started implementing a restful signup

author: Azul <azul@riseup.net> 2012-08-04 16:41:01 +0200
committer: Azul <azul@riseup.net> 2012-08-04 16:41:01 +0200
commit: da8f6025900740684bc81e9a7c22f6a83ed48d79 (patch)
tree: 5ec6a29a30c5078c680da1751036d1c5f05e5b98
parent: f0b308e4081a4c804da4f7bfbe4802a8999d4c26 (diff)
8 files changed, 26 insertions, 50 deletions
diff --git a/lib/jqueryRest.js b/lib/jqueryRest.js
index 926dc6c..84a9731 100644
--- a/lib/jqueryRest.js
+++ b/lib/jqueryRest.js
@@ -90,13 +90,16 @@ jqueryRest = function() {
     return response;
   };
 
-  function register(I, callback)
+  // we do not fetch the salt from the server
+  function register(session, callback)
   {
-    this.ajaxRequest("register/salt/", "I="+I, callback);
+    callback({salt: session.getSalt()});
   }
 
-  function sendVerifier(v, callback) {
-    this.ajaxRequest("register/user/", "v="+v, callback);
+  function sendVerifier(session, callback) {
+    this.ajaxRequest("users", "user[login]=" + session.getI() +
+      "&user[password_salt]=" + session.getSalt() +
+      "&user[password_verifier]=" + session.getV().toString(16), callback);
   }
 
   function handshake(I, Astr, callback) {
diff --git a/lib/plainXHR.js b/lib/plainXHR.js
index 44ee5df..67d8137 100644
--- a/lib/plainXHR.js
+++ b/lib/plainXHR.js
@@ -90,13 +90,13 @@ plainXHR = function() {
     return response;
   };
 
-  function register(I, callback)
+  function register(session, callback)
   {
-    this.ajaxRequest("register/salt/", "I="+I, callback);
+    this.ajaxRequest("register/salt/", "I="+session.getI(), callback);
   }
 
-  function sendVerifier(v, callback) {
-    this.ajaxRequest("register/user/", "v="+v, callback);
+  function sendVerifier(session, callback) {
+    this.ajaxRequest("register/user/", "v="+session.getV().toString(16), callback);
   }
 
   function handshake(I, Astr, callback) {
diff --git a/lib/srp.js b/lib/srp.js
index a5a2c14..8cb0c03 100644
--- a/lib/srp.js
+++ b/lib/srp.js
@@ -22,6 +22,8 @@ function SRP(remote)
   var authenticated = false;
   var I = document.getElementById("srp_username").value;
   var p = document.getElementById("srp_password").value;
+  var V;
+  var salt;
   remote = remote || plainXHR();
 
   // *** Accessor methods ***
@@ -43,8 +45,9 @@ function SRP(remote)
   };
 
   // some 16 byte random number
-  this.salt = function() {
-    return new BigInteger(64, rng).toString(16);
+  this.getSalt = function() {
+    salt = salt || new BigInteger(64, rng).toString(16);
+    return salt
   }
 
   // Returns the BigInteger, g
@@ -65,9 +68,10 @@ function SRP(remote)
     return new BigInteger(SHA256(s + SHA256(I + ":" + p)), 16);
   };
 
-  this.calcV = function(salt)
+  this.getV = function(salt)
   {
-    return this.getg().modPow(this.calcX(salt), this.getN());
+    V = V || this.getg().modPow(this.calcX(salt), this.getN());
+    return V;
   }
 
   // Check whether or not a variable is defined
diff --git a/lib/srp_register.js b/lib/srp_register.js
index 8365fed..5f9da36 100644
--- a/lib/srp_register.js
+++ b/lib/srp_register.js
@@ -6,7 +6,7 @@ function SRP_REGISTER()
   SRP.prototype.register = function()
   {
     session = this;
-    this.remote.register(this.getI(), session.register_receive_salt);
+    this.remote.register(session, session.register_receive_salt);
   };
 
   // Receive the salt for registration
@@ -15,8 +15,8 @@ function SRP_REGISTER()
     if(response.salt)
     {
       var s = response.salt;
-      var v = session.calcV(s);
-      session.remote.register_send_verifier(v.toString(16), session.registered_user);
+      var v = session.getV(s);
+      session.remote.register_send_verifier(session, session.registered_user);
     }
     else if(response.error)
     {
diff --git a/spec/django/signup.js b/spec/django/signup.js
index b38778a..08a9b64 100644
--- a/spec/django/signup.js
+++ b/spec/django/signup.js
@@ -28,7 +28,7 @@ describe("Signup", function() {
     this.srp.register();
     this.expectRequest('register/salt/', "I=user")
     this.respondXML("<salt>5d3055e0acd3ddcfc15</salt>");
-    expect(callback).toHaveBeenCalledWith("adcd57b4a4a05c2e205b0b7b30014d9ff635d8d8db2f502f08e9b9c132800c44", this.srp.registered_user);
+    expect(callback).toHaveBeenCalledWith(this.srp, this.srp.registered_user);
   });
 
   it("identifies after successful registration (INTEGRATION)", function(){
diff --git a/spec/restful/.login.js.swp b/spec/restful/.login.js.swp
deleted file mode 100644
index 7a6e842..0000000
--- a/spec/restful/.login.js.swp
+++ /dev/null
diff --git a/spec/restful/.signup.js.swp b/spec/restful/.signup.js.swp
deleted file mode 100644
index 686174a..0000000
--- a/spec/restful/.signup.js.swp
+++ /dev/null
diff --git a/spec/restful/signup.js b/spec/restful/signup.js
index 26e97b5..b1ed7e8 100644
--- a/spec/restful/signup.js
+++ b/spec/restful/signup.js
@@ -13,47 +13,16 @@ describe("Signup", function() {
     expect(typeof this.srp.register).toBe('function');
   });
 
-  it("fetches a salt from /register/salt", function(){
-    var callback = sinon.spy();
-    this.srp.register_receive_salt = callback;
-    this.srp.register();
-    this.expectRequest('register/salt/', "I=user")
-    this.respondXML("<salt>5d3055e0acd3ddcfc15</salt>");
-    expect(callback.called).toBeTruthy();
-  });
-
-  it("receives the salt from /register/salt", function(){
-    var callback = sinon.spy();
-    this.srp.remote.register_send_verifier = callback;
-    this.srp.register();
-    this.expectRequest('register/salt/', "I=user")
-    this.respondXML("<salt>5d3055e0acd3ddcfc15</salt>");
-    expect(callback).toHaveBeenCalledWith("adcd57b4a4a05c2e205b0b7b30014d9ff635d8d8db2f502f08e9b9c132800c44", this.srp.registered_user);
-  });
-
   it("identifies after successful registration (INTEGRATION)", function(){
     var callback = sinon.spy();
     this.srp.identify = callback;
+    this.srp.getSalt = function() {return "5d3055e0acd3ddcfc15"};
     this.srp.register();
-    this.expectRequest('register/salt/', "I=user")
-    this.respondXML("<salt>5d3055e0acd3ddcfc15</salt>");
-    this.expectRequest('register/user/', "v=adcd57b4a4a05c2e205b0b7b30014d9ff635d8d8db2f502f08e9b9c132800c44");
-    this.respondXML("<ok />");
+    this.expectRequest('users', "user[login]=user&user[password_salt]=5d3055e0acd3ddcfc15&user[password_verifier]=adcd57b4a4a05c2e205b0b7b30014d9ff635d8d8db2f502f08e9b9c132800c44")
+    this.respondJSON({password_salt: "5d3055e0acd3ddcfc15", login: "user", ok: "true"});
     expect(callback).toHaveBeenCalled();
   });
 
-  it("identifies after successful registration with JSON (INTEGRATION)", function(){
-    var callback = sinon.spy();
-    this.srp.identify = callback;
-    this.srp.register();
-    this.expectRequest('register/salt/', "I=user")
-    this.respondJSON({salt: "5d3055e0acd3ddcfc15"});
-    this.expectRequest('register/user/', "v=adcd57b4a4a05c2e205b0b7b30014d9ff635d8d8db2f502f08e9b9c132800c44");
-    this.respondJSON({ok: true});
-    expect(callback).toHaveBeenCalled();
-  });
-
-
 });
author	Azul <azul@riseup.net>	2012-08-04 16:41:01 +0200
committer	Azul <azul@riseup.net>	2012-08-04 16:41:01 +0200
commit	da8f6025900740684bc81e9a7c22f6a83ed48d79 (patch)
tree	5ec6a29a30c5078c680da1751036d1c5f05e5b98
parent	f0b308e4081a4c804da4f7bfbe4802a8999d4c26 (diff)