Moved register and login page to templates rather than cluttering views.py. Also added a 'key' function to the SRP javascript library, in case anyone wants to use K for encrypting communications.

author: ausiv4 <ausiv4@eb105b4a-77de-11de-a249-6bf219df57d5> 2009-07-25 17:13:27 +0000
committer: ausiv4 <ausiv4@eb105b4a-77de-11de-a249-6bf219df57d5> 2009-07-25 17:13:27 +0000
commit: 422e476f496d944f0713484cbe0ee11b180cb12d (patch)
tree: 3e2bc0bacfd168f0cc95ea93b4f68d0128271c35
parent: c83993abf777096e8d174d2162d0974f11758797 (diff)
4 files changed, 97 insertions, 80 deletions
diff --git a/django/srpproject/srp/views.py b/django/srpproject/srp/views.py
index caa6076..1ad98dc 100644
--- a/django/srpproject/srp/views.py
+++ b/django/srpproject/srp/views.py
@@ -27,88 +27,12 @@ def generate_fake_salt(I):
     return salt, int(hashlib.sha256("%s:%s" % (salt, settings.SECRET_KEY)).hexdigest(), 16)
     
 def login_page(request):
-    return HttpResponse("""<html>
- <head>
-    <script src="http://%s/srp-test/javascript/SHA256.js"></script>
-    <script src="http://%s/srp-test/javascript/prng4.js"></script>
-    <script src="http://%s/srp-test/javascript/rng.js"></script>
-    <script src="http://%s/srp-test/javascript/jsbn.js"></script>
-    <script src="http://%s/srp-test/javascript/jsbn2.js"></script>
-    <script src="http://%s/srp-test/javascript/srp.js"></script>
-    <script type="text/javascript">
-    function login()
-    {
-        var username = document.getElementById("srp_username").value;
-        var password = document.getElementById("srp_password").value;
-        var url = window.location.protocol+"//"+window.location.host+"/srp/";
-        srp = new SRP(username, password, "django", url);
-        srp.success = function()
-        {
-            alert("We win");
-        };
-        srp.identify();
-        return false;
-    }
-    </script>
- </head>
- <body>
-    <form action="." onsubmit="return login()">
-    <table>
-    <tr><td>Username:</td><td><input type="text" id="srp_username" /></td></tr>
-    <tr><td>Password:</td><td><input type="password" id="srp_password" /></td></tr>
-    </table>
-    <input type="submit"/>
-    </form>
- </body>
-</html>""" % (request.get_host(), request.get_host(), request.get_host(),request.get_host(), request.get_host(), request.get_host()))
+    from django.shortcuts import render_to_response
+    return render_to_response('login.html',{'static_files': "http://%s/srp-test/javascript" % request.get_host()})
 
 def register_page(request):
-    return HttpResponse("""<html>
- <head>
-    <script src="http://%s/srp-test/javascript/SHA256.js"></script>
-    <script src="http://%s/srp-test/javascript/prng4.js"></script>
-    <script src="http://%s/srp-test/javascript/rng.js"></script>
-    <script src="http://%s/srp-test/javascript/jsbn.js"></script>
-    <script src="http://%s/srp-test/javascript/jsbn2.js"></script>
-    <script src="http://%s/srp-test/javascript/srp.js"></script>
-    <script type="text/javascript">
-function register()
-{
-    if(document.getElementById("confirm_password").value != document.getElementById("srp_password").value)
-        alert("Passwords do not match");
-    else if(document.getElementById("srp_password").value == "")
-        alert("Password cannot be blank");
-    else
-    {
-        var username = document.getElementById("srp_username").value;
-        var password = document.getElementById("srp_password").value;
-        var url = window.location.protocol+"//"+window.location.host+"/srp/";
-        srp = new SRP(username, password, "django", url);
-        srp.success = function()
-        {
-            alert("We win");
-        };
-        srp.register();
-    }
-    return false;
-};
-function srp_success()
-{
-    alert("Authentication successful.");
-};
-    </script>
- </head>
- <body>
-    <form action="." onsubmit="return register()">
-    <table>
-    <tr><td>Username:</td><td><input type="text" id="srp_username" /></td></tr>
-    <tr><td>Password:</td><td><input type="password" id="srp_password" /></td></tr>
-    <tr><td>Confirm:</td><td><input type="password" id="confirm_password" /></td></tr>
-    </table>
-    <input type="submit"/>
-    </form>
- </body>
-</html>""" % (request.get_host(), request.get_host(), request.get_host(),request.get_host(), request.get_host(), request.get_host()))
+    from django.shortcuts import render_to_response
+    return render_to_response('register.html',{'static_files': "http://%s/srp-test/javascript" % request.get_host()})
 
