108 add database retrieval calls in genpass api

aws/src/lambdas/genPass/index.ts

@@ -21,17 +21,10 @@ const handler = async (event: APIGatewayProxyEventV2): Promise<APIGatewayProxyRe
         const body = typeof event.body === "string" ? JSON.parse(event.body) : event.body;
 
         const salt: string = body.salt;
+        const domain_name: string = body.domain_name;
+        const encrypted_userid: string = body.encrypted_userid;
 
-        const strong_password = await calculatePassword(salt);
-
-        /*const hashValue = await argon2.hash(dataToHash, {
-          salt: slt,
-          type: argon2.argon2id,
-          timeCost: 2,          // Number of iterations.
-          memoryCost: 65536,    // Memory in KiB.
-          hashLength: 32,       // Length of the resulting hash.
-          parallelism: 1,
-        });*/
+        const strong_password = await calculatePassword(salt, domain_name, encrypted_userid);
 
 
         return {
@@ -56,5 +49,4 @@ const handler = async (event: APIGatewayProxyEventV2): Promise<APIGatewayProxyRe
         };
       }
 }; 
-
 module.exports = { handler };

aws/src/lambdas/genPass/package.json

@@ -7,7 +7,8 @@
     "dependencies": {
         "argon2": "^0.41.1",
         "aws-lambda": "^1.0.7",
-        "mathjs": "^14.4.0"
+        "mathjs": "^14.4.0",
+        "mysql2": "^3.14.1"
     },
     "scripts": {
         "build": "tsc"

aws/src/lambdas/genPass/src/password_generator.ts

@@ -1,8 +1,55 @@
 import { CalculateSalts } from './salt_calculator';
 import { hashText, extractHash } from './hashing_tool_server';
+import { createConnection } from 'mysql2/promise';
 
+const dbConfig = {
+    host: process.env.DB_HOST,
+    user: process.env.DB_USER,
+    password: process.env.DB_PASS,
+    database: process.env.DB_NAME,
+  };
 
-const securityAnswers: string[] = [
+export async function getUserInfoFromDB(enc_user_id: string){
+    try {
+        const connection = await createConnection(dbConfig);
+        const [rows] = await connection.execute('SELECT uuid, enc_email, enc_name, enc_phone_num FROM users WHERE enc_uuid = ?', [enc_user_id]);
+        await connection.end();
+
+        return {
+          statusCode: 200,
+          body: JSON.stringify(rows),
+        };
+
+      } catch (error) {
+        console.error("Database error:", error);
+        return {
+          statusCode: 500,
+          body: JSON.stringify({ message: "Database connection failed", error: error }),
+        };
+      }
+}
+
+export async function getQuestionResponses(enc_user_id: string){
+    try {
+        const connection = await createConnection(dbConfig);
+        const [rows] = await connection.execute('SELECT enc_question1, enc_question2, enc_question3, enc_question4, enc_question5, enc_question6, enc_question7, enc_question8, enc_question9, enc_question10 FROM sec_questions WHERE enc_uuid = ?', [enc_user_id]);
+        await connection.end();
+
+        return {
+          statusCode: 200,
+          body: JSON.stringify(rows),
+        };
+
+      } catch (error) {
+        console.error("Database error:", error);
+        return {
+          statusCode: 500,
+          body: JSON.stringify({ message: "Database connection failed", error: error }),
+        };
+      }
+}
+
+/*const securityAnswers: string[] = [
     "Fluffy", // Answer to: "What was the name of your first pet?"
     "Maple Street", // Answer to: "What street did you grow up on?"
     "Blue", // Answer to: "What is your favorite color?"
@@ -13,26 +60,65 @@ const securityAnswers: string[] = [
     "Hawaii", // Answer to: "Where did you go on your honeymoon?"
     "Superman", // Answer to: "Who is your childhood hero?"
     "Beethoven", // Answer to: "What is your favorite composer or musician?"
-];
+];*/
 
 
-export async function calculatePassword(argon2_salt:string) : Promise<string>{
+
+export async function calculatePassword(argon2_salt:string, domain_name: string, encrypted_userid:string) : Promise<string>{
 
-    const db_val = "test_db_val" // FETCH THIS FROM DB. THIS IS WHAT WILL BE USED FOR CALCULATING CUSTOM SALT INDICIES
+    // Gets user info from the db
+    const db_response_userinfo = (await getUserInfoFromDB(encrypted_userid));
+    console.log("Db response: ", db_response_userinfo);
+
+    const users = JSON.parse(db_response_userinfo.body) as Array<{
+        uuid: string;
+        enc_email: string | null;
+        enc_name: string | null;
+        enc_phone: string | null;
+    }>;
+
+    const user = users[0];
+    if (!user) {
+        throw new Error('No user found');
+    }
+
+    const { uuid, enc_email, enc_name, enc_phone } = user;
+
+    console.log('UUID:', uuid);
+    console.log('Email hash:', enc_email);
+    console.log('Name hash:', enc_name);
+    console.log('Phone hash:', enc_phone);
+
+    // Gets the answers to the security questions from db
+    const db_response_secques = (await getQuestionResponses(encrypted_userid));
+    console.log("Db response of questions: ", db_response_secques);
+
+    const answers = JSON.parse(db_response_userinfo.body) as Array<{
+        q1: string;
+        q2: string;
+        q3: string;
+        q4: string;
+        q5: string;
+        q6: string;
+        q7: string;
+        q8: string;
+        q9: string;
+        q10: string;
+    }>;
+
+    const qanswer = answers[0];
+    if (!qanswer) {
+        throw new Error('No user found');
+    }
+
+    const { q1, q2, q3, q4, q5, q6, q7, q8, q9, q10} = qanswer;
+    const securityAnswers: string[] = [q1, q2, q3, q4, q5, q6, q7, q8, q9, q10];
+
 
