API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 6th, 2019
174
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 15.18 KB | None | 0 0
raw download clone embed print report
  1. function login(destnation, callback, redirectDes, isGDPR) {
  2. var name = $.trim($('#username').val());
  3. var psd = $('#password').val();
  4. var valid = validateInput(name, psd);
  5. if(!valid) {
  6. return;
  7. }
  8. if (g_logining_flag == true) {
  9. return;
  10. }
  11. g_logining_flag = true;
  12. refreshToken();
  13. if (true == g_scarm_login) {
  14. if($.isArray(g_requestVerificationToken)) {
  15. if(g_requestVerificationToken.length <= 0) {
  16. setTimeout( function () {
  17. if(g_requestVerificationToken.length > 0) {
  18. login(destnation, callback, redirectDes);
  19. }
  20. }, 50)
  21. return;
  22. }
  23. }
  24. var scram = CryptoJS.SCRAM();
  25. var firstNonce = scram.nonce().toString();
  26. var firstPostData = {
  27. username: name,
  28. firstnonce: firstNonce,
  29. mode: RSA_LOGIN_MODE
  30. };
  31. var firstXml = object2xml('request', firstPostData);
  32. saveAjaxData('api/user/challenge_login', firstXml, function($xml) {
  33. var ret = xml2object($xml);
  34. if (ret.type == 'response') {
  35. var salt = CryptoJS.enc.Hex.parse(ret.response.salt);
  36. var iter = ret.response.iterations;
  37. var finalNonce = ret.response.servernonce;
  38. var authMsg = firstNonce + "," + finalNonce + "," + finalNonce;
  39. var saltPassword = scram.saltedPassword(psd,salt,iter).toString();
  40. var clientProof = scram.clientProof(psd, salt, iter, authMsg);
  41. var serverKey = scram.serverKey(CryptoJS.enc.Hex.parse(saltPassword)).toString();
  42. var finalPostData = {
  43. clientproof: clientProof,
  44. finalnonce: finalNonce
  45. };
  46. if (ret.response.newType && ret.response.newType == '1') {
  47. var newSalt = CryptoJS.enc.Hex.parse(ret.response.newSalt);
  48. var newIter = ret.response.newIterations;
  49. var newSaltPassword = scram.saltedPassword(psd,newSalt,newIter).toString();
  50. var newStoredKey = scram.storedKey(scram.clientKey(CryptoJS.enc.Hex.parse(newSaltPassword))).toString();
  51. var newServerKey = scram.serverKey(CryptoJS.enc.Hex.parse(newSaltPassword)).toString();
  52. var hashOldNewPwd = SHA256(newStoredKey + newServerKey + clientProof);
  53. finalPostData = {
  54. clientproof: clientProof,
  55. finalnonce: finalNonce,
  56. hashOldNewPwd: hashOldNewPwd,
  57. newStoredKey: newStoredKey,
  58. newServerKey: newServerKey
  59. }
  60. }
  61. var finalXml = object2xml('request', finalPostData);
  62. saveAjaxData('api/user/authentication_login', finalXml, function($xml) {
  63. ret = xml2object($xml);
  64. if (ret.type == 'response') {
  65. var serverProof = scram.serverProof(psd, salt, iter, authMsg);
  66. if (ret.response.serversignature == serverProof) {
  67. var publicKeySignature = scram.signature(CryptoJS.enc.Hex.parse(ret.response.rsan), CryptoJS.enc.Hex.parse(serverKey)).toString();
  68. if (ret.response.rsapubkeysignature == publicKeySignature) {
  69. g_encPublickey.e = ret.response.rsae;
  70. g_encPublickey.n = ret.response.rsan;
  71. storagePubkey(g_encPublickey.n,g_encPublickey.e);
  72. getAjaxData('api/user/state-login', function($xml) {
  73. var ret = xml2object($xml);
  74. if (ret.type == 'response') {
  75. if('undefined' != typeof(ret.response.firstlogin)) {
  76. g_default_password_status = parseInt(ret.response.firstlogin,10);
  77. }
  78. g_login_state = ret.response.State;
  79. $('#username_span').text(name);
