlist.splice(List.getIndexOfSong(deleted), 1);
|
||||
full_playlist.splice(List.getIndexOfSong(deleted), 1);
|
||||
}
|
||||
|
||||
} catch(err) {
|
||||
|
||||
@@ -15,7 +15,6 @@ var Player = {
|
||||
}catch(e){
|
||||
state = null;
|
||||
}
|
||||
console.log(video_id);
|
||||
if((((!offline && (state != null || from_frontpage)) || (offline && (!(state != null) || from_frontpage))|| (!offline && (!(state != null) || from_frontpage)) || (offline && state == -1)) && !(offline && prev_chan_player == chan)) || (offline && video_id == undefined)){
|
||||
prev_chan_player = chan;
|
||||
from_frontpage = false;
|
||||
|
||||
Reference in New Issue
Block a user