Merge pull request #628 from blockchain/second-pwd

Remove Second Password
blockchain · Sep 14, 2016 · 74cbd8c · 74cbd8c
2 parents d05c1c7 + 4bd73d1
commit 74cbd8c
Show file tree

Hide file tree

Showing 7 changed files with 87 additions and 56 deletions.
diff --git a/...ials/settings/change-second-password.jade → ...ials/settings/manage-second-password.jade b/...ials/settings/change-second-password.jade → ...ials/settings/manage-second-password.jade
@@ -10,28 +10,37 @@ form(role="form" name="form" novalidate)
         minlength="4"
         is-valid="!isPasswordHint(fields.password) && !isMainPassword(fields.password)"
         required
-        focus-when="active")
+        focus-when="active && !settings.secondPassword")
       span.help-block(ng-show="form.password.$touched")
         span(translate="TOO_SHORT" ng-show="form.password.$error.minlength")
         span(translate="CANT_USE_HINT" ng-show="form.password.$error.isValid && isPasswordHint(fields.password)")
         span(translate="CANT_USE_MAIN" ng-show="form.password.$error.isValid && isMainPassword(fields.password)")
-  .form-group(ng-class="{ 'has-error': form.confirmation.$invalid && form.confirmation.$touched, 'has-success': form.confirmation.$valid }")
+  .form-group(ng-hide="settings.secondPassword" ng-class="{ 'has-error': form.confirmation.$invalid && form.confirmation.$touched, 'has-success': form.confirmation.$valid }")
     label.control-label(translate="CONFIRM_PASSWORD")
     div
       input.form-control(
         type="password"
         name="confirmation"
         ng-model="fields.confirmation"
-        is-valid="fields.confirmation === fields.password"
+        is-valid="fields.confirmation === fields.password && !settings.secondPassword"
         on-enter="setPassword()"
         required)
       span.help-block(ng-show="form.confirmation.$touched")
         span(translate="NO_MATCH" ng-show="form.confirmation.$error.isValid")
 .form-group.mbn.has-error.pull-right.right-align
   button.button-muted(ng-click="deactivate()" translate="CANCEL" ng-hide="status.waiting")
   button.button-success(
+    ng-hide="settings.secondPassword"
     ui-ladda="status.waiting"
     ng-click="setPassword()"
     ng-disabled="form.$invalid"
     ladda-translate="SET_PASSWORD"
     data-style="expand-left")
+  button.button-danger(
+    ng-show="settings.secondPassword"
+    ui-ladda="status.waiting"
+    ng-disabled="form.password.$invalid"
+    ng-click="removeSecondPassword()"
+    ladda-translate="REMOVE_SECOND_PASSWORD"
+    data-style="expand-left"
+  )
diff --git a/app/partials/settings/security.jade b/app/partials/settings/security.jade
@@ -36,7 +36,7 @@ h5.well.type-h5.em-400.hidden-xs(translate="SECURITY_BASIC_EXPLAIN")
       .col-sm-12.col-md-6(ng-show="active")
         include ./change-password-hint.jade
 
-  .form-group.mbn.border-bottom.clearfix.pvl(ng-controller="ChangeSecondPasswordCtrl")
+  .form-group.mbn.border-bottom.clearfix.pvl(ng-controller="ManageSecondPasswordCtrl")
     div(settings-form)
       .col-sm-12.col-md-6
         .flex-center.flex-between-mobile.mbm
@@ -45,11 +45,11 @@ h5.well.type-h5.em-400.hidden-xs(translate="SECURITY_BASIC_EXPLAIN")
           span.label.label-success(translate="SECOND_PASSWORD_SET", ng-show="settings.secondPassword")
         p.em-300.text.hidden-xs(translate="WALLET_SECOND_PASSWORD_EXPLAIN" ng-hide="userHasExchangeAcct")    
         p.em-300.text.hidden-xs.security-red(translate="WALLET_SECOND_PASSWORD_DISABLED_EXPLAIN" ng-show="userHasExchangeAcct")
-      .col-sm-12.col-md-6.setting-result(ng-hide="active")
+      .col-sm-12.col-md-6.setting-result(ng-hide="active || removing")
         button.button-primary.display-inline-block(ng-click="activate()", translate="SET_SECOND_PASSWORD", ng-show="!settings.secondPassword" ng-disabled="userHasExchangeAcct")
-        a.button-primary.display-inline-block(ng-click="removeSecondPassword()", ladda-translate="REMOVE_SECOND_PASSWORD", ng-show="settings.secondPassword", ui-ladda="status.waiting", data-style="expand-right")
+        button.button-danger.display-inline-block.mlm(ng-click="activate()" translate="REMOVE_SECOND_PASSWORD" ng-show="settings.secondPassword")
       .col-sm-12.col-md-6(ng-show="active")
-        include ./change-second-password.jade
+        include ./manage-second-password.jade
 
