search

midonet / tssrp6a

This library is a dependency free TypeScript implementation of Secure Remote Password SRP6a.
MIT License
36 stars 8 forks source link

Can't be used between http requests #71

Closed hugbubby closed 3 years ago

hugbubby commented 3 years ago

You provide no way to use this library except over websockets. I need to be able to perform this over multiple regular http requests, where I'll have to write down the private key in the meantime etc.

jbis9051 commented 3 years ago

The library doesn't include anything related to communication between client and server. That is up to you to implement. You can use anything from HTTP to WebSockets to Avian Carriers

hugbubby commented 3 years ago

@jbis9051 What I mean is, there's no way to serialize these step objects into a database so that they can be used to verify parts of the process at a later date.

bgrosse-midokura commented 3 years ago

You have to add JSON serializer for bignum (just toString)

Take a look at the demo page, it prints out JSON of the steps.

But you are right, we must export the types and so on to make this all more straightforward when the step object isn't keot around.

bgrosse-midokura commented 3 years ago

@hugbubby do you want to use the lib with something where the page reloads? The typical use case is with http requests without page reloading.

bgrosse-midokura commented 3 years ago

@hugbubby or is it the server part that you want to serialize?

bgrosse-midokura commented 3 years ago

@hugbubby the demo is now live here https://midonet.github.io/tssrp6a/demo (it's linked in the readme since yesterday)

bufistov commented 3 years ago

Nice work, @bgrosse-midokura !