From fa96f6652016efca196dced75a5888108b3bcd28 Mon Sep 17 00:00:00 2001
From: nuxsmin <nuxsmin@syspass.org>
Date: Tue, 20 Dec 2016 10:58:30 +0100
Subject: [PATCH] * [DEV] Auth (work in progress)

---
 inc/SP/Controller/LoginController.class.php   | 12 +++++---
 .../material-blue/views/main/passreset.inc    |  9 +-----
 js/app-main.js                                |  4 +++
 js/app-main.min.js                            | 28 +++++++++----------
 4 files changed, 27 insertions(+), 26 deletions(-)

diff --git a/inc/SP/Controller/LoginController.class.php b/inc/SP/Controller/LoginController.class.php
index bb5832c5..57e2ad66 100644
--- a/inc/SP/Controller/LoginController.class.php
+++ b/inc/SP/Controller/LoginController.class.php
@@ -119,7 +119,7 @@ class LoginController
                     $this->{$auth['auth']}($auth['data']);
                 }
             } else {
-                throw new AuthException(SPException::SP_INFO, _('Usuario/Clave incorrectos'), '', self::STATUS_INVALID_LOGIN);
+                throw new AuthException(SPException::SP_INFO, _('Login incorrecto'), '', self::STATUS_INVALID_LOGIN);
             }
 
             $this->getUserData($userPass);
@@ -262,6 +262,8 @@ class LoginController
                 $this->Log->writeLog();
 
                 throw new AuthException(SPException::SP_INFO, _('Clave maestra incorrecta'), '', self::STATUS_INVALID_MASTER_PASS);
+            } else {
+                Log::writeNewLog(_('Login'), _('Clave maestra actualizada'));
             }
         } else if ($oldPass) {
             if (!$UserPass->updateMasterPass($oldPass)) {
@@ -269,6 +271,8 @@ class LoginController
                 $this->Log->writeLog();
 
                 throw new AuthException(SPException::SP_INFO, _('Clave maestra incorrecta'), '', self::STATUS_INVALID_MASTER_PASS);
+            } else {
+                Log::writeNewLog(_('Login'), _('Clave maestra actualizada'));
             }
         } else {
             $loadMPass = $UserPass->loadUserMPass();
@@ -276,7 +280,7 @@ class LoginController
             // Comprobar si es necesario actualizar la clave maestra
             if ($loadMPass === false) {
                 throw new AuthException(SPException::SP_INFO, _('Es necesaria su clave anterior'), '', self::STATUS_NEED_OLD_PASS);
-            // La clave no está establecida o se ha sido cambiada por el administrador
+                // La clave no está establecida o se ha sido cambiada por el administrador
             } else if ($loadMPass === null || !$UserPass->checkUserUpdateMPass()) {
                 throw new AuthException(SPException::SP_INFO, _('La clave maestra no ha sido guardada o es incorrecta'), '', self::STATUS_INVALID_MASTER_PASS);
             }
@@ -391,7 +395,7 @@ class LoginController
             $this->Log->addDetails(_('Usuario'), $this->UserData->getUserLogin());
             $this->Log->writeLog();
 
-            throw new AuthException(SPException::SP_INFO, _('Usuario/Clave incorrectos'), '', self::STATUS_INVALID_LOGIN);
+            throw new AuthException(SPException::SP_INFO, $this->Log->getDescription(), '', self::STATUS_INVALID_LOGIN);
         }
 
         $this->Log->addDetails(_('Tipo'), __FUNCTION__);
@@ -417,7 +421,7 @@ class LoginController
             $this->Log->addDetails(_('Autentificación'), sprintf('%s (%s)', AuthUtil::getServerAuthType(), $AuthData->getName()));
             $this->Log->writeLog();
 
-            throw new AuthException(SPException::SP_INFO, _('Usuario/Clave incorrectos'), '', self::STATUS_INVALID_LOGIN);
+            throw new AuthException(SPException::SP_INFO, $this->Log->getDescription(), '', self::STATUS_INVALID_LOGIN);
         }
 
         return true;
diff --git a/inc/themes/material-blue/views/main/passreset.inc b/inc/themes/material-blue/views/main/passreset.inc
index b648e329..4d1ec635 100644
--- a/inc/themes/material-blue/views/main/passreset.inc
+++ b/inc/themes/material-blue/views/main/passreset.inc
@@ -72,11 +72,4 @@
             </div>
         </form>
     </div>
-</main>
-<script>
-    sysPassApp.sk.set("<?php echo $sk; ?>");
-
-    $('#btnBack').click(function () {
-        window.history.back();
-    });
-</script>
\ No newline at end of file
+</main>
\ No newline at end of file
diff --git a/js/app-main.js b/js/app-main.js
index 9158c642..2b983180 100644
--- a/js/app-main.js
+++ b/js/app-main.js
@@ -140,6 +140,10 @@ sysPass.Main = function () {
         if ($("footer").length > 0) {
             appTriggers.views.footer();
         }
+
+        $('#btnBack').click(function () {
+            redirect("index.php");
+        });
     };
 
     // Mostrar mensaje de aviso
diff --git a/js/app-main.min.js b/js/app-main.min.js
index ce335136..fae27f96 100644
--- a/js/app-main.min.js
+++ b/js/app-main.min.js
@@ -5,17 +5,17 @@ $jscomp.iteratorPrototype=function(a){$jscomp.initSymbolIterator();a={next:a};a[
 $jscomp.polyfill=function(a,f,e,c){if(f){e=$jscomp.global;a=a.split(".");for(c=0;c<a.length-1;c++){var g=a[c];g in e||(e[g]={});e=e[g]}a=a[a.length-1];c=e[a];f=f(c);f!=c&&null!=f&&$jscomp.defineProperty(e,a,{configurable:!0,writable:!0,value:f})}};$jscomp.polyfill("Array.prototype.keys",function(a){return a?a:function(){return $jscomp.iteratorFromArray(this,function(a){return a})}},"es6-impl","es3");
 $jscomp.findInternal=function(a,f,e){a instanceof String&&(a=String(a));for(var c=a.length,g=0;g<c;g++){var m=a[g];if(f.call(e,m,g,a))return{i:g,v:m}}return{i:-1,v:void 0}};$jscomp.polyfill("Array.prototype.find",function(a){return a?a:function(a,e){return $jscomp.findInternal(this,a,e).v}},"es6-impl","es3");
 sysPass.Main=function(){var a={APP_ROOT:"",LANG:[],PK:"",MAX_FILE_SIZE:1024,CRYPT:new JSEncrypt,CHECK_UPDATES:!1,TIMEZONE:"",LOCALE:"",DEBUG:""},f={passLength:0,minPasswordLength:8,complexity:{numbers:!0,symbols:!0,uppercase:!0,numlength:12}},e={},c={},g={},m={},r={},q={},h={log:function(b){!0===a.DEBUG&&console.log(b)},info:function(b){!0===a.DEBUG&&console.info(b)},error:function(a){console.error(a)},warn:function(a){console.warn(a)}};toastr.options={closeButton:!1,debug:!1,newestOnTop:!1,progressBar:!1,
-positionClass:"toast-top-center",preventDuplicates:!1,onclick:null,showDuration:"300",hideDuration:"1000",timeOut:"5000",extendedTimeOut:"1000",showEasing:"swing",hideEasing:"linear",showMethod:"fadeIn",hideMethod:"fadeOut"};var l={ok:function(a){toastr.success(a)},error:function(a){toastr.error(a)},warn:function(a){toastr.warning(a)},info:function(a){toastr.info(a)},out:function(a){if("object"===typeof a){var b=a.status,d=a.description;"undefined"!==typeof a.messages&&0<a.messages.length&&(d=d+"<br>"+
