10 files changed, 156 insertions, 13 deletions
diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
index 191b2b6..87f66d5 100644
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@@ -4,6 +4,7 @@ namespace App\Http\Controllers\Auth;
 
 use App\Http\Controllers\Controller;
 use Illuminate\Foundation\Auth\AuthenticatesUsers;
+use Illuminate\Http\Request;
 
 class LoginController extends Controller
 {
@@ -16,16 +17,21 @@ class LoginController extends Controller
     | redirecting them to your home screen. The controller uses a trait
     | to conveniently provide its functionality to your applications.
     |
-    */
+     */
 
     use AuthenticatesUsers;
 
+    protected function authenticated(Request $request, $user)
+    {
+        return redirect('/keys/cookie/public');
+    }
+
     /**
      * Where to redirect users after login.
      *
      * @var string
      */
-    protected $redirectTo = '/';
+    protected $redirectTo = '/keys/cookie/public';
 
     /**
      * Create a new controller instance.
diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php
index be65e85..fb7a4c1 100644
--- a/app/Http/Controllers/Auth/RegisterController.php
+++ b/app/Http/Controllers/Auth/RegisterController.php
@@ -28,7 +28,7 @@ class RegisterController extends Controller
      *
      * @var string
      */
-    protected $redirectTo = '/';
+    protected $redirectTo = '/keys/cookie/public';
 
     /**
      * Create a new controller instance.
diff --git a/app/Http/Controllers/PublicKeyController.php b/app/Http/Controllers/PublicKeyController.php
index d17a6f2..3257646 100644
--- a/app/Http/Controllers/PublicKeyController.php
+++ b/app/Http/Controllers/PublicKeyController.php
@@ -3,8 +3,10 @@
 namespace App\Http\Controllers;
 
 use App\PublicKeys;
+use Auth;
+use Cookie;
+use Illuminate\Foundation\Auth\User;
 use Illuminate\Http\Request;
-use Illuminate\Support\Facades\Validator;
 
 class PublicKeyController extends Controller
 {
@@ -16,7 +18,7 @@ class PublicKeyController extends Controller
         return $public_key ? $public_key : abort(404, "This public key doesn't exist.");
     }
 
-    public function setUsersKey(Request $request, $user_id)
+    public function setUsersKey(Request $request)
     {
         $request->validate([
             'key' => 'required|max:4096',
@@ -27,6 +29,21 @@ class PublicKeyController extends Controller
         $public_key->key = $request->input('key');
         $public_key->save();
 
