utf8 passwords

2026-06-28 15:06:06 +00:00 · 2022-03-31 18:57:15 +03:00
parent 65ca47b878
commit 23d78e1e46
8 changed files with 28 additions and 22 deletions
--- a/application/Espo/Resources/metadata/app/jsLibs.json
+++ b/application/Espo/Resources/metadata/app/jsLibs.json
@@ -5,6 +5,10 @@
        "exportsTo": "window",
        "exportsAs": "Flotr"
    },
+    "Base64": {
+        "exportsTo": "window",
+        "exportsAs": "Base64"
+    },
    "espo-funnel-chart": {
        "path": "client/lib/espo-funnel-chart.js",
        "devPath": "node_modules/espo-funnel-chart/build/espo-funnel-chart.js",
--- a/client/src/app.js
+++ b/client/src/app.js
@@ -625,7 +625,7 @@ define(
                let userName = data.auth.userName;
                let token = data.auth.token;

-                this.auth = base64.encode(userName  + ':' + token);
+                this.auth = Base64.encode(userName  + ':' + token);

                let lastUserId = this.storage.get('user', 'lastUserId');

@@ -647,7 +647,7 @@ define(

        logout: function () {
            if (this.auth) {
-                let arr = base64.decode(this.auth).split(':');
+                let arr = Base64.decode(this.auth).split(':');

                if (arr.length > 1) {
                    Ajax.postRequest('App/action/destroyAuthToken', {
@@ -682,7 +682,7 @@ define(
            xhr = new XMLHttpRequest;

            xhr.open('GET', this.basePath + this.apiUrl + '/');
-            xhr.setRequestHeader('Authorization', 'Basic ' + base64.encode('**logout:logout'));
+            xhr.setRequestHeader('Authorization', 'Basic ' + Base64.encode('**logout:logout'));
            xhr.send('');
            xhr.abort();

@@ -770,7 +770,7 @@ define(
                xhr.onreadystatechange = () => {
                    if (xhr.readyState === XMLHttpRequest.DONE && xhr.status === 200) {

-                        let arr = base64.decode(this.auth).split(':');
+                        let arr = Base64.decode(this.auth).split(':');

                        this.setCookieAuth(arr[0], arr[1]);

--- a/client/src/views/login-second-step.js
+++ b/client/src/views/login-second-step.js
@@ -71,7 +71,7 @@ define('views/login-second-step', 'view', function (Dep) {

            var $submit = this.$el.find('#btn-send');

-            if (code == '') {
+            if (code === '') {
                this.isPopoverDestroyed = false;

                var $el = $("#field-code");
@@ -108,12 +108,14 @@ define('views/login-second-step', 'view', function (Dep) {

            Espo.Ui.notify(this.translate('pleaseWait', 'messages'));

+            let authString = Base64.encode(userName  + ':' + password);
+
            Espo.Ajax
                .getRequest('App/user', {code: code}, {
                    login: true,
                    headers: {
-                        'Authorization': 'Basic ' + base64.encode(userName  + ':' + password),
-                        'Espo-Authorization': base64.encode(userName + ':' + password),
+                        'Authorization': 'Basic ' + authString,
+                        'Espo-Authorization': authString,
                        'Espo-Authorization-Code': code,
                        'Espo-Authorization-Create-Token-Secret': true,
                    },
--- a/client/src/views/login.js
+++ b/client/src/views/login.js
@@ -123,7 +123,7 @@ define('views/login', 'view', function (Dep) {
            Espo.Ui.notify(this.translate('pleaseWait', 'messages'));

            try {
-                var authString = base64.encode(userName  + ':' + password);
+                var authString = Base64.encode(userName  + ':' + password);
            }
            catch (e) {
                Espo.Ui.error(this.translate('Error') + ': ' + e.message, true);
--- a/client/src/web-socket-manager.js
+++ b/client/src/web-socket-manager.js
@@ -81,7 +81,7 @@ define('web-socket-manager', [], function () {
    _.extend(WebSocketManager.prototype, {

        connect: function (auth, userId) {
-            let authArray = base64.decode(auth).split(':');
+            let authArray = Base64.decode(auth).split(':');

            let authToken = authArray[1];

