From 95df478b7d3f62e2893499aa7a801b0cacb19dcd Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Wed, 27 Jun 2012 15:08:41 +0200
Subject: moved to ajax workflow and integrated srp-js - not quite there yet

* needs a bit of cleanup from the old workflow
* are client and server using the same primes right now?
* store multiple users on the server side
---
 example/models/user.rb | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

(limited to 'example/models/user.rb')

diff --git a/example/models/user.rb b/example/models/user.rb
index daea621..ffbdf62 100644
--- a/example/models/user.rb
+++ b/example/models/user.rb
@@ -19,11 +19,20 @@ class User
   end
 
   def initialize_auth(params)
-    srp = SRP::Server.new(self.salt, self.verifier)
-    bb, u = srp.initialize_auth(params.delete('aa').to_i)
-    return {:bb => bb, :u => u}
+    self.srp = SRP::Server.new(self.salt, self.verifier)
+    bb, u = self.srp.initialize_auth(params.delete('A').to_i)
+    return {:B => bb, :u => u}
   end
 
+  def authenticate(params)
+    if m2 = self.srp.authenticate(params.delete('aa').to_i, params.delete('M').to_i)
+      return {:M2 => m2}
+    else
+      return {:error => "Access Denied"}
+    end
+  end
+
+
   def login!(params)
     self.active = valid_login?(params[:login], params[:password])
   end
-- 
cgit v1.2.3