From bd88f52b03c2b8061aa753b7d925dd9bc4057e6e Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Tue, 26 Jun 2012 23:02:51 +0200
Subject: first steps towards adding a server side srp flow to the example

---
 example/http-srp.rb      |  5 +++++
 example/models/user.rb   | 13 +++++++++++--
 example/views/layout.erb |  1 +
 example/views/login.erb  | 12 ++++++++++--
 example/views/signup.erb |  2 ++
 5 files changed, 29 insertions(+), 4 deletions(-)

(limited to 'example')

diff --git a/example/http-srp.rb b/example/http-srp.rb
index 4faa149..d0b32dd 100644
--- a/example/http-srp.rb
+++ b/example/http-srp.rb
@@ -3,6 +3,7 @@ require 'pp'
 
 require 'models/user'
 require 'models/log'
+require '../lib/srp'
 
 get '/' do
   @user = User.current
@@ -22,6 +23,10 @@ post '/signup' do
 end
 
 get '/login' do
+  @user = User.current
+  Log.log(:init_server_login, params)
+  @auth = @user.initialize_auth(params)
+  Log.log(:init_client_login, @auth)
   erb :login
 end
 
diff --git a/example/models/user.rb b/example/models/user.rb
index f3f86ba..daea621 100644
--- a/example/models/user.rb
+++ b/example/models/user.rb
@@ -6,15 +6,24 @@ class User
   end
 
   attr_accessor :login
-  attr_accessor :password
+  attr_accessor :salt
+  attr_accessor :verifier
   attr_accessor :active
+  attr_accessor :srp
 
   def signup!(params)
     self.login = params.delete('login')
-    self.password = params.delete('password')
+    self.salt = params.delete('salt').to_i
+    self.verifier = params.delete('verifier').to_i
     self.active = false
   end
 
+  def initialize_auth(params)
+    srp = SRP::Server.new(self.salt, self.verifier)
+    bb, u = srp.initialize_auth(params.delete('aa').to_i)
+    return {:bb => bb, :u => u}
+  end
+
   def login!(params)
     self.active = valid_login?(params[:login], params[:password])
   end
diff --git a/example/views/layout.erb b/example/views/layout.erb
index c68ac23..d7e9985 100644
--- a/example/views/layout.erb
+++ b/example/views/layout.erb
@@ -21,6 +21,7 @@
 
     <%= yield %>
 
+    <script type="text/javascript" src="jquery.min.js"> </script>
     <script type="text/javascript" src="srp.js"> </script>
 
   </body>
diff --git a/example/views/login.erb b/example/views/login.erb
index 32a16e5..131b0b9 100644
--- a/example/views/login.erb
+++ b/example/views/login.erb
@@ -3,12 +3,20 @@
   <legend>Login with the user you <a href="/signup.html">created</a>.</legend>
   <div class="control-group">
     <label class="control-label" for="login">Login</label>
-    <input type="text" class"input-xlarge" name="login"></input>
+    <input type="text" class="input-xlarge" name="login"></input>
   </div>
 
   <div class="control-group">
     <label class="control-label" for="password">Password</label>
-    <input type="password" class"input-xlarge" name="password"></input>
+    <input type="password" class="input-xlarge" name="password"></input>
+  </div>
+  <div class="control-group">
+    <label class="control-label" for="srp-bb">B</label>
+    <input type="text" class="input-xlarge" disabled id="srp-bb" name="srp-bb" value="<%=@auth[:bb]%>"></input>
+  </div>
+  <div class="control-group">
+    <label class="control-label" for="srp-u">u</label>
+    <input type="text" class="input-xlarge" disabled id="srp-u" name="srp-u" value="<%=@auth[:u]%>"></input>
   </div>
 
   <div class="form-actions">
diff --git a/example/views/signup.erb b/example/views/signup.erb
index 3a949ab..baeb007 100644
--- a/example/views/signup.erb
+++ b/example/views/signup.erb
@@ -10,6 +10,8 @@
   <div class="control-group">
     <label class="control-label" for="password">Password</label>
     <input type="password" class"input-xlarge" name="password"></input>
+    <input type="hidden" class"input-xlarge" name="seed" value="624848790506324805995013"></input>
+    <input type="hidden" class"input-xlarge" name="verifier" value="100580140046706175735129154266794946404091486659235926309138114843862401271008476617107722147233360718775042845375531421388163398889326297385327521531575749857884877960888755227994771967905136828058233126017527751738166121598194480710839381273324624500340831193855479639683906360867824492692241079248646622455"></input>
   </div>
 
   <div class="form-actions">
-- 
cgit v1.2.3