You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
FAST is a cookie-style authentication method that
lets clients store and auth with an unguesseable token.
It enables clients to forget the user's full password,
which is especially important for web-based clients,
that are prone to data leaks. Leaked tokens can be
invalidated.
- https://xmpp.org/extensions/xep-0484.html
- https://xmpp.org/extensions/xep-0388.html
Intended to fixconversejs/converse.js#3144
Some aside changes I needed for this:
- I let handlers listen to the *opening* stanza
- Set 'from' on the opening <stream> tag. (ref: https://github.com/xmppjs/xmpp.js/pull/1006/files#r1893267922)
- Create a type of handler that can search *nested data*.
This made setting up listeners a lot more convenient.
- During connection, replace has_features with
the direct XML <stream:features>
more direct and defensive.
- Moved Status.AUTHENTICATING before FAST/SASL
Still TODO:
- support the other HT- methods from the spec
- rewrite the SASL code into sasl.js to look like sasl2.js ?
- allow fallback from SASL2 to SASL (currently
assumes only ONE login method will be tried per
connect(), which could block login if one is failing)
- pull SASL2 into sasl2.js and make it a plugin
- Disentangle the circular dependency between
index.js loading sasl2.js/sasl2_fast.js but them needing to talk to Strophe
- Invalidate token on logout
(and in the corresponding Converse.js branch,
actually forget the token on logout)
0 commit comments