ruby_srp.git
8 years agoupdated srp-js after forced push
Azul [Tue, 21 Aug 2012 08:57:51 +0000 (10:57 +0200)]
updated srp-js after forced push

8 years agohand over the login on handshake like we normally would
Azul [Mon, 6 Aug 2012 11:07:11 +0000 (13:07 +0200)]
hand over the login on handshake like we normally would

still missing the salt in this. auth should be more independent from registry to resemble the real process more closely

8 years agoadded authenticate! which raises SRP::WrongPassword if it fails, version 0.0.2
Azul [Mon, 6 Aug 2012 10:34:47 +0000 (12:34 +0200)]
added authenticate! which raises SRP::WrongPassword if it fails, version 0.0.2

8 years agoadded gemspec
Azul [Thu, 2 Aug 2012 13:37:51 +0000 (15:37 +0200)]
added gemspec

8 years agomake sure our urls still work with srp-js
Azul [Thu, 2 Aug 2012 13:24:00 +0000 (15:24 +0200)]
make sure our urls still work with srp-js

8 years agobringing in srp-js as a submodule for the example
Azul [Wed, 1 Aug 2012 12:55:25 +0000 (14:55 +0200)]
bringing in srp-js as a submodule for the example

This will most likely become a simple js file once both are more stable.

8 years agowe cache neither the verifier nor the secret in the session just in case
Azul [Thu, 26 Jul 2012 10:08:55 +0000 (12:08 +0200)]
we cache neither the verifier nor the secret in the session just in case

People might store the session in a CookieStore - which would probably be a bad idea anyway - but let's be save rather than sorry.

8 years agosession is handled by the class that includes SRP::Authentication - not the client
Azul [Thu, 26 Jul 2012 09:46:55 +0000 (11:46 +0200)]
session is handled by the class that includes SRP::Authentication - not the client

8 years agoSRP::Authentication::Session holds the per session data
Azul [Thu, 26 Jul 2012 09:33:29 +0000 (11:33 +0200)]
SRP::Authentication::Session holds the per session data

8 years agoremoving the remaining zerofills
Azul [Thu, 26 Jul 2012 08:59:32 +0000 (10:59 +0200)]
removing the remaining zerofills

8 years agoboth sides calculate their own u
Azul [Thu, 26 Jul 2012 08:58:28 +0000 (10:58 +0200)]
both sides calculate their own u

8 years agoturned server class into authentication module - test green, example broken
Azul [Thu, 26 Jul 2012 08:51:42 +0000 (10:51 +0200)]
turned server class into authentication module - test green, example broken

The example seems to be broken due to changes in srp-js

8 years agoremoved debugging output and adjusted ruby client to new server api
Azul [Thu, 26 Jul 2012 08:26:20 +0000 (10:26 +0200)]
removed debugging output and adjusted ruby client to new server api

8 years agomore info and resources on the index page
Azul [Tue, 3 Jul 2012 13:40:21 +0000 (15:40 +0200)]
more info and resources on the index page

bit of styling added

8 years agofixed workflow and reduced copy
Azul [Tue, 3 Jul 2012 12:24:17 +0000 (14:24 +0200)]
fixed workflow and reduced copy

8 years agousing json instead of xml responses
Azul [Tue, 3 Jul 2012 11:50:26 +0000 (13:50 +0200)]
using json instead of xml responses

8 years agoadopted srp algo to srp-js way of doing things.
Azul [Thu, 28 Jun 2012 17:43:40 +0000 (19:43 +0200)]
adopted srp algo to srp-js way of doing things.

all large integers are now send as hex strings.
Using sha256_str all over the place.

This finally gives me successful logins. Needs a log of cleanup never the less.

8 years agocomplete ajax flow is working - just auth fails
Azul [Thu, 28 Jun 2012 14:13:13 +0000 (16:13 +0200)]
complete ajax flow is working - just auth fails

Also we currently generate the salt on the server - this should happen on the client but for now i stick to the srp-js workflow.

8 years agoadjusted user model to use srp
Azul [Wed, 27 Jun 2012 13:26:55 +0000 (15:26 +0200)]
adjusted user model to use srp

8 years agomoved to ajax workflow and integrated srp-js - not quite there yet
Azul [Wed, 27 Jun 2012 13:08:41 +0000 (15:08 +0200)]
moved to ajax workflow and integrated srp-js - not quite there yet

* needs a bit of cleanup from the old workflow
* are client and server using the same primes right now?
* store multiple users on the server side

8 years agofirst steps towards adding a server side srp flow to the example
Azul [Tue, 26 Jun 2012 21:02:51 +0000 (23:02 +0200)]
first steps towards adding a server side srp flow to the example

8 years agomoved user and log class to models, verify prints logs
Azul [Tue, 26 Jun 2012 16:56:43 +0000 (18:56 +0200)]
moved user and log class to models, verify prints logs

8 years agomoved the sample app to it's own subdirectory
Azul [Tue, 26 Jun 2012 16:13:22 +0000 (18:13 +0200)]
moved the sample app to it's own subdirectory

8 years agostress three step layout with a little helper
Azul [Tue, 26 Jun 2012 16:06:28 +0000 (18:06 +0200)]
stress three step layout with a little helper

8 years agousing layout in the sinatra app
Azul [Tue, 26 Jun 2012 15:43:50 +0000 (17:43 +0200)]
using layout in the sinatra app

8 years agoadded simple sinatra app for demoing / testing
Azul [Tue, 26 Jun 2012 15:33:57 +0000 (17:33 +0200)]
added simple sinatra app for demoing / testing

8 years agoadded readme
Azul [Mon, 18 Jun 2012 10:40:03 +0000 (12:40 +0200)]
added readme

8 years agoinitial commit - testing srp auth
Azul [Mon, 18 Jun 2012 10:34:11 +0000 (12:34 +0200)]
initial commit - testing srp auth

* This is lacking a few steps. We confirm the secret is the same but no key is generated from it and it is transfered over the wire in clear.
* this was inspired by https://gist.github.com/790048
* seperated util, client, server and test code