Demo not working about srp-6a-demo HOT 14 CLOSED

See behavior here: http://pcrypt.org/dev/srp6a/register.php

from srp-6a-demo.

The demo expects to be in the top level folder; if you look at the paths in the 'view source' they are expecting to include files at the top level '/'. You can use search and replace to fix that. You can easily see these issues by using chrome/firefox and looking at the developer view which will show errors for not being able to find the .js or .css files.

from srp-6a-demo.

I have made some fixes for this. If you look at the next issue "#6" it has a pull request from my fork where the demo code has some logic in the register.phtml to set the path for all the included files. There are also two lines in the js on that same page to use "./" location for the target of the AJAX posts which are also needed.

from srp-6a-demo.

Downloaded your fork and installed - it seam to work a lot better :-)

NB: Demo same place

But still unable to login as far as I can tell? E.g. it does not jump to login.php and confirm or reject a login attempt.

May just be the lack of instructions. Really missing some sort of simple manual!

from srp-6a-demo.

Looks like the

$.post('./register.php'........
and
$.post('./login.php'........

is not working.

from srp-6a-demo.

That should be fixed on my fork. Issue #6 is the pull request for that.

The idea is you click the Register button then the Login button and thats it. To actually use it on a real site you need to do your own programming to save the registration details into a real database and to to add security checks on the parts of the site you want to protect that the user has authenticated properly.

The demo is just enough to show that the SRP library code works; which you can see from the output of the working app which shows what is going on and says "Success" if all the path line up. For today only (as I will recycle the cloud instance) you can see the demo code working over at http://srp6ademo-n00p.rhcloud.com/register.php

from srp-6a-demo.

Just installed your latest files with changes.

And they still do not work - just like to point out that people can not just download the source and make it run! Know that I have to modify it to make it work at a real site.

Will try to find out what the problem is, but it is quite a problem to debug in jquery as it is minimized. Have to modify different things - do not like Git ;-).

The problem is related to $.post that is not working as expected.

from srp-6a-demo.

I wouldn't suspect that jQuery is the problem (although you should check in another browser e.g. firefox,safari,chrome to be sure) it is likely to be that the paths it is attempting to post to dont match up on your server. To check that you use the developer view on either chrome or firefox to see what values it is posting to what url. Check those value against what is posted to the working demo on my server at the link above (e.g. is it posting 'null' not a real value? that could be a js error? any errors in the browser js console?). Then check that if you enter the location it is posting to directly into the browser address bar you dont get a rejection from your server due to some misconfiguration.

from srp-6a-demo.

Think the problem is related to the fact that I have PHP 5.3.3 installed as seen here:

http://redbeanphp.com/install

Get this error in the log:

Jan 3 14:18:46 beastserver httpd: PHP Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[HY000] [14] unable to open database file' in /home/e-smith/files/ibays/pass_ibay/html/dev/srp6a/lib/rb.php:612 Stack trace: #0 /home/e-smith/files/ibays/pass_ibay/html/dev/srp6a/lib/rb.php(612): PDO->__construct('sqlite:srp_db.t...', NULL, NULL, Array) #1 /home/e-smith/files/ibays/pass_ibay/html/dev/srp6a/lib/rb.php(791): RedBean_Driver_PDO->connect() #2 /home/e-smith/files/ibays/pass_ibay/html/dev/srp6a/lib/rb.php(2002): RedBean_Driver_PDO->Escape('user') #3 /home/e-smith/files/ibays/pass_ibay/html/dev/srp6a/lib/rb.php(2632): RedBean_Adapter_DBAdapter->escape('user') #4 /home/e-smith/files/ibays/pass_ibay/html/dev/srp6a/lib/rb.php(2592): RedBean_QueryWriter_AQueryWriter->check('user') #5 /home/e-smith/files/ibays/pass_ibay/html/dev/srp6a/lib/rb.php(2765): RedBean_QueryWriter_AQueryWriter->safeTable('user') #6 /home/e-smith/files/ibays/pass_ibay/html/dev/srp6a/lib/rb.php(5244): RedBean_QueryWriter_AQueryWri

I will try to install the patch and let you know the outcome!

from srp-6a-demo.

RedBean isn't needed by the core library it is just there to make a demo site. In a real website you would typically use your main database (e.g. MySQL) to store the user details such as email, salt and verifier.

The core library code is only two PHP files which do the cryptography and only five of the javascript files are core:

./srp6ademo/srp/Client/lib/biginteger.js
./srp6ademo/srp/Client/lib/isaac.js
./srp6ademo/srp/Client/lib/random.js
./srp6ademo/srp/Client/lib/sha256.js
./srp6ademo/srp/Client/lib/srp.js
./srp6ademo/srp/Server/BigInteger.php
./srp6ademo/srp/Server/Srp.php

The other files are just for demonstration purposes.

You really should not be using such an old version of php. You should upgrade to the latest 5.5.x.

from srp-6a-demo.

I will upgrade when I get time to install SME Server 9 ;-)

from srp-6a-demo.

After downgrade of RedBean to PHP 5.3.3 and nessesary changes I still had the same problem. So I modified this in require.php:

R::setup('sqlite:' . $root . '/lib/srp_db.txt');

As I have a base_dir restriction on the server

Made registration work but now the log complain about this at login:

PHP Fatal error: Call to undefined function bcmod()

It looks like BCMath is not compiled into my PHP :-(

Will return when I have progress ;-)

from srp-6a-demo.

After install of php-bcmath it works fine - thank you simbo

from srp-6a-demo.

Like to propose this text in readme.md (also see changes to require.php above):

The demo use RedBeanPHP with file based DB SQLite for the demo and your http deamon needs write permissions in the lib folder for the standard setup in require.php (can be changed).

Unpack the source files to a PHP enabled server with at least PHP 5.3.3 and bcmath support.

In case you have a lower PHP version see here: http://redbeanphp.com/install.

Fire up your browser and direct it to http://your-source-location/register.php to test the demo.

from srp-6a-demo.