diff options
| author | Azul <azul@riseup.net> | 2012-08-21 17:59:11 +0200 |
|---|---|---|
| committer | Azul <azul@riseup.net> | 2012-08-21 17:59:45 +0200 |
| commit | 0461d76899379cb1e2ecd15456d2e6eb4fb8fa60 (patch) | |
| tree | 1994adec7dd4c817f6419ea65efe96ce415bad82 /src/srp.js | |
| parent | d5e30a95e09bab18a55f9aad1572b6ae3e16e482 (diff) | |
moved srp-js files from lib to src
Diffstat (limited to 'src/srp.js')
| -rw-r--r-- | src/srp.js | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/src/srp.js b/src/srp.js new file mode 100644 index 0000000..972b211 --- /dev/null +++ b/src/srp.js @@ -0,0 +1,76 @@ +function SRP(remote, session) +{ + var srp = this; + session = session || new this.Session(); + remote = remote || new this.Remote(); + remote.onError = remote.onError || this.error; + session.onError = session.onError || this.error; + this.remote = remote; + this.session = session; + + // Start the login process by identifying the user + this.identify = function() + { + remote.handshake(session, receive_salts); + + // Receive login salts from the server, start calculations + function receive_salts(response) + { + // B = 0 will make the algorithm always succeed + // -> refuse such a server answer + if(response.B === 0) { + srp.error("Server send random number 0 - this is not allowed"); + } else { + session.calculations(response.s, response.B); + remote.authenticate(session, confirm_authentication); + } + } + + // Receive M2 from the server and verify it + // If an error occurs, raise it as an alert. + function confirm_authentication(response) + { + if (session.validate(response.M)) + srp.success(); + else + srp.error("Server key does not match"); + }; + }; + + // Initiate the registration process + this.register = function() + { + remote.register(session, srp.registered_user); + }; + + // The user has been registered successfully, now login + this.registered_user = function(response) + { + if(response.ok) + { + srp.identify(); + } + }; + + // Minimal error handling - set remote.onError to sth better to overwrite. + this.error = function(text) + { + alert(text); + }; + + // This function is called when authentication is successful. + // Developers can set this to other functions in specific implementations + // and change the functionality. + this.success = function() + { + var forward_url = document.getElementById("srp_forward").value; + if(forward_url.charAt(0) != "#") + window.location = forward_url; + else + { + window.location = forward_url; + alert("Login successful."); + } + }; +}; + |