From 3e9b76fb660d8f5f0ef9aa0d90d2621a25c99545 Mon Sep 17 00:00:00 2001 From: lesion Date: Sun, 26 Aug 2018 23:43:06 +0200 Subject: [PATCH] add password challenge --- routes/index.js | 6 ++++-- views/password.pug | 19 ++++++++++--------- 2 files changed, 14 insertions(+), 11 deletions(-) diff --git a/routes/index.js b/routes/index.js index 4bc8a04..3eb2a44 100644 --- a/routes/index.js +++ b/routes/index.js @@ -1,6 +1,5 @@ const express = require('express') const router = express.Router() - const { fromTor, fromVpn, checkCountry } = require('./utils') // magic @@ -18,6 +17,10 @@ router.get('/metadata', render('metadata')) // level IV (mail -> vpn) router.get('/mail', render('mail')) +router.get('/password', render('password')) + +router.get('/fingerprint', render('fingerprint')) + // level V (vpn -> read mail) router.get('/vpn', fromTor, fromVpn, checkCountry, (req, res, next) => { if (!req.fromTor && req.fromVpn) { @@ -27,6 +30,5 @@ router.get('/vpn', fromTor, fromVpn, checkCountry, (req, res, next) => { } }) -router.get('/password', render('password')) module.exports = router diff --git a/views/password.pug b/views/password.pug index c8f389f..eaa89ba 100644 --- a/views/password.pug +++ b/views/password.pug @@ -9,13 +9,14 @@ block content li Tr0ub4dour&3 br #app(v-cloak) - input( - type='password', - v-model='password', - @input='checkStrength' - :class="['score' + estimationScore]" - ) - button(:disabled="estimationScore!==4") ➜ + form(action='/vpn') + input( + type='password', + v-model='password', + @input='checkStrength' + :class="['score' + estimationScore]" + ) + button(:disabled="estimationScore!==4") ➜ p(v-if='password.length>2'). Questa password è {{score[estimationScore]}}, dopo un sequestro uno bravo ci mette più o meno {{slowCrackTime}} a scoprirla, @@ -53,11 +54,11 @@ block content }, methods: { checkStrength (e) { - var estimation = zxcvbn(this.password) + var estimation = zxcvbn(this.password, ['diocane', 'dioporco', 'porcodio', 'madonnacane']) this.estimationScore = estimation.score; this.slowCrackTime = moment.duration(estimation.crack_times_seconds.offline_slow_hashing_1e4_per_second, 'seconds').humanize(); this.fastCrackTime = moment.duration(estimation.crack_times_seconds.offline_fast_hashing_1e10_per_second, 'seconds').humanize(); this.sequence = estimation.sequence; - } + }, } }) \ No newline at end of file