srp.remote = (function(){ var jqueryRest = (function() { // TODO: Do we need to differentiate between PUT and POST? function register(session) { return $.post("/1/users.json", {user: session.signup() }); } function update(session, token) { return $.ajax({ url: "/1/users/" + session.id() + ".json", type: 'PUT', headers: { Authorization: 'Token token="' + token + '"' }, data: {user: session.update() } }); } function handshake(session) { return $.post("/1/sessions.json", session.handshake()); } function authenticate(session) { return $.ajax({ url: "/1/sessions/" + session.login() + ".json", type: 'PUT', data: {client_auth: session.getM()} }); } return { register: register, update: update, handshake: handshake, authenticate: authenticate }; }()); function signup(){ jqueryRest.register(srp.session) .done(srp.signedUp) .fail(error) }; function update(submitEvent){ var form = submitEvent.target; var token = form.dataset.token; jqueryRest.update(srp.session, token) .done(srp.updated) .fail(error) }; function login(){ jqueryRest.handshake(srp.session) .done(receiveSalts) .fail(error) }; function receiveSalts(response){ // B = 0 will make the algorithm always succeed // -> refuse such a server answer if(response.B === 0) { srp.error("Server send random number 0 - could not login."); } else if(! response.salt || response.salt === 0) { srp.error("Server failed to send salt - could not login."); } else { srp.session.calculations(response.salt, response.B); jqueryRest.authenticate(srp.session) .done(confirmAuthentication) .fail(error); } }; // Receive M2 from the server and verify it // If an error occurs, raise it as an alert. function confirmAuthentication(response) { if (srp.session.validate(response.M2)) srp.loggedIn(); else srp.error("Server key does not match"); }; // The server will send error messages as json alongside // the http error response. function error(xhr, text, thrown) { var message; if (xhr.responseText && xhr.responseText != "") { try { message = $.parseJSON(xhr.responseText); } catch (err) { message = xhr.responseText; } } else { message = "Server did not respond."; } srp.error(message); }; return { signup: signup, update: update, login: login } }());