search

getAlby / lightning-browser-extension

The Bitcoin Lightning Browser extension that connects to different wallet interfaces and brings deep lightning integration to the web
https://getalby.com
MIT License
523 stars 193 forks source link

Alby should ask in which account I would like to login #833

Open bitcoinuser opened 2 years ago

bitcoinuser commented 2 years ago

Hi,

I have two accounts on Alby, so I disconnected from stacker.news service. then I clicked to login again on stacker.news.

What I expected: Alby ask in which from the two accounts I would like to login.

What happened: Alby logged in automatically using the default Alby account

qqqzhch commented 1 year ago

It's very useful to choose an account. I'll try this optimization and improvement

bitcoinuser commented 1 year ago

It's very useful to choose an account. I'll try this optimization and improvement

Maybe you think this interesting too: https://github.com/getAlby/lightning-browser-extension/issues/1853

qqqzhch commented 1 year ago

It's very useful to choose an account. I'll try this optimization and improvement

Maybe you think this interesting too: #1853

Yes. Let me take a look at the logics of login and account first. Time passes quickly. I remember the first time I wrote issues https://github.com/getAlby/lightning-browser-extension/issues/435 It's about login

reneaaron commented 1 year ago

We do already have an account switcher on this page, haven't we?

image

Why another one?

The problem is that with an allowance you don't see the prompt at all and are just logged in with the current account in use. Don't know if there is a solution to this problem (as you usually don't want to see those prompts). Currently you would need to switch the account before clicking "Login" on the site.

qqqzhch commented 1 year ago

We do already have an account switcher on this page, haven't we?

image

Why another one?

The problem is that with an allowance you don't see the prompt at all and are just logged in with the current account in use. Don't know if there is a solution to this problem (as you usually don't want to see those prompts). Currently you would need to switch the account before clicking "Login" on the site.

You are right, I misunderstood.

The previous understanding was that the account selection component at the top was not very clear, so I tried to make a clearer selection component.

i understand now The user logs out of the site, but the logins and authorizations in the wallet are not deleted. So there is no pop-up window when logging in for the second time

This is what happens when I repeat the test login.

qqqzhch commented 1 year ago

Refresh the page after logging in, and the page judges whether there is a link to the wallet.

Still execute window.webln.enable()?

qqqzhch commented 1 year ago

I retested again

The wallet has two accounts lnd1 and lnd2

  1. wallet default account lnd1 The webpage login gets the account of lnd1
  2. Switch the wallet default account to lnd2
  3. Web page logout
  4. Click to log in on the webpage, there is no authorization dialog box, and the account of lnd2 is obtained

I think the second login, without the authorization dialog box, should get the account of lnd1

I'm going to try to see if I can get the account of lnd1

reneaaron commented 1 year ago

I think the second login, without the authorization dialog box, should get the account of lnd1

So you would save where the user has logged in before and use that account? What if a user has multiple accounts that he is using on one website?

I think it would make sense to discuss the concept before you start to implement this.

qqqzhch commented 1 year ago

I think the second login, without the authorization dialog box, should get the account of lnd1

So you would save where the user has logged in before and use that account? What if a user has multiple accounts that he is using on one website?

I think it would make sense to discuss the concept before you start to implement this.

Well, you are right. I will first look at the login logic, understand the original implementation logic, and then see if there is any way to optimize it. If I find a way to optimize it, I will discuss it later

qqqzhch commented 1 year ago

I read a part of the code, but I haven't read it completely. think of a way first window.webln.enable const allowance = await db.allowances .where("host") .equalsIgnoreCase(host) .first();

window.webln.lnurl if (lnurlDetails.tag !== "login") throw new Error( "LNURL-AUTH FAIL: incorrect tag: ${lnurlDetails.tag} was used" ); const connector = await state.getState().getConnector();

Allowance is looking for the first Can I find a first connector according to the allowance and find an authorized connector the connector is the first one according to the allowance

I don’t think it should be supported to link multiple accounts with one website, because the link to one website can only be canceled in the wallet, and the link to one website cannot be added in the wallet,.

If we can manage the link between the website and the account in the wallet, such as adding a link, deleting a link

If a site need links multiple connector,Add new components in the wallet to manage link the account with the site,

lookup logic of connector First find the connector with allowances, If the found connectors contains the default connector of the wallet, return the default connector If not contained, return the first

qqqzhch commented 1 year ago

The current wallet allowance is not specific to the account. There will be multiple accounts in the wallet, and the amount of each account is different. await db.allowances.add({ host: host, name: message.origin.name, imageURL: message.origin.icon, enabled: true, lastPaymentAt: 0, totalBudget: 0, remainingBudget: 0, createdAt: Date.now().toString(), lnurlAuth: false, tag: "", }) The balance of the account is different, and the purpose may be different. It is recommended that the allowance be specific to the account, I suggest adding an account ID when recording allowance information

qqqzhch commented 1 year ago

Do we plan to save or cache multiple Connectors @escapedcat

escapedcat commented 1 year ago

Do we plan to save or cache multiple Connectors

I don't understand. Can you explain what you mean?

qqqzhch commented 1 year ago

Now only one Connector is active, and the Connector of the current account will be kept active every time the account is switched. If it is assumed that the user has 2 accounts or 3 accounts, one account is only used for operations in the wallet, and the other account is used when interacting with the web page lapp. In the case of not switching accounts in the wallet, when interacting with the webpage, the account associated with this lapp should be read from the cache @escapedcat

fczuardi commented 1 year ago

I think the expectation of the original reporter, with logging-out from stacker.news, was that using the login button again would display the Alby popup again (where he could choose an account). However since the toggle inside the Allowances>Edit, that is labeled:

Enable website login / Automatically log in without confirmation when the website requests.

Has the default value of "ON", then the second login will always try to reuse the account from the last login.

fczuardi commented 1 year ago

Here is a video reproducing the original report:

https://youtu.be/tdq-qjr3jUI

And here is a video with a workaround: https://youtu.be/CK4EAFw9A_I