diff options
author | Azul <azul@riseup.net> | 2012-11-20 10:51:54 +0100 |
---|---|---|
committer | Azul <azul@riseup.net> | 2012-11-20 10:51:54 +0100 |
commit | 555491c4420a3b8b23b74fb081b76a5bf7778049 (patch) | |
tree | fd280571682a640d248c6b714c2831633031052c /src/jqueryRest.js | |
parent | 2859af0287d7672df0a8965be43fb9859fca8bf8 (diff) | |
parent | 082f859bbdaedf4f03eb85aea9b8f88ffda2fe6d (diff) |
Merge branch 'feature/clean-srp' into develop
Diffstat (limited to 'src/jqueryRest.js')
-rw-r--r-- | src/jqueryRest.js | 101 |
1 files changed, 69 insertions, 32 deletions
diff --git a/src/jqueryRest.js b/src/jqueryRest.js index 54a0908..c439f67 100644 --- a/src/jqueryRest.js +++ b/src/jqueryRest.js @@ -1,38 +1,75 @@ -jqueryRest = function() { +srp.remote = (function(){ + var jqueryRest = (function() { - // we do not fetch the salt from the server - function register(session, callback) - { - sendVerifier(session, callback); - } + // we do not fetch the salt from the server + function register(session) { + return $.post("users.json", { user: session.signup() }); + } - function sendVerifier(session, callback) { - var salt = session.getSalt(); - $.post("users.json", { user: - { login: session.getI(), - password_salt: salt, - password_verifier: session.getV(salt).toString(16)} - }, callback); - } + function handshake(session) { + return $.post("sessions.json", session.handshake()); + } - function handshake(session, callback) { - $.post("sessions.json", { login: session.getI(), - A: session.getAstr()}, callback); - } + function authenticate(session) { + return $.ajax({ + url: "sessions/" + session.getI() + ".json", + type: 'PUT', + data: {client_auth: session.getM()} + }); + } - function authenticate(session, success) { - $.ajax({ - url: "sessions/" + session.getI() + ".json", - type: 'PUT', - data: {client_auth: session.getM()}, - success: success - }); - } + return { + register: register, + handshake: handshake, + authenticate: authenticate + }; + }()); - return { - register: register, - register_send_verifier: sendVerifier, - handshake: handshake, - authenticate: authenticate + + function signup(){ + jqueryRest.register(srp.session) + .success(srp.signedUp) + .error(srp.error) }; -}; + + function login(){ + jqueryRest.handshake(srp.session) + .success(receiveSalts) + .error(srp.error) + }; + + function receiveSalts(response){ + // B = 0 will make the algorithm always succeed + // -> refuse such a server answer + if(response.B === 0) { + srp.error("Server send random number 0 - could not login."); + } + else if(! response.salt || response.salt === 0) { + srp.error("Server failed to send salt - could not login."); + } + else + { + srp.session.calculations(response.salt, response.B); + jqueryRest.authenticate(srp.session) + .success(confirmAuthentication) + .error(srp.error); + } + }; + + // Receive M2 from the server and verify it + // If an error occurs, raise it as an alert. + function confirmAuthentication(response) + { + if (srp.session.validate(response.M2)) + srp.loggedIn(); + else + srp.error("Server key does not match"); + }; + + + return { + signup: signup, + login: login + } + +}()); |