valiafetisov
commented
1 year ago Current state: API service have fully working sign in with wallet functionality (manually testable). Next steps:
- [x] Update frontend to use "Sign in with Ethereum" button
- [x] Update tests to cover new API logic
Testing scenario
-
Create challenge via executing
createChallengegraphql mutation-
Example request (that have to contain your public etherium address)
mutation { createChallenge( address: "paste_your_ethereum_address" ) { nonce message hex } } -
Example response (that contains hex-encoded message)
{ "data": { "createChallenge": { "nonce": "6f4c7f7cd61a499290e68a2740957407", "message": "example.com wants you to sign in with your Ethereum account...", "hex": "0x302e302e302e302077616e74732029..." } } }Where
hexis just hex-encodedmessagethat actually needs to be signed
-
-
Sign provided message
-
Either using your metamask wallet
// this should be executed at the browser console of the graphql playground await ethereum.request({ method: 'personal_sign', params: [ 'paste_hex_from_the_above', 'paste_your_ethereum_address' ] }); -
Or using foundry command line tool called
cast(note: you will be asked for your private key; for other auth methods, read the cli docs)$ cast wallet sign -i "hex_from_the_above"
-
-
Provide signature back to the API to get usual JWT token back
-
Example request
mutation { solveChallenge( nonce: "paste_nonce_from_step_1" signature: "paste_signature_from_step_2" ) { token } } -
Example response
{ "data": { "solveChallenge": { "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZXNzaW9uSWQiOiI5ZGM1NjI3Mi1hMjBjLTRmM2YtYjM5MC1kZDc2NjE1NTA0YTYiLCJpYXQiOjE2ODczMzc2MDEsImV4cCI6MTY4Nzk0MjQwMX0.z1lJlKXnCbcex59JkU9j7hfRGhR2EBrnUE8phwPN7C0" } } }
-
-
Use provided JWT token to make subsequent API requests
- Either sent as
Authorization: Bearer paste_token_from_step_3 - Or set as
Authorizationcookie - Example request
query { me { address } }
- Either sent as
Closes #52