Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Also use functions with memoizing instead of instance vars
|
|
|
|
|
|
|
|
in ruby 1.9.3 string[i] will be a char. Need to call #ord to make sure we have a charcode.
|
|
This way the controller can easily use @user = @session.authenticate; respond_with @sessoin;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Also added session_test that tests agains values calculated with py_srp
|
|
|
|
authentication module
|
|
We have a session in the server already - duplication there now, merge next
|
|
A client has a set of pwd and login and tries to auth with this.
|
|
|
|
also u does not depend on n
|
|
We still calculate M differently than in SRP 6a
|
|
Some other parts are still missing. Main issue was using hashes of hex representation rather that hashes of byte arrays
|
|
|
|
|
|
|
|
|
|
|
|
still missing the salt in this. auth should be more independent from registry to resemble the real process more closely
|
|
|
|
|
|
|
|
This will most likely become a simple js file once both are more stable.
|
|
People might store the session in a CookieStore - which would probably be a bad idea anyway - but let's be save rather than sorry.
|
|
client
|
|
|
|
|
|
|
|
The example seems to be broken due to changes in srp-js
|
|
|
|
bit of styling added
|
|
|
|
|
|
all large integers are now send as hex strings.
Using sha256_str all over the place.
This finally gives me successful logins. Needs a log of cleanup never the less.
|