onuruci / solauth Goto Github PK

Superteam Turkey Solana Hackathon 1st place

JavaScript 81.77% CSS 2.61% HTML 2.48% Rust 13.14%

solauth's Introduction

SolAuth

SolAuth is an authentication service that allows external web applications to authenticate with their wallets.

Moreover, it provides a one-place sign in platform that eases the pain of signing in every time you visit a new website.

Last but not the least, it provides a abstract wallet that you can send and withdraw money.

Most importantly, if you were to lose your private key, your wardens you select while signing up to our service can change the admin of your abstract wallet and save your money!

Installation

Use the package manager npm to install solauth. It will be available in the future, we are working on the documentations.

npm install solauth

Usage

First you should sign up to our service. It will be live very soon, you can try it from your localhost for now.

Then create a WalletHandler that authenticate you with signature verification. Example in the below!

import React from "react";
import { useState, useEffect, useContext, useMemo } from "react";

import { WalletMultiButton } from "@solana/wallet-adapter-react-ui";
import axios from "axios";

// Your endpoint and the sign hash that you choose. 
// Sign hash is important because it does not display your private key.
import { HASH, ENDPOINT } from "./utils/constants";
import { useWallet } from "@solana/wallet-adapter-react";

// encoder to change string to base58, necessary for the backend, will be changed in the future
import bs58 from "bs58";


// Basic wallet handler with solana wallet adapter
const WalletHandler = () => {
  const { publicKey, connected, wallet, signMessage } = useWallet();
  const [signature, setSignature] = useState(null);

  useEffect(() => {
    async function getSignature() {
      const message = "sign";
      const encodedMessage = new TextEncoder().encode(message);
      const signature = await signMessage(encodedMessage);
      setSignature(signature);
    }

    // If you are connected to wallet and doesn't have signature, get the signature.
    if (!signature && connected) {
      getSignature();
    }
  }, [publicKey]);

  useEffect(() => {
    async function userAuth() {
      let form = {
        publicKey: publicKey.toBase58(),
        signature: bs58.encode(signature),
      };
      console.log(form);
      const response = await axios.post(`${ENDPOINT}/user-auth`, form);
      localStorage.setItem("jwt-auth", response.data.token);
      window.location.reload();
    }
    const jwt = localStorage.getItem("jwt-auth");

    // If you have signature, and doesn't have json web token then authenticate yourself
    if (signature && !jwt) {
      userAuth();
    }
  }, [signature]);

  // Solana wallet adapter ui connect button.
  return (
    <div className="buttonlayout">
      <WalletMultiButton></WalletMultiButton>
    </div>
  );
};

export default WalletHandler;

Contributing

Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.

Please make sure to update tests as appropriate.

License

MIT

solauth's People

Contributors

Stargazers

Watchers

solauth's Issues

Unverify jwt after user updates it's profile

One button to connect, external

We need a button so that a person can implement it to their application. Find a way to work that button and build it. It will be nice if it includes both the wallet connection and sign in functionality. That might be challenging.

Add owner change

this has lower importance.
People should be able to change the owner of a forgotten wallet on our ui.

Profile Edit add user values

Right now when profile is edited default strings are used as values. Let user use the values they type. Keep states and use them while changing info.

Introduction

reorganize introduction page and write writings accordingly. do the pr well

Add balance fund functionality on abstract wallet

Wardens cannot change the admin of the accounts

Currently, wardens are not able to change the admin of the accounts they are assigned to.

They should be able to do that, solve as far as I remember there was a bug in the sign transaction function, solve it.

Enable Payment from abstract account

For that first we need to be able to fund the account. Then we need a function on program, when feeded with an address it will transfer funds to it. This will be called from integrated applications. This can be implemented later

Add warden change functionality

Initially wallets have 3 wardens on the frontend there is ui for changing each of them. Change solana program accordingly and connect them.

Create a demo-frontend projects with React, Nextjs etc..

Update the demo react project, create a nextjs demo project

User Experience Profile

When profile is edited values dont get loaded instantly it needs refreshing (bad user experience). Get new values after saving new user.

Warden admin account change protocol

Admin of the account should be changed after some period from the change request.

Because if there is malicious admin change, then the current admin should have 24 hours to deny that process.

Then they will change their wardens.

Tanstack query is a great library to deal with these problems.