From fe24c7ebf7c33e3ac35a71ae37ad2dc34262900d Mon Sep 17 00:00:00 2001 From: Deon George Date: Tue, 18 Aug 2020 22:20:17 +1000 Subject: [PATCH] SQRL Authentication working --- load/sqrllogin.js | 82 ++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 74 insertions(+), 8 deletions(-) diff --git a/load/sqrllogin.js b/load/sqrllogin.js index 43c607d..7fe1b7b 100644 --- a/load/sqrllogin.js +++ b/load/sqrllogin.js @@ -24,8 +24,8 @@ function sqrllogin() { var cancel = false; log(LOG_DEBUG,'OPTIONS: '+JSON.stringify(loadOptions('sqrl'))); - sqrl = loadOptions('sqrl'); - http = new HTTPRequest(); + var sqrl = loadOptions('sqrl'); + var http = new HTTPRequest(); http.SetupGet(sqrl.auth_path,undefined,sqrl.auth_url); http.request_headers.push('Accept: application/json'); @@ -39,13 +39,13 @@ function sqrllogin() { .map(function(x) {return x.charCodeAt(0)}); var qr = qrcodegen.QrCode.encodeBinary(data,qrcodegen.QrCode.Ecc.LOW); - subframe = new Frame(38,2,43,22,BG_BLACK|LIGHTGRAY); + var subframe = new Frame(38,2,43,22,BG_BLACK|LIGHTGRAY); fo.qrcode(qr,subframe); fo.sendBaseline('CANCEL_MSG',false); // Loop and see if the user has logged in - nut = http.body.substr(http.body.indexOf('nut='),68); + var nut = http.body.substr(http.body.indexOf('nut='),68); var read = ''; while (read !== '2') { @@ -68,9 +68,75 @@ function sqrllogin() { break; case 200: - if (http.body.isReady) { - log(LOG_INFO,'NUT: '+http.body.msg); - log(LOG_INFO,'NEXT: '+http.body.nextPage); + var result = JSON.parse(http.body); + + if (result.isReady) { + log(LOG_INFO,'NUT: '+result.msg); + log(LOG_INFO,'NEXT: '+result.nextPage); + if (result.msg == 'SQRL authenticated') { + log(LOG_DEBUG,'Getting Authenticated User ['+result.nextPage+']'); + http = new HTTPRequest(); + http.SetupGet(result.nextPage,undefined,''); + http.request_headers.push('Accept: application/json'); + + http.SendRequest(); + http.ReadResponse(); + + log(LOG_DEBUG,'Getting Authenticated User Response ['+http.response_code+']'); + if (http.response_code == 200) { + var sqrluser = http.body.substr(0,40); + var username = 'S'+sqrluser.substr(0,24) + log(LOG_DEBUG,'Getting Authenticated sqrluser ['+JSON.stringify(sqrluser)+']'); + + // Look through our user base for an existing user + var uid = system.matchuser(username); + + log(LOG_DEBUG,'Getting Authenticated UID ['+JSON.stringify(uid)+']'); + if (! uid) { + log(LOG_DEBUG,'New User ['+username+'] with pass ('+sqrluser+')'); + var user = system.new_user(username); + log(LOG_DEBUG,'New User ['+JSON.stringify(user.number)+']'); + user.name = username; + user.security.password = sqrluser; + user.handle = username.substr(0,8); + user.location = 'Earth'; + user.zipcode = '000'; + user.netmail = username+'@'+system.inet_addr; + + user.comment = 'ANSITEX registered user - with SQRL'; + bbs.user_sync(); + + } else { + user = new User(uid); + } + + log(LOG_DEBUG,'Getting Authenticated USER ['+JSON.stringify(user.number)+']'); + + // Existing user, we'll exit here + if (bbs.login(user.name,null,user.security.password)) { + log(LOG_DEBUG,' - User:'+JSON.stringify(user.number)); + bbs.logon(); + log(LOG_DEBUG,' - SEND TO EXIT:'); + + complete = true; + read = '2'; + action = ACTION_EXIT; + if (typeof subframe === 'object') + subframe.close(); + + break; + + } else { + log(LOG_ERROR,'- Login Failed? '); + } + + } else { + log(LOG_ERROR,'- Unhandled User Details: '+http.response_code); + } + + } else { + log(LOG_ERROR,'- Unhandled isReady msg: '+result.msg); + } complete = true; if (typeof subframe === 'object') @@ -80,7 +146,7 @@ function sqrllogin() { read = '2'; } else { - log(LOG_ERROR,'- Unhandled isReady: '+http.body.isReady); + log(LOG_ERROR,'- Unhandled isReady: '+result.isReady); // We are done read = '2';