@sexycoders/libauth.js
Version:
A full service for asymetric passwordless authentication.
72 lines (59 loc) • 2.32 kB
JavaScript
function refresh(user)
{
var data=new Object();
data.password=($('form').serializeArray()[0].value);
window.__auth_system.user=user;
//var data=new Object();
//data.email=($('form').serializeArray()[0].value);
//data.password=($('form').serializeArray()[1].value);
if(!window.__auth_system.KEY_SET)
{
retrieve_key(data);
}
var encrypted_ssh=atob(window.__auth_system._enc_prsa);
var t=new Object();
t.md = forge.md.md5.create();
t.md.update(data.password);
var decipher = forge.cipher.createDecipher('AES-CBC',t.md.digest().toHex());
delete t.md;
t.md = forge.md.sha256.create();
t.md.update(data.password);
decipher.start({iv: t.md.digest().toHex().substring(0,16)});
decipher.update(forge.util.createBuffer(encrypted_ssh));
decipher.finish();
var decrypted = decipher.output;
window.__auth_system.setpRSA(decipher.output.bytes());
console.log(decrypted);
delete t.md;
var seed=Math.floor(Math.random()*1000000000)+1;
//var signature=Sign(seed,decrypted.bytes());
var signature=Sign(seed,decrypted.bytes());
//will deprecate and move to custom class
var json_send=new Object();
json_send.command="refresh_connection";
json_send.user=new Object();
json_send.user.id=window.__auth_system.user;
json_send.user.seed=seed;
json_send.user.sign=btoa(signature);
window.__auth_system.user=data.email;
window.pRSA=decrypted.data;
console.log("Json Is: "+JSON.stringify(json_send));
var send=btoa(JSON.stringify(json_send));
$.ajax({
type: 'POST',
headers: {"Access-Control-Allow-Origin":"auth-serve.localhost"},
url: window.__auth_system.auth_server,
data: send,
success:
function(response)
{
console.log("server response: "+atob(response));
if(data.message=="connection_refused")
{
alert("Authentication failed!!! Please try again!!!\nThis incident will be reported!!!");
return 1;
}
},
async:false
});
}