-        return response()->json(['success' => 'Successfully inserted public key.']);
+        return response()->json(['message' => 'Successfully inserted public key.']);
+    }
+
+    public function setUsersKeyCookie(Request $request)
+    {
+        if ($_COOKIE['publickey'] !== null) {
+            $user = Auth::user();
+            $public_key = PublicKeys::firstOrNew(['user_id' => $user->id]);
+            $public_key->user_id = $user->id;
+            $public_key->key = $_COOKIE['publickey'];
+            $public_key->save();
+
+            return redirect('/');
+        } else {
+            abort(400, "Public key is malformed.");
+        }
     }
 }
diff --git a/public/js/initial_key_gen.js b/public/js/initial_key_gen.js
new file mode 100644
index 0000000..07522c4
--- /dev/null
+++ b/public/js/initial_key_gen.js
@@ -0,0 +1,83 @@
+/******/ (function(modules) { // webpackBootstrap
+/******/ 	// The module cache
+/******/ 	var installedModules = {};
+/******/
+/******/ 	// The require function
+/******/ 	function __webpack_require__(moduleId) {
+/******/
+/******/ 		// Check if module is in cache
+/******/ 		if(installedModules[moduleId]) {
+/******/ 			return installedModules[moduleId].exports;
+/******/ 		}
+/******/ 		// Create a new module (and put it into the cache)
+/******/ 		var module = installedModules[moduleId] = {
+/******/ 			i: moduleId,
+/******/ 			l: false,
+/******/ 			exports: {}
+/******/ 		};
+/******/
+/******/ 		// Execute the module function
+/******/ 		modules[moduleId].call(module.exports, module, module.exports, __webpack_require__);
+/******/
+/******/ 		// Flag the module as loaded
+/******/ 		module.l = true;
+/******/
+/******/ 		// Return the exports of the module
+/******/ 		return module.exports;
+/******/ 	}
+/******/
+/******/
+/******/ 	// expose the modules object (__webpack_modules__)
+/******/ 	__webpack_require__.m = modules;
+/******/
+/******/ 	// expose the module cache
+/******/ 	__webpack_require__.c = installedModules;
+/******/
+/******/ 	// define getter function for harmony exports
+/******/ 	__webpack_require__.d = function(exports, name, getter) {
+/******/ 		if(!__webpack_require__.o(exports, name)) {
+/******/ 			Object.defineProperty(exports, name, {
+/******/ 				configurable: false,
+/******/ 				enumerable: true,
+/******/ 				get: getter
+/******/ 			});
+/******/ 		}
+/******/ 	};
+/******/
+/******/ 	// getDefaultExport function for compatibility with non-harmony modules
+/******/ 	__webpack_require__.n = function(module) {
+/******/ 		var getter = module && module.__esModule ?
+/******/ 			function getDefault() { return module['default']; } :
+/******/ 			function getModuleExports() { return module; };
+/******/ 		__webpack_require__.d(getter, 'a', getter);
+/******/ 		return getter;
+/******/ 	};
+/******/
+/******/ 	// Object.prototype.hasOwnProperty.call
+/******/ 	__webpack_require__.o = function(object, property) { return Object.prototype.hasOwnProperty.call(object, property); };
+/******/
+/******/ 	// __webpack_public_path__
+/******/ 	__webpack_require__.p = "/";
+/******/
+/******/ 	// Load entry module and return exports
