diff options
| -rw-r--r-- | http-srp.rb | 8 | ||||
| -rw-r--r-- | public/login.html | 48 | ||||
| -rw-r--r-- | public/signup.html | 48 | ||||
| -rw-r--r-- | views/index.erb | 88 | ||||
| -rw-r--r-- | views/layout.erb | 27 | ||||
| -rw-r--r-- | views/login.erb | 18 | ||||
| -rw-r--r-- | views/signup.erb | 20 |
7 files changed, 103 insertions, 154 deletions
diff --git a/http-srp.rb b/http-srp.rb index f57a6e1..ab1a4f4 100644 --- a/http-srp.rb +++ b/http-srp.rb @@ -34,12 +34,20 @@ get '/' do erb :index end +get '/signup' do + erb :signup +end + post '/signup' do @user = User.current @user.signup!(params) redirect '/' end +get '/login' do + erb :login +end + post '/login' do @user = User.current @user.login!(params) diff --git a/public/login.html b/public/login.html deleted file mode 100644 index 5de7810..0000000 --- a/public/login.html +++ /dev/null @@ -1,48 +0,0 @@ - -<!DOCTYPE html> -<html lang="en"> -<head> - <meta charset="utf-8" /> - <title>Secure remote password</title> - <link rel="stylesheet" type="text/css" href="bootstrap.min.css" /> - <link rel="stylesheet" type="text/css" href="bootstrap-responsive.min.css" /> -</head> -<body> - -<div class="container"> - - <div class="row-fluid"> - <div class="hero-unit span12"> - <h1>Secure Remote Passwords</h1> - <p> - Secure remote passwords allow you to login with a password that will be unkown to the server and anyone eavesdropping - </p> - </div> - </div> - - <h2>2. Login</h2> - <form class="form-horizontal" action="/login" method="POST"> - <legend>Login with the user you <a href="/signup.html">created</a>.</legend> - <div class="control-group"> - <label class="control-label" for="login">Login</label> - <input type="text" class"input-xlarge" name="login"></input> - </div> - - <div class="control-group"> - <label class="control-label" for="password">Password</label> - <input type="password" class"input-xlarge" name="password"></input> - </div> - - <div class="form-actions"> - <button type="submit" class="btn btn-primary">Signup</button> - <a href="/" class="btn">Cancel</a> - </div> - </form> - -</div> - - -<script type="text/javascript" src="srp.js"> </script> - -</body> -</html> diff --git a/public/signup.html b/public/signup.html deleted file mode 100644 index c23abf3..0000000 --- a/public/signup.html +++ /dev/null @@ -1,48 +0,0 @@ - -<!DOCTYPE html> -<html lang="en"> -<head> - <meta charset="utf-8" /> - <title>Secure remote password</title> - <link rel="stylesheet" type="text/css" href="bootstrap.min.css" /> - <link rel="stylesheet" type="text/css" href="bootstrap-responsive.min.css" /> -</head> -<body> - -<div class="container"> - - <div class="row-fluid"> - <div class="hero-unit span12"> - <h1>Secure Remote Passwords</h1> - <p> - Secure remote passwords allow you to login with a password that will be unkown to the server and anyone eavesdropping - </p> - </div> - </div> - - <h2>1. Signup</h2> - <form class="form-horizontal" action="/signup" method="POST"> - <legend>Signup to test secure remote passwords</legend> - <div class="control-group"> - <label class="control-label" for="login">Login</label> - <input type="text" class"input-xlarge" name="login"></input> - </div> - - <div class="control-group"> - <label class="control-label" for="password">Password</label> - <input type="password" class"input-xlarge" name="password"></input> - </div> - - <div class="form-actions"> - <button type="submit" class="btn btn-primary">Signup</button> - <a href="/" class="btn">Cancel</a> - </div> - </form> - -</div> - - -<script type="text/javascript" src="srp.js"> </script> - -</body> -</html> diff --git a/views/index.erb b/views/index.erb index e4995a5..54068c2 100644 --- a/views/index.erb +++ b/views/index.erb @@ -1,63 +1,35 @@ -<!DOCTYPE html> -<html lang="en"> -<head> - <meta charset="utf-8" /> - <title>Secure remote password</title> - <link rel="stylesheet" type="text/css" href="bootstrap.min.css" /> - <link rel="stylesheet" type="text/css" href="bootstrap-responsive.min.css" /> -</head> -<body> -<div class="container"> - - <div class="row-fluid"> - <div class="hero-unit span12"> - <h1>Secure Remote Passwords</h1> - <p> - Secure remote passwords allow you to login with a password that will be unkown to the server and anyone eavesdropping - </p> - </div> - </div> - - - <div class="row-fluid"> - <div