]> Entropealabs - wampex.git/commitdiff
projects / wampex.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d248a4a)
auth updates
authorChristopher <chris@entropealabs.com>
Wed, 18 Mar 2020 04:05:54 +0000 (23:05 -0500)
committerChristopher <chris@entropealabs.com>
Wed, 18 Mar 2020 04:05:54 +0000 (23:05 -0500)
lib/crypto.ex patch | blob | history
lib/router/authentication.ex patch | blob | history
lib/router/session.ex patch | blob | history

diff --git a/lib/crypto.ex b/lib/crypto.ex
index a88dcf028637466c1496e70c5fe0beabca961b7b..b41c1b4f863e05072ef23f1e6fcd34004bfd1b91 100644 (file)
--- a/lib/crypto.ex
+++ b/lib/crypto.ex
@@ -1,9 +1,9 @@
 defmodule Wampex.Crypto do
   @moduledoc false
-  def hash_challenge(secret, challenge) do
-    :sha256
-    |> :crypto.hmac(secret, challenge)
-    |> :base64.encode()
+  def hash_challenge(key, data) do
+    :hmac
+    |> :crypto.mac(:sha256, key, data)
+    |> Base.encode64()
   end
 
   def pbkdf2(secret, salt, iterations, keylen) do
diff --git a/lib/router/authentication.ex b/lib/router/authentication.ex
index d7eb2ca6ad18cd82b2188d21c0da5b00a08cf9c7..1f55eadd3170d6336350c63ec660d8e65dd2e23a 100644 (file)
--- a/lib/router/authentication.ex
+++ b/lib/router/authentication.ex
@@ -1,12 +1,14 @@
 defmodule Wampex.Router.Authentication do
   @moduledoc false
 
+  require Logger
+
   alias Wampex.Crypto
   alias Wampex.Serializers.JSON
 
   @wampcra "wampcra"
-  @salt_length 32
-  @key_length 64
+  @salt_length 8
+  @key_length 16
   @auth_provider "userdb"
   @auth_role "user"
 
diff --git a/lib/router/session.ex b/lib/router/session.ex
index b4c7c6365e3b0a03c1c3535b21b19e5f9891543e..e68ed33da43cfd75554c1123ab5deaf183b94ae0 100644 (file)
--- a/lib/router/session.ex
+++ b/lib/router/session.ex
@@ -178,6 +178,8 @@ defmodule Wampex.Router.Session do
             } = data
         } = sl
       ) do
+    Logger.info("Hello #{inspect(dets)}")
+
     {actions, challenge} =
       case dets do
         %{"authid" => ai, "authmethods" => am} ->
@@ -185,11 +187,13 @@ defmodule Wampex.Router.Session do
             true ->
               ch = auth.challenge(ai, id)
 
+              chal = %Challenge{
+                auth_method: auth.method(),
+                options: ch
+              }
+
               send_to_peer(
-                Peer.challenge(%Challenge{
-                  auth_method: auth.method,
-                  options: ch
-                }),
+                Peer.challenge(chal),
                 tt,
                 t
               )
@@ -240,7 +244,7 @@ defmodule Wampex.Router.Session do
     authprovider = get_in(ch, ["authprovider"])
 
     actions =
-      case auth.authenticate(sig, get_in(ch, ["authid"]), challenge) do
+      case auth.authenticate(sig, authid, challenge) do
         true ->
           send_to_peer(
             Peer.welcome(%Welcome{
WampEX