diff --git a/core/logger.js b/core/logger.js index eb4cbb2c..a7806683 100644 --- a/core/logger.js +++ b/core/logger.js @@ -65,9 +65,10 @@ module.exports = class Log { // return JSON.parse( JSON.stringify(obj).replace( - /"(password|passwordConfirm|key|authCode|private_key_main)"\s?:\s?"([^"]+)"/, - (match, valueName) => { - return `"${valueName}":"********"`; + // note that we match against key names here + /"(password|passwordConfirm|key|authCode)"\s?:\s?"([^"]+)"/, + (match, keyName) => { + return `"${keyName}":"********"`; } ) ); diff --git a/core/user.js b/core/user.js index c1bb379f..6a69eca4 100644 --- a/core/user.js +++ b/core/user.js @@ -469,7 +469,7 @@ module.exports = class User { function createUserRec(trans, callback) { trans.run( `INSERT INTO user (user_name) - VALUES (?);`, + VALUES (?);`, [self.username], function inserted(err) { // use classic function for |this| @@ -503,6 +503,11 @@ module.exports = class User { } ); }, + function setKeyPair(trans, callback) { + self.updateMainKeyPairProperties(err => { + return callback(err, trans); + }); + }, function setInitialGroupMembership(trans, callback) { // Assign initial groups. Must perform a clone: #235 - All users are sysops (and I can't un-sysop them) self.groups = [...config.users.defaultGroups]; @@ -547,11 +552,6 @@ module.exports = class User { async.series( [ - function setKeyPair(callback) { - self.generateMainKeyPair(err => { - return callback(err); - }); - }, function saveProps(callback) { self.persistProperties(self.properties, trans, err => { return callback(err); @@ -643,7 +643,7 @@ module.exports = class User { ); } - generateMainKeyPair(cb) { + updateMainKeyPairProperties(cb) { crypto.generateKeyPair( 'rsa', { diff --git a/core/user_property.js b/core/user_property.js index 9f00aedb..d32d0adf 100644 --- a/core/user_property.js +++ b/core/user_property.js @@ -66,6 +66,7 @@ module.exports = { AuthFactor2OTP: 'auth_factor2_otp', // If present, OTP type for 2FA. See OTPTypes AuthFactor2OTPSecret: 'auth_factor2_otp_secret', // Secret used in conjunction with OTP 2FA AuthFactor2OTPBackupCodes: 'auth_factor2_otp_backup', // JSON array of backup codes - PublicKeyMain: 'public_key_main', // RSA public key for user - PrivateKeyMain: 'private_key_main', // RSA private key (corresponding to PublicKeyMain) + + PublicKeyMain: 'public_key_main_rsa_2048', // RSA public key for user + PrivateKeyMain: 'private_key_main_rsa_2048', // RSA private key (corresponding to PublicKeyMain) };