--- a/frontend/libs.json
+++ b/frontend/libs.json
@@ -24,7 +24,7 @@
        "bundle": true
    },
    {
-        "src": "node_modules/base-64/base64.js",
+        "src": "node_modules/js-base64/base64.js",
        "bundle": true
    },
    {
--- a/package-lock.json
+++ b/package-lock.json
@@ -12,7 +12,6 @@
        "ace-builds": "^1.4.12",
        "autobahn-espo": "github:yurikuzn/autobahn-espo#0.1.0",
        "backbone": "^1.3.3",
-        "base-64": "^1.0.0",
        "bootstrap": "^3.4.1",
        "bootstrap-colorpicker": "^2.5.2",
        "bootstrap-datepicker": "^1.9.0",
@@ -33,6 +32,7 @@
        "jquery-textcomplete": "^1.8.5",
        "jquery-ui-espo": "github:yurikuzn/jquery-ui-espo#0.2.0",
        "jquery-ui-touch-punch": "^0.2.3",
+        "js-base64": "^3.7.2",
        "jsbarcode": "^3.11.4",
        "marked": "^4.0.10",
        "moment": "^2.24.0",
@@ -703,11 +703,6 @@
      "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz",
      "integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c="
    },
-    "node_modules/base-64": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/base-64/-/base-64-1.0.0.tgz",
-      "integrity": "sha512-kwDPIFCGx0NZHog36dj+tHiwP4QMzsZ3AgMViUBKI0+V5n4U0ufTCUMhnQ04diaRI8EX/QcPfql7zlhZ7j4zgg=="
-    },
    "node_modules/base64-js": {
      "version": "1.5.1",
      "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz",
@@ -2529,6 +2524,11 @@
      "resolved": "https://registry.npmjs.org/jquery-ui-touch-punch/-/jquery-ui-touch-punch-0.2.3.tgz",
      "integrity": "sha1-7tgiQnM7okP0az6HwYQbMIGR2mg="
    },
+    "node_modules/js-base64": {
+      "version": "3.7.2",
+      "resolved": "https://registry.npmjs.org/js-base64/-/js-base64-3.7.2.tgz",
+      "integrity": "sha512-NnRs6dsyqUXejqk/yv2aiXlAvOs56sLkX6nUdeaNezI5LFFLlsZjOThmwnrcwh5ZZRwZlCMnVAY3CvhIhoVEKQ=="
+    },
    "node_modules/js-tokens": {
      "version": "4.0.0",
      "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz",
@@ -4324,11 +4324,6 @@
      "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz",
      "integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c="
    },
-    "base-64": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/base-64/-/base-64-1.0.0.tgz",
-      "integrity": "sha512-kwDPIFCGx0NZHog36dj+tHiwP4QMzsZ3AgMViUBKI0+V5n4U0ufTCUMhnQ04diaRI8EX/QcPfql7zlhZ7j4zgg=="
-    },
    "base64-js": {
      "version": "1.5.1",
      "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz",
@@ -5696,6 +5691,11 @@
      "resolved": "https://registry.npmjs.org/jquery-ui-touch-punch/-/jquery-ui-touch-punch-0.2.3.tgz",
      "integrity": "sha1-7tgiQnM7okP0az6HwYQbMIGR2mg="
    },
+    "js-base64": {
+      "version": "3.7.2",
+      "resolved": "https://registry.npmjs.org/js-base64/-/js-base64-3.7.2.tgz",
+      "integrity": "sha512-NnRs6dsyqUXejqk/yv2aiXlAvOs56sLkX6nUdeaNezI5LFFLlsZjOThmwnrcwh5ZZRwZlCMnVAY3CvhIhoVEKQ=="
+    },
    "js-tokens": {
      "version": "4.0.0",
      "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz",
--- a/package.json
+++ b/package.json
@@ -34,7 +34,6 @@
    "ace-builds": "^1.4.12",
    "autobahn-espo": "github:yurikuzn/autobahn-espo#0.1.0",
    "backbone": "^1.3.3",
-    "base-64": "^1.0.0",
    "bootstrap": "^3.4.1",
    "bootstrap-colorpicker": "^2.5.2",
    "bootstrap-datepicker": "^1.9.0",
@@ -55,6 +54,7 @@
    "jquery-textcomplete": "^1.8.5",
    "jquery-ui-espo": "github:yurikuzn/jquery-ui-espo#0.2.0",
    "jquery-ui-touch-punch": "^0.2.3",
+    "js-base64": "^3.7.2",
    "jsbarcode": "^3.11.4",
    "marked": "^4.0.10",
    "moment": "^2.24.0",