   .form-group.mbn.border-bottom.clearfix.pvl
     .col-sm-12.col-md-6

diff --git a/...ollers/changeSecondPassword.controller.js → ...ttings/manageSecondPassword.controller.js b/...ollers/changeSecondPassword.controller.js → ...ttings/manageSecondPassword.controller.js
@@ -1,13 +1,20 @@
 angular
   .module('walletApp')
-  .controller('ChangeSecondPasswordCtrl', ChangeSecondPasswordCtrl);
+  .controller('ManageSecondPasswordCtrl', ManageSecondPasswordCtrl);
 
-function ChangeSecondPasswordCtrl ($scope, Wallet, $timeout, MyWallet) {
+function ManageSecondPasswordCtrl ($rootScope, $scope, Wallet, $timeout, MyWallet, $uibModal, Alerts) {
   $scope.form = {};
   $scope.fields = {
     password: '',
     confirmation: ''
   };
+  $scope.status = {
+    waiting: false,
+    removed: false
+  };
+
+  $scope.isMainPassword = Wallet.isCorrectMainPassword;
+  $scope.validateSecondPassword = Wallet.validateSecondPassword;
 
   // TODO: add function to My-Wallet-V3 to check if the user has any exchange account:
   $scope.userHasExchangeAcct = MyWallet.wallet.external &&
@@ -24,11 +31,23 @@ function ChangeSecondPasswordCtrl ($scope, Wallet, $timeout, MyWallet) {
   $scope.removeSecondPassword = () => {
     if ($scope.status.waiting) return;
     $scope.status.waiting = true;
-    let done = () => $scope.status.waiting = false;
-    Wallet.removeSecondPassword(done, done);
-  };
+    $scope.$safeApply();
 
-  $scope.isMainPassword = Wallet.isCorrectMainPassword;
+    let success = () => {
+      Alerts.displaySuccess('SECOND_PASSWORD_REMOVE_SUCCESS', true);
+      $scope.status.waiting = false;
+      $scope.status.removed = true;
+      $scope.deactivate();
+    };
+    let error = () => {
+      Alerts.displayError('SECOND_PASSWORD_REMOVE_ERR');
+      $scope.status.waiting = false;
+      $scope.deactivate();
+    };
+
+    Wallet.removeSecondPassword($scope.fields.password, success, error);
+    $rootScope.needsRefresh = true;
+  };
 
   $scope.isPasswordHint = (candidate) => {
     return Wallet.user.passwordHint && candidate === Wallet.user.passwordHint;

diff --git a/assets/js/controllers/wallet.controller.js b/assets/js/controllers/wallet.controller.js
@@ -8,6 +8,7 @@ function WalletCtrl ($scope, $rootScope, Wallet, $uibModal, $timeout, Alerts, $i
   $scope.status = Wallet.status;
   $scope.settings = Wallet.settings;
   $rootScope.isMock = Wallet.isMock;
+  $rootScope.needsRefresh = false;
 
   $scope.menu = {
     isCollapsed: false
@@ -97,6 +98,9 @@ function WalletCtrl ($scope, $rootScope, Wallet, $uibModal, $timeout, Alerts, $i
     if (wallet && wallet.isDoubleEncrypted && toState.name === 'wallet.common.buy-sell') {
       event.preventDefault();
       Alerts.displayError('MUST_DISABLE_2ND_PW');
+    } else if (wallet && $rootScope.needsRefresh && toState.name === 'wallet.common.buy-sell') {
+      event.preventDefault();
+      Alerts.displayError('NEEDS_REFRESH');
     }
   });
 

diff --git a/assets/js/services/wallet.service.js b/assets/js/services/wallet.service.js
@@ -1157,60 +1157,55 @@ function Wallet ($http, $window, $timeout, $location, $injector, Alerts, MyWalle
       });
   };
 
-  wallet.removeSecondPassword = (successCallback, errorCallback) => {
+  wallet.removeSecondPassword = (password, successCallback, errorCallback) => {
     let success = () => {
-      Alerts.displaySuccess('Second password has been removed.');
       wallet.settings.secondPassword = false;
       successCallback();
     };
     let error = () => {
-      Alerts.displayError('SECOND_PASSWORD_REMOVE_ERR');
       errorCallback();
     };
-    let cancel = errorCallback;
     let decrypting = () => {
       console.log('Decrypting...');
     };
     let syncing = () => {
       console.log('Syncing...');
     };
-    let proceedWithPassword = (password) => {
-      const didDecrypt = () => {
-        // Check which metadata service features we use:
-
-        // whatsNew
-        // This falls back to cookies if 2nd password is enabled:
-        let whatsNewViewed = $cookies.get('whatsNewViewed');
-        if (whatsNewViewed) {
-          let whatsNew = new MyWalletMetadata(2);
-
-          whatsNew.fetch().then((res) => {
-            if (res === null) {
-              whatsNew.create({lastViewed: whatsNewViewed}).then(() => {
-                // TODO: uncomment once cookie fallback is removed
-                // $cookies.remove('whatsNewViewed');
-                success();
-              });
-            } else {
-              whatsNew.update({lastViewed: whatsNewViewed}).then(() => {
-                // TODO: uncomment once cookie fallback is removed
-                // $cookies.remove('whatsNewViewed');
-                success();
-              });
-            }
-          }).catch(() => {
-            // The What's New section may be marked (partially) unread at the
-            // next login.
-            success();
-          });
-        } else {
-          success();
-        }
-      };
 
