qml: rework auth

now handles keystore-only password and defines a new set of auth methods

electrum/gui/qml/auth.py

@@ -25,12 +25,16 @@ class AuthMixin:
  authRequired = pyqtSignal([str, str], arguments=['method', 'authMessage'])
 
  @pyqtSlot()
- def authProceed(self):
+ @pyqtSlot(str)
+ def authProceed(self, password=None):
  self._auth_logger.debug('Proceeding with authed fn()')
  try:
  self._auth_logger.debug(str(getattr(self, '__auth_fcall')))
  (func,args,kwargs,reject) = getattr(self, '__auth_fcall')
- r = func(self, *args, **kwargs)
+ if password:
+ r = func(self, *args, **dict(kwargs, password=password))
+ else:
+ r = func(self, *args, **kwargs)
  return r
  except Exception as e:
  self._auth_logger.error(f'Error executing wrapped fn(): {repr(e)}')

electrum/gui/qml/components/main.qml

@@ -550,51 +550,104 @@ ApplicationWindow
  }
  }
 
+ // handle auth_protect decorator events
+ //
+ // 'wallet_password': User must supply a password
+ // that matches the storage password (if set)
+ // or the keystore password. This forces password
+ // verification in all cases, even for wallets using
+ // keystore-only passwords (unless the storage and
+ // keystore are both unencrypted).
+ // It's primary use is password knowledge verification
+ // before presenting a secret (e.g. seed) or doing
+ // something irreversible (e.g. delete wallet)
+ //
+ // 'keystore': User must supply a password
+ // that matches the keystore password (if set).
+ //
+ // 'keystore_else_pin': User must supply a password
+ // that matches the keystore password (if set), unless
+ // the keystore is 'unlocked' which means the wallet password
+ // has been given when opening the wallet, and is the same as
+ // the keystore password (should always be the case). In that
+ // case a PIN is asked.
+ // This is mainly used when signing a transaction.
+ //
+ // 'pin': User must supply the configured PIN code
+ //
+
  function handleAuthRequired(qtobject, method, authMessage) {
  console.log('auth using method ' + method)
- if (method == 'wallet') {
- if (Daemon.currentWallet.verifyPassword('')) {
+ if (method == 'wallet_password') {
+ if (!Daemon.currentWallet.isEncrypted
+ && Daemon.currentWallet.verifyKeystorePassword('')) {
  // wallet has no password
  qtobject.authProceed()
  } else {
- var dialog = app.passwordDialog.createObject(app, {'title': qsTr('Enter current password')})
- dialog.accepted.connect(function() {
- if (Daemon.currentWallet.verifyPassword(dialog.password)) {
- qtobject.authProceed()
- } else {
- qtobject.authCancel()
- }
+ if (!Daemon.currentWallet.isEncrypted) {
+ handleAuthVerifyPassword(qtobject, authMessage, function(password) {
+ return Daemon.currentWallet.verifyKeystorePassword(password)
+ })
+ } else {
+ handleAuthVerifyPassword(qtobject, authMessage, function(password) {
+ return Daemon.currentWallet.verifyPassword(password)
+ })
+ }
+ }
+ } else if (method == 'keystore_else_pin') {
+ if (!Daemon.currentWallet.canHaveKeystoreEncryption()
+ || Daemon.currentWallet.verifyKeystorePassword('')) {
+ handleAuthRequired(qtobject, 'pin', authMessage)
+ } else if (Daemon.currentWallet.isKeystorePasswordWalletPassword()) {
+ handleAuthRequired(qtobject, 'pin', authMessage)
+ } else {
+ handleAuthVerifyPassword(qtobject, authMessage, function(password) {
+ return Daemon.currentWallet.verifyKeystorePassword(password)
  })
- dialog.rejected.connect(function() {
- qtobject.authCancel()
+ }
+ } else if (method == 'keystore') {
+ if (!Daemon.currentWallet.canHaveKeystoreEncryption()
+ || Daemon.currentWallet.verifyKeystorePassword('')) {
+ qtobject.authProceed()
+ } else {
+ handleAuthVerifyPassword(qtobject, authMessage, function(password) {
+ return Daemon.currentWallet.verifyKeystorePassword(password)
  })
- dialog.open()
  }
  } else if (method == 'pin') {
  if (Config.pinCode == '') {
  // no PIN configured
  handleAuthConfirmationOnly(qtobject, authMessage)
  } else {
- var dialog = app.pinDialog.createObject(app, {
- mode: 'check',
- pincode: Config.pinCode,
- authMessage: authMessage
- })
- dialog.accepted.connect(function() {
- qtobject.authProceed()
- dialog.close()
- })
- dialog.rejected.connect(function() {
- qtobject.authCancel()
- })
- dialog.open()
+ handleAuthVerifyPin(qtobject, authMessage)
  }
  } else {
  console.log('unknown auth method ' + method)
  qtobject.authCancel()
  }
  }
 
