Challenge Response Authentication

Wampy.js supports challenge response authentication. To use it you need to provide authid and onChallenge callback as wampy instance options. Also, Wampy.js supports wampcra authentication method with a little helper plugin "wampy-cra". Just add "wampy-cra" package and use provided methods as shown below.

'use strict';

const Wampy = require('wampy').Wampy;
const wampyCra = require('wampy-cra');
const w3cws = require('websocket').w3cwebsocket;

/**
 * Manual authentication using signed message
 */
wampy = new Wampy('wss://wamp.router.url', {
    ws: w3cws,  // just for example in node.js env
    realm: 'realm1',
    authid: 'joe',
    authmethods: ['wampcra'],
    onChallenge: (method, info) => {
        console.log('Requested challenge with ', method, info);
        return wampyCra.signManual('joe secret key or password', info.challenge);
    }
});

/**
 * Promise-based manual authentication using signed message
 */
wampy = new Wampy('wss://wamp.router.url', {
    realm: 'realm1',
    authid: 'micky',
    authmethods: ['wampcra'],
    onChallenge: (method, info) => {
        return new Promise((resolve, reject) => {
            setTimeout(() => {
                console.log('Requested challenge with ', method, info);
                resolve(wampyCra.signManual('micky secret key or password', info.challenge));
            }, 2000);
        });
    }
});

/**
 * Manual authentication using salted key and pbkdf2 scheme
 */
wampy = new Wampy('wss://wamp.router.url', {
    realm: 'realm1',
    authid: 'peter',
    authmethods: ['wampcra'],
    onChallenge: (method, info) => {
        const iterations = 100;
        const keylen = 16;
        const salt = 'password salt for user peter';

        console.log('Requested challenge with ', method, info);
        return wampyCra.signManual(wampyCra.deriveKey('peter secret key or password', salt, iterations, keylen), info.challenge);
    }
});

/**
 * Automatic CRA authentication
 */
wampy = new Wampy('wss://wamp.router.url', {
    realm: 'realm1',
    authid: 'patrik',
    authmethods: ['wampcra'],
    onChallenge: wampyCra.sign('patrik secret key or password')
});

PreviousTicket-based Authentication NextCryptosign-based Authentication

Last updated 2 years ago

'use strict'; const Wampy = require('wampy').Wampy; const wampyCra = require('wampy-cra'); const w3cws = require('websocket').w3cwebsocket; /** * Manual authentication using signed message */ wampy = new Wampy('wss://wamp.router.url', { ws: w3cws, // just for example in node.js env realm: 'realm1', authid: 'joe', authmethods: ['wampcra'], onChallenge: (method, info) => { console.log('Requested challenge with ', method, info); return wampyCra.signManual('joe secret key or password', info.challenge); } }); /** * Promise-based manual authentication using signed message */ wampy = new Wampy('wss://wamp.router.url', { realm: 'realm1', authid: 'micky', authmethods: ['wampcra'], onChallenge: (method, info) => { return new Promise((resolve, reject) => { setTimeout(() => { console.log('Requested challenge with ', method, info); resolve(wampyCra.signManual('micky secret key or password', info.challenge)); }, 2000); }); } }); /** * Manual authentication using salted key and pbkdf2 scheme */ wampy = new Wampy('wss://wamp.router.url', { realm: 'realm1', authid: 'peter', authmethods: ['wampcra'], onChallenge: (method, info) => { const iterations = 100; const keylen = 16; const salt = 'password salt for user peter'; console.log('Requested challenge with ', method, info); return wampyCra.signManual(wampyCra.deriveKey('peter secret key or password', salt, iterations, keylen), info.challenge); } }); /** * Automatic CRA authentication */ wampy = new Wampy('wss://wamp.router.url', { realm: 'realm1', authid: 'patrik', authmethods: ['wampcra'], onChallenge: wampyCra.sign('patrik secret key or password') });