-      wallet.my.wallet.decrypt(password, didDecrypt, error, decrypting, syncing);
+    const didDecrypt = () => {
+      // Check which metadata service features we use:
+
+      // whatsNew
+      // This falls back to cookies if 2nd password is enabled:
+      let whatsNewViewed = $cookies.get('whatsNewViewed');
+      if (whatsNewViewed) {
+        let whatsNew = new MyWalletMetadata(2);
+
+        whatsNew.fetch().then((res) => {
+          if (res === null) {
+            whatsNew.create({lastViewed: whatsNewViewed}).then(() => {
+              // TODO: uncomment once cookie fallback is removed
+              // $cookies.remove('whatsNewViewed');
+              success();
+            });
+          } else {
+            whatsNew.update({lastViewed: whatsNewViewed}).then(() => {
+              // TODO: uncomment once cookie fallback is removed
+              // $cookies.remove('whatsNewViewed');
+              success();
+            });
+          }
+        }).catch(() => {
+          // The What's New section may be marked (partially) unread at the
+          // next login.
+          success();
+        });
+      } else {
+        success();
+      }
     };
-    wallet.askForSecondPasswordIfNeeded().then(proceedWithPassword).catch(cancel);
+
+    wallet.my.wallet.decrypt(password, didDecrypt, error, decrypting, syncing);
   };
 
   wallet.validateSecondPassword = (password) =>

diff --git a/locales/en-human.json b/locales/en-human.json
@@ -272,9 +272,12 @@
   "UNARCHIVE" : "Unarchive",
   "DELETE" : "Delete",
   "SECOND_PASSWORD" : "Second Password",
+  "CURRENT_SECOND_PASSWORD": "Current Second Password",
   "SECOND_PASSWORD_EXPLAIN" : "For Additional security, you can choose a second password that is required whenever you want to spend bitcoins. This is different from your standard wallet password. If you set your second wallet password, don’t forget it!",
   "SECOND_PASSWORD_WARNING" : "This is different from your standard wallet password. If you set your second wallet password, don’t forget it!",
   "SECOND_PASSWORD_CANCEL": "Your second password is required to send bitcoin. Please try again",
+  "SECOND_PASSWORD_REMOVE_SUCCESS" : "Second password has been removed.",
+  "SECOND_PASSWORD_REMOVE_LOGOUT" : "You need to logout and then login again to proceed.",
   "SECOND_PASSWORD_REMOVE_ERR": "Second password cannot be removed. Please contact support.",
   "REMEMBER_2FA" : "Remember 2-step Verification",
   "REMEMBER_2FA_EXPLAIN" : "Your browser will be remembered for a short period of time, allowing you to login again without having to re-authenticate. Disable this to require full authentication every time you login. This will not affect your current browser until you delete all cookies.",
@@ -1012,5 +1015,6 @@
   "VERIFY_EMAIL": "Verify email:",
   "ACCEPT_TERMS": "Coinify account terms:",
   "SELECT_PAYMENT_METHOD": "Select your preferred payment method:",
-  "PAYMENT_FEE": "Payment Fee:"
+  "PAYMENT_FEE": "Payment Fee:",
+  "NEEDS_REFRESH": "Please refresh your wallet to access this feature."
 }
diff --git a/tests/controllers/settings_change_second_password_ctrl_spec.coffee b/tests/controllers/settings_change_second_password_ctrl_spec.coffee
@@ -1,4 +1,4 @@
-describe "ChangeSecondPasswordCtrl", ->
+describe "ManageSecondPasswordCtrl", ->
   scope = undefined
   Wallet = undefined
   MyWallet = undefined
@@ -19,9 +19,9 @@ describe "ChangeSecondPasswordCtrl", ->
         external: {}
 
       scope = $rootScope.$new()
-      template = $templateCache.get('partials/settings/change-second-password.jade')
+      template = $templateCache.get('partials/settings/manage-second-password.jade')
 
-      $controller "ChangeSecondPasswordCtrl",
+      $controller "ManageSecondPasswordCtrl",
         $scope: scope,
         $uibModalInstance: modalInstance