Route lock default password (#700)

Route lock on default password

angular/index.html

@@ -13,6 +13,6 @@
 <style>@font-face{font-family:Roboto;src:url(Roboto-Thin.dbd56bd3357dc3617fe5.woff2) format("woff2"),url(Roboto-Thin.e7f7c82374bd0ebef14b.woff) format("woff");font-weight:100;font-style:normal;}@font-face{font-family:Roboto;src:url(Roboto-ThinItalic.a8cef84f735ef887abdc.woff2) format("woff2"),url(Roboto-ThinItalic.5dd9349c940073834e9a.woff) format("woff");font-weight:100;font-style:italic;}@font-face{font-family:Roboto;src:url(Roboto-Light.c27d89ac77468ae18f28.woff2) format("woff2"),url(Roboto-Light.d923dfafc0c5183b59aa.woff) format("woff");font-weight:300;font-style:normal;}@font-face{font-family:Roboto;src:url(Roboto-LightItalic.506274c7228cf81cae4d.woff2) format("woff2"),url(Roboto-LightItalic.d4b8c137518d9d92bb28.woff) format("woff");font-weight:300;font-style:italic;}@font-face{font-family:Roboto;src:url(Roboto-Regular.64cfb66c866ea50cad47.woff2) format("woff2"),url(Roboto-Regular.e02e9d6ff5547f7e9962.woff) format("woff");font-weight:400;font-style:normal;}@font-face{font-family:Roboto;src:url(Roboto-RegularItalic.4dd2af1e8df532f41db8.woff2) format("woff2"),url(Roboto-RegularItalic.5ea38fff9eebef99c5df.woff) format("woff");font-weight:400;font-style:italic;}@font-face{font-family:Roboto;src:url(Roboto-Medium.1d3bced88509b0838984.woff2) format("woff2"),url(Roboto-Medium.092c6130df8fd2199888.woff) format("woff");font-weight:500;font-style:normal;}@font-face{font-family:Roboto;src:url(Roboto-MediumItalic.d620b8f53f75966fe42e.woff2) format("woff2"),url(Roboto-MediumItalic.18ff1628c628080166c1.woff) format("woff");font-weight:500;font-style:italic;}@font-face{font-family:Roboto;src:url(Roboto-Bold.92fbd4e93cf0a5dbebaa.woff2) format("woff2"),url(Roboto-Bold.73288d91c325e82a5b92.woff) format("woff");font-weight:700;font-style:normal;}@font-face{font-family:Roboto;src:url(Roboto-BoldItalic.5f600d98a73d800ae575.woff2) format("woff2"),url(Roboto-BoldItalic.6d89acbd21d7e3fbecb2.woff) format("woff");font-weight:700;font-style:italic;}@font-face{font-family:Roboto;src:url(Roboto-Black.41ed1105a6ebb8ffe34e.woff2) format("woff2"),url(Roboto-Black.937491dfcbe64ca9a9f1.woff) format("woff");font-weight:900;font-style:normal;}@font-face{font-family:Roboto;src:url(Roboto-BlackItalic.50ca4c51ebc27e7e7d2f.woff2) format("woff2"),url(Roboto-BlackItalic.2e1ee657996854c6f427.woff) format("woff");font-weight:900;font-style:italic;}html{width:100%;height:99%;line-height:1.5;overflow-x:hidden;font-family:Roboto,sans-serif!important;font-size:62.5%;}body{box-sizing:border-box;margin:0;}body{height:100%;overflow:hidden;}*{margin:0;padding:0;}</style><link rel="stylesheet" href="styles.3746732b097bd500162f.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.3746732b097bd500162f.css"></noscript></head>
 <body>
   <rtl-app></rtl-app>
-<script src="runtime.cce8d677d0457c3f742e.js" defer></script><script src="polyfills.99f4d82f067fba7525c4.js" defer></script><script src="main.ea8467faf9a7262e7e9a.js" defer></script>
+<script src="runtime.cce8d677d0457c3f742e.js" defer></script><script src="polyfills.99f4d82f067fba7525c4.js" defer></script><script src="main.1c71cb71a16316c1da05.js" defer></script>
 