-a.messages.join("<br>"));switch(b){case 0:l.ok(d);break;case 1:case 2:l.error(d);break;case 3:l.warn(d);break;case 10:g.main.logout()}}},html:{error:function(b){return'<p class="error round">Oops...<br>'+a.LANG[1]+"<br>"+b+"</p>"}}},w=function(b){h.info("getEnvironment");var k=window.location.pathname.split("/"),d=window.location.protocol+"//"+window.location.host+function(){for(var a="",b=1;b<=k.length-2;b++)a+="/"+k[b];return a}(),n=m.getRequestOpts();n.url=d+"/ajax/ajax_getEnvironment.php";n.method=
-"get";n.async=!1;n.useLoading=!1;n.data={isAjax:1};m.getActionCall(n,function(d){a.APP_ROOT=d.app_root;a.LANG=d.lang;a.PK=d.pk;a.CHECK_UPDATES=d.check_updates;a.CRYPT.setPublicKey(d.pk);a.TIMEZONE=d.timezone;a.LOCALE=d.locale;a.DEBUG=d.debug;"function"===typeof b&&b()})},u={get:function(){h.info("sk:get");return $("#container").attr("data-sk")},set:function(a){h.info("sk:set");$("#container").attr("data-sk",a)}},x=function(){var a=$("#container");if(!a.hasClass("content-no-auto-resize")){var k=$("#content").height()+
-200;a.css("height",k)}},y=function(){$("html, body").animate({scrollTop:0},"slow")},z=function(a){window.location.replace(a)},A=function(b){var k=function(){return{actionId:b.data("action-id"),itemId:b.data("item-id"),sk:u.get()}},d={requestDoneAction:"",requestData:function(a){k=function(){return a}},beforeSendAction:"",url:""},n=function(a){if("undefined"===typeof d.url||""===d.url)return!1;var b=new FormData;b.append("inFile",a);b.append("isAjax",1);var p=k();Object.keys(p).forEach(function(a){h.info(a);
-b.append(a,p[a])});a=m.getRequestOpts();a.url=d.url;a.processData=!1;a.contentType=!1;a.data=b;m.getActionCall(a,function(a){var b=a.status;a=a.description;0===b?("function"===typeof d.requestDoneAction&&d.requestDoneAction(),l.ok(a)):10===b?g.main.logout():l.error(a)})},c=function(d){if(5<d.length)l.error(a.LANG[17]+" (Max: 5)");else for(var k=0;k<d.length;k++){var p=d[k];if(p.size/1E3>a.MAX_FILE_SIZE)l.error(a.LANG[18]+"<br>"+p.name+" (Max: "+a.MAX_FILE_SIZE+")");else{var c;a:{c=p.name;for(var e=
-b.data("files-ext").toLowerCase().split(","),f=0;f<=e.length;f++)if(-1!==c.indexOf(e[f])){c=!0;break a}c=!1}c?n(d[k]):l.error(a.LANG[19]+"<br>"+p.name)}}},e=function(a){var b=$("#fileUploadForm");!1===a&&b.hide();a=b.find("input[type='file']");a.on("change",function(){"function"===typeof d.beforeSendAction&&d.beforeSendAction();c(this.files)});return a};window.File&&window.FileList&&window.FileReader?function(){h.info("fileUpload:init");var a=e(!1);b.on("dragover dragenter",function(a){h.info("fileUpload:drag");
-a.stopPropagation();a.preventDefault()});b.on("drop",function(a){h.info("fileUpload:drop");a.stopPropagation();a.preventDefault();"function"===typeof d.beforeSendAction&&d.beforeSendAction();c(a.dataTransfer.files)});b.on("click",function(){a.click()})}():e(!0);return d},B=function(a){h.info("checkPassLevel");f.passLength=a.val().length;v(zxcvbn(a.val()),a)},v=function(b,k){h.info("outputResult");var d=$(".passLevel-"+k.attr("id")),c=b.score;d.show();d.removeClass("weak good strong strongest");0===
