Login button in mobile app will take the user to a new page where they can enter their nsec or generate a new one
Once an nsec is created, it is used to sign an ephemeral "auth event" that is stringifed and added as a query param to a wavlake.com/login url
The user's mobile browser is launched with this url
Once on the .com login page, the user logs in or signs up for a legacy .com account (or is already logged in)
.com will see the event query param, parse it, validate the signature and timestamp, and make an API call to associate the npub to the legacy user account.
On success, .com will launch the app again
The app will open and request legacy user data from the wavlake API using the npub identifier
The app will display the user data, if any (playlists etc)
[x] Rework sign up page for nsec input/generation, should only be Login and Skip Login (anon mode)
[x] Generate auth event in mobile app
[x] Launch .com login page with stringified auth event
[ ] Setup .com login page to accept auth event and validate it
[ ] If valid, associate auth event with user, add a new catalog endpoint POST /accounts/npub
[ ] Modify isNostrAuthorized to check for npub-legacyUser association and add userId to incoming request
[ ] Add a isNosrtAuthorized GET /accounts/npub endpoint that returns the same data as the legacy GET /accounts
Login flow for mobile app
/accounts/npub
isNostrAuthorized
to check for npub-legacyUser association and add userId to incoming requestisNosrtAuthorized
GET/accounts/npub
endpoint that returns the same data as the legacy GET/accounts