Demonstrates how to register, log in and communicate with the server over unsecured network.
- The Seed app is served by warp.
- Warp also provides REST API endpoints.
- opaque-ke is used for registration and log in. I strongly recommend to read its docs and the article "OPAQUE: The Best Passwords Never Leave your Device" before you start to learn this example.
- cocoon is used for encrypted communication. Messages are encrypted with the shared key generated by
opaque-kein the final log in step.
Warning: The code is heavily inspired by opaque-ke examples and simplified to demonstrate basic principles. So there is too much expect calls, some strangely named variables and other things that you probably don't want in a production app. Also I'm not a security expert, so I don't guarantee there are no security bugs - use the example as a proof-of-concept and inspiration for your projects.
cargo make startOpen 127.0.0.1:8000 in your browser.
Click Register, then Login and then Send button.
Watch the changes between clicks on the website, browser console log and server log.