UNPKG

@sexycoders/libauth.js

Version:

A full service for asymetric passwordless authentication.

gitlab.com/sexycoders/libauth.js

115 lines (94 loc) 3.72 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
function retrieve_key(data) { var json_send=new Object(); json_send.command="request_private"; json_send.user=new Object(); json_send.user.id=data.email; var send=btoa(JSON.stringify(json_send)); $.ajax({ type: 'POST', headers: {"Access-Control-Allow-Origin":"http://auth-serve.localhost"}, url: window.__auth_system.auth_server, data: send, success: function(response) { //console.log("server response: "+atob(response)); var res=JSON.parse(atob(response)); window.__auth_system.set_enc_prsa(res.pRSA); window.__auth_system.KEY_SET=1; }, async:false }); } function Login(k) { var data=new Object(); data.email=($('form').serializeArray()[0].value); data.password=($('form').serializeArray()[1].value); window.__auth_system.user=data.email; if(!window.__auth_system.KEY_SET) { retrieve_key(data); } var encrypted_ssh=atob(window.__auth_system._enc_prsa); var md = forge.md.md5.create(); md.update(data.password); var decipher = forge.cipher.createDecipher('AES-CBC',md.digest().toHex()); delete md; var md = forge.md.sha256.create(); md.update(data.password); decipher.start({iv: md.digest().toHex().substring(0,16)}); decipher.update(forge.util.createBuffer(encrypted_ssh)); decipher.finish(); var decrypted = decipher.output; window.__auth_system.setpRSA(decrypted.data); //console.log("old key was:"); //console.log(decrypted); delete md; var seed=Math.floor(Math.random()*1000000000)+1; //var signature=Sign(seed,decrypted.bytes()); var signature=Sign(seed,decrypted.bytes()); //will deprecate and move to custom class var json_send=new Object(); json_send.command="request_connection"; json_send.user=new Object(); json_send.user.id=window.__auth_system.user; json_send.user.seed=seed; json_send.user.sign=btoa(signature); json_send.update=new Object(); var ssh_pass=new Object(); ssh_pass.password=data.password; //window.addEventListener("SSH_CREATE_SIG",function(){ json_send.update.pRSA=window.__auth_system._enc_prsa; json_send.update.RSA=window.__auth_system._rsa; //console.log("new key_is"); //console.log(window.__auth_system.pRSA); console.log("Json Is: "+JSON.stringify(json_send)); var send=btoa(JSON.stringify(json_send)); $.ajax({ type: 'POST', headers: {"Access-Control-Allow-Origin":"auth-serve.localhost"}, url: window.__auth_system.auth_server, data: send, success: function(response) { console.log("server response: "+atob(response)); if(data.message=="connection_refused") { alert("Authentication failed!!! Please try again!!!\nThis incident will be reported!!!"); return 1; } window.__auth_system.INIT_FLAG=1; //console.log(window.__auth_system); if(window.__auth_system.REDIRECT_FLAG==true) MOVE(window.__auth_system.parent,true); else MOVE(window.__auth_system.home,true); }, async:false }); //},{once:true}); //ssh_create(ssh_pass,true); };