[PM-4260] [BEEEP] Mask TOTP seeds in cipher edit view - similar to how the password is hidden (#6649)

* PoC disallow changing masked values in edit mode and mask TOTP with password * toggle totp seed visibility independently from password visibility in edit mode * cleanup * add fallback value for when a cipher returns a null value for maskedPassword * toggle masks off for maskable login properties with no value on load * do not show mask toggle for password or totp if no value is present
2025-12-10 05:13:29 +00:00 · 2024-01-12 22:35:30 -05:00
parent c53db92f8a
commit eae845d900
3 changed files with 54 additions and 6 deletions
--- a/libs/angular/src/vault/components/add-edit.component.ts
+++ b/libs/angular/src/vault/components/add-edit.component.ts
@@ -64,6 +64,7 @@ export class AddEditComponent implements OnInit, OnDestroy {
  restorePromise: Promise<any>;
  checkPasswordPromise: Promise<number>;
  showPassword = false;
+  showTotpSeed = false;
  showCardNumber = false;
  showCardCode = false;
  cipherType = CipherType;
@@ -216,6 +217,8 @@ export class AddEditComponent implements OnInit, OnDestroy {
    if (!this.allowPersonal && this.organizationId == undefined) {
      this.organizationId = this.defaultOwnerId;
    }
+
+    this.resetMaskState();
  }

  async load() {
@@ -262,6 +265,8 @@ export class AddEditComponent implements OnInit, OnDestroy {
        this.cipher.secureNote.type = SecureNoteType.Generic;
        this.cipher.reprompt = CipherRepromptType.None;
      }
+
+      this.resetMaskState();
    }

    if (this.cipher != null && (!this.editMode || loadedAddEditCipherInfo || this.cloneMode)) {
@@ -501,10 +506,18 @@ export class AddEditComponent implements OnInit, OnDestroy {
    return true;
  }

+  resetMaskState() {
+    // toggle masks off for maskable login properties with no value on init/load
+    this.showTotpSeed = !this.cipher.login?.totp;
+    this.showPassword = !this.cipher.login?.password;
+  }
+
  togglePassword() {
    this.showPassword = !this.showPassword;
-    document.getElementById("loginPassword").focus();
+
    if (this.editMode && this.showPassword) {
+      document.getElementById("loginPassword")?.focus();
+
      this.eventCollectionService.collect(
        EventType.Cipher_ClientToggledPasswordVisible,
        this.cipherId,
@@ -512,6 +525,19 @@ export class AddEditComponent implements OnInit, OnDestroy {
    }
  }

+  toggleTotpSeed() {
+    this.showTotpSeed = !this.showTotpSeed;
+
+    if (this.editMode && this.showTotpSeed) {
+      document.getElementById("loginTotp")?.focus();
+
+      this.eventCollectionService.collect(
+        EventType.Cipher_ClientToggledTOTPSeedVisible,
+        this.cipherId,
+      );
+    }
+  }
+
  async toggleCardNumber() {
    this.showCardNumber = !this.showCardNumber;
    if (this.showCardNumber) {