-f.passLength?d.attr("title","").empty():f.passLength<f.minPasswordLength?d.attr("title",a.LANG[11]).addClass("weak"):0===c?d.attr("title",a.LANG[9]+" - "+b.feedback.warning).addClass("weak"):1===c||2===c?d.attr("title",a.LANG[8]+" - "+b.feedback.warning).addClass("good"):3===c?d.attr("title",a.LANG[7]).addClass("strong"):4===c&&d.attr("title",a.LANG[10]).addClass("strongest")},C=function(b){$(b).find(".checkbox").button({icons:{primary:"ui-icon-transferthick-e-w"}}).click(function(){var b=$(this);
-!0===b.prop("checked")?b.button("option","label",a.LANG[40]):b.button("option","label",a.LANG[41])})},t=function(b){h.info("encryptFormValue");var c=b.val();""!==c&&parseInt(b.attr("data-length"))!==c.length&&(c=a.CRYPT.encrypt(c),b.val(c),b.attr("data-length",c.length))},D=function(){h.info("initializeClipboard");var b=new Clipboard(".clip-pass-button",{text:function(a){return g.account.copypass($(a)).responseJSON.accpass}});b.on("success",function(b){l.ok(a.LANG[45])});b.on("error",function(b){l.error(a.LANG[46])});
-var b=new Clipboard(".dialog-clip-pass-button"),c=new Clipboard(".dialog-clip-user-button");b.on("success",function(a){$(".dialog-pass-text").addClass("dialog-clip-pass-copy round");a.clearSelection()});c.on("success",function(a){a.clearSelection()})},E=function(){h.info("bindPassEncrypt");$("body").on("blur",":input[type=password]",function(a){a=$(this);a.hasClass("passwordfield__no-pki")||t(a)}).on("keypress",":input[type=password]",function(a){13===a.keyCode&&(a.preventDefault(),a=$(this),t(a),
-a.closest("form").submit())})},F=function(a,c){console.info("Eval: "+a);if("function"===typeof a)a(c);else throw Error("Function not found: "+a);},G=function(a){h.info("resizeImage");var b=.9*$(window).width(),c=.9*$(window).height(),e={width:a.width(),height:a.height()},f={calc:0,main:0,secondary:0,factor:.9,rel:e.width/e.height},g=function(a){a.main>a.secondary?a.calc=a.main/a.rel:a.main<a.secondary&&(a.calc=a.main*a.rel);a.calc>a.secondary&&(a.main*=a.factor,g(a));return a},l=function(){f.main=
-b;f.secondary=c;var d=g(f);a.css({width:d.main,height:d.calc});e.width=d.main;e.height=d.calc},m=function(){f.main=c;f.secondary=b;var d=g(f);a.css({width:d.calc,height:d.main});e.width=d.calc;e.height=d.main};e.width>b?l():e.height>c&&(h.info("height"),m());return e},H=function(){return $.extend({log:h,config:function(){return a},appTheme:function(){return e},appActions:function(){return g},appTriggers:function(){return c},appRequests:function(){return m},evalAction:F,resizeImage:G},r)},I=function(){return{actions:function(){return g},
-triggers:function(){return c},theme:function(){return e},sk:u,msg:l,log:h,passToClip:0,passwordData:f,outputResult:v,checkboxDetect:C,checkPassLevel:B,encryptFormValue:t,fileUpload:A,redirect:z,scrollUp:y,setContentSize:x}};(function(){h.info("init");r=I();q=H();c=sysPass.Triggers(q);g=sysPass.Actions(q);m=sysPass.Requests(q);w(function(){""!==a.PK&&E();"function"===typeof sysPass.Theme&&(e=sysPass.Theme(q));!0===a.CHECK_UPDATES&&g.main.getUpdates();D();h.info("setupCallbacks");switch($("#container").data("page")){case "login":c.views.login();
-break;case "2fa":c.views.twofa();break;case "passreset":c.views.passreset()}0<$("footer").length&&c.views.footer()})})();return r};
+positionClass:"toast-top-center",preventDuplicates:!1,onclick:null,showDuration:"300",hideDuration:"1000",timeOut:"5000",extendedTimeOut:"1000",showEasing:"swing",hideEasing:"linear",showMethod:"fadeIn",hideMethod:"fadeOut"};var x=function(){h.info("setupCallbacks");switch($("#container").data("page")){case "login":c.views.login();break;case "2fa":c.views.twofa();break;case "passreset":c.views.passreset()}0<$("footer").length&&c.views.footer();$("#btnBack").click(function(){u("index.php")})},l={ok:function(a){toastr.success(a)},