 </body></html>

package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "rtl",
-  "version": "0.11.0-beta-rc2",
+  "version": "0.11.0-beta-rc3",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "rtl",
-  "version": "0.11.0-beta-rc2",
+  "version": "0.11.0-beta-rc3",
   "license": "MIT",
   "scripts": {
     "ng": "ng",
@@ -9,7 +9,7 @@
     "build": "ng analytics off && ng lint && ng build --configuration production",
     "devbuild": "ng build --configuration production",
     "serve": "ng serve",
-    "server": "nodemon ./rtl.js",
+    "server": "set NODE_ENV=development&&nodemon ./rtl.js",
     "test": "ng test",
     "lint": "ng lint",
     "e2e": "ng e2e",

routes/app.js

@@ -70,8 +70,8 @@ app.use((req, res, next) => {
     "Access-Control-Allow-Methods",
     "GET, POST, PATCH, PUT, DELETE, OPTIONS"
   );
-  if (req.headers.origin === 'http://localhost:4200') { 
-  	res.setHeader("Access-Control-Allow-Origin", "http://localhost:4200");
+  if (process.env.NODE_ENV == 'development') { 
+  	res.setHeader("Access-Control-Allow-Origin", req.headers.origin);
     return next(); 
   }
   csrfProtection(req, res, next);

routes/connect.js

@@ -84,7 +84,7 @@ connect.normalizePort = val => {
 };
 
 connect.replacePasswordWithHash = (multiPassHashed) => {
-  common.rtl_conf_file_path = process.env.RTL_CONFIG_PATH ? process.env.RTL_CONFIG_PATH : path.normalize(__dirname + '..');
+  common.rtl_conf_file_path = process.env.RTL_CONFIG_PATH ? process.env.RTL_CONFIG_PATH : path.join(__dirname, '..');
   try {
     RTLConfFile = common.rtl_conf_file_path +  common.path_separator + 'RTL-Config.json';
     var config = JSON.parse(fs.readFileSync(RTLConfFile, 'utf-8'));
@@ -551,7 +551,7 @@ connect.upgradeConfig = (confFileFullPath) => {
 
 connect.setServerConfiguration = () => {
   try {
-    common.rtl_conf_file_path = (process.env.RTL_CONFIG_PATH) ? process.env.RTL_CONFIG_PATH : path.normalize(__dirname + '/..');
+    common.rtl_conf_file_path = (process.env.RTL_CONFIG_PATH) ? process.env.RTL_CONFIG_PATH : path.join(__dirname, '/..');
     confFileFullPath = common.rtl_conf_file_path +  common.path_separator + 'RTL-Config.json';
     if(!fs.existsSync(confFileFullPath)) {
       connect.upgradeConfig(confFileFullPath);

src/app/app.component.ts

@@ -81,7 +81,7 @@ export class AppComponent implements OnInit, AfterViewInit, OnDestroy {
       this.information = rtlStore.nodeData;
       this.flgLoading[0] = ( this.information.identity_pubkey) ? false : true;
       this.logger.info(this.settings);
-      if (!this.sessionService.getItem('token')) {
+      if (!this.sessionService.getItem('token') || !!this.sessionService.getItem('defaultPassword')) {
         this.flgLoggedIn = false;
         this.flgLoading[0] = false;
       } else {

src/app/clightning/store/cl.effects.ts

@@ -50,12 +50,14 @@ export class CLEffects implements OnDestroy {
     ofType(CLActions.FETCH_INFO_CL),
     withLatestFrom(this.store.select('root')),
     mergeMap(([action, store]: [CLActions.FetchInfo, fromRTLReducer.RootState]) => {
+      this.store.dispatch(new RTLActions.OpenSpinner('Getting Node Information...'));
       this.store.dispatch(new CLActions.ClearEffectError('FetchInfo'));
       return this.httpClient.get<GetInfo>(this.CHILD_API_URL + environment.GETINFO_API)
         .pipe(
           takeUntil(this.actions$.pipe(ofType(RTLActions.SET_SELECTED_NODE))),
           map((info) => {
             this.logger.info(info);
+            this.store.dispatch(new RTLActions.CloseSpinner());
             if (info.chains && info.chains.length && info.chains[0]
               && (typeof info.chains[0] === 'object' && info.chains[0].hasOwnProperty('chain') && info.chains[0].chain.toLowerCase().indexOf('bitcoin') < 0)
             ) {
@@ -77,6 +79,7 @@ export class CLEffects implements OnDestroy {
             }
           }),
           catchError((err) => {
+            this.store.dispatch(new RTLActions.CloseSpinner());
             const code = (err.error && err.error.error && err.error.error.message && err.error.error.message.code) ? err.error.error.message.code : (err.error && err.error.error && err.error.error.code) ? err.error.error.code : err.status ? err.status : '';
             const message = ((err.error && err.error.message) ? err.error.message + ' ' : '') + ((err.error && err.error.error && err.error.error.error && typeof err.error.error.error === 'string') ? err.error.error.error : (err.error && err.error.error && err.error.error.errno && typeof err.error.error.errno === 'string') ? err.error.error.errno : (err.error && err.error.error && typeof err.error.error === 'string') ? err.error.error : (err.error && typeof err.error === 'string') ? err.error : 'Unknown Error');
             this.router.navigate(['/error'], { state: { errorCode: code, errorMessage: message }});

