diff options
| author | Azul <azul@riseup.net> | 2018-01-31 10:06:21 +0100 |
|---|---|---|
| committer | Azul <azul@riseup.net> | 2018-01-31 10:06:21 +0100 |
| commit | 44f7e6f800dc1f6f2fc29e713bc49e1255856b2e (patch) | |
| tree | 4916a01bd5ed705ad8690f7605fc379011d6f302 /app/assets/javascripts/srp/src/jqueryRest.js | |
| parent | 8370b62870a3100e126e6434a09eb518c26dfd71 (diff) | |
git subrepo clone https://leap.se/git/srp_js app/assets/javascripts/srp
subrepo:
subdir: "app/assets/javascripts/srp"
merged: "2088cbe"
upstream:
origin: "https://leap.se/git/srp_js"
branch: "master"
commit: "2088cbe"
git-subrepo:
version: "0.3.1"
origin: "https://github.com/ingydotnet/git-subrepo"
commit: "a7ee886"
Diffstat (limited to 'app/assets/javascripts/srp/src/jqueryRest.js')
| -rw-r--r-- | app/assets/javascripts/srp/src/jqueryRest.js | 103 |
1 files changed, 103 insertions, 0 deletions
diff --git a/app/assets/javascripts/srp/src/jqueryRest.js b/app/assets/javascripts/srp/src/jqueryRest.js new file mode 100644 index 0000000..0c58eb2 --- /dev/null +++ b/app/assets/javascripts/srp/src/jqueryRest.js @@ -0,0 +1,103 @@ +srp.remote = (function(){ + var jqueryRest = (function() { + + // TODO: Do we need to differentiate between PUT and POST? + function register(session) { + return $.post("/1/users.json", {user: session.signup() }); + } + + function update(session, token) { + return $.ajax({ + url: "/1/users/" + session.id() + ".json", + type: 'PUT', + headers: { Authorization: 'Token token="' + token + '"' }, + data: {user: session.update() } + }); + } + + function handshake(session) { + return $.post("/1/sessions.json", session.handshake()); + } + + function authenticate(session) { + return $.ajax({ + url: "/1/sessions/" + session.login() + ".json", + type: 'PUT', + data: {client_auth: session.getM()} + }); + } + + return { + register: register, + update: update, + handshake: handshake, + authenticate: authenticate + }; + }()); + + + function signup(){ + jqueryRest.register(srp.session) + .done(srp.signedUp) + .fail(error) + }; + + function update(submitEvent){ + var form = submitEvent.target; + var token = form.dataset.token; + jqueryRest.update(srp.session, token) + .done(srp.updated) + .fail(error) + }; + + function login(){ + jqueryRest.handshake(srp.session) + .done(receiveSalts) + .fail(error) + }; + + function receiveSalts(response){ + // B = 0 will make the algorithm always succeed + // -> refuse such a server answer + if(response.B === 0) { + srp.error("Server send random number 0 - could not login."); + } + else if(! response.salt || response.salt === 0) { + srp.error("Server failed to send salt - could not login."); + } + else + { + srp.session.calculations(response.salt, response.B); + jqueryRest.authenticate(srp.session) + .done(confirmAuthentication) + .fail(error); + } + }; + + // Receive M2 from the server and verify it + // If an error occurs, raise it as an alert. + function confirmAuthentication(response) + { + if (srp.session.validate(response.M2)) + srp.loggedIn(); + else + srp.error("Server key does not match"); + }; + + // The server will send error messages as json alongside + // the http error response. + function error(xhr, text, thrown) + { + if (xhr.responseText && xhr.responseText != "") + srp.error($.parseJSON(xhr.responseText)); + else + srp.error("Server did not respond."); + }; + + return { + signup: signup, + update: update, + login: login + } + +}()); |