diff options
author | Azul <azul@leap.se> | 2012-06-28 19:43:40 +0200 |
---|---|---|
committer | Azul <azul@leap.se> | 2012-06-29 14:55:10 +0200 |
commit | 20bf14939fbd75e3ee0206c2bf14737e2c7ac2c2 (patch) | |
tree | e035c91c65e8e48d6a6af317e900a8fb9897a739 /example/models/user.rb | |
parent | e55ff681bcc5a6c479530d1411a3da75912d78e5 (diff) |
adopted srp algo to srp-js way of doing things.
all large integers are now send as hex strings.
Using sha256_str all over the place.
This finally gives me successful logins. Needs a log of cleanup never the less.
Diffstat (limited to 'example/models/user.rb')
-rw-r--r-- | example/models/user.rb | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/example/models/user.rb b/example/models/user.rb index af92300..d374d36 100644 --- a/example/models/user.rb +++ b/example/models/user.rb @@ -1,8 +1,7 @@ class User def self.current - # p "getting #{@current ? @current.login : 'nil'}" - @current ||= User.new + @current end def self.current=(user) @@ -17,19 +16,20 @@ class User def initialize(login) self.login = login - self.salt = OpenSSL::Random.random_bytes(10).unpack("H*")[0] + self.salt = "5d3055e0acd3ddcfc15".hex + # OpenSSL::Random.random_bytes(10).unpack("H*")[0] self.active = false User.current = self end def initialize_auth(params) self.srp = SRP::Server.new(self.salt, self.verifier) - bb, u = self.srp.initialize_auth(params.delete('A').to_i) + bb, u = self.srp.initialize_auth(params.delete('A').hex) return {:B => bb, :u => u} end def authenticate(params) - if m2 = self.srp.authenticate(params.delete('aa').to_i, params.delete('M').to_i) + if m2 = self.srp.authenticate(params.delete('M').hex) self.active = true return {:M2 => m2} else |