harden security, reset input fields

7 years ago · 5388446978
6 changed files with 106 additions and 37 deletions
--- a/react/src/components/dashboard/importKeyModal/importKeyModal.js
+++ b/react/src/components/dashboard/importKeyModal/importKeyModal.js
@ -187,6 +187,19 @@ class ImportKeyModal extends React.Component {
        );
      }
    });
+
+    this.state({
+      passphraseWif: null,
+      passphraseAddress: null,
+      wifkeysPassphrase: null,
+      wifkeysPassphraseTextarea: null,
+      importWithRescan: this.state.importWithRescan ? false : this.state.importWithRescan,
+    });
+
+    // reset input vals
+    this.refs.wif
+    this.refs.wifkeysPassphrase.value = '';
+    this.refs.wifkeysPassphraseTextarea.value = '';
  }

  generateKeysFromPassphrase() {
--- a/react/src/components/dashboard/importKeyModal/importKeyModal.render.js
+++ b/react/src/components/dashboard/importKeyModal/importKeyModal.render.js
@ -26,23 +26,25 @@ export const ImportKeyModalRender = function() {
                  <strong>{ translate('IMPORT_KEY.NOTICE') }:</strong> { translate('IMPORT_KEY.NOTICE_DESC') }.&nbsp;
                  <span className={ this.props.ActiveCoin.coin === 'KMD' ? '' : 'hide' }>{ translate('IMPORT_KEY.KMD_RESCAN_WARNING_TIME') }.</span>
                </p>
-                <form
+                <div
                  className="wifkeys-form"
-                  method="post"
-                  action="javascript:"
                  autoComplete="off">
                  <div className="form-group form-material floating">
                    <input
+                      autoComplete="off"
                      type="password"
                      className={ !this.state.seedInputVisibility ? 'form-control' : 'hide' }
                      name="wifkeysPassphrase"
                      id="wifkeysPassphrase"
+                      ref="wifkeysPassphrase"
                      onChange={ this.updateInput }
                      value={ this.state.wifkeysPassphrase } />
                    <textarea
+                      autoComplete="off"
                      className={ this.state.seedInputVisibility ? 'form-control' : 'hide' }
                      id="wifkeysPassphraseTextarea"
                      name="wifkeysPassphrase"
+                      ref="wifkeysPassphraseTextarea"
                      onChange={ this.updateInput }
                      value={ this.state.wifkeysPassphrase }></textarea>
                    <i
@ -62,7 +64,7 @@ export const ImportKeyModalRender = function() {
                      className="btn btn-primary waves-effect waves-light"
                      onClick={ this.showPassphraseAddress }>{ translate('IMPORT_KEY.SHOW_ADDRESS_AND_WIF') }</button>
                  </div>
-                </form>
+                </div>
                { this.state.passphraseAddress &&
                  this.state.passphraseWif &&
                  <div className="margin-top-60">
@ -118,6 +120,7 @@ export const ImportKeyModalRender = function() {
                    type="text"
                    className="form-control"
                    name="wif"
+                    ref="wif"
                    onChange={ this.updateInput }
                    value={ this.state.wif } />
                </div>
--- a/react/src/components/dashboard/settings/settings.exportKeysPanel.js
+++ b/react/src/components/dashboard/settings/settings.exportKeysPanel.js
@ -28,7 +28,12 @@ class ExportKeysPanel extends React.Component {
        props.Dashboard.activeSection !== 'settings') {
      this.setState(Object.assign({}, this.state, {
        keys: null,
+        wifkeysPassphrase: '',
      }));
+
+      // reset input vals
+      this.refs.wifkeysPassphrase.value = '';
+      this.refs.wifkeysPassphraseTextarea.value = '';
    }
  }

