Step 2.a: Get concordium account nonce - Githubissues

aesirxio / web3-id-preregistration-backend

Backend for the pre-registration and share2earn of web3 id

GNU General Public License v3.0

0 stars 3 forks source link

Step 2.a: Get concordium account nonce #3

Open jatitoam opened 1 year ago

jatitoam commented 1 year ago

Similar to the demo, we need an /account/:account/nonce endpoint (GET) to generate a new random nonce, store it under an accounts collection and return it to the frontend with a json structure:

{
   "nonce": "<nonce>"
}

If the account does not exist then it needs to be stored in the collection with its nonce. If it exists, the nonce needs to be updated with a new random nonce.

Additionally, add a regex validation for concordium accounts. If the account does not match the regex it should return a 406 with a json:

{
   "error": "Account is not valid"
}

thaoredweb commented 1 year ago

@CongThuong Can you check again with my ip, it works when I create the first time but then it show Error: connect ECONNREFUSED 127.0.0.1:8083

thaoredweb commented 1 year ago

@CongThuong When I create a request GET with the account invalid However, the response is 404 not found e, please check the message error two aer

thaoredweb commented 1 year ago

{{domain}}/account/{{account}}/nonce step2a

thaoredweb commented 1 year ago

When I use another address, it does not as expected: With invalid address, it show the same message invalid

CongThuong commented 1 year ago

it's a wrong API to get nonce chị @thaoredweb : {{domain}}/account/{{account}}/nonce . Please use the collection that I shared you

thaoredweb commented 1 year ago

@CongThuong There is no problem with the API e. only 1 thing the expected result does not correct

CongThuong commented 1 year ago

yeah, of course you cannot pass special characters directly to URL. it must be encoded first Chị @thaoredweb

thaoredweb commented 1 year ago

@jatitoam I have put an invalid address= 36FYT269JK4bqVVbwaXXzWBEZ9Q4DvR4GC6BiAwTk4JC7mUFGy#@ but the actual output does not work as noted "error": "Account is not valid" Is that the issue he have to fix it?

jatitoam commented 1 year ago

Not a critical error... you can get a nonce but good luck after that validating the signature

CongThuong commented 1 year ago

We don't need signature to get nonce @jatitoam

jatitoam commented 1 year ago

No, of course. But what I meant is simply that even if you can forge an account and get a nonce for it, you won't be able to get a valid signature of an invalid account, so it doesn't matter if the validation doesn't "work" here.