Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

QUESTION: Current Users ? #2

Open
alexgoldstone opened this issue Oct 28, 2017 · 5 comments
Open

QUESTION: Current Users ? #2

alexgoldstone opened this issue Oct 28, 2017 · 5 comments

Comments

@alexgoldstone
Copy link

alexgoldstone commented Oct 28, 2017
edited
Loading

Since this is a relatively new implementation, I am just wondering if it is in use anywhere yet?
@alexgoldstone alexgoldstone changed the title QUESTION: Current Users QUESTION: Current Users ? Oct 29, 2017
@LinusU
Copy link
Owner

LinusU commented Oct 30, 2017

I'm currently using it in a product that is in private testing right now, but apart from that I don't think that anyone is using it.

I would love for the Node.js community to have a stable implementation of SRP that's easy to use, and my ambition is that this module will become that module. But since this is very new there is still a long way to go.

It would be awesome to get some company involved with Node.js security (Lyft, nsp, Snyk?) to do a proper audit of the source code, but at the moment I don't personally have the funds to get that going. But maybe someone would be willing to donate some time to an open source library :)

I'll probably reach out to them when I'm happy with the external API, which I hope to happen quite soon. At that point I would also tag some kind of 1.x version (maybe 1.0.0-rc.1 at first, and 1.0.0 after an audit)

Open to any ideas! 😄

@abhijithvijayan
Copy link

@LinusU I am trying to implement this authentication in https://github.com/onepassapp/onepass

Implemented it till the last verify session.

Screenshot from 2019-06-30 15-30-31

Could you clarity some doubts?

The whole code is wrapped under a try-catch, so do I need to put a special condition to check if the session was verified successfully?

I need to dispatch the action followed by the function which updates state from isAuthenticated: false to true

@abhijithvijayan
Copy link

abhijithvijayan commented Jun 30, 2019
edited
Loading

also I was wondering, how the following requests after login would be carried out.

Maybe using a JWT token or something would be perfect right?

The last step is optional right? If that is the case,I it okay to transfer JWT token along with it?

@LinusU
Copy link
Owner

LinusU commented Jul 18, 2019

The whole code is wrapped under a try-catch, so do I need to put a special condition to check if the session was verified successfully?

Then you should be good to go 👍

Maybe using a JWT token or something would be perfect right?

That should work great 👍

The last step is optional right?

Not sure what you mean here, there is no optional steps 🤔

@abhijithvijayan
Copy link

@LinusU Thanks for getting back to me, does this package requires updates or something?

@onepassapp completely relies on this package for authentication (uses pbkdf2)

Also, Is it necessary to generate salt using saltGen function provided with this package?

I used node-forge for that. All it requires a 32byte random string right?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@LinusU @alexgoldstone @abhijithvijayan