From c19a333d90e4668ef12f76c8fa62f7d6c0c9f258 Mon Sep 17 00:00:00 2001
From: Tienson Qin <tiensonqin@gmail.com>
Date: Tue, 11 Nov 2025 03:17:32 +0800
Subject: [PATCH] enhance(e2ee): store aes encrypted password in OPFS

so no need to input password repeatly
---
 src/main/frontend/common/file/opfs.cljs    | 43 +++++++++++++++++++
 src/main/frontend/components/e2ee.cljs     |  4 +-
 src/main/frontend/components/settings.cljs | 19 ++++----
 src/main/frontend/handler/events/rtc.cljs  | 29 +++++++++----
 src/main/frontend/state.cljs               |  4 +-
 src/main/frontend/worker/rtc/crypt.cljs    | 50 +++++++++++++++++++---
 6 files changed, 124 insertions(+), 25 deletions(-)
 create mode 100644 src/main/frontend/common/file/opfs.cljs

diff --git a/src/main/frontend/common/file/opfs.cljs b/src/main/frontend/common/file/opfs.cljs
new file mode 100644
index 0000000000..e5aa840b0b
--- /dev/null
+++ b/src/main/frontend/common/file/opfs.cljs
@@ -0,0 +1,43 @@
+(ns frontend.common.file.opfs
+  "OPFS fs api"
+  (:require [promesa.core :as p]))
+
+(defn <write-text!
+  "Write `text` to `filename` in Origin Private File System.
+   Returns a promise."
+  [filename text]
+  (p/let [;; OPFS root dir
+          root        (.. js/navigator -storage (getDirectory))
+          ;; get (or create) a file handle
+          file-handle (.getFileHandle root filename #js {:create true})
+          ;; open a writable stream
+          writable    (.createWritable file-handle)]
+    ;; write string directly
+    (.write writable text)
+    ;; always close!
+    (.close writable)))
+
+(defn <read-text!
+  "Read text content from `filename` in Origin Private File System (OPFS).
+   Returns a promise that resolves to the file content string."
+  [filename]
+  (p/let [root        (.. js/navigator -storage (getDirectory))
+          file-handle (.getFileHandle root filename)
+          file        (.getFile file-handle)]
+    (.text file)))
+
+(defn <delete-file!
+  "Delete `filename` from Origin Private File System.
+   Options:
+   - :ignore-not-found? (default true) → don't treat missing file as error.
+
+   Returns a promise that resolves to nil."
+  [filename & {:keys [ignore-not-found?]
+               :or {ignore-not-found? true}}]
+  (-> (p/let [root (.. js/navigator -storage (getDirectory))]
+        (.removeEntry root filename))
+      (p/catch (fn [err]
+                 (if (and ignore-not-found?
+                          (= (.-name err) "NotFoundError"))
+                   nil
+                   (throw err))))))
diff --git a/src/main/frontend/components/e2ee.cljs b/src/main/frontend/components/e2ee.cljs
index f1d169204c..f9b106e946 100644
--- a/src/main/frontend/components/e2ee.cljs
+++ b/src/main/frontend/components/e2ee.cljs
@@ -1,6 +1,7 @@
 (ns frontend.components.e2ee
   (:require [clojure.string :as string]
             [frontend.common.crypt :as crypt]
+            [frontend.state :as state]
             [frontend.util :as util]
             [logseq.shui.hooks :as hooks]
             [logseq.shui.ui :as shui]
@@ -34,12 +35,13 @@
         "Submit")]]]))
 