+error:function(a){toastr.error(a)},warn:function(a){toastr.warning(a)},info:function(a){toastr.info(a)},out:function(a){if("object"===typeof a){var b=a.status,d=a.description;"undefined"!==typeof a.messages&&0<a.messages.length&&(d=d+"<br>"+a.messages.join("<br>"));switch(b){case 0:l.ok(d);break;case 1:case 2:l.error(d);break;case 3:l.warn(d);break;case 10:g.main.logout()}}},html:{error:function(b){return'<p class="error round">Oops...<br>'+a.LANG[1]+"<br>"+b+"</p>"}}},y=function(b){h.info("getEnvironment");
+var k=window.location.pathname.split("/"),d=window.location.protocol+"//"+window.location.host+function(){for(var a="",b=1;b<=k.length-2;b++)a+="/"+k[b];return a}(),n=m.getRequestOpts();n.url=d+"/ajax/ajax_getEnvironment.php";n.method="get";n.async=!1;n.useLoading=!1;n.data={isAjax:1};m.getActionCall(n,function(d){a.APP_ROOT=d.app_root;a.LANG=d.lang;a.PK=d.pk;a.CHECK_UPDATES=d.check_updates;a.CRYPT.setPublicKey(d.pk);a.TIMEZONE=d.timezone;a.LOCALE=d.locale;a.DEBUG=d.debug;"function"===typeof b&&b()})},
+v={get:function(){h.info("sk:get");return $("#container").attr("data-sk")},set:function(a){h.info("sk:set");$("#container").attr("data-sk",a)}},z=function(){var a=$("#container");if(!a.hasClass("content-no-auto-resize")){var k=$("#content").height()+200;a.css("height",k)}},A=function(){$("html, body").animate({scrollTop:0},"slow")},u=function(a){window.location.replace(a)},B=function(b){var k=function(){return{actionId:b.data("action-id"),itemId:b.data("item-id"),sk:v.get()}},d={requestDoneAction:"",
+requestData:function(a){k=function(){return a}},beforeSendAction:"",url:""},n=function(a){if("undefined"===typeof d.url||""===d.url)return!1;var b=new FormData;b.append("inFile",a);b.append("isAjax",1);var p=k();Object.keys(p).forEach(function(a){h.info(a);b.append(a,p[a])});a=m.getRequestOpts();a.url=d.url;a.processData=!1;a.contentType=!1;a.data=b;m.getActionCall(a,function(a){var b=a.status;a=a.description;0===b?("function"===typeof d.requestDoneAction&&d.requestDoneAction(),l.ok(a)):10===b?g.main.logout():
+l.error(a)})},c=function(d){if(5<d.length)l.error(a.LANG[17]+" (Max: 5)");else for(var k=0;k<d.length;k++){var p=d[k];if(p.size/1E3>a.MAX_FILE_SIZE)l.error(a.LANG[18]+"<br>"+p.name+" (Max: "+a.MAX_FILE_SIZE+")");else{var c;a:{c=p.name;for(var e=b.data("files-ext").toLowerCase().split(","),f=0;f<=e.length;f++)if(-1!==c.indexOf(e[f])){c=!0;break a}c=!1}c?n(d[k]):l.error(a.LANG[19]+"<br>"+p.name)}}},e=function(a){var b=$("#fileUploadForm");!1===a&&b.hide();a=b.find("input[type='file']");a.on("change",
+function(){"function"===typeof d.beforeSendAction&&d.beforeSendAction();c(this.files)});return a};window.File&&window.FileList&&window.FileReader?function(){h.info("fileUpload:init");var a=e(!1);b.on("dragover dragenter",function(a){h.info("fileUpload:drag");a.stopPropagation();a.preventDefault()});b.on("drop",function(a){h.info("fileUpload:drop");a.stopPropagation();a.preventDefault();"function"===typeof d.beforeSendAction&&d.beforeSendAction();c(a.dataTransfer.files)});b.on("click",function(){a.click()})}():
