Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: account recovery #270

Closed
wants to merge 1 commit into from
Closed

feat: account recovery #270

wants to merge 1 commit into from

Conversation

quadristan
Copy link
Contributor

This MR brings the functionality of using ARK to log in with the CLI, optionally recovering the MP with a recover-account command

It will allow users who have issue with their ARK to get more information.

User XP:

? Doing a recovery will delete all local data from this app. Continue? yes
? Do you want to see the masterpassword that will be unlocked by this recovery key? yes
✔ The local Dashlane local storage has been reset and you have been logged out.
? Please enter your email address: <SNIPPED>
info: Please open the following URL in your browser:  <SNIPPED>
? Please enter the code you received by email: <SNIPPED>
? Please enter your account recovery key: <SNIPPED>
info: Recovered masterpassword <SNIPPED>
✔ Account recovered! you can use the CLI to export its data.

github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 4, 2024
View reviewed changes
src/modules/crypto/keychainManager.ts Dismissed Show resolved Hide resolved
@quadristan quadristan requested a review from Mikescops July 8, 2024 07:15
@Mikescops Mikescops assigned Mikescops and quadristan and unassigned Mikescops Jul 9, 2024
@Mikescops Mikescops added the features New feature or request label Jul 9, 2024
@Mikescops
Copy link
Member

@quadristan
Some purely functional comments first:

  • "you can use the CLI to export its data." you can't do this in the .DASH format via the CLI which would be less useful in this situation, it would be good to link a user support article about the recovery process if possible too
  • "Do you want to see the masterpassword that will be unlocked by this recovery key?" i feel like this question can be ask later once they have input everything else

Mikescops
Mikescops reviewed Jul 9, 2024
View reviewed changes
src/commands/index.ts
@@ -113,6 +114,11 @@ export const rootCommands = (params: { program: Command }) => {
.description('Backup your local vault (will use the current directory by default)')
.action(runBackup);

program
.command('recover-account')
.description('interactively login to an account with a recovery key')
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
.description('interactively login to an account with a recovery key')
.description('Interactively login to an account with a recovery key')

Mikescops
Mikescops reviewed Jul 9, 2024
View reviewed changes
src/modules/auth/recovery/getMasterpasswordFromArkPrompt.ts
Comment on lines +30 to +32
} catch (e) {
logger.error('Failed to decrypt MP. Maybe the ARK entered is incorrect');
throw e;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
} catch (e) {
logger.error('Failed to decrypt MP. Maybe the ARK entered is incorrect');
throw e;
} catch (error) {
logger.error('Failed to decrypt Master Password. Maybe the ARK (Account Recovery Key) entered is incorrect');
throw error;

Mikescops
Mikescops reviewed Jul 9, 2024
View reviewed changes
src/modules/auth/recovery/getMasterpasswordFromArkPrompt.ts
import { decryptAesCbcHmac256, getDerivateUsingParametersFromEncryptedData } from '../../crypto/decrypt';
import { deserializeEncryptedData } from '../../crypto/encryptedDataDeserialization';

function cleanArk(input: string): string {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

use arrow function please, here and below

Mikescops
Mikescops reviewed Jul 9, 2024
View reviewed changes
src/utils/dialogs.ts

export const askConfirmShowMp = async () => {
const response = await confirm({
message: 'Do you want to see the masterpassword that will be unlocked by this recovery key?',
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
message: 'Do you want to see the masterpassword that will be unlocked by this recovery key?',
message: 'Do you want to see the master password that will be unlocked by this recovery key?',

@quadristan quadristan closed this Sep 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Mikescops Mikescops Mikescops left review comments

Assignees

@quadristan quadristan

Labels
features New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@quadristan @Mikescops