generate subscriber_smtp_password on login-stage-two (for future use)

zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login-stage-two.js

@@ -48,18 +48,24 @@ else {
 	var limitedLogin = ssid_sessions[socket.ssid].lockdown;
 	var limitedLoginRegistered = (limitedLogin || (ssid_sessions[socket.ssid].isRegistered() && !ssid_sessions[socket.ssid].isUserLoggedIn()));
 	var offline_user_list = null;
-	if (ssid_sessions[socket.ssid].isRegistered() && ssid_sessions[socket.ssid].user_id == 0) {
-		var accounts = ssid_sessions[socket.ssid].listPrimaryAccountUsers();
-		var num_accounts = ssid_sessions[socket.ssid].getNumberOfUserAccounts();
-		var offline_user_list_str = "<user-list>\n";
-		var i = 0;
-		Object.keys(accounts).forEach((k) => {
-			var account_display_name = (accounts[k].subscriber_name) ? accounts[k].subscriber_name : accounts[k].subscriber_username
-			offline_user_list_str += "\t" + '<user userid="' + i + '" user-name="' + accounts[k].subscriber_username + '" first-name="' + account_display_name + '"  last-name="" passsword="" mail-enabled=true />' + "\n";
-			i++;
-		});
-		offline_user_list_str += "</user-list>\n";
-		offline_user_list = CryptoJS.enc.Latin1.parse(offline_user_list_str).toString(CryptoJS.enc.Base64);
+	if (ssid_sessions[socket.ssid].isRegistered()) {
+		// check for SMTP Password
+		if (ssid_sessions[socket.ssid].getSessionData("subscriber_smtp_password") === null) {
+			ssid_sessions[socket.ssid].setUserSMTPPassword(ssid_sessions[socket.ssid].generatePassword(16));
+        }
+		if (ssid_sessions[socket.ssid].user_id == 0) {
+			var accounts = ssid_sessions[socket.ssid].listPrimaryAccountUsers();
+			var num_accounts = ssid_sessions[socket.ssid].getNumberOfUserAccounts();
+			var offline_user_list_str = "<user-list>\n";
+			var i = 0;
+			Object.keys(accounts).forEach((k) => {
+				var account_display_name = (accounts[k].subscriber_name) ? accounts[k].subscriber_name : accounts[k].subscriber_username
+				offline_user_list_str += "\t" + '<user userid="' + i + '" user-name="' + accounts[k].subscriber_username + '" first-name="' + account_display_name + '"  last-name="" passsword="" mail-enabled=true />' + "\n";
+				i++;
+			});
+			offline_user_list_str += "</user-list>\n";
+			offline_user_list = CryptoJS.enc.Latin1.parse(offline_user_list_str).toString(CryptoJS.enc.Base64);
+		}
     }
 
 	if (limitedLoginRegistered) {

zefie_wtvp_minisrv/WTVClientSessionData.js

@@ -25,6 +25,7 @@ class WTVClientSessionData {
     baddisk = false;
     clientAddress = null;
     user_id = 0;
+    cryptoKey = "PNa$WN7gz}!T=t6X7^=|Ii##CEB~p\EP";
 
     constructor(minisrv_config, ssid) {
         if (!minisrv_config) throw ("minisrv_config required");
@@ -405,17 +406,39 @@ class WTVClientSessionData {
         }
     }
 
+    encryptPassword(passwd) {
+        return CryptoJS.AES.encrypt(passwd, this.cryptoKey).toString();
+    }
+
+    decryptPassword(crypt) {
+        return CryptoJS.AES.decrypt(crypt, this.cryptoKey).toString(CryptoJS.enc.Utf8);
+    }
+
     encodePassword(passwd) {
         var encoded_passwd = CryptoJS.SHA512(passwd);
         return encoded_passwd.toString(CryptoJS.enc.Base64);
     }
 
+    generatePassword(len) {
+        return CryptoJS.lib.WordArray.random(len).toString(CryptoJS.enc.Hex);
+    }
+
     setUserPassword(passwd) {
         var encoded_passwd = this.encodePassword(passwd);
         this.setSessionData("subscriber_password", encoded_passwd);
         this.saveSessionData();
     }
 
+    setUserSMTPPassword(passwd) {
+        var encoded_passwd = this.encryptPassword(passwd);
+        this.setSessionData("subscriber_smtp_password", encoded_passwd);
+        this.saveSessionData();
+    }
+
+    getUserSMTPPassword() {
+        return this.decryptPassword(this.setSessionData("subscriber_smtp_password"))
+    }
+
     disableUserPassword() {
         this.setSessionData("subscriber_password", null);
         this.saveSessionData();