  80. $('#username_span').show();
  81. $('#logout_span').text(common_logout);
  82. var passwordStr = $('#password').val();
  83. clearDialog();
  84. g_main_displayingPromptStack.pop();
  85. startLogoutTimer(redirectDes);
  86. if(checkPWRemind(passwordStr)) {
  87. checkDialogFlag = true;
  88. if(g_setup_wizard_page == '1' && g_Driver_classify != 'hilink' && g_auto_update_enable == '1'){
  89. if(isGDPR && current_href =='home'){
  90. loginSwitchDoing(destnation, callback);
  91. }else if(current_href =='quicksetup' || current_href =='home' || current_href =='update'){
  92. window.location.replace('quicksetup.html');
  93. }
  94. } else {
  95. showPWRemindDialog(destnation, callback);
  96. }
  97. } else {
  98. setTimeout( function() {
  99. if(g_setup_wizard_page == '1' && g_Driver_classify != 'hilink' && g_auto_update_enable == '1'){
  100. if(isGDPR && current_href =='home'){
  101. loginSwitchDoing(destnation, callback);
  102. }else if(current_href =='quicksetup' || current_href =='home' || current_href =='update'){
  103. window.location.replace('quicksetup.html');
  104. }
  105. }else{
  106. loginSwitchDoing(destnation, callback);
  107. }
  108. }, 200);
  109. }
  110. }
  111. });
  112. } else {
  113. showErrorUnderTextbox('username', IDS_login_fialed_prompt);
  114. $('#username').focus();
  115. $('#username').val('');
  116. $('#password').val('');
  117. }
  118. } else {
  119. showErrorUnderTextbox('username', IDS_login_fialed_prompt);
  120. $('#username').focus();
  121. $('#username').val('');
  122. $('#password').val('');
  123. }
  124. } else if (ret.error.code == ERROR_LOGIN_USERNAME_PWD_WRONG) {
  125. showErrorUnderTextbox('forget_password_tab', IDS_login_username_password_wrong);
  126. $('#username').focus();
  127. $('#username').val('');
  128. $('#password').val('');
  129. }
  130. });
  131. } else {
  132. if (ret.error.code == ERROR_LOGIN_USERNAME_PWD_ORERRUN) {
  133. showErrorUnderTextbox('forget_password_tab', IDS_login_username_password_input_overrun);
  134. $('#username').focus();
  135. $('#username').val('');
  136. $('#password').val('');
  137. } else if (ret.error.code == ERROR_LOGIN_TOUCH_ALREADY_LOGIN) {
  138. showErrorUnderTextbox('forget_password_tab', touch_user_login_repeat);
  139. $('#username').focus();
  140. $('#username').val('');
  141. $('#password').val('');
  142. } else if (ret.error.code == ERROR_LOGIN_USERNAME_PWD_WRONG) {
  143. showErrorUnderTextbox('forget_password_tab', IDS_login_username_password_wrong);
  144. $('#username').focus();
  145. $('#username').val('');
  146. $('#password').val('');
  147. } else if (ret.error.code == ERROR_LOGIN_ALREADY_LOGIN) {
  148. showErrorUnderTextbox('forget_password_tab', common_user_login_repeat);
  149. $('#username').focus();
  150. $('#username').val('');
  151. $('#password').val('');
  152. }
  153. }
  154. g_logining_flag = false;
  155. });
  156. } else {
  157. if($.isArray()) {
  158. if(g_requestVerificationToken.length > 0) {
  159. if(g_password_type == '4') {
  160. psd = base64encode(SHA256(name + base64encode(SHA256($('#password').val())) + g_requestVerificationToken[0]));
  161. } else {
  162. psd = base64encode($('#password').val());
  163. }
  164.  
  165. } else {
  166. setTimeout( function () {
  167. if(g_requestVerificationToken.length > 0) {
  168. login(destnation, callback, redirectDes);
  169. }
  170. }, 50)
  171. return;
  172. }
  173. } else {
  174. psd = base64encode($('#password').val());
  175. }
  176.  
