feat: store password in session for mv3 (#11527)

DimensionDev · Mar 27, 2024 · 369f457 · 369f457
1 parent 10ac02e
commit 369f457
Show file tree

Hide file tree

Showing 4 changed files with 35 additions and 12 deletions.
diff --git a/.vscode/tasks.recommended.json b/.vscode/tasks.recommended.json
@@ -26,7 +26,7 @@
         },
         {
             "type": "npm",
-            "script": "start",
+            "script": "start:mv3",
             "isBackground": true,
             "group": "build",
             "label": "Develop main extension",

diff --git a/packages/mask/background/services/wallet/services/wallet/locker.ts b/packages/mask/background/services/wallet/services/wallet/locker.ts
@@ -40,8 +40,9 @@ export async function requestUnlockWallet(): Promise<void> {
 // eslint-disable-next-line no-restricted-globals
 let autoLockTimer: ReturnType<typeof setTimeout> | undefined
 
-export async function setAutoLockTimer() {
-    const autoLockDuration = await getAutoLockerDuration()
+export async function setAutoLockTimer(initialTimeout = 0) {
+    if (typeof initialTimeout !== 'number' || Number.isNaN(initialTimeout)) initialTimeout = 0
+    const autoLockDuration = (await getAutoLockerDuration()) - initialTimeout
 
     clearTimeout(autoLockTimer)
 

diff --git a/packages/mask/background/services/wallet/services/wallet/password.ts b/packages/mask/background/services/wallet/services/wallet/password.ts
@@ -1,14 +1,36 @@
 import { validate } from 'uuid'
 import { getDefaultWalletPassword } from '@masknet/shared-base'
 import * as database from './database/index.js'
-
-let inMemoryPassword = ''
+import { setAutoLockTimer } from './locker.js'
+
+const key = ''
+const atKey = 'at'
+const inMemoryPassword = {
+    ' value': '',
+    get value() {
+        return this[' value']
+    },
+    set value(value) {
+        this[' value'] = value
+        if (!value) browser.storage.session.clear()
+        else browser.storage.session.set({ [key]: value, [atKey]: Date.now() })
+    },
+}
+browser.storage.session.get([key, atKey]).then(async (result) => {
+    if (Date.now() - result[atKey] > (await database.getAutoLockerDuration())) {
+        browser.storage.session.clear()
+        return
+    }
+    setAutoLockTimer(result[atKey])
+    if (!result[key]) return
+    inMemoryPassword[' value'] = result[key]
+})
 
 /** Decrypt the master password and return it. If it fails to decrypt, then return an empty string. */
-export async function INTERNAL_getMasterPassword() {
+async function INTERNAL_getMasterPassword() {
     const hasSafeSecret = await database.hasSafeSecret()
     if (!hasSafeSecret) return database.decryptSecret(getDefaultWalletPassword())
-    return inMemoryPassword ? database.decryptSecret(inMemoryPassword) : ''
+    return inMemoryPassword.value ? database.decryptSecret(inMemoryPassword.value) : ''
 }
 
 /** Decrypt the master password and return it. If it fails to decrypt, then throw an error. */
@@ -20,7 +42,7 @@ export async function INTERNAL_getMasterPasswordRequired() {
 
 function INTERNAL_setPassword(newPassword: string) {
     validatePasswordRequired(newPassword)
-    inMemoryPassword = newPassword
+    inMemoryPassword.value = newPassword
 }
 
 /** Force erase the preexisting password and set a new one. */
@@ -48,7 +70,7 @@ export async function setDefaultPassword() {
 
 /** Clear the verified password in memory forces the user to re-enter the password. */
 export async function clearPassword() {
-    inMemoryPassword = ''
+    inMemoryPassword.value = ''
 }
 
 /** Has set a password (could not be the default one). */
@@ -63,12 +85,12 @@ export async function hasPasswordWithDefaultOne() {
 
 /** Has a verified password in memory. */
 export async function hasVerifiedPassword() {
-    return validatePassword(inMemoryPassword)
+    return validatePassword(inMemoryPassword.value)
 }
 
 /** Verify the given password. if successful, keep it in memory. */
 export async function verifyPassword(unverifiedPassword: string) {
-    if (inMemoryPassword === unverifiedPassword) return true
+    if (inMemoryPassword.value === unverifiedPassword) return true
     const valid = validate(await database.decryptSecret(unverifiedPassword))
     if (!valid) return false
     INTERNAL_setPassword(unverifiedPassword)

diff --git a/packages/mask/background/tasks/Cancellable/WalletAutoLock.ts b/packages/mask/background/tasks/Cancellable/WalletAutoLock.ts
@@ -4,4 +4,4 @@ import { setAutoLockTimer } from '../../services/wallet/services/index.js'
 
 const { signal } = hmr(import.meta.webpackHot)
 // Reset timer
-CrossIsolationMessages.events.walletLockStatusUpdated.on(setAutoLockTimer, { signal })
+CrossIsolationMessages.events.walletLockStatusUpdated.on(() => setAutoLockTimer(), { signal })