Commit 674ee9b1 authored by mh's avatar mh
Browse files

add webauthn login procedure

parent 7e8c2931
function ab2str(buf) {
return btoa(String.fromCharCode.apply(null, new Uint8Array(buf))).replace(/\//g, '_').replace(/\+/g, '-').replace(/=*$/, '');
}
function str2ab(enc) {
var str = atob(enc.replace(/_/g, '/').replace(/-/g, '+'));
var buf = new ArrayBuffer(str.length);
var bufView = new Uint8Array(buf);
for (var i=0, strLen=str.length; i < strLen; i++) {
bufView[i] = str.charCodeAt(i);
}
return buf;
}
......@@ -3,3 +3,4 @@
# You can use CoffeeScript in this file: http://coffeescript.org/
//= require sha256.min
//= require proofofwork
//= require base64
function pwhelp() {
if (document.getElementById('pw-help').style.display == 'block')
document.getElementById('pw-help').style.display = 'none';
else
document.getElementById('pw-help').style.display = 'block';
}
function loadPwhelp() {
if (document.getElementById('pw-help-toggle')) {
document.getElementById('pw-help-toggle').addEventListener("click", pwhelp)
}
if (document.getElementById('flash-notice')) {
var link = document.getElementById('pw-help-toggle');
var col = link.style.color;
setTimeout(function() {link.style.color = 'red'}, 800);
setTimeout(function() {link.style.color = col}, 1300);
setTimeout(function() {link.style.color = 'red'}, 1800);
setTimeout(function() {link.style.color = col}, 2300);
}
}
window.addEventListener("load", loadPwhelp)
function pwstrength() {
var e = document.getElementById('pwscore');
var ok = document.getElementById('new_ok');
e.innerHTML = '&nbsp;';
var p = document.getElementById('new').value;
var s = zxcvbn(p).score;
if (p.length > 0) {
var cols = ['#f00', '#fa0', '#fe0', '#af0', '#0f0'];
var cont = [':\'(', ':(', ':/', ':)', ':D'];
e.style.backgroundColor = cols[s];
e.innerHTML = cont[s];
} else {
e.style.backgroundColor = "white";
e.innerHTML = "&nbsp;";
}
if (s >= 3 && p.length > 9) {
ok.innerHTML = "&#x2714;"
} else {
ok.innerHTML = "&nbsp;"
}
}
function confirmcheck() {
var p = document.getElementById('new').value;
var c = document.getElementById('confirm').value;
if (p.length == 0 || p != c) {
document.getElementById('confirm_ok').innerHTML = "&nbsp;";
} else {
document.getElementById('confirm_ok').innerHTML = "&#x2714;";
}
}
function loadPwstrength() {
if (document.getElementById('confirm')) {
// document.getElementById('new').addEventListener("keyup", pwstrength)
// document.getElementById('new').addEventListener("change", pwstrength)
document.getElementById('new').addEventListener("keyup", confirmcheck)
document.getElementById('new').addEventListener("change",confirmcheck)
document.getElementById('confirm').addEventListener("keyup", confirmcheck)
document.getElementById('confirm').addEventListener("change", confirmcheck)
// pwstrength();
}
}
window.addEventListener("load", loadPwstrength)
// Place all the styles related to the admin controller here.
// They will automatically be included in application.css.
// You can use Sass (SCSS) here: http://sass-lang.com/
// Place all the styles related to the app_passwords controller here.
// They will automatically be included in application.css.
// You can use Sass (SCSS) here: http://sass-lang.com/
// Place all the styles related to the delete_account controller here.
// They will automatically be included in application.css.
// You can use Sass (SCSS) here: http://sass-lang.com/
// Place all the styles related to the domains controller here.
// They will automatically be included in application.css.
// You can use Sass (SCSS) here: http://sass-lang.com/
// Place all the styles related to the index controller here.
// They will automatically be included in application.css.
// You can use Sass (SCSS) here: http://sass-lang.com/
// Place all the styles related to the invites controller here.
// They will automatically be included in application.css.
// You can use Sass (SCSS) here: http://sass-lang.com/
.tfa-form div {
float: left;
padding-right: 15px;
}
.tfa-form table {
padding-top: 5px;
}
// Place all the styles related to the trees controller here.
// They will automatically be included in application.css.
// You can use Sass (SCSS) here: http://sass-lang.com/
// Place all the styles related to the trees_token controller here.
// They will automatically be included in application.css.
// You can use Sass (SCSS) here: http://sass-lang.com/
// Place all the styles related to the password controller here.
// They will automatically be included in application.css.
// You can use Sass (SCSS) here: http://sass-lang.com/
// Place all the styles related to the recovery_email controller here.
// They will automatically be included in application.css.
// You can use Sass (SCSS) here: http://sass-lang.com/
// Place all the styles related to the signup controller here.
// They will automatically be included in application.css.
// You can use Sass (SCSS) here: http://sass-lang.com/
// Place all the styles related to the users controller here.
// They will automatically be included in application.css.
// You can use Sass (SCSS) here: http://sass-lang.com/
......@@ -5,11 +5,12 @@ class ApplicationController < ActionController::Base
before_action :set_locale
protected
def handle_unverified_request
if session[:origin_url]
return redirect_to session[:origin_url]
end
redirect_to "https://immerda.ch"
redirect_to "https://www.immerda.ch"
end
def available_locales
......@@ -91,4 +92,5 @@ class ApplicationController < ActionController::Base
session[:origin_url] = url
update_session_expiry
end
end
......@@ -92,6 +92,13 @@ module ApiBackend
nil
end
def self.webauthn_challenge(email, password)
post(['auth','webauthn_challenge'],{
'email' => email,
'password' => password,
})
end
def self.sp_info(request)
post(['auth', 'sp_info'], {saml_request: request})
rescue
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment