Skip to content

Commit e97ceb5

Browse files
authored
fix: enforce recipient email in Yivi session and add retry on failure (#47)
- In processPolicy(), restore the email attribute value from the publicly known recipient map key before sending the key request to the PKG, so Yivi requires the user to prove that specific email address rather than any email. Private/hint attributes (mobile number etc.) continue to have their values omitted. - Add minimal: true to YiviCore config on the download page - Add retry() function and centered retry button on the IdentityMismatch error state so users can re-scan after proving the wrong identity - Add tryAgain i18n keys (en/nl)
1 parent 7ef7664 commit e97ceb5

3 files changed

Lines changed: 33 additions & 7 deletions

File tree

src/lib/locales/en.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -108,7 +108,8 @@
108108
"notFoundMessage": "Ask the sender to send the files <strong>once more</strong>.",
109109
"identityMismatchTitle": "Decryption failed",
110110
"identityMismatchSubtitle": "The identity you provided does not match the intended recipient.",
111-
"identityMismatchMessage": "Please make sure you are proving the correct email address in Yivi."
111+
"identityMismatchMessage": "Please make sure you are proving the correct email address in Yivi.",
112+
"tryAgain": "Try again"
112113
},
113114
"encryptPanel": {
114115
"fileBox": {

src/lib/locales/nl.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -108,7 +108,8 @@
108108
"notFoundMessage": "Vraag de verzender de bestanden <strong>nog een keer te versturen</strong>.",
109109
"identityMismatchTitle": "Ontsleutelen mislukt",
110110
"identityMismatchSubtitle": "De opgegeven identiteit komt niet overeen met de beoogde ontvanger.",
111-
"identityMismatchMessage": "Zorg ervoor dat u het juiste e-mailadres bewijst in Yivi."
111+
"identityMismatchMessage": "Zorg ervoor dat u het juiste e-mailadres bewijst in Yivi.",
112+
"tryAgain": "Opnieuw proberen"
112113
},
113114
"encryptPanel": {
114115
"fileBox": {

src/routes/download/+page.svelte

Lines changed: 29 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -2,9 +2,9 @@
22
import { onMount, tick } from 'svelte'
33
import { browser, dev } from '$app/environment'
44
import { _ } from 'svelte-i18n'
5-
import YiviCore from '@privacybydesign/yivi-core'
6-
import YiviClient from '@privacybydesign/yivi-client'
7-
import YiviWeb from '@privacybydesign/yivi-web'
5+
import { YiviCore } from '@privacybydesign/yivi-core'
6+
import { YiviClient } from '@privacybydesign/yivi-client'
7+
import { YiviWeb } from '@privacybydesign/yivi-web'
88
import YiviQRCode from '$lib/components/filesharing/YiviQRCode.svelte'
99
import FileList from '$lib/components/filesharing/FileList.svelte'
1010
import { isMobile } from '$lib/browser-detect'
@@ -159,9 +159,14 @@
159159
160160
recipientStripped = JSON.parse(JSON.stringify(recipientAndCreds))
161161
for (const c of recipientStripped) {
162-
delete c.v
162+
if (c.t?.includes('.email.')) {
163+
// Email is the public map key — restore the value so Yivi enforces it
164+
c.v = key
165+
} else {
166+
// Private/hint attributes: don't reveal their value to the PKG
167+
delete c.v
168+
}
163169
}
164-
165170
keyRequest = {
166171
con: recipientStripped,
167172
validity: secondsTill4AM(),
@@ -172,6 +177,11 @@
172177
tick().then(() => startYiviSession())
173178
}
174179
180+
function retry() {
181+
downloadState = 'Ready'
182+
tick().then(() => startYiviSession())
183+
}
184+
175185
async function startYiviSession() {
176186
try {
177187
const { PKG_URL } = await import('$lib/env')
@@ -212,6 +222,7 @@
212222
debugging: false,
213223
session,
214224
element: '#yivi-download',
225+
minimal: true,
215226
language: selectedLang.toLowerCase(),
216227
state: {
217228
serverSentEvents: false,
@@ -389,6 +400,14 @@
389400
{:else if downloadState === 'IdentityMismatch'}
390401
<p class="error-description">{$_('filesharing.decryptpanel.identityMismatchSubtitle')}</p>
391402
<p class="error-description">{$_('filesharing.decryptpanel.identityMismatchMessage')}</p>
403+
<div class="retry-wrapper">
404+
<Chip
405+
text={$_('filesharing.decryptpanel.tryAgain')}
406+
onclick={retry}
407+
size="lg"
408+
variant="dark"
409+
/>
410+
</div>
392411
{/if}
393412
</div>
394413
</div>
@@ -564,6 +583,11 @@
564583
background: var(--pg-general-background);
565584
}
566585
586+
.retry-wrapper {
587+
display: flex;
588+
justify-content: center;
589+
}
590+
567591
.error-description {
568592
margin: 0;
569593
font-family: var(--pg-font-family);

0 commit comments

Comments
 (0)