@ -46,8 +51,12 @@ class ExportKeysPanel extends React.Component {
      } else {
        this.setState(Object.assign({}, this.state, {
          keys: keys.result,
+          wifkeysPassphrase: '',
        }));
-        console.warn(keys);
+
+        // reset input vals
+        this.refs.wifkeysPassphrase.value = '';
+        this.refs.wifkeysPassphraseTextarea.value = '';
      }
    })
  }
@ -162,22 +171,24 @@ class ExportKeysPanel extends React.Component {
        </div>
        <div className="row">
          <div className="col-sm-12">
-            <form
+            <div
              className="wifkeys-form"
-              method="post"
-              action="javascript:"
              autoComplete="off">
              <div className="form-group form-material floating">
                <input
                  type="password"
                  className={ !this.state.seedInputVisibility ? 'form-control' : 'hide' }
+                  autoComplete="off"
                  name="wifkeysPassphrase"
+                  ref="wifkeysPassphrase"
                  id="wifkeysPassphrase"
                  onChange={ this.updateInput }
                  value={ this.state.wifkeysPassphrase } />
                <textarea
                  className={ this.state.seedInputVisibility ? 'form-control' : 'hide' }
+                  autoComplete="off"
                  id="wifkeysPassphraseTextarea"
+                  ref="wifkeysPassphraseTextarea"
                  name="wifkeysPassphrase"
                  onChange={ this.updateInput }
                  value={ this.state.wifkeysPassphrase }></textarea>
@ -191,25 +202,27 @@ class ExportKeysPanel extends React.Component {
              <div className="col-sm-12 col-xs-12 text-align-center">
                <button
                  type="button"
-                  className="btn btn-primary waves-effect waves-light"
+                  className="btn btn-primary waves-effect waves-light margin-bottom-5"
                  onClick={ this.exportWifKeys }>{ translate('INDEX.GET_WIF_KEYS') }</button>
              </div>
-            </form>
+            </div>
          </div>
        </div>
        { this.state.keys &&
          <div className="row">
            <div className="col-sm-12 padding-top-15">
-              <table className="table">
-                <tr key={ `wif-export-table-header-pub` }>
-                  <td className="padding-bottom-20 padding-top-20">
-                    <strong>{ translate('SETTINGS.ADDRESS_LIST') }</strong>
-                  </td>
-                  <td className="padding-bottom-20 padding-top-20">
-                    <strong>{ translate('SETTINGS.WIF_KEY_LIST') }</strong>
-                  </td>
-                </tr>
-                { this.renderWifKeys() }
+              <table className="table no-borders">
+                <tbody>
+                  <tr key={ `wif-export-table-header-pub` }>
+                    <td className="padding-bottom-20 padding-top-20">
+                      <strong>{ translate('SETTINGS.ADDRESS_LIST') }</strong>
+                    </td>
+                    <td className="padding-bottom-20 padding-top-20">
+                      <strong>{ translate('SETTINGS.WIF_KEY_LIST') }</strong>
+                    </td>
+                  </tr>
+                  { this.renderWifKeys() }
+                </tbody>
              </table>
            </div>
          </div>
--- a/react/src/components/login/login.js
+++ b/react/src/components/login/login.js
@ -8,7 +8,8 @@ import {
  startInterval,
  getDexCoins,
  triggerToaster,
-  toggleLoginSettingsModal
+  toggleLoginSettingsModal,
+  stopInterval,
 } from '../../actions/actionCreators';
 import Config from '../../config';
 import Store from '../../store';
@ -197,6 +198,7 @@ class Login extends React.Component {
    if (props.Login.pinList === 'no pins') {
      props.Login.pinList = [];
    }
+
    if (props &&
        props.Main &&
        props.Main.isLoggedIn) {
@ -215,21 +217,48 @@ class Login extends React.Component {
    if (props &&
        props.Main &&
        !props.Main.isLoggedIn) {
+      document.body.className = 'page-login layout-full page-dark';
+
+      if (props.Interval &&
+          props.Interval.interval &&
+          props.Interval.interval.sync) {
+        Store.dispatch(
+          stopInterval(
+            'sync',
+            props.Interval.interval
+          )
+        );
+      }
+
      this.setState({
        display: true,
        activeLoginSection: this.state.activeLoginSection !== 'signup' ? 'login' : 'signup',
      });
+    }

+    if (props.Main &&
+        props.Main.total === 0) {
      document.body.className = 'page-login layout-full page-dark';
+
+      if (props.Interval &&
+          props.Interval.interval &&
+          props.Interval.interval.sync) {
+        Store.dispatch(
+          stopInterval(
+            'sync',
+            props.Interval.interval
+          )
+        );
+      }
    }

    if (this.state.activeLoginSection !== 'signup' &&
        props &&
        props.Main &&
        props.Main.isLoggedIn) {
-        this.setState({
-          activeLoginSection: 'activateCoin',
-        });
+      this.setState({
+        activeLoginSection: 'activateCoin',
+      });
    }
  }

@ -286,12 +315,6 @@ class Login extends React.Component {
  }

  loginSeed() {
-    // reset the login pass phrase values so that when the user logs out, the values are clear
-    this.setState({
-      loginPassphrase: null,
-      loginPassPhraseSeedType: null,
-    });
-
    if (this.state.shouldEncryptSeed) {
      Store.dispatch(encryptPassphrase(this.state.loginPassphrase, this.state.encryptKey, this.state.pubKey));
    }
@ -306,6 +329,16 @@ class Login extends React.Component {
        shepherdElectrumCoins()
      );
    }
+
+    // reset the login pass phrase values so that when the user logs out, the values are clear
+    this.setState({
+      loginPassphrase: '',
+      loginPassPhraseSeedType: null,
+    });
+
+    // reset login input vals
+    this.refs.loginPassphrase.value = '';
+    this.refs.loginPassphraseEdit.value = '';
  }

  loadPinList() {
@ -362,13 +395,6 @@ class Login extends React.Component {
  }

  execWalletCreate() {
-    /*Store.dispatch(
-      createNewWallet(
-        this.state.randomSeedConfirm,
-        this.props.Dashboard.activeHandle
-      )
-    );*/
-
    Store.dispatch(
      shepherdElectrumAuth(this.state.randomSeedConfirm)
    );
--- a/react/src/components/login/login.render.js
+++ b/react/src/components/login/login.render.js
@ -55,13 +55,17 @@ const LoginRender = function () {
                type="password"
                className={ !this.state.seedInputVisibility ? 'form-control' : 'hide' }
                name="loginPassphrase"
+                ref="loginPassphraseEdit"
                onChange={ this.updateLoginPassPhraseInput }
                onKeyDown={ (event) => this.handleKeydown(event) }
+                autoComplete="off"
                value={ this.state.loginPassphrase || '' } />
              <textarea
                className={ this.state.seedInputVisibility ? 'form-control' : 'hide' }
                id="loginPassphrase"
+                ref="loginPassphrase"
                name="loginPassphrase"
+                autoComplete="off"
                onChange={ this.updateLoginPassPhraseInput }
                onKeyDown={ (event) => this.handleKeydown(event) }
                value={ this.state.loginPassphrase || '' }></textarea>
--- a/react/src/components/overrides.scss
+++ b/react/src/components/overrides.scss
@ -511,4 +511,14 @@ select{
 .coind-remove-icon {
  transform: rotate(45deg);
  top: 45px;
+}
+
+.coind-remove-icon-spv {
+  top: 19px;
+}
+
+.no-borders {
+  tbody > tr > td {
+    border: none;
+  }
 }