Age | Commit message (Collapse) | Author | |
---|---|---|---|
2012-08-21 | updated srp-js after forced push | Azul | |
2012-08-06 | hand over the login on handshake like we normally would | Azul | |
still missing the salt in this. auth should be more independent from registry to resemble the real process more closely | |||
2012-08-06 | added authenticate! which raises SRP::WrongPassword if it fails, version 0.0.2 | Azul | |
2012-08-02 | added gemspec | Azul | |
2012-08-02 | make sure our urls still work with srp-js | Azul | |
2012-08-01 | bringing in srp-js as a submodule for the example | Azul | |
This will most likely become a simple js file once both are more stable. | |||
2012-07-26 | we cache neither the verifier nor the secret in the session just in case | Azul | |
People might store the session in a CookieStore - which would probably be a bad idea anyway - but let's be save rather than sorry. | |||
2012-07-26 | session is handled by the class that includes SRP::Authentication - not the ↵ | Azul | |
client | |||
2012-07-26 | SRP::Authentication::Session holds the per session data | Azul | |
2012-07-26 | removing the remaining zerofills | Azul | |
2012-07-26 | both sides calculate their own u | Azul | |
2012-07-26 | turned server class into authentication module - test green, example broken | Azul | |
The example seems to be broken due to changes in srp-js | |||
2012-07-26 | removed debugging output and adjusted ruby client to new server api | Azul | |
2012-07-03 | more info and resources on the index page | Azul | |
bit of styling added | |||
2012-07-03 | fixed workflow and reduced copy | Azul | |
2012-07-03 | using json instead of xml responses | Azul | |
2012-06-29 | adopted srp algo to srp-js way of doing things. | Azul | |
all large integers are now send as hex strings. Using sha256_str all over the place. This finally gives me successful logins. Needs a log of cleanup never the less. | |||
2012-06-28 | complete ajax flow is working - just auth fails | Azul | |
Also we currently generate the salt on the server - this should happen on the client but for now i stick to the srp-js workflow. | |||
2012-06-27 | adjusted user model to use srp | Azul | |
2012-06-27 | moved to ajax workflow and integrated srp-js - not quite there yet | Azul | |
* needs a bit of cleanup from the old workflow * are client and server using the same primes right now? * store multiple users on the server side | |||
2012-06-26 | first steps towards adding a server side srp flow to the example | Azul | |
2012-06-26 | moved user and log class to models, verify prints logs | Azul | |
2012-06-26 | moved the sample app to it's own subdirectory | Azul | |
2012-06-26 | stress three step layout with a little helper | Azul | |
2012-06-26 | using layout in the sinatra app | Azul | |
2012-06-26 | added simple sinatra app for demoing / testing | Azul | |
2012-06-18 | added readme | Azul | |
2012-06-18 | initial commit - testing srp auth | Azul | |
* This is lacking a few steps. We confirm the secret is the same but no key is generated from it and it is transfered over the wire in clear. * this was inspired by https://gist.github.com/790048 * seperated util, client, server and test code |