| Age | Commit message (Collapse) | Author |
|---|
|
upgrade to SRP.
Currently, I've added functionality that will allow the importation of hash.min.js. This is made possible by some code that executes when the
script is loaded. This particular code doesn't pack properly, so currently I'm having the pack script append it to the end (unpacked).
This requires that clients use the packed version for two reasons. First, the unpacked code lacks the function that gets the source path. Second,
it loads hash.min.js. The first problem can be fixed if I can figure out how to get the code to pack properly. The second problem can be solved
by checking whether the current script is "srp.js" or "srp.min.js", and loading either (MD5.js & SHA1.js) or hash.min.js respectively.
Next we will need to write code where the server detects users who exist in the auth.models.User table, but not the srp.models.User table.
|
|
|
|
files. Instead of sending 6 javascript files totaling about 50KB, we
now send 1 file totaling 21.1KB.
After modifying any javascript files, run build-pack.sh to update
srp.min.js.
The login.html and register.html templates have been changed to send
the one packed file. The file srp.js was modified so that it would pack
properly.
Necessary files from the perl version of packer are included, but they
shouldn't be included on production web servers. The packer files are
released under the LGPL.
|
|
Also added a 'key' function to the SRP javascript library, in case anyone wants to use K for encrypting communications.
|
|
minor errors in the library, which have also been addressed.
|
|
as a class. It is instantiated by:
var srp = new SRP(username, password, server_type, base_url);
Then it is run by calling:
srp.register()
to register a new user, and
srp.identify()
to authenticate an existing user. By default, a successful
identification pops up an alert reading "Authentication Successful."
To change this, set srp.success to a function. For example,
srp.success = function()
{
alert("We win!");
}
The same is true for error messages. By default, the SRP library sends
the message to the user as an alert box, but web designers can replace
the srp.error_message function to handle the error messages differently.
The most significant part of making the SRP library into a class is that
it cleans up the namespace. Instead of having tons of srp_Variables, we
only add the SRP() function to the namespace, and all other variables
are either private, public, or protected members of that class.
A few minor edits were made to views.py to support logging in with the
modified library. I haven't made the modifications to register yet, so
it won't work for this revision. Oops.
|
|
|
|
|
|
|
|
|
