diff options
Diffstat (limited to 'example')
-rw-r--r-- | example/http-srp.rb | 15 | ||||
-rw-r--r-- | example/models/user.rb | 12 | ||||
-rw-r--r-- | example/public/srp.js | 10 | ||||
-rw-r--r-- | example/views/layout.erb | 1 | ||||
-rw-r--r-- | example/views/signup.erb | 10 |
5 files changed, 34 insertions, 14 deletions
diff --git a/example/http-srp.rb b/example/http-srp.rb index b2de7bf..e83036f 100644 --- a/example/http-srp.rb +++ b/example/http-srp.rb @@ -14,12 +14,17 @@ get '/signup' do erb :signup end -post '/signup' do +# TODO: Client should generate the salt! +# Getting things to work the srp-js way first. +post '/register/salt/' do Log.clear - Log.log(:signup, params) - @user = User.current - @user.signup!(params) - redirect '/' + @user = User.new(params.delete('I')) + erb :salt, :layout => false, :content_type => :xml +end + +post '/register/user/' do + User.current.verifier = params.delete('v').to_i + erb :ok, :layout => false, :content_type => :xml end get '/login' do diff --git a/example/models/user.rb b/example/models/user.rb index 3ad8147..af92300 100644 --- a/example/models/user.rb +++ b/example/models/user.rb @@ -5,17 +5,21 @@ class User @current ||= User.new end + def self.current=(user) + @current = user + end + attr_accessor :login attr_accessor :salt attr_accessor :verifier attr_accessor :active attr_accessor :srp - def signup!(params) - self.login = params.delete('login') - self.salt = params.delete('salt').to_i - self.verifier = params.delete('verifier').to_i + def initialize(login) + self.login = login + self.salt = OpenSSL::Random.random_bytes(10).unpack("H*")[0] self.active = false + User.current = self end def initialize_auth(params) diff --git a/example/public/srp.js b/example/public/srp.js index e68e220..51aba5c 100644 --- a/example/public/srp.js +++ b/example/public/srp.js @@ -1,5 +1,6 @@ $(document).ready(function(){ $('#login-btn').click(on_login); + $('#signup-btn').click(on_signup); }); function on_login(event) { @@ -7,3 +8,12 @@ function on_login(event) { srp.identify(); event.preventDefault(); } + +function on_signup(event) { + srp = new SRP(); + srp.success = function() { + alert("Signed up successfully"); + }; + srp.register(); + event.preventDefault(); +} diff --git a/example/views/layout.erb b/example/views/layout.erb index ab980c8..f4eae0a 100644 --- a/example/views/layout.erb +++ b/example/views/layout.erb @@ -23,6 +23,7 @@ <script type="text/javascript" src="jquery.min.js"> </script> <script type="text/javascript" src="srp.min.js"> </script> + <script type="text/javascript" src="srp_register.min.js"> </script> <script type="text/javascript" src="srp.js"> </script> </body> diff --git a/example/views/signup.erb b/example/views/signup.erb index baeb007..6e1bbf3 100644 --- a/example/views/signup.erb +++ b/example/views/signup.erb @@ -4,18 +4,18 @@ <legend>Signup to test secure remote passwords</legend> <div class="control-group"> <label class="control-label" for="login">Login</label> - <input type="text" class"input-xlarge" name="login"></input> + <input type="text" class"input-xlarge" name="srp_username" id="srp_username"></input> </div> <div class="control-group"> <label class="control-label" for="password">Password</label> - <input type="password" class"input-xlarge" name="password"></input> - <input type="hidden" class"input-xlarge" name="seed" value="624848790506324805995013"></input> - <input type="hidden" class"input-xlarge" name="verifier" value="100580140046706175735129154266794946404091486659235926309138114843862401271008476617107722147233360718775042845375531421388163398889326297385327521531575749857884877960888755227994771967905136828058233126017527751738166121598194480710839381273324624500340831193855479639683906360867824492692241079248646622455"></input> + <input type="password" class"input-xlarge" name="srp_password" id="srp_password"></input> </div> + <input type="hidden" id="srp_url" name="srp_url" value="/"></input> + <input type="hidden" id="srp_server" name="srp_server" value="django"></input> <div class="form-actions"> - <button type="submit" class="btn btn-primary">Signup</button> + <button type="submit" class="btn btn-primary" id="signup-btn">Signup</button> <a href="/" class="btn">Cancel</a> </div> </form> |