src/app/eclair/store/ecl.effects.ts

@@ -48,12 +48,14 @@ export class ECLEffects implements OnDestroy {
     ofType(ECLActions.FETCH_INFO_ECL),
     withLatestFrom(this.store.select('root')),
     mergeMap(([action, store]: [ECLActions.FetchInfo, fromRTLReducer.RootState]) => {
+      this.store.dispatch(new RTLActions.OpenSpinner('Getting Node Information...'));
       this.store.dispatch(new ECLActions.ClearEffectError('FetchInfo'));
       return this.httpClient.get<GetInfo>(this.CHILD_API_URL + environment.GETINFO_API)
         .pipe(
           takeUntil(this.actions$.pipe(ofType(RTLActions.SET_SELECTED_NODE))),
           map((info) => {
             this.logger.info(info);
+            this.store.dispatch(new RTLActions.CloseSpinner());
             this.initializeRemainingData(info, action.payload.loadPage);
             return {
               type: ECLActions.SET_INFO_ECL,
@@ -61,6 +63,7 @@ export class ECLEffects implements OnDestroy {
             };
           }),
           catchError((err) => {
+            this.store.dispatch(new RTLActions.CloseSpinner());
             const code = (err.error && err.error.error && err.error.error.message && err.error.error.message.code) ? err.error.error.message.code : (err.error && err.error.error && err.error.error.code) ? err.error.error.code : err.status ? err.status : '';
             const message = ((err.error && err.error.message) ? err.error.message + ' ' : '') + ((err.error && err.error.error && err.error.error.error && typeof err.error.error.error === 'string') ? err.error.error.error : (err.error && err.error.error && err.error.error.errno && typeof err.error.error.errno === 'string') ? err.error.error.errno : (err.error && err.error.error && typeof err.error.error === 'string') ? err.error.error : (err.error && typeof err.error === 'string') ? err.error : 'Unknown Error');
             this.router.navigate(['/error'], { state: { errorCode: code, errorMessage: message }});

src/app/lnd/store/lnd.effects.ts

@@ -54,11 +54,13 @@ export class LNDEffects implements OnDestroy {
     ofType(LNDActions.FETCH_INFO_LND),
     withLatestFrom(this.store.select('root')),
     mergeMap(([action, store]: [LNDActions.FetchInfo, fromRTLReducer.RootState]) => {
+      this.store.dispatch(new RTLActions.OpenSpinner('Getting Node Information...'));
       this.store.dispatch(new LNDActions.ClearEffectError('FetchInfo'));
       return this.httpClient.get<GetInfo>(this.CHILD_API_URL + environment.GETINFO_API)
         .pipe(takeUntil(this.actions$.pipe(ofType(RTLActions.SET_SELECTED_NODE))),
           map((info) => {
             this.logger.info(info);
+            this.store.dispatch(new RTLActions.CloseSpinner());
             if (info.chains && info.chains.length && info.chains[0]
               && (
                 (typeof info.chains[0] === 'string' && info.chains[0].toLowerCase().indexOf('bitcoin') < 0)
@@ -90,6 +92,7 @@ export class LNDEffects implements OnDestroy {
             }
           }),
           catchError((err) => {
+            this.store.dispatch(new RTLActions.CloseSpinner());
             if ((typeof err.error.error === 'string' && err.error.error.includes('Not Found')) || err.status === 502) {
               this.sessionService.removeItem('lndUnlocked');
               this.logger.info('Redirecting to Unlock');

src/app/shared/components/navigation/side-navigation/side-navigation.component.ts