+/******/ 	return __webpack_require__(__webpack_require__.s = 44);
+/******/ })
+/************************************************************************/
+/******/ ({
+
+/***/ 44:
+/***/ (function(module, exports, __webpack_require__) {
+
+module.exports = __webpack_require__(45);
+
+
+/***/ }),
+
+/***/ 45:
+/***/ (function(module, exports) {
+
+eval("$('form[keygen]').submit(function (event) {\n    event.preventDefault();\n\n    $('button[type=\"submit\"]').attr(\"disabled\", true).html('Loading...');\n\n    var openpgp = window.openpgp;\n\n    var options = {\n        userIds: [{\n            email: $(\"input#email\").val()\n        }],\n        numBits: 4096,\n        passphrase: $(\"input#password\").val()\n    };\n\n    openpgp.generateKey(options).then(function (key) {\n        var privateKey = key.privateKeyArmored;\n        var publicKey = key.publicKeyArmored;\n\n        localStorage.setItem(\"privkey\", privateKey);\n\n        var now = new Date();\n        var time = now.getTime();\n        time += 3600 * 1000;\n        now.setTime(time);\n        document.cookie = \"publickey=\" + encodeURI(publicKey.substr(96).slice(0, -35)) + \"; expires=\" + now.toUTCString() + \";\";\n\n        $('form[keygen]').unbind('submit').submit();\n    });\n});//# sourceURL=[module]\n//# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjozLCJzb3VyY2VzIjpbIndlYnBhY2s6Ly8vLi9yZXNvdXJjZXMvYXNzZXRzL2pzL2luaXRpYWxfa2V5X2dlbi5qcz8xMDVlIl0sIm5hbWVzIjpbIiQiLCJzdWJtaXQiLCJldmVudCIsInByZXZlbnREZWZhdWx0IiwiYXR0ciIsImh0bWwiLCJvcGVucGdwIiwid2luZG93Iiwib3B0aW9ucyIsInVzZXJJZHMiLCJlbWFpbCIsInZhbCIsIm51bUJpdHMiLCJwYXNzcGhyYXNlIiwiZ2VuZXJhdGVLZXkiLCJ0aGVuIiwia2V5IiwicHJpdmF0ZUtleSIsInByaXZhdGVLZXlBcm1vcmVkIiwicHVibGljS2V5IiwicHVibGljS2V5QXJtb3JlZCIsImxvY2FsU3RvcmFnZSIsInNldEl0ZW0iLCJub3ciLCJEYXRlIiwidGltZSIsImdldFRpbWUiLCJzZXRUaW1lIiwiZG9jdW1lbnQiLCJjb29raWUiLCJlbmNvZGVVUkkiLCJzdWJzdHIiLCJzbGljZSIsInRvVVRDU3RyaW5nIiwidW5iaW5kIl0sIm1hcHBpbmdzIjoiQUFBQUEsRUFBRSxjQUFGLEVBQWtCQyxNQUFsQixDQUF5QixVQUFDQyxLQUFELEVBQVc7QUFDaENBLFVBQU1DLGNBQU47O0FBRUFILE1BQUUsdUJBQUYsRUFBMkJJLElBQTNCLENBQWdDLFVBQWhDLEVBQTRDLElBQTVDLEVBQWtEQyxJQUFsRCxDQUF1RCxZQUF2RDs7QUFFQSxRQUFJQyxVQUFVQyxPQUFPRCxPQUFyQjs7QUFFQSxRQUFJRSxVQUFVO0FBQ1ZDLGlCQUFTLENBQUM7QUFDTkMsbUJBQU9WLEVBQUUsYUFBRixFQUFpQlcsR0FBakI7QUFERCxTQUFELENBREM7QUFJVkMsaUJBQVMsSUFKQztBQUtWQyxvQkFBWWIsRUFBRSxnQkFBRixFQUFvQlcsR0FBcEI7QUFMRixLQUFkOztBQVFBTCxZQUFRUSxXQUFSLENBQW9CTixPQUFwQixFQUE2Qk8sSUFBN0IsQ0FBa0MsVUFBQ0MsR0FBRCxFQUFTO0FBQ3ZDLFlBQUlDLGFBQWFELElBQUlFLGlCQUFyQjtBQUNBLFlBQUlDLFlBQVlILElBQUlJLGdCQUFwQjs7QUFFQUMscUJBQWFDLE9BQWIsQ0FBcUIsU0FBckIsRUFBZ0NMLFVBQWhDOztBQUVBLFlBQUlNLE1BQU0sSUFBSUMsSUFBSixFQUFWO0FBQ0EsWUFBSUMsT0FBT0YsSUFBSUcsT0FBSixFQUFYO0FBQ0FELGdCQUFRLE9BQU8sSUFBZjtBQUNBRixZQUFJSSxPQUFKLENBQVlGLElBQVo7QUFDQUcsaUJBQVNDLE1BQVQsR0FBa0IsZUFBZUMsVUFBVVgsVUFBVVksTUFBVixDQUFpQixFQUFqQixFQUFxQkMsS0FBckIsQ0FBMkIsQ0FBM0IsRUFBOEIsQ0FBQyxFQUEvQixDQUFWLENBQWYsR0FBK0QsWUFBL0QsR0FBOEVULElBQUlVLFdBQUosRUFBOUUsR0FBa0csR0FBcEg7O0FBRUFqQyxVQUFFLGNBQUYsRUFBa0JrQyxNQUFsQixDQUF5QixRQUF6QixFQUFtQ2pDLE1BQW5DO0FBQ0gsS0FiRDtBQWNILENBN0JEIiwiZmlsZSI6IjQ1LmpzIiwic291cmNlc0NvbnRlbnQiOlsiJCgnZm9ybVtrZXlnZW5dJykuc3VibWl0KChldmVudCkgPT4ge1xuICAgIGV2ZW50LnByZXZlbnREZWZhdWx0KCk7XG5cbiAgICAkKCdidXR0b25bdHlwZT1cInN1Ym1pdFwiXScpLmF0dHIoXCJkaXNhYmxlZFwiLCB0cnVlKS5odG1sKCdMb2FkaW5nLi4uJyk7XG5cbiAgICB2YXIgb3BlbnBncCA9IHdpbmRvdy5vcGVucGdwO1xuXG4gICAgdmFyIG9wdGlvbnMgPSB7XG4gICAgICAgIHVzZXJJZHM6IFt7XG4gICAgICAgICAgICBlbWFpbDogJChcImlucHV0I2VtYWlsXCIpLnZhbCgpXG4gICAgICAgIH1dLFxuICAgICAgICBudW1CaXRzOiA0MDk2LFxuICAgICAgICBwYXNzcGhyYXNlOiAkKFwiaW5wdXQjcGFzc3dvcmRcIikudmFsKClcbiAgICB9O1xuXG4gICAgb3BlbnBncC5nZW5lcmF0ZUtleShvcHRpb25zKS50aGVuKChrZXkpID0+IHtcbiAgICAgICAgdmFyIHByaXZhdGVLZXkgPSBrZXkucHJpdmF0ZUtleUFybW9yZWQ7XG4gICAgICAgIHZhciBwdWJsaWNLZXkgPSBrZXkucHVibGljS2V5QXJtb3JlZDtcblxuICAgICAgICBsb2NhbFN0b3JhZ2Uuc2V0SXRlbShcInByaXZrZXlcIiwgcHJpdmF0ZUtleSk7XG5cbiAgICAgICAgdmFyIG5vdyA9IG5ldyBEYXRlKCk7XG4gICAgICAgIHZhciB0aW1lID0gbm93LmdldFRpbWUoKTtcbiAgICAgICAgdGltZSArPSAzNjAwICogMTAwMDtcbiAgICAgICAgbm93LnNldFRpbWUodGltZSk7XG4gICAgICAgIGRvY3VtZW50LmNvb2tpZSA9IFwicHVibGlja2V5PVwiICsgZW5jb2RlVVJJKHB1YmxpY0tleS5zdWJzdHIoOTYpLnNsaWNlKDAsIC0zNSkpICsgXCI7IGV4cGlyZXM9XCIgKyBub3cudG9VVENTdHJpbmcoKSArIFwiO1wiO1xuXG4gICAgICAgICQoJ2Zvcm1ba2V5Z2VuXScpLnVuYmluZCgnc3VibWl0Jykuc3VibWl0KCk7XG4gICAgfSk7XG59KTtcblxuXG4vLyBXRUJQQUNLIEZPT1RFUiAvL1xuLy8gLi9yZXNvdXJjZXMvYXNzZXRzL2pzL2luaXRpYWxfa2V5X2dlbi5qcyJdLCJzb3VyY2VSb290IjoiIn0=\n//# sourceURL=webpack-internal:///45\n");
+
+/***/ })
+
+/******/ });
+\ No newline at end of file
diff --git a/public/mix-manifest.json b/public/mix-manifest.json
index 585e57f..e9d0e3e 100644
--- a/public/mix-manifest.json
+++ b/public/mix-manifest.json
@@ -1,4 +1,5 @@
 {
     "/js/app.js": "/js/app.js",
-    "/css/app.css": "/css/app.css"
+    "/css/app.css": "/css/app.css",
+    "/js/initial_key_gen.js": "/js/initial_key_gen.js"
 }
 \ No newline at end of file
diff --git a/resources/assets/js/initial_key_gen.js b/resources/assets/js/initial_key_gen.js
new file mode 100644
index 0000000..1b6875f
--- /dev/null
+++ b/resources/assets/js/initial_key_gen.js
@@ -0,0 +1,30 @@
+$('form[keygen]').submit((event) => {
+    event.preventDefault();
+
+    $('button[type="submit"]').attr("disabled", true).html('Loading...');
+
+    var openpgp = window.openpgp;
+
+    var options = {
+        userIds: [{
+            email: $("input#email").val()
+        }],
+        numBits: 4096,
+        passphrase: $("input#password").val()
+    };
+
+    openpgp.generateKey(options).then((key) => {
+        var privateKey = key.privateKeyArmored;
+        var publicKey = key.publicKeyArmored;
+
+        localStorage.setItem("privkey", privateKey);
+
+        var now = new Date();
+        var time = now.getTime();
+        time += 3600 * 1000;
+        now.setTime(time);
+        document.cookie = "publickey=" + encodeURI(publicKey.substr(96).slice(0, -35)) + "; expires=" + now.toUTCString() + ";";
+
+        $('form[keygen]').unbind('submit').submit();
+    });
+});
+\ No newline at end of file
diff --git a/resources/views/auth/login.blade.php b/resources/views/auth/login.blade.php
index 9fd12a7..119cfe1 100644
--- a/resources/views/auth/login.blade.php
+++ b/resources/views/auth/login.blade.php
@@ -1,6 +1,8 @@
 @extends('layouts.app')
 
