Ausweis/frontend/example-html/script.js

async function decrypt(ciphertext, password) {
	const pwUtf8 = new TextEncoder().encode(password);
	const pwHash = await crypto.subtle.digest('SHA-256', pwUtf8);
	const ctUtf8 = new Uint8Array(ciphertext);
	const iv = ctUtf8.slice(0, 12);
	const alg = { name: 'AES-GCM', iv: iv, additionalData: iv };
	const key = await crypto.subtle.importKey('raw', pwHash, alg, false, ['decrypt']);
	try {
		const buf = await crypto.subtle.decrypt(alg, key, ctUtf8.slice(12));
		return new TextDecoder().decode(buf);
	} catch (e) {
		throw new Error('Decrypt failed')
	}
}

function setError(text) {
	document.getElementById('msg').innerText = text;
}

function setFields(elem, fields) {
	for (const [k, v] of Object.entries(fields)) {
		for (const el of elem.querySelectorAll('#' + k)) {
			el.innerText = v;
		}
	}
}

async function apply(data, password) {
	const json = JSON.parse(await decrypt(data, password));
	const now = new Date().getTime();
	const vA = new Date(json['valid_since'] + 'T00:00:00');
	if (vA.getTime() > now) {
		return setError('Member card not valid yet');
	}
	const vZ = new Date(json['valid_until'] + 'T23:59:59');
	if (vZ.getTime() < now) {
		return setError('Member card expired');
	}
	const pass = document.getElementById('pass');
	const imgElem = pass.querySelector('#img');
	if (imgElem) {
		if (json['img']) {
			imgElem.src = 'data:image;base64,' + json['img'];
		} else {
			imgElem.src = 'img/no-img.svg';
		}
	}
	setFields(pass, {
		name: json['name'],
		member_id: json['id'],
		org_name: json['org'],
		valid: 'on ' + new Date().toLocaleDateString('en'),
	});
	setFields(pass, json['data']); // may overwrite previous fields

	const title = 'Member card for ' + json['name'] + ' – ' + json['org'];
	document.head.querySelector('title').innerText = title;
	document.getElementById('msg').classList.add('hidden');
	pass.classList.remove('hidden');
}

async function onLoad() {
	// reset previous download
	document.getElementById('pass').classList.add('hidden');
	const msg = document.getElementById('msg');
	msg.innerText = msg.dataset.load;
	msg.classList.remove('hidden');
	// download new data
	const [org, uuid, secret] = location.hash.slice(1).split('/');
	if (!org || !uuid || !secret) {
		return setError('Invalid URL');
	}
	const res = await fetch('./data/' + org + '/' + uuid);
	if (!res.ok) {
		return setError('Error loading\n\n' + res.status + ' ' + res.statusText);
	}
	try {
		const data = await res.arrayBuffer();
		await apply(data, secret);
	} catch (e) {
		setError(e);
	}
}

// load and parse data
window.onload = onLoad;
// force reload if hash params change
window.addEventListener('hashchange', onLoad, true);

// -------------
// scale-up card
// -------------

function onResize() {
	const card = document.getElementById('card');
	const sw = window.innerWidth / card.offsetWidth;
	const sh = window.innerHeight / card.offsetHeight;
	card.style.scale = Math.min(Math.min(sw, sh) * 0.97, 2);
}

window.addEventListener('resize', onResize, true);
window.addEventListener('orientationchange', onResize, true);
screen?.orientation?.addEventListener('change', onResize, true);

// -----------------
// check for updates
// -----------------

lastUpdate = new Date().getTime();

function needsUpdate() {
	// reload page if older than 15min
	const now = new Date().getTime();
	if (now - lastUpdate > 900_000) {
		lastUpdate = now;
		onLoad();
	}
}
// setInterval(needsUpdate, 1000);
window.addEventListener('focus', needsUpdate, true);
window.addEventListener('pageshow', needsUpdate, true);
window.addEventListener('visibilitychange', function () {
	!document.hidden && document.visibilityState !== 'hidden' && needsUpdate();
}, true);