 ###
 ### User Registration
diff --git a/django/srpproject/templates/login.html b/django/srpproject/templates/login.html
new file mode 100644
index 0000000..f949663
--- /dev/null
+++ b/django/srpproject/templates/login.html
@@ -0,0 +1,34 @@
+<html>
+ <head>
+    <script src="{{ static_files }}/SHA256.js"></script>
+    <script src="{{ static_files }}/prng4.js"></script>
+    <script src="{{ static_files }}/rng.js"></script>
+    <script src="{{ static_files }}/jsbn.js"></script>
+    <script src="{{ static_files }}/jsbn2.js"></script>
+    <script src="{{ static_files }}/srp.js"></script>
+    <script type="text/javascript">
+    function login()
+    {
+        var username = document.getElementById("srp_username").value;
+        var password = document.getElementById("srp_password").value;
+        var url = window.location.protocol+"//"+window.location.host+"/srp/";
+        srp = new SRP(username, password, "django", url);
+        srp.success = function()
+        {
+            alert("We win");
+        };
+        srp.identify();
+        return false;
+    }
+    </script>
+ </head>
+ <body>
+    <form action="." onsubmit="return login()">
+    <table>
+    <tr><td>Username:</td><td><input type="text" id="srp_username" /></td></tr>
+    <tr><td>Password:</td><td><input type="password" id="srp_password" /></td></tr>
+    </table>
+    <input type="submit"/>
+    </form>
+ </body>
+</html>
diff --git a/django/srpproject/templates/register.html b/django/srpproject/templates/register.html
new file mode 100644
index 0000000..82ce61e
--- /dev/null
+++ b/django/srpproject/templates/register.html
@@ -0,0 +1,42 @@
+<html>
+ <head>
+    <script src="{{ static_files }}/SHA256.js"></script>
+    <script src="{{ static_files }}/prng4.js"></script>
+    <script src="{{ static_files }}/rng.js"></script>
+    <script src="{{ static_files }}/jsbn.js"></script>
+    <script src="{{ static_files }}/jsbn2.js"></script>
+    <script src="{{ static_files }}/srp.js"></script>
+    <script type="text/javascript">
+    function register()
+    {
+        if(document.getElementById("confirm_password").value != document.getElementById("srp_password").value)
+            alert("Passwords do not match");
+        else if(document.getElementById("srp_password").value == "")
+            alert("Password cannot be blank");
+        else
+        {
+            var username = document.getElementById("srp_username").value;
+            var password = document.getElementById("srp_password").value;
+            var url = window.location.protocol+"//"+window.location.host+"/srp/";
+            srp = new SRP(username, password, "django", url);
+            srp.success = function()
+            {
+                alert("We win");
+            };
+            srp.register();
+        }
+        return false;
+    };
+    </script>
+ </head>
+ <body>
+    <form action="." onsubmit="return register()">
+    <table>
+    <tr><td>Username:</td><td><input type="text" id="srp_username" /></td></tr>
+    <tr><td>Password:</td><td><input type="password" id="srp_password" /></td></tr>
+    <tr><td>Confirm:</td><td><input type="password" id="confirm_password" /></td></tr>
+    </table>
+    <input type="submit"/>
+    </form>
+ </body>
+</html>
diff --git a/javascript/srp.js b/javascript/srp.js
index a1bddff..0eff0ad 100644
--- a/javascript/srp.js
+++ b/javascript/srp.js
@@ -22,6 +22,7 @@ function SRP(username, password, ser, base_url)
     var url = base_url;
     var server = ser;
     var that = this;
+    var authenticated = false;
     
     function paths(str)
     {
@@ -160,7 +161,10 @@ function SRP(username, password, ser, base_url)
             if(xhr.responseXML.getElementsByTagName("M").length > 0)
 		    {
 		        if(innerxml(xhr.responseXML.getElementsByTagName("M")[0]) == M2)
+		        {
 		            that.success();
+	                authenticated = true;
+	            }
 		        else
 		            that.error_message("Server key does not match");
 		    }
@@ -170,6 +174,19 @@ function SRP(username, password, ser, base_url)
 		    }
         }
     };
+    this.key = function()
+    {
+        if(K == null)
+            if(authenticated)
+            {
+                K = SHA256(S);
+                return K;
+            }
+            else
+                that.error_message("User has not been authenticated.");
+        else
+            return K;
+    }
     this.success = function()
     {
         alert("Authentication successful.");
author	ausiv4 <ausiv4@eb105b4a-77de-11de-a249-6bf219df57d5>	2009-07-25 17:13:27 +0000
committer	ausiv4 <ausiv4@eb105b4a-77de-11de-a249-6bf219df57d5>	2009-07-25 17:13:27 +0000
commit	422e476f496d944f0713484cbe0ee11b180cb12d (patch)
tree	3e2bc0bacfd168f0cc95ea93b4f68d0128271c35
parent	c83993abf777096e8d174d2162d0974f11758797 (diff)