add password challenge

2018-08-26 23:43:06 +02:00 · 2018-08-26 23:43:06 +02:00 · 3e9b76fb66
commit 3e9b76fb66
parent a418c4e86c
2 changed files with 14 additions and 11 deletions
--- a/routes/index.js
+++ b/routes/index.js
@ -1,6 +1,5 @@
 const express = require('express')
 const router = express.Router()
-
 const { fromTor, fromVpn, checkCountry } = require('./utils')

 // magic
@ -18,6 +17,10 @@ router.get('/metadata', render('metadata'))
 // level IV (mail -> vpn)
 router.get('/mail', render('mail'))

+router.get('/password', render('password'))
+
+router.get('/fingerprint', render('fingerprint'))
+
 // level V (vpn -> read mail)
 router.get('/vpn', fromTor, fromVpn, checkCountry, (req, res, next) => {
  if (!req.fromTor && req.fromVpn) {
@ -27,6 +30,5 @@ router.get('/vpn', fromTor, fromVpn, checkCountry, (req, res, next) => {
  }
 })

-router.get('/password', render('password'))

 module.exports = router
--- a/views/password.pug
+++ b/views/password.pug
@ -9,13 +9,14 @@ block content
  li Tr0ub4dour&3
  br
  #app(v-cloak)
-    input(
-      type='password',
-      v-model='password', 
-      @input='checkStrength'
-      :class="['score' + estimationScore]"
-    )
-    button(:disabled="estimationScore!==4") ➜
+    form(action='/vpn')
+      input(
+        type='password',
+        v-model='password', 
+        @input='checkStrength'
+        :class="['score' + estimationScore]"
+      )
+      button(:disabled="estimationScore!==4") ➜
    p(v-if='password.length>2').
      Questa password è {{score[estimationScore]}}, dopo un sequestro uno bravo
      ci mette più o meno <b>{{slowCrackTime}}</b> a scoprirla,
@ -53,11 +54,11 @@ block content
      },
      methods: {
        checkStrength (e) {
-          var estimation = zxcvbn(this.password)
+          var estimation = zxcvbn(this.password, ['diocane', 'dioporco', 'porcodio', 'madonnacane'])
          this.estimationScore = estimation.score;
          this.slowCrackTime = moment.duration(estimation.crack_times_seconds.offline_slow_hashing_1e4_per_second, 'seconds').humanize();
          this.fastCrackTime = moment.duration(estimation.crack_times_seconds.offline_fast_hashing_1e10_per_second, 'seconds').humanize();
          this.sequence = estimation.sequence;
-        }
+        },
      }
    })