@@ -1,4 +1,4 @@
-import { Component, OnInit, OnDestroy, Output, EventEmitter, ViewChild, TemplateRef } from '@angular/core';
+import { Component, OnInit, OnDestroy, Output, EventEmitter, ViewChild } from '@angular/core';
 import { Subject } from 'rxjs';
 import { takeUntil, filter } from 'rxjs/operators';
 import { Store } from '@ngrx/store';
@@ -197,9 +197,6 @@ export class SideNavigationComponent implements OnInit, OnDestroy {
     this.store.dispatch(new RTLActions.OpenSpinner('Updating Selected Node...'));
     this.store.dispatch(new RTLActions.SetSelelectedNode({ lnNode: selNodeValue, isInitialSetup: false }));
     this.ChildNavClicked.emit('selectNode');
-    if(this.tree) {
-      // this.tree.renderNodeChanges(this.navMenus.data);
-    }
   }
 
   ngOnDestroy() {

src/app/shared/components/settings/auth-settings/auth-settings.component.ts

@@ -9,6 +9,7 @@ import * as sha256 from 'sha256';
 
 import { TwoFactorAuthComponent } from '../../data-modal/two-factor-auth/two-factor-auth.component';
 import { RTLConfiguration, ConfigSettingsNode } from '../../../models/RTLconfig';
+import { SessionService } from '../../../services/session.service';
 import { LoggerService } from '../../../services/logger.service';
 
 import * as fromRTLReducer from '../../../../store/rtl.reducers';
@@ -35,10 +36,10 @@ export class AuthSettingsComponent implements OnInit, OnDestroy {
   public selNode: ConfigSettingsNode;
   unSubs: Array<Subject<void>> = [new Subject(), new Subject(), new Subject()];
 
-  constructor(private store: Store<fromRTLReducer.RTLState>, private logger: LoggerService, private actions$: Actions, private router: Router) {}
+  constructor(private store: Store<fromRTLReducer.RTLState>, private logger: LoggerService, private actions$: Actions, private router: Router, private sessionService: SessionService) {}
 
   ngOnInit() {
-    this.initializeNodeData = !!history.state.initial;
+    this.initializeNodeData = !!this.sessionService.getItem('defaultPassword');
     this.store.select('root')
     .pipe(takeUntil(this.unSubs[1]))
     .subscribe((rtlStore) => {
@@ -49,7 +50,7 @@ export class AuthSettingsComponent implements OnInit, OnDestroy {
     this.actions$.pipe(takeUntil(this.unSubs[2]),
     filter((action) => action.type === RTLActions.RESET_PASSWORD_RES))
     .subscribe((action: (RTLActions.ResetPasswordRes)) => {
-      if (this.currPassword.toLowerCase() === 'password') {
+      if (this.currPassword.toLowerCase() === 'password') { // To redirect after password reset is done
         switch (this.selNode.lnImplementation.toUpperCase()) {
           case 'CLT':
             this.router.navigate(['/cl/home']);
@@ -65,7 +66,7 @@ export class AuthSettingsComponent implements OnInit, OnDestroy {
         }
       }
       this.form.resetForm();
-    });    
+    });
   }
 
   onChangePassword():boolean|void {
@@ -84,6 +85,10 @@ export class AuthSettingsComponent implements OnInit, OnDestroy {
         this.form.controls.newpassword.setErrors({invalid: true});
         this.errorMsg = 'Old and New password cannot be same.';
         invalid = true;
+      } else if (this.newPassword.toLowerCase() === 'password') {
+        this.form.controls.newpassword.setErrors({invalid: true});
+        this.errorMsg = 'Password cannot be "password".';
+        invalid = true;
       } else {
         this.form.controls.newpassword.setErrors(null);
         this.errorMsg = '';

src/app/shared/services/auth.guard.ts

@@ -1,4 +1,4 @@
-import { CanActivate } from '@angular/router';
+import { ActivatedRouteSnapshot, CanActivate, Router } from '@angular/router';
 import { Injectable } from '@angular/core';
 import { Observable } from 'rxjs';
 
@@ -6,11 +6,14 @@ import { SessionService } from './session.service';
 
 @Injectable()
 export class AuthGuard implements CanActivate {
-  constructor(private sessionService: SessionService) {}
+  constructor(private router: Router, private sessionService: SessionService) {}
 
