From 3d65c592e8aa94f526304467cf17f2155480fa0e Mon Sep 17 00:00:00 2001
From: Diego Mello <diegolmello@gmail.com>
Date: Mon, 27 Apr 2020 15:19:45 -0300
Subject: [PATCH] Secure passcode

---
 app/containers/Passcode/PasscodeEnter.js | 26 +++++++++++++++---------
 app/views/ChangePasscodeView.js          |  4 ++--
 2 files changed, 18 insertions(+), 12 deletions(-)

diff --git a/app/containers/Passcode/PasscodeEnter.js b/app/containers/Passcode/PasscodeEnter.js
index b619f3b0b..2a042734b 100644
--- a/app/containers/Passcode/PasscodeEnter.js
+++ b/app/containers/Passcode/PasscodeEnter.js
@@ -4,6 +4,8 @@ import RNUserDefaults from 'rn-user-defaults';
 import PropTypes from 'prop-types';
 import { gestureHandlerRootHOC } from 'react-native-gesture-handler';
 import * as LocalAuthentication from 'expo-local-authentication';
+import * as Haptics from 'expo-haptics';
+import { sha256 } from 'js-sha256';
 
 import Base from './Base';
 import Locked from './Locked';
@@ -63,18 +65,22 @@ const PasscodeEnter = ({ theme, finishProcess }) => {
 	}, []);
 
 	const onEndProcess = (p) => {
-		if (p === passcode) {
-			finishProcess();
-		} else {
-			attempts += 1;
-			if (attempts >= MAX_ATTEMPTS) {
-				setStatus(TYPE.LOCKED);
-				setLockedUntil(new Date().toISOString());
+		setTimeout(() => {
+			if (sha256(p) === passcode) {
+				finishProcess();
 			} else {
-				ref.current.wrongPasscode();
-				setAttempts(attempts?.toString());
+				attempts += 1;
+				if (attempts >= MAX_ATTEMPTS) {
+					setStatus(TYPE.LOCKED);
+					setLockedUntil(new Date().toISOString());
+					Haptics.notificationAsync(Haptics.NotificationFeedbackType.Error);
+				} else {
+					ref.current.wrongPasscode();
+					setAttempts(attempts?.toString());
+					Haptics.notificationAsync(Haptics.NotificationFeedbackType.Warning);
+				}
 			}
-		}
+		}, 200);
 	};
 
 	if (status === TYPE.LOCKED) {
diff --git a/app/views/ChangePasscodeView.js b/app/views/ChangePasscodeView.js
index a5c62e4a8..2e0cd7eb9 100644
--- a/app/views/ChangePasscodeView.js
+++ b/app/views/ChangePasscodeView.js
@@ -3,8 +3,8 @@ import PropTypes from 'prop-types';
 import { SafeAreaView } from 'react-navigation';
 import RNUserDefaults from 'rn-user-defaults';
 import Orientation from 'react-native-orientation-locker';
+import { sha256 } from 'js-sha256';
 
-// import I18n from '../i18n';
 import { themedHeader } from '../utils/navigation';
 import { withTheme } from '../theme';
 import { themes } from '../constants/colors';
@@ -16,7 +16,7 @@ import { PasscodeChoose } from '../containers/Passcode';
 
 const ScreenLockConfigView = React.memo(({ navigation, theme }) => {
 	const savePasscode = async(passcode) => {
-		await RNUserDefaults.set(PASSCODE_KEY, passcode);
+		await RNUserDefaults.set(PASSCODE_KEY, sha256(passcode));
 		navigation.pop();
 	};