-    const enc_name = "Name";
-    const enc_email = "name@gmail.com"
-    const enc_phone = "5555555555"
-    const site_domain = "amazon.com"
+    const prepped_salt = domain_name + "-" + encrypted_userid + "-" + argon2_salt;
 
-    const prepped_salt = db_val + "-" + argon2_salt;
-
-    const hashed_name = await extractHash((await hashText(enc_name, prepped_salt)).body);
-    const hashed_email = await extractHash((await hashText(enc_email, prepped_salt)).body);
-    const hashed_phone = await extractHash((await hashText(enc_phone, prepped_salt)).body);
-    const hashed_domain = await extractHash((await hashText(site_domain, prepped_salt)).body);
 
-    const salt_indicies = await CalculateSalts(db_val);
+    const salt_indicies = await CalculateSalts(encrypted_userid);
 
     /*const salt1 = await hashText(securityAnswers[salt_indicies[0]])
     const salt2 = await hashText(securityAnswers[salt_indicies[1]])
@@ -43,7 +129,8 @@ export async function calculatePassword(argon2_salt:string) : Promise<string>{
 
     console.log(salt_indicies)
 
-    const arranged_string = hashed_name+salt2+hashed_phone+salt1+hashed_domain+salt3+hashed_email;
+    //const arranged_string = hashed_name+salt2+hashed_phone+salt1+hashed_domain+salt3+hashed_email;
+    const arranged_string = enc_name+salt2+enc_phone+salt1+domain_name+salt3+enc_email;
     const fullHash = await hashText(arranged_string, prepped_salt);
     const extractedHash = extractHash(fullHash.body);
     console.log(fullHash)

aws/src/lambdas/getUserInfo/index.js

@@ -1,54 +1,71 @@
-"use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.handler = void 0;
 const promise_1 = require("mysql2/promise");
 const dbConfig = {
-    host: process.env.DB_HOST,
-    user: process.env.DB_USER,
-    password: process.env.DB_PASS,
+    host: process.env.DB_HOST, // RDS endpoint
+    user: process.env.DB_USER, // RDS username
+    password: process.env.DB_PASS, // RDS password
     database: process.env.DB_NAME,
 };
 const handler = async (event) => {
+    console.log('Received event:', JSON.stringify(event, null));
+    let httpMethod;
+    try {
+        httpMethod = event.requestContext.http.method;
+    }
+    catch (error) {
+        if (error instanceof Error) {
+            console.log("APIGatewayEvent");
+        }
+        httpMethod = event.httpMethod;
+    }
+    if (httpMethod === 'OPTIONS') {
+        return {
+            statusCode: 200,
+            headers: {
+                'Access-Control-Allow-Origin': '*',
+                'Access-Control-Allow-Methods': 'GET,POST,PUT,DELETE,OPTIONS',
+                'Access-Control-Allow-Headers': 'Content-Type,Authorization'
+            },
+            body: ''
+        };
+    }
+    let request_body;
     try {
-        console.log("Incoming event:", JSON.stringify(event, null, 2));
-        let request_body;
         if (event.body) {
             request_body = JSON.parse(event.body);
         }
         else {
             console.log("No body found");
             return {
                 statusCode: 400,
-                body: JSON.stringify({ message: "No body found" }),
-            };
-        }
-        const { UUID } = request_body;
-        console.log("Parsed UUID:", UUID);
-        try {
-            const connection = await (0, promise_1.createConnection)(dbConfig);
-            const [rows] = await connection.execute('SELECT enc_email, enc_name, enc_phone_num FROM users WHERE uuid = ?', [UUID]);
-            await connection.end();
-            return {
-                statusCode: 200,
-                body: JSON.stringify(rows),
-            };
-        }
-        catch (error) {
-            console.error("Database error:", error);
-            return {
-                statusCode: 500,
-                body: JSON.stringify({ message: "Database connection failed", error: error }),
+                body: JSON.stringify({ message: "No body found" })
             };
         }
     }
     catch (error) {
-        console.error("Unhandled error in handler:", error);
+        console.error("Invalid JSON format", error);
+        return {
+            statusCode: 400,
+            body: JSON.stringify({ message: "Invalid JSON format" }),
+        };
+    }
+    const { UUID } = request_body;
+    console.log("Parsed UUID:", UUID);
+    try {
+        const connection = await (0, promise_1.createConnection)(dbConfig);
+        const [rows] = await connection.execute('SELECT enc_uuid, enc_email, enc_name, enc_phone_num FROM users WHERE uuid = ?', [UUID]);
+        await connection.end();
+        return {
+            statusCode: 200,
+            body: JSON.stringify(rows),
+        };
+    }
+    catch (error) {
+        console.error("Database error:", error);
         return {
             statusCode: 500,
-            body: JSON.stringify({
-                message: "Internal Server Error"
-            }),
+            body: JSON.stringify({ message: "Database connection failed", error: error }),
         };
     }
 };
-exports.handler = handler;
+module.exports = { handler };