+ function handleAuthVerifyPassword(qtobject, authMessage, validator) {
+ var dialog = app.passwordDialog.createObject(app, {
+ title: authMessage ? authMessage : qsTr('Enter current password')
+ })
+ dialog.accepted.connect(function() {
+ if (validator(dialog.password)) {
+ qtobject.authProceed(dialog.password)
+ } else {
+ qtobject.authCancel()
+ var fdialog = app.messageDialog.createObject(app, {
+ title: qsTr('Password incorrect')
+ })
+ fdialog.open()
+ }
+ })
+ dialog.rejected.connect(function() {
+ qtobject.authCancel()
+ })
+ dialog.open()
+ }
+
  function handleAuthConfirmationOnly(qtobject, authMessage) {
  if (!authMessage) {
  qtobject.authProceed()
@@ -610,6 +663,22 @@ ApplicationWindow
  dialog.open()
  }
 
+ function handleAuthVerifyPin(qtobject, authMessage) {
+ var dialog = app.pinDialog.createObject(app, {
+ mode: 'check',
+ pincode: Config.pinCode,
+ authMessage: authMessage
+ })
+ dialog.accepted.connect(function() {
+ qtobject.authProceed()
+ dialog.close()
+ })
+ dialog.rejected.connect(function() {
+ qtobject.authCancel()
+ })
+ dialog.open()
+ }
+
  function startSwap() {
  var swapdialog = swapDialog.createObject(app)
  swapdialog.open()

electrum/gui/qml/qechannelopener.py

@@ -165,16 +165,16 @@ def openChannel(self, confirm_backup_conflict=False):
  node_id=self._node_pubkey,
  fee_est=None)
 
- acpt = lambda tx: self.do_open_channel(tx, self._connect_str_resolved, self._wallet.password)
+ acpt = lambda tx: self.do_open_channel(tx, self._connect_str_resolved)
 
  self._finalizer = QETxFinalizer(self, make_tx=mktx, accept=acpt)
  self._finalizer.canRbf = False
  self._finalizer.amount = self._amount
  self._finalizer.wallet = self._wallet
  self.finalizerChanged.emit()
 
- @auth_protect(message=_('Open Lightning channel?'))
- def do_open_channel(self, funding_tx, conn_str, password):
+ @auth_protect(method='keystore_else_pin', message=_('Open Lightning channel?'))
+ def do_open_channel(self, funding_tx, conn_str, password=None):
  """
  conn_str: a connection string that extract_nodeid can parse, i.e. cannot be a trampoline name
  """
@@ -183,6 +183,9 @@ def do_open_channel(self, funding_tx, conn_str, password):
  funding_sat = funding_tx.output_value_for_address(ln_dummy_address())
  lnworker = self._wallet.wallet.lnworker
 
