From 7367bf009d778d96c1c40a20c055bba0596ab2b4 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Tue, 3 Jul 2012 14:24:17 +0200
Subject: fixed workflow and reduced copy

---
 example/public/srp.js    | 13 ++++++++++---
 example/views/index.erb  |  6 +++---
 example/views/layout.erb |  2 +-
 3 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/example/public/srp.js b/example/public/srp.js
index 51aba5c..4a4b9ee 100644
--- a/example/public/srp.js
+++ b/example/public/srp.js
@@ -5,15 +5,22 @@ $(document).ready(function(){
 
 function on_login(event) {
   srp = new SRP();
+  srp.success= on_authenticated;
   srp.identify();
   event.preventDefault();
 }
 
 function on_signup(event) {
   srp = new SRP();
-  srp.success = function() {
-    alert("Signed up successfully");
-  };
+  srp.registered_user = on_registered;
   srp.register();
   event.preventDefault();
 }
+
+function on_registered() {
+  window.location = '/';
+}
+
+function on_authenticated() {
+  window.location = '/';
+}
diff --git a/example/views/index.erb b/example/views/index.erb
index 24d2501..0ff91e1 100644
--- a/example/views/index.erb
+++ b/example/views/index.erb
@@ -3,19 +3,19 @@
   <div class="span4">
     <h2>1. Signup</h2>
     <p>
-    First you signup just like normal. Your browser runs a bit of javascript and does not transfer your password but some validator based on it.
+    Your browser transfers an encrypted verifier based your password. But it does not send the password itself.
     </p>
   </div>
   <div class="span4">
     <h2>2. Login</h2>
     <p>
-    Login using the same credentials. Again javascript is used to calculate a random number and a key based on it that the server then uses to validate your password.
+    You enter your password - your browser exchanges encrypted data with the site to check if it was the right one.
     </p>
   </div>
   <div class="span4">
     <h2>3. Verify</h2>
     <p>
-    The server logs will tell you your password was not transmitted in clear. Never the less the server can determine wether you were authorized.
+    You can see from the logs that your password was not send. The login process is different each time so it can't be replayed.
     </p>
   </div>
 </div>
diff --git a/example/views/layout.erb b/example/views/layout.erb
index fc0eaf1..6b56eac 100644
--- a/example/views/layout.erb
+++ b/example/views/layout.erb
@@ -14,7 +14,7 @@
       <div class="hero-unit span12">
         <h1>Secure Remote Passwords</h1>
         <p>
-        Secure remote passwords allow you to login with a password that will be unkown to the server and anyone eavesdropping
+        Login with a password hidden from the server and anyone eavesdropping.
         </p>
       </div>
     </div>
-- 
cgit v1.2.3