summaryrefslogtreecommitdiff
path: root/app/assets/javascripts/srp/src/jqueryRest.js
diff options
context:
space:
mode:
Diffstat (limited to 'app/assets/javascripts/srp/src/jqueryRest.js')
-rw-r--r--app/assets/javascripts/srp/src/jqueryRest.js103
1 files changed, 103 insertions, 0 deletions
diff --git a/app/assets/javascripts/srp/src/jqueryRest.js b/app/assets/javascripts/srp/src/jqueryRest.js
new file mode 100644
index 0000000..0c58eb2
--- /dev/null
+++ b/app/assets/javascripts/srp/src/jqueryRest.js
@@ -0,0 +1,103 @@
+srp.remote = (function(){
+ var jqueryRest = (function() {
+
+ // TODO: Do we need to differentiate between PUT and POST?
+ function register(session) {
+ return $.post("/1/users.json", {user: session.signup() });
+ }
+
+ function update(session, token) {
+ return $.ajax({
+ url: "/1/users/" + session.id() + ".json",
+ type: 'PUT',
+ headers: { Authorization: 'Token token="' + token + '"' },
+ data: {user: session.update() }
+ });
+ }
+
+ function handshake(session) {
+ return $.post("/1/sessions.json", session.handshake());
+ }
+
+ function authenticate(session) {
+ return $.ajax({
+ url: "/1/sessions/" + session.login() + ".json",
+ type: 'PUT',
+ data: {client_auth: session.getM()}
+ });
+ }
+
+ return {
+ register: register,
+ update: update,
+ handshake: handshake,
+ authenticate: authenticate
+ };
+ }());
+
+
+ function signup(){
+ jqueryRest.register(srp.session)
+ .done(srp.signedUp)
+ .fail(error)
+ };
+
+ function update(submitEvent){
+ var form = submitEvent.target;
+ var token = form.dataset.token;
+ jqueryRest.update(srp.session, token)
+ .done(srp.updated)
+ .fail(error)
+ };
+
+ function login(){
+ jqueryRest.handshake(srp.session)
+ .done(receiveSalts)
+ .fail(error)
+ };
+
+ function receiveSalts(response){
+ // B = 0 will make the algorithm always succeed
+ // -> refuse such a server answer
+ if(response.B === 0) {
+ srp.error("Server send random number 0 - could not login.");
+ }
+ else if(! response.salt || response.salt === 0) {
+ srp.error("Server failed to send salt - could not login.");
+ }
+ else
+ {
+ srp.session.calculations(response.salt, response.B);
+ jqueryRest.authenticate(srp.session)
+ .done(confirmAuthentication)
+ .fail(error);
+ }
+ };
+
+ // Receive M2 from the server and verify it
+ // If an error occurs, raise it as an alert.
+ function confirmAuthentication(response)
+ {
+ if (srp.session.validate(response.M2))
+ srp.loggedIn();
+ else
+ srp.error("Server key does not match");
+ };
+
+ // The server will send error messages as json alongside
+ // the http error response.
+ function error(xhr, text, thrown)
+ {
+ if (xhr.responseText && xhr.responseText != "")
+ srp.error($.parseJSON(xhr.responseText));
+ else
+ srp.error("Server did not respond.");
+ };
+
+ return {
+ signup: signup,
+ update: update,
+ login: login
+ }
+
+}());
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-08 16:20:16 +0000