diff --git a/routes/api/all.js b/routes/api/all.js index 8fb0325..6f4e205 100644 --- a/routes/api/all.js +++ b/routes/api/all.js @@ -29,8 +29,6 @@ module.exports = { values[1] = SHA.SHA256(values[1],values[0],HASHES_DIFF) res.locals.bio = "" res.locals.avatar = "" - res.locals.publicKey = "" - res.locals.privateKey = "" res.locals.settings = {} con.query(sql, values, function (err, result) { if (err) throw err; @@ -38,8 +36,6 @@ module.exports = { res.locals.username = values[0]; res.locals.bio = result[0].User_Bio || "" res.locals.avatar = result[0].User_Avatar || "" - res.locals.publicKey = result[0].User_PublicKey || "" - res.locals.privateKey = result[0].User_PrivateKey || "" res.locals.settings = JSON.parse(result[0].User_Settings) if(res.locals.settings == "null")res.locals.settings = {} if(res.locals.settings == null)res.locals.settings = {} diff --git a/server.js b/server.js index 5ad9528..a784d79 100644 --- a/server.js +++ b/server.js @@ -894,31 +894,14 @@ router.post("/register",async function(req,res) { let setTo = username + " " + SHA.SHA256(password,username,HASHES_COOKIE) let cookiesigned = signature.sign(setTo, cookiesecret+ip); ip = SHA.SHA256(ip,setTo,HASHES_DB) - const { - publicKey, - privateKey, - } = crypto.generateKeyPairSync('rsa', { - modulusLength: 4096, - publicKeyEncoding: { - type: 'spki', - format: 'pem' - }, - privateKeyEncoding: { - type: 'pkcs8', - format: 'pem', - cipher: 'aes-256-cbc', - passphrase: password - } - }); const default_settings = {} - let values = [encodeURIComponent(username),hashed_pw, Date.now(), ip, ip, publicKey.toString(), privateKey.toString(),JSON.stringify(default_settings)] - let sql = `INSERT INTO ipost.users (User_Name, User_PW, User_CreationStamp, User_CreationIP, User_LastIP, User_PublicKey, User_PrivateKey, User_Settings) VALUES (?, ?, ?, ?, ?, ?, ?, ?);` + let values = [encodeURIComponent(username),hashed_pw, Date.now(), ip, ip,JSON.stringify(default_settings)] + let sql = `INSERT INTO ipost.users (User_Name, User_PW, User_CreationStamp, User_CreationIP, User_LastIP, User_Settings) VALUES (?, ?, ?, ?, ?, ?, ?, ?);` con.query(sql, values, function (err, result) { if (err) throw err; res.cookie('AUTH_COOKIE',cookiesigned, { maxAge: Math.pow(10,10), httpOnly: true, secure: DID_I_FINALLY_ADD_HTTPS }); - res.cookie("priv_key",privateKey.toString(), { maxAge: Math.pow(10,10), httpOnly: false, secure: DID_I_FINALLY_ADD_HTTPS }) //only meant to be used as temporary storage, moved to localStorage on user page res.redirect("/user?success=true") }); }) @@ -981,31 +964,6 @@ router.post("/login",async function(req,res) { res.cookie('AUTH_COOKIE',cookiesigned, { maxAge: Math.pow(10,10), httpOnly: true, secure: DID_I_FINALLY_ADD_HTTPS }); ip = SHA.SHA256(ip,setTo,HASHES_DB) - if(result[0].User_PublicKey == null) { - const { - publicKey, - privateKey, - } = crypto.generateKeyPairSync('rsa', { - modulusLength: 4096, - publicKeyEncoding: { - type: 'spki', - format: 'pem' - }, - privateKeyEncoding: { - type: 'pkcs8', - format: 'pem', - cipher: 'aes-256-cbc', - passphrase: password - } - }); - res.cookie("priv_key",privateKey.toString(), { maxAge: Math.pow(10,10), httpOnly: false, secure: DID_I_FINALLY_ADD_HTTPS }) //only meant to be used as temporary storage, moved to localStorage on user page - let sql = `update ipost.users set User_PublicKey=?,User_PrivateKey=? where User_Name = ?;` - con.query(sql,[publicKey.toString(),privateKey.toString(),encodeURIComponent(username)],function(error,result) { - if(error)throw error - }) - } else { - res.cookie("priv_key",result[0].User_PrivateKey, { maxAge: Math.pow(10,10), httpOnly: false, secure: DID_I_FINALLY_ADD_HTTPS }) //only meant to be used as temporary storage, moved to localStorage on user page - } if(result[0].User_LastIP != ip) { let sql = `update ipost.users set User_LastIP = ? where User_Name = ?;` con.query(sql,[ip,encodeURIComponent(username)],function(error,result) {