class="span4"> - <h2>1. Signup</h2> - <p> - First you signup just like normal. Your browser runs a bit of javascript and does not transfer your password but some validator based on it. - </p> - <% if @user.login %> - <p> You are signed up as <%= @user.login %> - <% if @user.active %> - <p> You are logged in. - <% end %> +<div class="row-fluid"> + <div class="span4"> + <h2>1. Signup</h2> + <p> + First you signup just like normal. Your browser runs a bit of javascript and does not transfer your password but some validator based on it. + </p> + <% if @user.login %> + <p> You are signed up as <%= @user.login %> + <% if @user.active %> + <p> You are logged in. <% end %> - <a href="signup.html" class="btn btn-primary btn-large" id="signup"> - Signup now... - </a> - </div> - <div class="span4"> - <h2>2. Login</h2> - <p> - Login using the same credentials. Again javascript is used to calculate a random number and a key based on it that the server then uses to validate your password. - </p> - <a href="login.html" class="btn btn-large" id="login"> - Login - </a> - </div> - <div class="span4"> - <h2>3. Verify</h2> - <p> - The server logs will tell you your password was not transmitted in clear. Never the less the server can determine wether you were authorized. - </p> - </div> - - - + <% end %> + <a href="signup" class="btn btn-primary btn-large" id="signup"> + Signup now... + </a> + </div> + <div class="span4"> + <h2>2. Login</h2> + <p> + Login using the same credentials. Again javascript is used to calculate a random number and a key based on it that the server then uses to validate your password. + </p> + <a href="login" class="btn btn-large" id="login"> + Login + </a> + </div> + <div class="span4"> + <h2>3. Verify</h2> + <p> + The server logs will tell you your password was not transmitted in clear. Never the less the server can determine wether you were authorized. + </p> + </div> </div> -<script type="text/javascript" src="srp.js"> </script> - -</body> -</html> diff --git a/views/layout.erb b/views/layout.erb new file mode 100644 index 0000000..c68ac23 --- /dev/null +++ b/views/layout.erb @@ -0,0 +1,27 @@ +<!DOCTYPE html> +<html lang="en"> +<head> + <meta charset="utf-8" /> + <title>Secure remote password</title> + <link rel="stylesheet" type="text/css" href="bootstrap.min.css" /> + <link rel="stylesheet" type="text/css" href="bootstrap-responsive.min.css" /> +</head> +<body> + + <div class="container"> + + <div class="row-fluid"> + <div class="hero-unit span12"> + <h1>Secure Remote Passwords</h1> + <p> + Secure remote passwords allow you to login with a password that will be unkown to the server and anyone eavesdropping + </p> + </div> + </div> + + <%= yield %> + + <script type="text/javascript" src="srp.js"> </script> + + </body> +</html> diff --git a/views/login.erb b/views/login.erb new file mode 100644 index 0000000..32a16e5 --- /dev/null +++ b/views/login.erb @@ -0,0 +1,18 @@ +<h2>2. Login</h2> +<form class="form-horizontal" action="/login" method="POST"> + <legend>Login with the user you <a href="/signup.html">created</a>.</legend> + <div class="control-group"> + <label class="control-label" for="login">Login</label> + <input type="text" class"input-xlarge" name="login"></input> + </div> + + <div class="control-group"> + <label class="control-label" for="password">Password</label> + <input type="password" class"input-xlarge" name="password"></input> + </div> + + <div class="form-actions"> + <button type="submit" class="btn btn-primary">Login</button> + <a href="/" class="btn">Cancel</a> + </div> +</form> diff --git a/views/signup.erb b/views/signup.erb new file mode 100644 index 0000000..3a949ab --- /dev/null +++ b/views/signup.erb @@ -0,0 +1,20 @@ + +<h2>1. Signup</h2> +<form class="form-horizontal" action="/signup" method="POST"> + <legend>Signup to test secure remote passwords</legend> + <div class="control-group"> + <label class="control-label" for="login">Login</label> + <input type="text" class"input-xlarge" name="login"></input> + </div> + + <div class="control-group"> + <label class="control-label" for="password">Password</label> + <input type="password" class"input-xlarge" name="password"></input> + </div> + + <div class="form-actions"> + <button type="submit" class="btn btn-primary">Signup</button> + <a href="/" class="btn">Cancel</a> + </div> +</form> + |