+e(!0);return d},C=function(a){h.info("checkPassLevel");f.passLength=a.val().length;w(zxcvbn(a.val()),a)},w=function(b,k){h.info("outputResult");var d=$(".passLevel-"+k.attr("id")),c=b.score;d.show();d.removeClass("weak good strong strongest");0===f.passLength?d.attr("title","").empty():f.passLength<f.minPasswordLength?d.attr("title",a.LANG[11]).addClass("weak"):0===c?d.attr("title",a.LANG[9]+" - "+b.feedback.warning).addClass("weak"):1===c||2===c?d.attr("title",a.LANG[8]+" - "+b.feedback.warning).addClass("good"):
+3===c?d.attr("title",a.LANG[7]).addClass("strong"):4===c&&d.attr("title",a.LANG[10]).addClass("strongest")},D=function(b){$(b).find(".checkbox").button({icons:{primary:"ui-icon-transferthick-e-w"}}).click(function(){var b=$(this);!0===b.prop("checked")?b.button("option","label",a.LANG[40]):b.button("option","label",a.LANG[41])})},t=function(b){h.info("encryptFormValue");var c=b.val();""!==c&&parseInt(b.attr("data-length"))!==c.length&&(c=a.CRYPT.encrypt(c),b.val(c),b.attr("data-length",c.length))},
+E=function(){h.info("initializeClipboard");var b=new Clipboard(".clip-pass-button",{text:function(a){return g.account.copypass($(a)).responseJSON.accpass}});b.on("success",function(b){l.ok(a.LANG[45])});b.on("error",function(b){l.error(a.LANG[46])});var b=new Clipboard(".dialog-clip-pass-button"),c=new Clipboard(".dialog-clip-user-button");b.on("success",function(a){$(".dialog-pass-text").addClass("dialog-clip-pass-copy round");a.clearSelection()});c.on("success",function(a){a.clearSelection()})},
+F=function(){h.info("bindPassEncrypt");$("body").on("blur",":input[type=password]",function(a){a=$(this);a.hasClass("passwordfield__no-pki")||t(a)}).on("keypress",":input[type=password]",function(a){13===a.keyCode&&(a.preventDefault(),a=$(this),t(a),a.closest("form").submit())})},G=function(a,c){console.info("Eval: "+a);if("function"===typeof a)a(c);else throw Error("Function not found: "+a);},H=function(a){h.info("resizeImage");var b=.9*$(window).width(),c=.9*$(window).height(),e={width:a.width(),
+height:a.height()},f={calc:0,main:0,secondary:0,factor:.9,rel:e.width/e.height},g=function(a){a.main>a.secondary?a.calc=a.main/a.rel:a.main<a.secondary&&(a.calc=a.main*a.rel);a.calc>a.secondary&&(a.main*=a.factor,g(a));return a},l=function(){f.main=b;f.secondary=c;var d=g(f);a.css({width:d.main,height:d.calc});e.width=d.main;e.height=d.calc},m=function(){f.main=c;f.secondary=b;var d=g(f);a.css({width:d.calc,height:d.main});e.width=d.calc;e.height=d.main};e.width>b?l():e.height>c&&(h.info("height"),
+m());return e},I=function(){return $.extend({log:h,config:function(){return a},appTheme:function(){return e},appActions:function(){return g},appTriggers:function(){return c},appRequests:function(){return m},evalAction:G,resizeImage:H},r)},J=function(){return{actions:function(){return g},triggers:function(){return c},theme:function(){return e},sk:v,msg:l,log:h,passToClip:0,passwordData:f,outputResult:w,checkboxDetect:D,checkPassLevel:C,encryptFormValue:t,fileUpload:B,redirect:u,scrollUp:A,setContentSize:z}};
+(function(){h.info("init");r=J();q=I();c=sysPass.Triggers(q);g=sysPass.Actions(q);m=sysPass.Requests(q);y(function(){""!==a.PK&&F();"function"===typeof sysPass.Theme&&(e=sysPass.Theme(q));!0===a.CHECK_UPDATES&&g.main.getUpdates();E();x()})})();return r};