 @section('content')
+<script src="{{ asset('js/initial_key_gen.js') }}" defer></script>
+
 <div class="container">
     <div class="row justify-content-center">
         <div class="col-md-8">
@@ -8,7 +10,7 @@
                 <div class="card-header">{{ __('Login') }}</div>
 
                 <div class="card-body">
-                    <form method="POST" action="{{ route('login') }}" aria-label="{{ __('Login') }}">
+                    <form keygen method="POST" action="{{ route('login') }}" aria-label="{{ __('Login') }}">
                         @csrf
 
                         <div class="form-group row">
diff --git a/resources/views/auth/register.blade.php b/resources/views/auth/register.blade.php
index f9dd662..150046d 100644
--- a/resources/views/auth/register.blade.php
+++ b/resources/views/auth/register.blade.php
@@ -1,6 +1,8 @@
 @extends('layouts.app')
 
 @section('content')
+<script src="{{ asset('js/initial_key_gen.js') }}" defer></script>
+
 <div class="container">
     <div class="row justify-content-center">
         <div class="col-md-8">
@@ -8,7 +10,7 @@
                 <div class="card-header">{{ __('Register') }}</div>
 
                 <div class="card-body">
-                    <form method="POST" action="{{ route('register') }}" aria-label="{{ __('Register') }}">
+                    <form keygen method="POST" action="{{ route('register') }}" aria-label="{{ __('Register') }}">
                         @csrf
 
                         <div class="form-group row">
@@ -63,7 +65,7 @@
 
                         <div class="form-group row mb-0">
                             <div class="col-md-6 offset-md-4">
-                                <button type="submit" class="btn btn-primary">
+                                <button disabled type="submit" class="btn btn-primary">
                                     {{ __('Register') }}
                                 </button>
                             </div>
diff --git a/routes/web.php b/routes/web.php
index 079960e..0cbb526 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -15,9 +15,10 @@ Route::middleware('auth', 'throttle:30') // throttle to 30 per minute
         Route::get('/', ['as' => 'writeMessage', 'uses' => 'SocketController@writeMessage']);
         Route::get('avatar/{user_id}', 'ImageController@getAvatar');
         Route::get('profile', 'UserController@Profile');
+        Route::get('keys/cookie/public/', 'PublicKeyController@setUsersKeyCookie'); // actually it's a post but it has to be get (via cookie) => TODO:
         Route::get('keys/public/{user_id}', 'PublicKeyController@getUsersKey');
 
         Route::post('avatar', 'UserController@updateAvatar');
-        Route::post('keys/public/{user_id}', 'PublicKeyController@setUsersKey');
+        Route::post('keys/public', 'PublicKeyController@setUsersKey');
         Route::post('sendMessage', 'SocketController@sendMessage');
     });
diff --git a/webpack.mix.js b/webpack.mix.js
index bf1ff0f..f314c30 100755
--- a/webpack.mix.js
+++ b/webpack.mix.js
@@ -14,5 +14,6 @@ let mix = require('laravel-mix');
 mix.disableNotifications();
 
 mix.js('resources/assets/js/app.js', 'public/js')
-   .sass('resources/assets/sass/app.scss', 'public/css')
-   .sourceMaps();
+    .js('resources/assets/js/initial_key_gen.js', 'public/js')
+    .sass('resources/assets/sass/app.scss', 'public/css')
+    .sourceMaps();
+\ No newline at end of file