  177. var request = {
  178. Username: name,
  179. Password: psd,
  180. password_type: g_password_type
  181. };
  182. if (valid) {
  183. var xmlstr = object2xml('request', request);
  184. log.debug('xmlstr = ' + xmlstr);
  185. saveAjaxData('api/user/login', xmlstr, function($xml) {
  186. log.debug('api/user/login successed!');
  187. var ret = xml2object($xml);
  188. g_logining_flag = false;
  189. if (isAjaxReturnOK(ret)) {
  190. /*
  191. * show username when login successfully
  192. */
  193. getAjaxData('api/user/state-login', function($xml) {
  194. var ret = xml2object($xml);
  195. if (ret.type == 'response') {
  196. if('undefined' != typeof(ret.response.firstlogin)) {
  197. g_default_password_status = parseInt(ret.response.firstlogin,10);
  198. }
  199. $('#username_span').text(name);
  200. $('#username_span').show();
  201. $('#logout_span').text(common_logout);
  202. var passwordStr = $('#password').val();
  203. clearDialog();
  204. g_main_displayingPromptStack.pop();
  205. startLogoutTimer(redirectDes);
  206. if(checkPWRemind(passwordStr)) {
  207. checkDialogFlag = true;
  208. if(g_setup_wizard_page == '1' && g_Driver_classify != 'hilink' && g_auto_update_enable == '1'){
  209. if(isGDPR && current_href =='home'){
  210. loginSwitchDoing(destnation, callback);
  211. }else if(current_href =='quicksetup' || current_href =='home' || current_href =='update'){
  212. window.location.replace('quicksetup.html');
  213. }
  214. } else {
  215. showPWRemindDialog(destnation, callback);
  216. }
  217. } else {
  218. setTimeout( function() {
  219. if(g_setup_wizard_page == '1' && g_Driver_classify != 'hilink' && g_auto_update_enable == '1'){
  220. if(isGDPR && current_href =='home'){
  221. loginSwitchDoing(destnation, callback);
  222. }else if(current_href =='quicksetup' || current_href =='home' || current_href =='update'){
  223. window.location.replace('quicksetup.html');
  224. }
  225. }else{
  226. loginSwitchDoing(destnation, callback);
  227. }
  228. }, 200);
  229. }
  230. }
  231. });
  232. } else {
  233. if (ret.type == 'error') {
  234. clearAllErrorLabel();
  235. if (ret.error.code == ERROR_LOGIN_PASSWORD_WRONG) {
  236. showErrorUnderTextbox('forget_password_tab', system_hint_wrong_password);
  237. $('#password').val('');
  238. $('#password').focus();
  239. } else if (ret.error.code == ERROR_LOGIN_ALREADY_LOGIN) {
  240. showErrorUnderTextbox('forget_password_tab', common_user_login_repeat);
  241. $('#username').focus();
  242. $('#username').val('');
  243. $('#password').val('');
  244. }else if (ret.error.code == ERROR_LOGIN_TOUCH_ALREADY_LOGIN) {
  245. showErrorUnderTextbox('forget_password_tab', touch_user_login_repeat);
  246. $('#username').focus();
  247. $('#username').val('');
  248. $('#password').val('');
  249. } else if (ret.error.code == ERROR_LOGIN_USERNAME_WRONG) {
  250. showErrorUnderTextbox('username', settings_hint_user_name_not_exist);
  251. $('#username').focus();
  252. $('#username').val('');
  253. $('#password').val('');
  254. } else if (ret.error.code == ERROR_LOGIN_USERNAME_PWD_WRONG) {
  255. showErrorUnderTextbox('forget_password_tab', IDS_login_username_password_wrong);
  256. $('#username').focus();
  257. $('#username').val('');
  258. $('#password').val('');
  259. } else if (ret.error.code == ERROR_LOGIN_USERNAME_PWD_ORERRUN) {
  260. showErrorUnderTextbox('forget_password_tab', IDS_login_username_password_input_overrun);
  261. $('#username').focus();
  262. $('#username').val('');
  263. $('#password').val('');
  264. }
  265. }
  266. }
  267. }, {
  268. enc:true
  269. });
  270. }
  271. }
  272. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!