Last active
December 21, 2015 15:59
-
-
Save acidsound/6330360 to your computer and use it in GitHub Desktop.
외부에서 DDP를 통해 meteor 서버 인증하는 예. 암호화로 SRP를 사용하므로 각 플랫폼별 SRP라이브러리를 사용한다.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nextid = 0 | |
connected = false; | |
ws = require 'ws' | |
## srp library from https://github.com/meteor/meteor/tree/devel/packages/srp | |
srp = require './lib/srp.js' | |
isLogin = false | |
## id/pass | |
selector = '<ID>' | |
password = '<PASS>' | |
s = new srp.Client password | |
ws = new ws 'ws://localhost:3000/websocket' | |
ws.on 'open', -> | |
console.log "open socket" | |
ws.send JSON.stringify | |
msg: 'connect' | |
version: 'pre1' | |
support: ['pre1'] | |
ws.on 'message', (data, flags)-> | |
dataJSON = JSON.parse data | |
console.log dataJSON | |
if dataJSON.msg is 'connected' | |
connected = true | |
ws.send JSON.stringify | |
msg: 'sub' | |
id: (++nextid).toString() | |
name: 'meteor.loginServiceConfiguration' | |
if dataJSON.msg is 'ready' | |
if not isLogin | |
console.log '>> method beginPasswordExchange' | |
request = s.startExchange() | |
if typeof selector is 'string' | |
selector = | |
if ~selector.indexOf("@") | |
then email: selector | |
else username: selector | |
request.user = selector | |
sendObject = | |
msg: 'method' | |
method: 'beginPasswordExchange' | |
params: [request] | |
id: (++nextid).toString() | |
ws.send JSON.stringify sendObject | |
if dataJSON.msg is 'result' | |
if not isLogin | |
console.log ">> checked username" | |
if !!dataJSON.error | |
console.log ">> username fail" | |
else | |
response = s.respondToChallenge dataJSON.result | |
sendObject = | |
msg: 'method' | |
method: 'login' | |
params: [ | |
srp: response | |
] | |
id: (++nextid).toString() | |
ws.send JSON.stringify sendObject | |
isLogin = true | |
else | |
## after login | |
if !!dataJSON.error | |
console.log ">>>> incorrect password" | |
else | |
if s.verifyConfirmation(HAMK:dataJSON.result.HAMK) | |
console.log ">>>> login success" | |
else | |
console.log ">>>> server is cheating!" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
open socket | |
{ server_id: 'LM68yzLKbyHGL8gkx' } | |
{ msg: 'connected', session: 'vCy74iwbDAoWLfHAx' } | |
{ msg: 'added', | |
collection: 'users', | |
id: 'aHC7AHZXbnhs7Efs9', | |
fields: | |
{ username: ..... } | |
{ msg: 'ready', subs: [ '1' ] } | |
>> method beginPasswordExchange | |
{ msg: 'updated', methods: [ '2' ] } | |
{ msg: 'result', | |
id: '2', | |
result: | |
{ identity: 'YzHuNjbsWJm5KvDce', | |
salt: 'sre6wg5ENP2FFNc42', | |
B: '2552212862fd5988718175ed8d30caa0d551fbf14ed328fec9c53c7405ae779a462794ef2755bed052ae2e3cb2b8ad253c465dc0943a78ee10dd22569877ccb028f5c98d819385f5e453ee86116718eeeb9f342cdf4f5de19a0cc4504b828a8eb9e05aa8967e5d275157a84fdd0df7a956c7cb838743378570a7bb0d9813f750' } } | |
>> checked username | |
{ msg: 'changed', | |
collection: 'users', | |
id: 'MZqYAk6C9kYao3ATz', | |
fields: { emails: [ [Object] ] } } | |
{ msg: 'ready', subs: [ '1' ] } | |
{ msg: 'updated', methods: [ '3' ] } | |
{ msg: 'result', | |
id: '3', | |
result: | |
{ token: '6ZpGsNACwMLAnzXGr', | |
id: 'MZqYAk6C9kYao3ATz', | |
HAMK: 'd36ee7982df73edb5289d1dcd5b078899802163ba70396b3a4136820e8716721' } } | |
>>>> login success |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment