expanding auth system

GetScatter · Dec 19, 2018 · 3f0b00a · 3f0b00a
1 parent 011f5a6
commit 3f0b00a
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 7 deletions.
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "scatter",
-  "version": "10.0.2",
+  "version": "10.0.3",
   "description": "Scatter Desktop Companion",
   "private": true,
   "main": "electron.js",

diff --git a/src/components/panels/settings/SettingsGeneral.vue b/src/components/panels/settings/SettingsGeneral.vue
@@ -10,8 +10,8 @@
                  :red="needsUpdate"
                  v-on:clicked="openUpdateLink"
                  :text="needsUpdate
-                 ? locale(langKeys.SETTINGS.GENERAL.UpdateAvailable)
-                 : locale(langKeys.SETTINGS.GENERAL.NoUpdateAvailable)"
+                     ? locale(langKeys.SETTINGS.GENERAL.UpdateAvailable)
+                     : locale(langKeys.SETTINGS.GENERAL.NoUpdateAvailable)"
             />
         </section>
 
@@ -74,7 +74,7 @@
         },
         mounted(){
             UpdateService.needsUpdateNoPrompt().then(needsUpdate => {
-                this.needsUpdate = needsUpdate ? needsUpdate.url : false;
+                this.needsUpdate = !!needsUpdate;
             })
         },
         methods: {

diff --git a/src/services/ApiService.js b/src/services/ApiService.js
@@ -408,16 +408,26 @@ export default class ApiService {
 			if(!request.payload.hasOwnProperty('nonce')) return resolve({id:request, result:nonceError});
 			if(request.payload.nonce.length !== 12) return resolve({id:request, result:nonceError});
 
+			const publicKey = request.payload.hasOwnProperty('publicKey') && request.payload.publicKey && request.payload.publicKey.length
+				? request.payload.publicKey
+				: identity.publicKey;
+
+			const keypair = KeyPairService.getKeyPairFromPublicKey(publicKey);
+			if(!keypair) return resolve({id:request.id, result:Error.noKeypair()});
+
+			const isHash = request.payload.hasOwnProperty('data') && request.payload.data && request.payload.data.length;
+			const toSign = isHash ? request.payload.data : origin;
+
 			// Prevention of origins being able to send data buffers to be
 			// signed by the identity which could change to a real balance holding
 			// key in the future.
 			const data = Hasher.unsaltedQuickHash(
-				Hasher.unsaltedQuickHash(request.payload.origin) +
+				Hasher.unsaltedQuickHash(toSign) +
 				Hasher.unsaltedQuickHash(request.payload.nonce)
 			);
 
 			const plugin = PluginRepository.plugin(Blockchains.EOSIO);
-			const signed = await plugin.signer({data}, identity.publicKey, true);
+			const signed = await plugin.signer({data}, publicKey, true, !!isHash);
 			resolve({id:request.id, result:signed});
 		})
 	}
@@ -441,7 +451,7 @@ export default class ApiService {
 	        network = store.state.scatter.settings.networks.find(x => x.unique() === Network.fromJson(network).unique());
 	        if(!network) return resolve({id:request.id, result:Error.noNetwork()});
 
-            const keypair = scatter.keychain.keypairs.find(x => x.publicKeys.some(x => x.key === account.publicKey));
+            const keypair = scatter.keychain.keypairs.find(x => x.publicKeys.some(y => y.key === account.publicKey));
             if(!keypair) return resolve({id:request.id, result:Error.noKeypair()});
 
             const newAccount = Account.fromJson({