diff options
author | Azul <azul@riseup.net> | 2012-08-04 16:41:01 +0200 |
---|---|---|
committer | Azul <azul@riseup.net> | 2012-08-04 16:41:01 +0200 |
commit | da8f6025900740684bc81e9a7c22f6a83ed48d79 (patch) | |
tree | 5ec6a29a30c5078c680da1751036d1c5f05e5b98 | |
parent | f0b308e4081a4c804da4f7bfbe4802a8999d4c26 (diff) |
started implementing a restful signup
-rw-r--r-- | lib/jqueryRest.js | 11 | ||||
-rw-r--r-- | lib/plainXHR.js | 8 | ||||
-rw-r--r-- | lib/srp.js | 12 | ||||
-rw-r--r-- | lib/srp_register.js | 6 | ||||
-rw-r--r-- | spec/django/signup.js | 2 | ||||
-rw-r--r-- | spec/restful/.login.js.swp | bin | 12288 -> 0 bytes | |||
-rw-r--r-- | spec/restful/.signup.js.swp | bin | 12288 -> 0 bytes | |||
-rw-r--r-- | spec/restful/signup.js | 37 |
8 files changed, 26 insertions, 50 deletions
diff --git a/lib/jqueryRest.js b/lib/jqueryRest.js index 926dc6c..84a9731 100644 --- a/lib/jqueryRest.js +++ b/lib/jqueryRest.js @@ -90,13 +90,16 @@ jqueryRest = function() { return response; }; - function register(I, callback) + // we do not fetch the salt from the server + function register(session, callback) { - this.ajaxRequest("register/salt/", "I="+I, callback); + callback({salt: session.getSalt()}); } - function sendVerifier(v, callback) { - this.ajaxRequest("register/user/", "v="+v, callback); + function sendVerifier(session, callback) { + this.ajaxRequest("users", "user[login]=" + session.getI() + + "&user[password_salt]=" + session.getSalt() + + "&user[password_verifier]=" + session.getV().toString(16), callback); } function handshake(I, Astr, callback) { diff --git a/lib/plainXHR.js b/lib/plainXHR.js index 44ee5df..67d8137 100644 --- a/lib/plainXHR.js +++ b/lib/plainXHR.js @@ -90,13 +90,13 @@ plainXHR = function() { return response; }; - function register(I, callback) + function register(session, callback) { - this.ajaxRequest("register/salt/", "I="+I, callback); + this.ajaxRequest("register/salt/", "I="+session.getI(), callback); } - function sendVerifier(v, callback) { - this.ajaxRequest("register/user/", "v="+v, callback); + function sendVerifier(session, callback) { + this.ajaxRequest("register/user/", "v="+session.getV().toString(16), callback); } function handshake(I, Astr, callback) { @@ -22,6 +22,8 @@ function SRP(remote) var authenticated = false; var I = document.getElementById("srp_username").value; var p = document.getElementById("srp_password").value; + var V; + var salt; remote = remote || plainXHR(); // *** Accessor methods *** @@ -43,8 +45,9 @@ function SRP(remote) }; // some 16 byte random number - this.salt = function() { - return new BigInteger(64, rng).toString(16); + this.getSalt = function() { + salt = salt || new BigInteger(64, rng).toString(16); + return salt } // Returns the BigInteger, g @@ -65,9 +68,10 @@ function SRP(remote) return new BigInteger(SHA256(s + SHA256(I + ":" + p)), 16); }; - this.calcV = function(salt) + this.getV = function(salt) { - return this.getg().modPow(this.calcX(salt), this.getN()); + V = V || this.getg().modPow(this.calcX(salt), this.getN()); + return V; } // Check whether or not a variable is defined diff --git a/lib/srp_register.js b/lib/srp_register.js index 8365fed..5f9da36 100644 --- a/lib/srp_register.js +++ b/lib/srp_register.js @@ -6,7 +6,7 @@ function SRP_REGISTER() SRP.prototype.register = function() { session = this; - this.remote.register(this.getI(), session.register_receive_salt); + this.remote.register(session, session.register_receive_salt); }; // Receive the salt for registration @@ -15,8 +15,8 @@ function SRP_REGISTER() if(response.salt) { var s = response.salt; - var v = session.calcV(s); - session.remote.register_send_verifier(v.toString(16), session.registered_user); + var v = session.getV(s); + session.remote.register_send_verifier(session, session.registered_user); } else if(response.error) { diff --git a/spec/django/signup.js b/spec/django/signup.js index b38778a..08a9b64 100644 --- a/spec/django/signup.js +++ b/spec/django/signup.js @@ -28,7 +28,7 @@ describe("Signup", function() { this.srp.register(); this.expectRequest('register/salt/', "I=user") this.respondXML("<salt>5d3055e0acd3ddcfc15</salt>"); - expect(callback).toHaveBeenCalledWith("adcd57b4a4a05c2e205b0b7b30014d9ff635d8d8db2f502f08e9b9c132800c44", this.srp.registered_user); + expect(callback).toHaveBeenCalledWith(this.srp, this.srp.registered_user); }); it("identifies after successful registration (INTEGRATION)", function(){ diff --git a/spec/restful/.login.js.swp b/spec/restful/.login.js.swp Binary files differdeleted file mode 100644 index 7a6e842..0000000 --- a/spec/restful/.login.js.swp +++ /dev/null diff --git a/spec/restful/.signup.js.swp b/spec/restful/.signup.js.swp Binary files differdeleted file mode 100644 index 686174a..0000000 --- a/spec/restful/.signup.js.swp +++ /dev/null diff --git a/spec/restful/signup.js b/spec/restful/signup.js index 26e97b5..b1ed7e8 100644 --- a/spec/restful/signup.js +++ b/spec/restful/signup.js @@ -13,47 +13,16 @@ describe("Signup", function() { expect(typeof this.srp.register).toBe('function'); }); - it("fetches a salt from /register/salt", function(){ - var callback = sinon.spy(); - this.srp.register_receive_salt = callback; - this.srp.register(); - this.expectRequest('register/salt/', "I=user") - this.respondXML("<salt>5d3055e0acd3ddcfc15</salt>"); - expect(callback.called).toBeTruthy(); - }); - - it("receives the salt from /register/salt", function(){ - var callback = sinon.spy(); - this.srp.remote.register_send_verifier = callback; - this.srp.register(); - this.expectRequest('register/salt/', "I=user") - this.respondXML("<salt>5d3055e0acd3ddcfc15</salt>"); - expect(callback).toHaveBeenCalledWith("adcd57b4a4a05c2e205b0b7b30014d9ff635d8d8db2f502f08e9b9c132800c44", this.srp.registered_user); - }); - it("identifies after successful registration (INTEGRATION)", function(){ var callback = sinon.spy(); this.srp.identify = callback; + this.srp.getSalt = function() {return "5d3055e0acd3ddcfc15"}; this.srp.register(); - this.expectRequest('register/salt/', "I=user") - this.respondXML("<salt>5d3055e0acd3ddcfc15</salt>"); - this.expectRequest('register/user/', "v=adcd57b4a4a05c2e205b0b7b30014d9ff635d8d8db2f502f08e9b9c132800c44"); - this.respondXML("<ok />"); + this.expectRequest('users', "user[login]=user&user[password_salt]=5d3055e0acd3ddcfc15&user[password_verifier]=adcd57b4a4a05c2e205b0b7b30014d9ff635d8d8db2f502f08e9b9c132800c44") + this.respondJSON({password_salt: "5d3055e0acd3ddcfc15", login: "user", ok: "true"}); expect(callback).toHaveBeenCalled(); }); - it("identifies after successful registration with JSON (INTEGRATION)", function(){ - var callback = sinon.spy(); - this.srp.identify = callback; - this.srp.register(); - this.expectRequest('register/salt/', "I=user") - this.respondJSON({salt: "5d3055e0acd3ddcfc15"}); - this.expectRequest('register/user/', "v=adcd57b4a4a05c2e205b0b7b30014d9ff635d8d8db2f502f08e9b9c132800c44"); - this.respondJSON({ok: true}); - expect(callback).toHaveBeenCalled(); - }); - - }); |