summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-10-14properly treat utf8 chars in passwordAzul
utf-8 encoding used to be bundled with the SHA256 library. However we only want to utf8 encode strings that are actual user input. We do not want to encode the bytearrays that are used when hashing the hex values calculated during for SRP. So I separated the utf-8 encoding and the sha256 hashing.
2013-09-26Merge pull request #3 from azul/feature/use-token-authjessib
use token from the form to submit password update
2013-09-24use token from the form to submit password updateAzul
2013-07-12also zeroprefix the salt if neededAzul
Now what else can you possibly zeroprefix? This should be it - shouldn't it?
2013-07-12prefix incoming B tooAzul
2013-07-12also prefix our own toString(16) hex valuesAzul
2013-07-12the 0 prefix in hex is essential for building the M and M2 stringsAzul
2013-07-06Merge pull request #2 from elijh/feature/always-use-v1azul
always use the API-only controller for all requests.
2013-07-04always use the API-only controller for all requests.elijah
2013-06-24Merge pull request #1 from azul/refactor/separate-sessionjessib
Refactor/separate session
2013-06-24refactor: separate account from sessionAzul
2013-06-24refactor: rename constants to calculate and clean up hash usageAzul
2013-06-24refactor: separate calculations from sessionAzul
2013-06-24fix bug wrt zero padding of hashesAzul
2013-03-20Merge branch 'release/0.3.0'Azul
2013-03-20added version fileAzul
2013-03-20use a proper random a for the handshakeAzul
2012-11-26API: update instead of addToFormAzul
addToForm was an attempt to not use ajax but just the normal form submit. Turns out it's easy to add hidden fields to the form but quite cumbersome to remove the password fields from teh form so they are not submitted over the eventually untrusted channel. So we use ajax for updates just like for signup.
2012-11-23addToForm: add the srp signup data to an existing formAzul
2012-11-22don't cache password and loginAzul
2012-11-22catch empty responsesAzul
2012-11-22using done/fail instead of success/error, handing all properties to failAzul
2012-11-20all request should go to absolute pathsAzul
They should be independent of the url we're serving the page from
2012-11-20make sure we get the current password and loginAzul
2012-11-20make sure srp.login also works as a callbackAzul
2012-11-20sending the parsed json object to the error handlerAzul
2012-11-20Merge branch 'feature/clean-srp' into developAzul
2012-11-19further cleanupAzul
2012-11-19removed the SRP class - using just a plain srp object nowAzul
2012-11-19first step at cleaning up the srpAzul
2012-11-19works - but not quite what i want. Exposing jqXHR to error functionAzul
2012-11-14Merge branch 'release/0.2.0'Azul
2012-11-14Merge branch 'feature/cleanup-non-restful' into developAzul
2012-11-14cleaned up unused parser functionsAzul
2012-11-14removed outdated django remote and all related filesAzul
Also cleaned up the specs a bit
2012-11-12Merge branch 'feature-updated_json_api' into developAzul
2012-11-12adopting tests to new .json urlsAzul
2012-11-12specifying charset and fetching jquery remotelyAzul
This way you don't have to add jquery to the lib dir for specs to work
2012-11-09Merge branch 'master' into feature-updated_json_apiAzul
2012-10-30we're expecting json responses - so put .json in the urlAzul
2012-10-19don't expect create to return an okAzul
* it returns the user * it will return errors if sth. goes wrong.
2012-10-19require srp.js first and the remotes afterwardsAzul
2012-10-19added success and error callbacks to registerAzul
2012-10-17hand success and error messages to identify by defaultAzul
also cleaned up some other parts that were not needed anymore
2012-10-16use M2 as the key for the server authAzul
2012-10-16not caching x,V,salt to avoid conflictsAzul
2012-10-16added unit tests for session calculationsAzul
2012-10-15expecting the salt to be send with key saltAzul
2012-10-15Merge branch 'feature-jquery-remote' into developAzul
2012-10-15all rest tests passing, using proper verbsAzul
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-19 19:27:18 +0000