I have a backboneJS application that communicate with a Restfull API write with Symfony2. To authenticate the user, an HTTP header (WSSE) is sent to all queries.
The header looks like this:
X-WSSE:UsernameToken Username="[email protected]", PasswordDigest="clrGx4hSEyC3zdndd04/51yuee7Q=", Nonce="VURQQWQ0RTBMSGo4enBCN05GSjNuTGhsSjF3PQ==", Created="2014-05-09T15:11:06+02:00"
For generate the passwordDigest, I need to have the user password encrypted. For testing, I have put this password encrypted directly in my frontEnd.
So, for create a générique method and not sent the password encrypted on the network, I need to generate the same password encrypted in my front End.
The User try to connect:
Anyone know how to encrypt the password on the client side (in javascript), with the password (enter by the user) and the salt?
Thank's !
There are various libraries available for encryption on the client side. Forge is a library which implements a few message digest functions in JS, including SHA-1 which is what you seem to be using currently.