Skip to content

Commit

Permalink
Merge pull request #2707 from myxmaster/fix-security-navigation-issues
Browse files Browse the repository at this point in the history 
Fix security issues and security-related navigation issues
  • Loading branch information
@kaloudis
kaloudis authored Jan 19, 2025
2 parents b28c546 + 0e0db5e commit b679efa
Show file tree
Hide file tree
Showing 2 changed files with 36 additions and 29 deletions.
2 changes: 1 addition & 1 deletion utils/NavigationUtils.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ const protectedNavigation = async (

if (posEnabled && loginRequired) {
navigation.navigate('Lockscreen', {
attemptAdminLogin: true
pendingNavigation: { screen: route, params: routeParams }
});
} else {
if (disactivatePOS) setPosStatus('inactive');
Expand Down
63 changes: 35 additions & 28 deletions views/Lockscreen.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ interface LockscreenProps {
modifySecurityScreen: string;
deletePin: boolean;
deleteDuressPin: boolean;
attemptAdminLogin: boolean;
pendingNavigation?: { screen: string; params?: any };
}
>;
}
Expand Down Expand Up @@ -84,15 +84,15 @@ export default class Lockscreen extends React.Component<
};
}

proceed = (navigationTarget?: string) => {
proceed = (targetScreen?: string, navigationParams?: any) => {
const { SettingsStore, navigation } = this.props;
if (navigationTarget) {
navigation.navigate(navigationTarget);
if (targetScreen) {
navigation.popTo(targetScreen, navigationParams);
} else if (
SettingsStore.settings.selectNodeOnStartup &&
SettingsStore.initialStart
) {
navigation.navigate('Wallets');
navigation.popTo('Wallets');
} else {
navigation.pop();
}
Expand All @@ -105,18 +105,29 @@ export default class Lockscreen extends React.Component<
modifySecurityScreen,
deletePin,
deleteDuressPin,
attemptAdminLogin
pendingNavigation
} = route.params ?? {};

const posEnabled: PosEnabled =
(settings && settings.pos && settings.pos.posEnabled) ||
PosEnabled.Disabled;

if (
posEnabled !== PosEnabled.Disabled &&
SettingsStore.posStatus === 'active' &&
!pendingNavigation &&
!deletePin &&
!deleteDuressPin
) {
SettingsStore.setLoginStatus(true);
this.proceed('Wallet');
return;
}

const isBiometryConfigured = SettingsStore.isBiometryConfigured();

if (
isBiometryConfigured &&
!attemptAdminLogin &&
!deletePin &&
!deleteDuressPin &&
!modifySecurityScreen
Expand All @@ -129,24 +140,17 @@ export default class Lockscreen extends React.Component<
);

if (isVerified) {
SettingsStore.setPosStatus('inactive');
this.resetAuthenticationAttempts();
SettingsStore.setLoginStatus(true);
this.proceed();
this.proceed(
pendingNavigation?.screen,
pendingNavigation?.params
);
return;
}
}

if (
posEnabled !== PosEnabled.Disabled &&
SettingsStore.posStatus === 'active' &&
!attemptAdminLogin &&
!deletePin &&
!deleteDuressPin
) {
SettingsStore.setLoginStatus(true);
this.proceed('Wallet');
}

if (settings.authenticationAttempts) {
this.setState({
authenticationAttempts: settings.authenticationAttempts
Expand Down Expand Up @@ -182,9 +186,9 @@ export default class Lockscreen extends React.Component<
});
}
} else if (settings && settings.nodes && settings?.nodes?.length > 0) {
this.proceed();
this.proceed(pendingNavigation?.screen, pendingNavigation?.params);
} else {
navigation.navigate('IntroSplash');
navigation.popTo('IntroSplash');
}
}

Expand All @@ -210,7 +214,7 @@ export default class Lockscreen extends React.Component<
};

onAttemptLogIn = async () => {
const { SettingsStore, navigation } = this.props;
const { SettingsStore, navigation, route } = this.props;
const {
passphrase,
duressPassphrase,
Expand Down Expand Up @@ -243,15 +247,19 @@ export default class Lockscreen extends React.Component<
}
if (modifySecurityScreen) {
this.resetAuthenticationAttempts();
navigation.navigate(modifySecurityScreen);
navigation.popTo(modifySecurityScreen);
} else if (deletePin) {
this.deletePin();
} else if (deleteDuressPin) {
this.deleteDuressPin();
} else {
setPosStatus('inactive');
this.resetAuthenticationAttempts();
this.proceed();
const pendingNavigation = route.params?.pendingNavigation;
this.proceed(
pendingNavigation?.screen,
pendingNavigation?.params
);
}
} else if (
(duressPassphrase && passphraseAttempt === duressPassphrase) ||
Expand Down Expand Up @@ -393,7 +401,8 @@ export default class Lockscreen extends React.Component<
};

render() {
const { navigation, SettingsStore, route } = this.props;
const { navigation, SettingsStore } = this.props;
const pendingNavigation = this.props.route.params?.pendingNavigation;
const { settings } = SettingsStore;
const {
passphrase,
Expand All @@ -406,14 +415,12 @@ export default class Lockscreen extends React.Component<
deleteDuressPin
} = this.state;

const { attemptAdminLogin } = route.params ?? {};

return (
<Screen>
{(!!modifySecurityScreen ||
deletePin ||
deleteDuressPin ||
attemptAdminLogin) && (
pendingNavigation) && (
<Header leftComponent="Back" navigation={navigation} />
)}
{!!passphrase && (
Expand Down

0 comments on commit b679efa

Please sign in to comment.