 (rum/defc e2ee-password-to-decrypt-private-key
-  [encrypted-private-key private-key-promise]
+  [encrypted-private-key private-key-promise refresh-token]
   (let [[password set-password!] (hooks/use-state "")
         [decrypt-fail? set-decrypt-fail!] (hooks/use-state false)
         on-submit (fn []
                     (->
                      (p/let [private-key (crypt/<decrypt-private-key password encrypted-private-key)]
+                       (state/<invoke-db-worker :thread-api/save-e2ee-password refresh-token password)
                        (p/resolve! private-key-promise private-key)
                        (shui/dialog-close!))
                      (p/catch (fn [e]
diff --git a/src/main/frontend/components/settings.cljs b/src/main/frontend/components/settings.cljs
index 4eb21f8caa..e50b9ce2ac 100644
--- a/src/main/frontend/components/settings.cljs
+++ b/src/main/frontend/components/settings.cljs
@@ -1197,6 +1197,7 @@
   []
   (let [user-uuid (user-handler/user-uuid)
         token (state/get-auth-id-token)
+        refresh-token (state/get-auth-refresh-token)
         [rsa-key-pair set-rsa-key-pair!] (hooks/use-state :not-inited)
         [init-key-err set-init-key-err!] (hooks/use-state nil)
         [get-key-err set-get-key-err!] (hooks/use-state nil)
@@ -1224,10 +1225,12 @@
           (shui/button
            {:on-click (fn []
                         (-> (p/do!
-                              (state/<invoke-db-worker :thread-api/init-user-rsa-key-pair
-                                                       token user-uuid)
-                              (p/let [r (state/<invoke-db-worker :thread-api/get-user-rsa-key-pair token user-uuid)]
-                                (set-rsa-key-pair! r)))
+                             (state/<invoke-db-worker :thread-api/init-user-rsa-key-pair
+                                                      token
+                                                      refresh-token
+                                                      user-uuid)
+                             (p/let [r (state/<invoke-db-worker :thread-api/get-user-rsa-key-pair token user-uuid)]
+                               (set-rsa-key-pair! r)))
                             (p/catch set-init-key-err!)))}
            "Init E2EE encrypt-key-pair")]
          rsa-key-pair
@@ -1245,10 +1248,10 @@
           (shui/button
            {:on-click (fn []
                         (-> (p/do!
-                              (set-reset-password-status! "Updating E2EE password ...")
-                              (state/<invoke-db-worker :thread-api/reset-e2ee-password
-                                                       token user-uuid old-password new-password)
-                              (set-reset-password-status! "E2EE password updated!"))
+                             (set-reset-password-status! "Updating E2EE password ...")
+                             (state/<invoke-db-worker :thread-api/reset-e2ee-password
+                                                      token refresh-token user-uuid old-password new-password)
+                             (set-reset-password-status! "E2EE password updated!"))
                             (p/catch (fn [_] (set-reset-password-status! "Wrong old-password")))))}
            "Reset Password")]))]))
 
diff --git a/src/main/frontend/handler/events/rtc.cljs b/src/main/frontend/handler/events/rtc.cljs
index 4b2c743e74..29601a2a5d 100644
--- a/src/main/frontend/handler/events/rtc.cljs
+++ b/src/main/frontend/handler/events/rtc.cljs
@@ -1,20 +1,31 @@
 (ns frontend.handler.events.rtc
   "RTC events"
-  (:require [frontend.components.e2ee :as e2ee]
+  (:require [frontend.common.crypt :as crypt]
+            [frontend.components.e2ee :as e2ee]
             [frontend.handler.events :as events]
+            [frontend.state :as state]
             [logseq.shui.ui :as shui]
             [promesa.core :as p]))
 
 (defmethod events/handle :rtc/decrypt-user-e2ee-private-key [[_ encrypted-private-key]]
-  (let [private-key-promise (p/deferred)]
+  (let [private-key-promise (p/deferred)
+        refresh-token (state/get-auth-refresh-token)]
     (shui/dialog-close-all!)
-    (shui/dialog-open!
-     #(e2ee/e2ee-password-to-decrypt-private-key encrypted-private-key private-key-promise)
-     {:auto-width? true
-      :content-props {:onPointerDownOutside #(.preventDefault %)}
-      :on-close (fn []
-                  (p/reject! private-key-promise (ex-info "input E2EE password cancelled" {}))
-                  (shui/dialog-close!))})
+    (->
+     (p/let [{:keys [password]} (state/<invoke-db-worker :thread-api/get-e2ee-password refresh-token)
+             private-key (crypt/<decrypt-private-key password encrypted-private-key)]
+       (p/resolve! private-key-promise private-key))
+     (p/catch
+      (fn [error]
+        (prn :debug :read-e2ee-password-failed)
+        (js/console.error error)
+        (shui/dialog-open!
+         #(e2ee/e2ee-password-to-decrypt-private-key encrypted-private-key private-key-promise refresh-token)
+         {:auto-width? true
+          :content-props {:onPointerDownOutside #(.preventDefault %)}
+          :on-close (fn []
+                      (p/reject! private-key-promise (ex-info "input E2EE password cancelled" {}))
+                      (shui/dialog-close!))}))))
     private-key-promise))
 
 (defmethod events/handle :rtc/request-e2ee-password [[_]]
diff --git a/src/main/frontend/state.cljs b/src/main/frontend/state.cljs
index caffa0418a..8d14740867 100644
--- a/src/main/frontend/state.cljs
+++ b/src/main/frontend/state.cljs
@@ -286,7 +286,7 @@
       :reactive/query-dbs                    {}
 
       ;; login, userinfo, token, ...
-      :auth/refresh-token                    (storage/get "refresh-token")
+      :auth/refresh-token                    (some-> (storage/get "refresh-token") str)
       :auth/access-token                     nil
       :auth/id-token                         nil
 
@@ -2149,7 +2149,7 @@ Similar to re-frame subscriptions"
   (sub :auth/id-token))
 
 (defn get-auth-refresh-token []
-  (:auth/refresh-token @state))
+  (str (:auth/refresh-token @state)))
 
