diff options
author | Azul <azul@riseup.net> | 2012-11-09 15:04:48 +0100 |
---|---|---|
committer | Azul <azul@riseup.net> | 2012-11-09 15:04:48 +0100 |
commit | efac662cdf31bc4b61ffb97b8c398e22a86c364b (patch) | |
tree | 9425985dd194b5026151a0935d98e50e010c4d22 /src/srp.js | |
parent | 3bf101bc1ef3b5a58fe2f1e2a2e7a681f6de6c09 (diff) | |
parent | 23350b54ec2723e1b2e333626567c9fe9d1e2644 (diff) |
Merge branch 'master' into feature-updated_json_api
Diffstat (limited to 'src/srp.js')
-rw-r--r-- | src/srp.js | 46 |
1 files changed, 28 insertions, 18 deletions
@@ -9,8 +9,9 @@ function SRP(remote, session) this.session = session; // Start the login process by identifying the user - this.identify = function() + this.identify = function(success, error) { + store_callbacks(success, error); remote.handshake(session, receive_salts); // Receive login salts from the server, start calculations @@ -19,9 +20,14 @@ function SRP(remote, session) // B = 0 will make the algorithm always succeed // -> refuse such a server answer if(response.B === 0) { - srp.error("Server send random number 0 - this is not allowed"); - } else { - session.calculations(response.s, response.B); + srp.error("Server send random number 0 - could not login."); + } + else if(! response.salt || response.salt === 0) { + srp.error("Server failed to send salt - could not login."); + } + else + { + session.calculations(response.salt, response.B); remote.authenticate(session, confirm_authentication); } } @@ -30,7 +36,7 @@ function SRP(remote, session) // If an error occurs, raise it as an alert. function confirm_authentication(response) { - if (session.validate(response.M)) + if (session.validate(response.M2)) srp.success(); else srp.error("Server key does not match"); @@ -38,16 +44,19 @@ function SRP(remote, session) }; // Initiate the registration process - this.register = function() + this.register = function(success, error) { + store_callbacks(success, error); remote.register(session, srp.registered_user); }; // The user has been registered successfully, now login this.registered_user = function(response) { - if(response.ok) - { + if(response.errors) { + srp.error(response.errors) + } + else { srp.identify(); } }; @@ -59,18 +68,19 @@ function SRP(remote, session) }; // This function is called when authentication is successful. - // Developers can set this to other functions in specific implementations - // and change the functionality. + // It's a dummy. Please hand the real thing to the call to identify. this.success = function() { - var forward_url = document.getElementById("srp_forward").value; - if(forward_url.charAt(0) != "#") - window.location = forward_url; - else - { - window.location = forward_url; - alert("Login successful."); - } + alert("Login successful."); }; + + function store_callbacks(success, error) { + if (typeof success == "function") { + srp.success = success; + } + if (typeof error == "function") { + srp.error = error; + } + } }; |