From da8f6025900740684bc81e9a7c22f6a83ed48d79 Mon Sep 17 00:00:00 2001
From: Azul <azul@riseup.net>
Date: Sat, 4 Aug 2012 16:41:01 +0200
Subject: started implementing a restful signup

---
 lib/jqueryRest.js   | 11 +++++++----
 lib/plainXHR.js     |  8 ++++----
 lib/srp.js          | 12 ++++++++----
 lib/srp_register.js |  6 +++---
 4 files changed, 22 insertions(+), 15 deletions(-)

(limited to 'lib')

diff --git a/lib/jqueryRest.js b/lib/jqueryRest.js
index 926dc6c..84a9731 100644
--- a/lib/jqueryRest.js
+++ b/lib/jqueryRest.js
@@ -90,13 +90,16 @@ jqueryRest = function() {
     return response;
   };
 
-  function register(I, callback)
+  // we do not fetch the salt from the server
+  function register(session, callback)
   {
-    this.ajaxRequest("register/salt/", "I="+I, callback);
+    callback({salt: session.getSalt()});
   }
 
-  function sendVerifier(v, callback) {
-    this.ajaxRequest("register/user/", "v="+v, callback);
+  function sendVerifier(session, callback) {
+    this.ajaxRequest("users", "user[login]=" + session.getI() +
+      "&user[password_salt]=" + session.getSalt() +
+      "&user[password_verifier]=" + session.getV().toString(16), callback);
   }
 
   function handshake(I, Astr, callback) {
diff --git a/lib/plainXHR.js b/lib/plainXHR.js
index 44ee5df..67d8137 100644
--- a/lib/plainXHR.js
+++ b/lib/plainXHR.js
@@ -90,13 +90,13 @@ plainXHR = function() {
     return response;
   };
 
-  function register(I, callback)
+  function register(session, callback)
   {
-    this.ajaxRequest("register/salt/", "I="+I, callback);
+    this.ajaxRequest("register/salt/", "I="+session.getI(), callback);
   }
 
-  function sendVerifier(v, callback) {
-    this.ajaxRequest("register/user/", "v="+v, callback);
+  function sendVerifier(session, callback) {
+    this.ajaxRequest("register/user/", "v="+session.getV().toString(16), callback);
   }
 
   function handshake(I, Astr, callback) {
diff --git a/lib/srp.js b/lib/srp.js
index a5a2c14..8cb0c03 100644
--- a/lib/srp.js
+++ b/lib/srp.js
@@ -22,6 +22,8 @@ function SRP(remote)
   var authenticated = false;
   var I = document.getElementById("srp_username").value;
   var p = document.getElementById("srp_password").value;
+  var V;
+  var salt;
   remote = remote || plainXHR();
 
   // *** Accessor methods ***
@@ -43,8 +45,9 @@ function SRP(remote)
   };
 
   // some 16 byte random number
-  this.salt = function() {
-    return new BigInteger(64, rng).toString(16);
+  this.getSalt = function() {
+    salt = salt || new BigInteger(64, rng).toString(16);
+    return salt
   }
 
   // Returns the BigInteger, g
@@ -65,9 +68,10 @@ function SRP(remote)
     return new BigInteger(SHA256(s + SHA256(I + ":" + p)), 16);
   };
 
-  this.calcV = function(salt)
+  this.getV = function(salt)
   {
-    return this.getg().modPow(this.calcX(salt), this.getN());
+    V = V || this.getg().modPow(this.calcX(salt), this.getN());
+    return V;
   }
 
   // Check whether or not a variable is defined
diff --git a/lib/srp_register.js b/lib/srp_register.js
index 8365fed..5f9da36 100644
--- a/lib/srp_register.js
+++ b/lib/srp_register.js
@@ -6,7 +6,7 @@ function SRP_REGISTER()
   SRP.prototype.register = function()
   {
     session = this;
-    this.remote.register(this.getI(), session.register_receive_salt);
+    this.remote.register(session, session.register_receive_salt);
   };
 
   // Receive the salt for registration
@@ -15,8 +15,8 @@ function SRP_REGISTER()
     if(response.salt)
     {
       var s = response.salt;
-      var v = session.calcV(s);
-      session.remote.register_send_verifier(v.toString(16), session.registered_user);
+      var v = session.getV(s);
+      session.remote.register_send_verifier(session, session.registered_user);
     }
     else if(response.error)
     {
-- 
cgit v1.2.3