-  canActivate(): boolean | Observable<boolean> | Promise<boolean> {
+  canActivate(route: ActivatedRouteSnapshot): boolean | Observable<boolean> | Promise<boolean> {
     if (!this.sessionService.getItem('token')) {
       return false;
+    } else if (route.url[0].path !== 'settings' && route.url[0].path !== 'auth' && !!this.sessionService.getItem('defaultPassword')) {
+      this.router.navigate(['/settings/auth']);
+      return false;
     } else {
       return true;
     }
@@ -35,7 +38,6 @@ export class CLUnlockedGuard implements CanActivate {
   constructor(private sessionService: SessionService) {}
 
   canActivate(): boolean | Observable<boolean> | Promise<boolean> {
-    return true;
     if (!this.sessionService.getItem('clUnlocked')) {
       return false;
     } else {
@@ -49,7 +51,6 @@ export class ECLUnlockedGuard implements CanActivate {
   constructor(private sessionService: SessionService) {}
 
   canActivate(): boolean | Observable<boolean> | Promise<boolean> {
-    return true;
     if (!this.sessionService.getItem('eclUnlocked')) {
       return false;
     } else {

src/app/shared/services/session.service.ts

@@ -22,4 +22,10 @@ export class SessionService {
     sessionStorage.removeItem(key);
     this.sessionSub.next(sessionStorage);
   }
+
+  clearAll() {
+    sessionStorage.clear();
+    this.sessionSub.next(sessionStorage);
+  }
+
 }

src/app/store/rtl.effects.ts

@@ -364,8 +364,9 @@ export class RTLEffects implements OnDestroy {
     this.SetToken(postRes.token);
     rootStore.selNode.settings.currencyUnits = [...CURRENCY_UNITS, rootStore.selNode.settings.currencyUnit];
     if (defaultPassword) {
+      this.sessionService.setItem('defaultPassword', 'true');
       this.store.dispatch(new RTLActions.OpenSnackBar('Reset your password.'));
-      this.router.navigate(['/settings/auth'], {state: { initial: true }});
+      this.router.navigate(['/settings/auth']);
     } else {
       this.store.dispatch(new RTLActions.SetSelelectedNode({lnNode: rootStore.selNode, isInitialSetup: true}));
     }
@@ -435,10 +436,7 @@ export class RTLEffects implements OnDestroy {
     } else {
       this.router.navigate(['./login']);
     }
-    this.sessionService.removeItem('eclUnlocked');
-    this.sessionService.removeItem('clUnlocked');
-    this.sessionService.removeItem('lndUnlocked');
-    this.sessionService.removeItem('token');
+    this.sessionService.clearAll();
     this.store.dispatch(new RTLActions.SetNodeData({}));
     this.logger.warn('LOGGED OUT');
     return of();
@@ -454,6 +452,7 @@ export class RTLEffects implements OnDestroy {
     return this.httpClient.post(environment.AUTHENTICATE_API + '/reset', {currPassword: action.payload.currPassword, newPassword: action.payload.newPassword})
     .pipe(map((postRes: any) => {
       this.logger.info(postRes);
+      this.sessionService.removeItem('defaultPassword');
       this.logger.info('Password Reset Successful!');
       this.store.dispatch(new RTLActions.OpenSnackBar('Password Reset Successful!'));
       this.SetToken(postRes.token);
@@ -531,6 +530,9 @@ export class RTLEffects implements OnDestroy {
     } else {
       selNode = { userPersona: node.settings.userPersona, channelBackupPath: node.settings.channelBackupPath, selCurrencyUnit: node.settings.currencyUnit, currencyUnits: CURRENCY_UNITS, fiatConversion: node.settings.fiatConversion, lnImplementation: node.lnImplementation, swapServerUrl: node.settings.swapServerUrl, boltzServerUrl: node.settings.boltzServerUrl };
     }
+    this.sessionService.removeItem('lndUnlocked');
+    this.sessionService.removeItem('clUnlocked');
+    this.sessionService.removeItem('eclUnlocked');
     this.store.dispatch(new RTLActions.ResetRootStore(node));
     this.store.dispatch(new LNDActions.ResetLNDStore(selNode));
     this.store.dispatch(new CLActions.ResetCLStore(selNode));

src/environments/version.ts

@@ -1 +1 @@
-export const VERSION = '0.11.0-beta-rc2';
+export const VERSION = '0.11.0-beta-rc3';