 (defn set-file-sync-manager [graph-uuid v]
   (when (and graph-uuid v)
diff --git a/src/main/frontend/worker/rtc/crypt.cljs b/src/main/frontend/worker/rtc/crypt.cljs
index 4c5f625a34..1b291b1d10 100644
--- a/src/main/frontend/worker/rtc/crypt.cljs
+++ b/src/main/frontend/worker/rtc/crypt.cljs
@@ -5,6 +5,7 @@
   Server stores the encrypted AES key, public key, and encrypted private key."
   (:require ["/frontend/idbkv" :as idb-keyval]
             [frontend.common.crypt :as crypt]
+            [frontend.common.file.opfs :as opfs]
             [frontend.common.missionary :as c.m]
             [frontend.common.thread-api :refer [def-thread-api]]
             [frontend.worker.rtc.ws-util :as ws-util]
@@ -15,6 +16,34 @@
   (:import [missionary Cancelled]))
 
 (defonce ^:private store (delay (idb-keyval/newStore "localforage" "keyvaluepairs" 2)))
+(defonce ^:private e2ee-password-file "e2ee-password")
+
+(defn- <save-e2ee-password
+  [refresh-token password]
+  (prn :debug :<save-e2ee-password password)
+  (assert (and (string? refresh-token)
+               (string? password)))
+  (p/let [raw (.encode (js/TextEncoder.) refresh-token)
+          digestbuf (.digest js/crypto.subtle "SHA-256" raw)
+          key-bytes (js/Uint8Array. digestbuf)
+          aes-key (crypt/<import-aes-key key-bytes)
+          result (crypt/<encrypt-text aes-key password)
+          text (ldb/write-transit-str result)]
+    (opfs/<write-text! e2ee-password-file text)))
+
+(defn- <read-e2ee-password
+  [refresh-token]
+  (prn :debug :<read-e2ee-password)
+  (assert (string? refresh-token))
+  (p/let [raw (.encode (js/TextEncoder.) refresh-token)
+          digestbuf (.digest js/crypto.subtle "SHA-256" raw)
+          key-bytes (js/Uint8Array. digestbuf)
+          aes-key (crypt/<import-aes-key key-bytes)
+          text (opfs/<read-text! e2ee-password-file)
+          data (ldb/read-transit-str text)
+          password (crypt/<decrypt-text aes-key data)]
+    (prn :debug :text text :password password)
+    password))
 
 (defn- <get-item
   [k]
@@ -138,14 +167,15 @@
 
 (defn task--reset-user-rsa-private-key
   "Throw if decrypt encrypted-private-key failed."
-  [get-ws-create-task user-uuid old-password new-password]
+  [get-ws-create-task refresh-token user-uuid old-password new-password]
   (m/sp
     (let [{:keys [public-key encrypted-private-key]}
           (m/? (task--fetch-user-rsa-key-pair get-ws-create-task user-uuid))
           private-key (c.m/<? (crypt/<decrypt-private-key old-password encrypted-private-key))
           new-encrypted-private-key (c.m/<? (crypt/<encrypt-private-key new-password private-key))]
       (m/? (task--upload-user-rsa-key-pair get-ws-create-task user-uuid public-key new-encrypted-private-key
-                                           :reset-private-key true)))))
+                                           :reset-private-key true))
+      (m/? (<save-e2ee-password refresh-token new-password)))))
 
 (defn- task--fetch-user-rsa-public-key
   "Fetches the user's RSA public-key from server.
@@ -184,7 +214,7 @@
          :encrypted-private-key encrypted-private-key}))))
 
 (def-thread-api :thread-api/init-user-rsa-key-pair
-  [token user-uuid]
+  [token refresh-token user-uuid]
   (m/sp
     (try
       (let [{:keys [get-ws-create-task]} (ws-util/gen-get-ws-create-map--memoized (ws-util/get-ws-url token))]
@@ -193,12 +223,22 @@
                 {:keys [password]} (c.m/<? (worker-state/<invoke-main-thread :thread-api/request-e2ee-password))
                 encrypted-private-key (c.m/<? (crypt/<encrypt-private-key password privateKey))]
             (m/? (task--upload-user-rsa-key-pair get-ws-create-task user-uuid publicKey encrypted-private-key))
+            (m/? (<save-e2ee-password refresh-token password))
             nil)))
       (catch Cancelled _)
       (catch :default e e))))
 
 (def-thread-api :thread-api/reset-e2ee-password
-  [token user-uuid old-password new-password]
+  [token refresh-token user-uuid old-password new-password]
   (m/sp
     (let [{:keys [get-ws-create-task]} (ws-util/gen-get-ws-create-map--memoized (ws-util/get-ws-url token))]
-      (m/? (task--reset-user-rsa-private-key get-ws-create-task user-uuid old-password new-password)))))
+      (m/? (task--reset-user-rsa-private-key get-ws-create-task refresh-token user-uuid old-password new-password)))))
+
+(def-thread-api :thread-api/get-e2ee-password
+  [refresh-token]
+  (p/let [password (<read-e2ee-password refresh-token)]
+    {:password password}))
+
+(def-thread-api :thread-api/save-e2ee-password
+  [refresh-token password]
+  (<save-e2ee-password refresh-token password))