aws/src/lambdas/getUserInfo/index.ts

@@ -1,4 +1,4 @@
-import { APIGatewayEvent } from "aws-lambda";
+import {APIGatewayProxyEventV2,APIGatewayProxyResult} from "aws-lambda";
 import { createConnection } from 'mysql2/promise';
 
 const dbConfig = {
@@ -8,7 +8,19 @@ const dbConfig = {
   database: process.env.DB_NAME,
 };
 
-export const handler = async (event: APIGatewayEvent) => {
+export const handler = async (event: APIGatewayProxyEventV2): Promise<APIGatewayProxyResult> => {
+  const httpMethod = event.requestContext.http.method;
+    if (httpMethod === 'OPTIONS') {
+      return {
+        statusCode: 200,
+        headers: {
+          'Access-Control-Allow-Origin': '*',
+          'Access-Control-Allow-Methods': 'GET,POST,PUT,DELETE,OPTIONS',
+          'Access-Control-Allow-Headers': 'Content-Type,Authorization'
+        },
+        body: ''
+      };
+    }
   try {
     console.log("Incoming event:", JSON.stringify(event, null, 2));
 
@@ -53,4 +65,4 @@ export const handler = async (event: APIGatewayEvent) => {
       }),
     };
   }
-};
+};

aws/src/lambdas/getUserInfo/package.json

@@ -1,11 +1,12 @@
 {
     "scripts": {
         "build": "npx tsc",
-        "zip": "(zip getUserInfo.zip index.js node_modules || powershell Compress-Archive -Path index.js, node_modules -DestinationPath getUserInfo.zip)",
+        "zip": "(zip -r getUserInfo.zip index.js node_modules || powershell Compress-Archive -Path index.js, node_modules -DestinationPath getUserInfo.zip)",
         "move": "(mv getUserInfo.zip ../../terraform || powershell Move-Item getUserInfo.zip ../../terraform)"
     },
     "devDependencies": {
-        "@types/aws-lambda": "^8.10.147",
+        "@types/aws-lambda": "^8.10.149",
+        "@types/node": "^22.15.2",
         "typescript": "^5.7.3"
     },
     "dependencies": {

aws/src/terraform/gen_pass.tf

@@ -5,4 +5,13 @@ resource "aws_lambda_function" "gen_pass_lambda" {
   handler          = "gen_password/index.handler"
   runtime          = "nodejs22.x"
   source_code_hash = filebase64sha256("${path.cwd}/genPass.zip")
+
+  environment {
+    variables = {
+      DB_HOST = var.db_host
+      DB_USER = var.db_user
+      DB_PASS = var.db_pass
+      DB_NAME = var.db_name
+    }
+  }
 }

extension/src/hashpass/app/security_components/components/password_generator.tsx

@@ -19,13 +19,15 @@ import React, { useState } from 'react';
 ];*/
 
 
-export const calculatePassword = async (salt: string): Promise<string> => {
+export const calculatePassword = async (salt: string, domain_name: string, encrypted_userid: string): Promise<string> => {
     try {
         const response = await fetch('https://a5yz9onkp8.execute-api.us-east-1.amazonaws.com/default/gen_password', {
           method: 'POST',
           headers: { 'Content-Type': 'application/json' },
           body: JSON.stringify({           
-            salt: salt,       
+            salt: salt,
+            domain_name: domain_name,
+            encrypted_userid: encrypted_userid,     
           }),
         });
         const data = await response.json();
@@ -49,7 +51,7 @@ export default function PasswordGenerator() {
 
     const handleGeneratePassword = async () => {
 
-        const strongPassword = await calculatePassword(inputValue);
+        const strongPassword = await calculatePassword(inputValue, "test", "test");
         setStrongPasswordText(strongPassword);
 
 

extension/src/hashpass/app/site_login_popup/site_login_component.tsx

@@ -20,7 +20,7 @@ export default function Site_LogIn() {
         try {
             const decryptedText = await decrypt(userIdEncrypted, keyString);
             if (decryptedText === userId) {
-                const password = await calculatePassword(keyString);
+                const password = await calculatePassword(keyString, "test", "test");
                 setGeneratedPassword(password);
             } else {
                 console.log("Invalid Simple Passphrase");
@@ -106,4 +106,4 @@ export default function Site_LogIn() {
             )}
         </div>
     );
-}
+}