-
Notifications
You must be signed in to change notification settings - Fork 868
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: lock wallet after too many password attempts
- Loading branch information
1 parent
a9e8f40
commit 7cfa50a
Showing
10 changed files
with
196 additions
and
27 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
79 changes: 79 additions & 0 deletions
79
components/brave_wallet_ui/common/hooks/use-password-attempts.test.tsx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,79 @@ | ||
// Copyright (c) 2022 The Brave Authors. All rights reserved. | ||
// This Source Code Form is subject to the terms of the Mozilla Public | ||
// License, v. 2.0. If a copy of the MPL was not distributed with this file, | ||
// you can obtain one at http://mozilla.org/MPL/2.0/. | ||
|
||
import * as React from 'react' | ||
import { createStore, combineReducers } from 'redux' | ||
import { Provider } from 'react-redux' | ||
import { act, renderHook } from '@testing-library/react-hooks' | ||
|
||
import { createWalletReducer } from '../reducers/wallet_reducer' | ||
import { usePasswordAttempts } from './use-password-attempts' | ||
import { mockWalletState } from '../../stories/mock-data/mock-wallet-state' | ||
import { ApiProxyContext } from '../context/api-proxy.context' | ||
import { getMockedAPIProxy } from '../async/__mocks__/bridge' | ||
|
||
const proxy = getMockedAPIProxy() | ||
proxy.keyringService.lock = jest.fn(proxy.keyringService.lock) | ||
|
||
const makeStore = () => { | ||
const store = createStore(combineReducers({ | ||
wallet: createWalletReducer(mockWalletState) | ||
})) | ||
|
||
store.dispatch = jest.fn(store.dispatch) | ||
return store | ||
} | ||
|
||
function renderHookOptionsWithCustomStore (store: any) { | ||
return { | ||
wrapper: ({ children }: { children?: React.ReactChildren }) => | ||
<ApiProxyContext.Provider value={proxy}> | ||
<Provider store={store}> | ||
{children} | ||
</Provider> | ||
</ApiProxyContext.Provider> | ||
} | ||
} | ||
|
||
const MAX_ATTEMPTS = 3 | ||
|
||
describe('useTransactionParser hook', () => { | ||
it('should increment attempts on bad password ', async () => { | ||
const store = makeStore() | ||
|
||
const { | ||
result | ||
} = renderHook(() => usePasswordAttempts({ | ||
maxAttempts: MAX_ATTEMPTS | ||
}), renderHookOptionsWithCustomStore(store)) | ||
|
||
expect(result.current.attempts).toEqual(0) | ||
|
||
// attempt 1 | ||
await act(async () => { | ||
await result.current.attemptPasswordEntry('pass') | ||
}) | ||
|
||
expect(result.current.attempts).toEqual(1) | ||
|
||
// attempt 2 | ||
await act(async () => { | ||
await result.current.attemptPasswordEntry('pass') | ||
}) | ||
|
||
expect(result.current.attempts).toEqual(2) | ||
|
||
// attempt 3 | ||
await act(async () => { | ||
await result.current.attemptPasswordEntry('pass') | ||
}) | ||
|
||
// Wallet is now locked | ||
expect(proxy.keyringService.lock).toHaveBeenCalled() | ||
|
||
// attempts should be reset since wallet was locked | ||
expect(result.current.attempts).toEqual(0) | ||
}) | ||
}) |
69 changes: 69 additions & 0 deletions
69
components/brave_wallet_ui/common/hooks/use-password-attempts.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,69 @@ | ||
// Copyright (c) 2022 The Brave Authors. All rights reserved. | ||
// This Source Code Form is subject to the terms of the Mozilla Public | ||
// License, v. 2.0. If a copy of the MPL was not distributed with this file, | ||
// you can obtain one at http://mozilla.org/MPL/2.0/. | ||
|
||
import * as React from 'react' | ||
import { useDispatch, useSelector } from 'react-redux' | ||
import { WalletState } from '../../constants/types' | ||
import { WalletActions } from '../actions' | ||
import { useApiProxy } from './use-api-proxy' | ||
|
||
interface Options { | ||
maxAttempts: number | ||
} | ||
|
||
/** | ||
* Provides a methods to check the user's password, | ||
* and lock the wallet after too many incorrect attempts | ||
* | ||
* Uses the context-injected ApiProxy keyring | ||
* Uses redux to track attempts globally | ||
*/ | ||
export const usePasswordAttempts = ({ | ||
maxAttempts | ||
}: Options) => { | ||
// custom hooks | ||
const { keyringService } = useApiProxy() | ||
|
||
// redux | ||
const dispatch = useDispatch() | ||
const attempts = useSelector(({ wallet }: { wallet: WalletState }) => { | ||
return wallet.passwordAttempts | ||
}) | ||
|
||
// methods | ||
const attemptPasswordEntry = React.useCallback(async (password: string): Promise<boolean> => { | ||
if (!password) { // require password to view key | ||
return false | ||
} | ||
|
||
// entered password must be correct | ||
const { | ||
result: isPasswordValid | ||
} = await keyringService.validatePassword(password) | ||
|
||
if (!isPasswordValid) { | ||
const newAttempts = attempts + 1 | ||
if (newAttempts >= maxAttempts) { | ||
// lock wallet | ||
keyringService.lock() | ||
dispatch(WalletActions.setPasswordAttempts(0)) // reset attempts now that the wallet is locked | ||
return false | ||
} | ||
|
||
// increase attempts count | ||
dispatch(WalletActions.setPasswordAttempts(newAttempts)) | ||
return false | ||
} | ||
|
||
// correct password entered, reset attempts | ||
dispatch(WalletActions.setPasswordAttempts(0)) | ||
return isPasswordValid | ||
}, [keyringService, attempts]) | ||
|
||
return { | ||
attemptPasswordEntry, | ||
attempts | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters