diff options
author | Azul <azul@riseup.net> | 2012-08-04 16:41:01 +0200 |
---|---|---|
committer | Azul <azul@riseup.net> | 2012-08-04 16:41:01 +0200 |
commit | da8f6025900740684bc81e9a7c22f6a83ed48d79 (patch) | |
tree | 5ec6a29a30c5078c680da1751036d1c5f05e5b98 /lib | |
parent | f0b308e4081a4c804da4f7bfbe4802a8999d4c26 (diff) |
started implementing a restful signup
Diffstat (limited to 'lib')
-rw-r--r-- | lib/jqueryRest.js | 11 | ||||
-rw-r--r-- | lib/plainXHR.js | 8 | ||||
-rw-r--r-- | lib/srp.js | 12 | ||||
-rw-r--r-- | lib/srp_register.js | 6 |
4 files changed, 22 insertions, 15 deletions
diff --git a/lib/jqueryRest.js b/lib/jqueryRest.js index 926dc6c..84a9731 100644 --- a/lib/jqueryRest.js +++ b/lib/jqueryRest.js @@ -90,13 +90,16 @@ jqueryRest = function() { return response; }; - function register(I, callback) + // we do not fetch the salt from the server + function register(session, callback) { - this.ajaxRequest("register/salt/", "I="+I, callback); + callback({salt: session.getSalt()}); } - function sendVerifier(v, callback) { - this.ajaxRequest("register/user/", "v="+v, callback); + function sendVerifier(session, callback) { + this.ajaxRequest("users", "user[login]=" + session.getI() + + "&user[password_salt]=" + session.getSalt() + + "&user[password_verifier]=" + session.getV().toString(16), callback); } function handshake(I, Astr, callback) { diff --git a/lib/plainXHR.js b/lib/plainXHR.js index 44ee5df..67d8137 100644 --- a/lib/plainXHR.js +++ b/lib/plainXHR.js @@ -90,13 +90,13 @@ plainXHR = function() { return response; }; - function register(I, callback) + function register(session, callback) { - this.ajaxRequest("register/salt/", "I="+I, callback); + this.ajaxRequest("register/salt/", "I="+session.getI(), callback); } - function sendVerifier(v, callback) { - this.ajaxRequest("register/user/", "v="+v, callback); + function sendVerifier(session, callback) { + this.ajaxRequest("register/user/", "v="+session.getV().toString(16), callback); } function handshake(I, Astr, callback) { @@ -22,6 +22,8 @@ function SRP(remote) var authenticated = false; var I = document.getElementById("srp_username").value; var p = document.getElementById("srp_password").value; + var V; + var salt; remote = remote || plainXHR(); // *** Accessor methods *** @@ -43,8 +45,9 @@ function SRP(remote) }; // some 16 byte random number - this.salt = function() { - return new BigInteger(64, rng).toString(16); + this.getSalt = function() { + salt = salt || new BigInteger(64, rng).toString(16); + return salt } // Returns the BigInteger, g @@ -65,9 +68,10 @@ function SRP(remote) return new BigInteger(SHA256(s + SHA256(I + ":" + p)), 16); }; - this.calcV = function(salt) + this.getV = function(salt) { - return this.getg().modPow(this.calcX(salt), this.getN()); + V = V || this.getg().modPow(this.calcX(salt), this.getN()); + return V; } // Check whether or not a variable is defined diff --git a/lib/srp_register.js b/lib/srp_register.js index 8365fed..5f9da36 100644 --- a/lib/srp_register.js +++ b/lib/srp_register.js @@ -6,7 +6,7 @@ function SRP_REGISTER() SRP.prototype.register = function() { session = this; - this.remote.register(this.getI(), session.register_receive_salt); + this.remote.register(session, session.register_receive_salt); }; // Receive the salt for registration @@ -15,8 +15,8 @@ function SRP_REGISTER() if(response.salt) { var s = response.salt; - var v = session.calcV(s); - session.remote.register_send_verifier(v.toString(16), session.registered_user); + var v = session.getV(s); + session.remote.register_send_verifier(session, session.registered_user); } else if(response.error) { |