+ if password is None:
+ password = self._wallet.password
+
  def open_thread():
  error = None
  try:

electrum/gui/qml/qeconfig.py

@@ -126,8 +126,10 @@ def pinCode(self, pin_code):
  self.config.set_key('pin_code', pin_code, True)
  self.pinCodeChanged.emit()
 
- @auth_protect(method='wallet')
- def pinCodeRemoveAuth(self):
+ # TODO: this allows disabling PIN unconditionally if wallet has no password
+ # (which should never be the case however)
+ @auth_protect(method='wallet_password')
+ def pinCodeRemoveAuth(self, password=None):
  self.config.set_key('pin_code', '', True)
  self.pinCodeChanged.emit()
 

electrum/gui/qml/qedaemon.py

@@ -264,7 +264,7 @@ def checkThenDeleteWallet(self, wallet, confirm_requests=False, confirm_balance=
 
  self.delete_wallet(wallet)
 
- @auth_protect(message=_('Really delete this wallet?'))
+ @auth_protect(method='wallet_password', message=_('Really delete this wallet?'))
  def delete_wallet(self, wallet):
  path = standardize_path(wallet.wallet.storage.path)
  self._logger.debug('deleting wallet with path %s' % path)
@@ -315,12 +315,15 @@ def suggestWalletName(self):
  return f'wallet_{i}'
 
  @pyqtSlot()
- @auth_protect(method='wallet')
  def startChangePassword(self):
  if self._use_single_password:
- self.requestNewPassword.emit()
+ self._do_start_change_all_passwords()
  else:
- self.currentWallet.requestNewPassword.emit()
+ self.currentWallet.startChangePassword()
+
+ @auth_protect(method='wallet_password')
+ def _do_start_change_all_passwords(self):
+ self.requestNewPassword.emit()
 
  @pyqtSlot(str)
  def setPassword(self, password):

electrum/gui/qml/qeswaphelper.py

@@ -341,15 +341,19 @@ def fwd_swap_updatetx(self):
  self.miningfee = QEAmount(amount_sat=self._tx.get_fee()) if self._tx else QEAmount()
  self.check_valid(pay_amount, self._receive_amount)
 
- def do_normal_swap(self, lightning_amount, onchain_amount):
+ def do_normal_swap(self, lightning_amount, onchain_amount, password):
  assert self._tx
  if lightning_amount is None or onchain_amount is None:
  return
+
+ if password is None:
+ password = self._wallet.password
+
  loop = get_asyncio_loop()
  coro = self._wallet.wallet.lnworker.swap_manager.normal_swap(
  lightning_amount_sat=lightning_amount,
  expected_onchain_amount_sat=onchain_amount,
- password=self._wallet.password,
+ password=password,
  tx=self._tx,
  )
 
@@ -424,15 +428,19 @@ def executeSwap(self):
  if not self._wallet.wallet.network:
  self.error.emit(_("You are offline."))
  return
- self._do_execute_swap()
-
- @auth_protect(message=_('Confirm Lightning swap?'))
- def _do_execute_swap(self):
  if self.isReverse:
- lightning_amount = self._send_amount
- onchain_amount = self._receive_amount
- self.do_reverse_swap(lightning_amount, onchain_amount)
+ self._do_execute_reverse_swap()
  else:
- lightning_amount = self._receive_amount
- onchain_amount = self._send_amount
- self.do_normal_swap(lightning_amount, onchain_amount)
+ self._do_execute_forward_swap()
+
+ @auth_protect(method='pin', message=_('Confirm Lightning swap?'))
+ def _do_execute_reverse_swap(self):
+ lightning_amount = self._send_amount
+ onchain_amount = self._receive_amount
+ self.do_reverse_swap(lightning_amount, onchain_amount)
+
+ @auth_protect(method='keystore_or_pin', message=_('Confirm Lightning swap?'))
+ def _do_execute_forward_swap(self, password=None):
+ lightning_amount = self._receive_amount
+ onchain_amount = self._send_amount
+ self.do_normal_swap(lightning_amount, onchain_amount, password)