example/models/user.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37

class User

  def self.current
    # p "getting #{@current ? @current.login : 'nil'}"
    @current ||= User.new
  end

  attr_accessor :login
  attr_accessor :salt
  attr_accessor :verifier
  attr_accessor :active
  attr_accessor :srp

  def signup!(params)
    self.login = params.delete('login')
    self.salt = params.delete('salt').to_i
    self.verifier = params.delete('verifier').to_i
    self.active = false
  end

  def initialize_auth(params)
    self.srp = SRP::Server.new(self.salt, self.verifier)
    bb, u = self.srp.initialize_auth(params.delete('A').to_i)
    return {:B => bb, :u => u}
  end

  def authenticate(params)
    if m2 = self.srp.authenticate(params.delete('aa').to_i, params.delete('M').to_i)
      self.active = true
      return {:M2 => m2}
    else
      self.active = false
      return {:error => "Access Denied"}
    end
  end

end