Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
외부에서 DDP를 통해 meteor 서버 인증하는 예. 암호화로 SRP를 사용하므로 각 플랫폼별 SRP라이브러리를 사용한다.
nextid = 0
connected = false;
ws = require 'ws'
## srp library from https://github.com/meteor/meteor/tree/devel/packages/srp
srp = require './lib/srp.js'
isLogin = false
## id/pass
selector = '<ID>'
password = '<PASS>'
s = new srp.Client password
ws = new ws 'ws://localhost:3000/websocket'
ws.on 'open', ->
console.log "open socket"
ws.send JSON.stringify
msg: 'connect'
version: 'pre1'
support: ['pre1']
ws.on 'message', (data, flags)->
dataJSON = JSON.parse data
console.log dataJSON
if dataJSON.msg is 'connected'
connected = true
ws.send JSON.stringify
msg: 'sub'
id: (++nextid).toString()
name: 'meteor.loginServiceConfiguration'
if dataJSON.msg is 'ready'
if not isLogin
console.log '>> method beginPasswordExchange'
request = s.startExchange()
if typeof selector is 'string'
selector =
if ~selector.indexOf("@")
then email: selector
else username: selector
request.user = selector
sendObject =
msg: 'method'
method: 'beginPasswordExchange'
params: [request]
id: (++nextid).toString()
ws.send JSON.stringify sendObject
if dataJSON.msg is 'result'
if not isLogin
console.log ">> checked username"
if !!dataJSON.error
console.log ">> username fail"
else
response = s.respondToChallenge dataJSON.result
sendObject =
msg: 'method'
method: 'login'
params: [
srp: response
]
id: (++nextid).toString()
ws.send JSON.stringify sendObject
isLogin = true
else
## after login
if !!dataJSON.error
console.log ">>>> incorrect password"
else
if s.verifyConfirmation(HAMK:dataJSON.result.HAMK)
console.log ">>>> login success"
else
console.log ">>>> server is cheating!"
open socket
{ server_id: 'LM68yzLKbyHGL8gkx' }
{ msg: 'connected', session: 'vCy74iwbDAoWLfHAx' }
{ msg: 'added',
collection: 'users',
id: 'aHC7AHZXbnhs7Efs9',
fields:
{ username: ..... }
{ msg: 'ready', subs: [ '1' ] }
>> method beginPasswordExchange
{ msg: 'updated', methods: [ '2' ] }
{ msg: 'result',
id: '2',
result:
{ identity: 'YzHuNjbsWJm5KvDce',
salt: 'sre6wg5ENP2FFNc42',
B: '2552212862fd5988718175ed8d30caa0d551fbf14ed328fec9c53c7405ae779a462794ef2755bed052ae2e3cb2b8ad253c465dc0943a78ee10dd22569877ccb028f5c98d819385f5e453ee86116718eeeb9f342cdf4f5de19a0cc4504b828a8eb9e05aa8967e5d275157a84fdd0df7a956c7cb838743378570a7bb0d9813f750' } }
>> checked username
{ msg: 'changed',
collection: 'users',
id: 'MZqYAk6C9kYao3ATz',
fields: { emails: [ [Object] ] } }
{ msg: 'ready', subs: [ '1' ] }
{ msg: 'updated', methods: [ '3' ] }
{ msg: 'result',
id: '3',
result:
{ token: '6ZpGsNACwMLAnzXGr',
id: 'MZqYAk6C9kYao3ATz',
HAMK: 'd36ee7982df73edb5289d1dcd5b078899802163ba70396b3a4136820e8716721' } }
>>>> login success
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment