Sign Up for Free

RunKit +

Try any Node.js package right in your browser

This is a playground to test code. It runs a full Node.js environment and already has all of npm’s 400,000 packages pre-installed, including @arcblock/did-auth with all npm packages installed. Try it out:

var didAuth = require("@arcblock/did-auth")

This service is provided by RunKit and is not affiliated with npm, Inc or the package authors.

@arcblock/did-auth v0.39.4

Helper function to setup DID authentication support on a node.js web server

did-auth

styled with prettier docs Gitter

This library aims to ease the process of handling Did-Auth process between different parts, its implemented according to ABT-DID-Protocol, and can eliminate the threat of middle-man attach if properly used, there are typically 2 use case for the library:

  • dApp <--> dApp: for inter application communication, we provide AppAuthenticator and AppHandlers
  • dApp <--> ABT Wallet: for application and wallet communication, we provide WalletAuthenticator and WalletHandlers

Table of Contents

Install

npm install @arcblock/did-auth
// or
yarn add @arcblock/did-auth

Usage

Between dApp and ABT Wallet

WalletAuthenticator and WalletHandlers should be used together with @arcblock/react-forge.

const ForgeSDK = require('@arcblock/forge-sdk');
const { WalletAuthenticator, WalletHandlers } = require('@arcblock/did-auth');

// First setup authenticator and handler factory
const wallet = ForgeSDK.Wallet.fromRandom().toJSON();
const authenticator = new WalletAuthenticator({
  wallet,
  baseUrl: 'http://wangshijun.natapp1.cc',
  appInfo: {
    description: 'Starter projects to develop web application on forge',
    icon: '/images/logo@2x.png',
    name: 'Forge Web Starter',
    path: 'https://arcwallet.io/i/',
    publisher: `did:abt:${wallet.address}`,
    subtitle: 'Starter projects to develop web application on forge',
  },
  chainInfo: {
    chainHost: 'http://did-workshop.arcblock.co:8210/api',
    chainId: 'forge',
    chainToken: 'TBA',
    decimals: 16,
  },

  // Should be set when the application need to do Cross-Chain transactions
  crossChainInfo: {
    chainHost: 'http://did-workshop.arcblock.co:8210/api',
    chainId: 'forge',
    chainToken: 'TBA',
    decimals: 16,
  },
});

const handlers = new WalletHandlers({
  authenticator,
  tokenGenerator: () => Date.now().toString(),
  tokenStorage: new MongoStorage({
    url: process.env.MONGO_URI,
  }),
});

// Then attach handler to express server
const express = require('express');
const app = express();

handlers.attach({
  prefix: '/api/did',
  action: 'login',
  claims: {
    profile: () => ({
      fields: ['fullName', 'email'],
      description: 'Please provide your name and email to continue',
    }),
  },
  onAuth: async ({ claims, userDid }) => {
    try {
      const profile = claims.find(x => x.type === 'profile');
      console.info('login.success', { userDid, profile });
    } catch (err) {
      console.error('login.error', err);
    }
  },
});

// Then your app will have 5 api endpoints that can be consumed by AuthComponent
// - `GET /api/did/login/token` create new token
// - `GET /api/did/login/status` check for token status
// - `GET /api/did/login/timeout` expire a token
// - `GET /api/did/login/auth` create auth response
// - `POST /api/did/login/auth` process login request

Between dApp and dApp

Please note that AppAuthenticator and AppHandlers should be used to sign and verify the message sent between dApps, so there must are both a client and a server.

Initialize authenticator and handlers

const ForgeSDK = require('@arcblock/forge-sdk');
const { AppAuthenticator, AppHandlers } = require('@arcblock/did-auth');

// First setup authenticator and handler factory
const wallet = ForgeSDK.Wallet.fromRandom().toJSON();
const authenticator = new AppAuthenticator(wallet);
const handlers = new AppHandlers(authenticator);

For the server

const express = require('express');
const app = express();

app.post('/api/endpoint', handlers.attach(), (req, res) => {
  console.log('client.appPk', req.appPk);
  console.log('verified payload', req.payload);

  // Sent signed response: sensitive info should not be here
  res.jsonSecure({
    key: 'value',
  });
});

For the client

const axios = require('axios');

const signedPayload = authenticator.sign({
  amount,
  depositorDid,
  depositorPk,
  withdrawer: appAuth.wallet.address,
  merchantId: process.env.MERCHANT_ID,
});

const res = await axios.post('http://example.com/api/endpoint', signedPayload);
const payload = await authenticator.verify(res.data);
if (payload.error) {
  throw new Error(payload.error);
}
// Do something with the payload
RunKit is a free, in-browser JavaScript dev environment for prototyping Node.js code, with every npm package installed. Sign up to share your code.
Sign Up for Free