![[site community profile]](https://www.dreamwidth.org/img/comm_staff.png){kind=small}
[dw-free] jQuerify password hashing JS for login
[commit: http://hg.dwscoalition.org/dw-free/rev/f89a10575f39]
http://bugs.dwscoalition.org/show_bug.cgi?id=3528
Add jQuery version of password hashing for login (not currently enabled).
Patch by![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
fu.
Files modified:
http://bugs.dwscoalition.org/show_bug.cgi?id=3528
Add jQuery version of password hashing for login (not currently enabled).
Patch by
fu.Files modified:
- cgi-bin/LJ/S2.pm
- htdocs/js/login-jquery.js
- views/dev/tests/login.html
- views/dev/tests/login.js
--------------------------------------------------------------------------------
diff -r 0dc6fb714407 -r f89a10575f39 cgi-bin/LJ/S2.pm
--- a/cgi-bin/LJ/S2.pm Mon Feb 28 21:15:17 2011 +0800
+++ b/cgi-bin/LJ/S2.pm Mon Feb 28 21:18:32 2011 +0800
@@ -174,6 +174,7 @@ sub make_journal
if ($show_control_strip) {
LJ::Hooks::run_hook( 'control_strip_stylesheet_link' );
+ # used if we're using our old library
LJ::need_res(qw(
js/core.js
js/dom.js
@@ -182,6 +183,12 @@ sub make_journal
js/md5.js
js/login.js
));
+
+ # used if we're using our jquery library
+ LJ::need_res( { group => "jquery" }, qw(
+ js/md5.js
+ js/login-jquery.js
+ ) );
}
# Include any head stc or js head content
diff -r 0dc6fb714407 -r f89a10575f39 htdocs/js/login-jquery.js
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/htdocs/js/login-jquery.js Mon Feb 28 21:18:32 2011 +0800
@@ -0,0 +1,27 @@
+(function($) {
+ $.fn.hashpassword = function( action ) {
+ var submitform = function() {
+ var $self = $(this);
+ var $chal_field = $self.find(".lj_login_chal");
+ var $resp_field = $self.find(".lj_login_response");
+ var $pass_field = $self.find(".lj_login_password");
+
+ if ( $chal_field.length < 1 || $resp_field.length < 1
+ || $pass_field.length < 1 )
+ return true;
+
+ var res = MD5( $chal_field.val() + MD5($pass_field.val()) );
+ $resp_field.val(res);
+ $pass_field.val("");
+ }
+
+ return this.each(function() {
+ $(this).submit(submitform);
+ })
+ };
+
+})(jQuery);
+
+jQuery(function($) {
+ $("form.lj_login_form").hashpassword();
+});
diff -r 0dc6fb714407 -r f89a10575f39 views/dev/tests/login.html
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/views/dev/tests/login.html Mon Feb 28 21:18:32 2011 +0800
@@ -0,0 +1,15 @@
+<form id="login" class="lj_login_form" action="http://www.dreamwidth.org/login?ret=1" method="post">
+ <div>
+ <input type="hidden" name="mode" value="login" />
+ <input type="hidden" name="chal" id="login_chal" class="lj_login_chal" value="challenge" />
+ <input type="hidden" name="response" id="login_response" class="lj_login_response" value="" />
+
+ <label for="xc_user">Username:</label>
+ <input type="text" name="user" size="7" maxlength="27" tabindex="1" id="xc_user" value="" />
+
+ <label for="xc_password">Password:</label>
+ <input type="password" name="password" size="7" tabindex="2" id="xc_password" class="lj_login_password" value="password" />
+
+ <input type="submit" value="Log in" />
+ </div>
+</form>
diff -r 0dc6fb714407 -r f89a10575f39 views/dev/tests/login.js
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/views/dev/tests/login.js Mon Feb 28 21:18:32 2011 +0800
@@ -0,0 +1,35 @@
+/* INCLUDE:
+js/md5.js
+old: js/login.js
+jquery: js/login-jquery.js
+*/
+
+var check_results = function() {
+ expect(6);
+
+ var response_field = document.getElementById( "login_response" );
+ var password_field = document.getElementById( "xc_password" );
+ var challenge_field = document.getElementById( "login_chal" );
+
+ ok( response_field, "response field exists" );
+ ok( password_field, "password field exists" );
+ ok( challenge_field, "challenge field exists" );
+
+ equal( challenge_field.value, "challenge" );
+ equal( password_field.value, "", "no cleartext password" );
+ equal( response_field.value, "6d7d8d39264a6416f8d27965cc1fe8e2", "expected hashed challenge and password" );
+};
+
+module( "old" );
+test( "hash password when logging in", function() {
+ LiveJournal.loginFormSubmitted({ target: document.getElementById("login") });
+ check_results();
+} );
+
+module( "jquery" );
+test( "hash password when logging in", function() {
+ $("#login").triggerHandler("submit");
+ check_results();
+} );
+
+
--------------------------------------------------------------------------------