Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Add support for signInMessage method #883

Open
wants to merge 44 commits into
base: dev
Choose a base branch
from

Conversation

kujtimprenkuSQA
Copy link
Contributor

@kujtimprenkuSQA kujtimprenkuSQA commented Aug 10, 2023

Description

This PR is about adding support for the signInMessage method into the wallet-selector API.

This new method/function(way) will allow dApp users to "sign-in/login" into a dApp without a contractId (without adding LAK) by signing a message in the wallet based on the NEP413 standard for signing messages.

Once the message is signed and verified wallet selector will set the state as "signed-in"

Closes: #921

This PR includes

  • Added interfaces for signInMessage method in core package and exposed them.
  • Added support for signInMessage in the core package.
  • Persisted the original message and the signedInMessageAccount into localStorage and rxjs store.
  • Added a new signInType() function to the selector API.
  • Added signInMessage support for all wallets that currently support signMessage.
  • Added new helper function verifyMessageNEP413 to core helper functions.
  • Added a signInMessage method to the API of the modal, so we can open the modal in a state to handle signInMessage e.g modal.signInMessage(params)
  • Updated examples, added a new button to trigger signInMessage
  • Updated docs for the changes in this PR.

Wallets that support signInMessage in this PR

  • Meteor Wallet
  • Here Wallet
  • Near Snap
  • Nightly Wallet
  • WELLDONE Wallet
  • NearMobileWallet
  • MyNearWallet
  • Sender

How to use/trigger signInMessage in a dApp

Note: All the examples below are documented in this PR.

Setup Wallet Selector & Modal

import { setupWalletSelector } from "@near-wallet-selector/core";
import { setupModal } from "@near-wallet-selector/modal-ui";
import { setupMeteorWallet } from "@near-wallet-selector/meteor-wallet";
import { setupHereWallet } from "@near-wallet-selector/here-wallet";

// Setup Wallet Selector
const selector = await setupWalletSelector({
  network: "testnet",
  modules: [
     setupMeteorWallet(),
     setupHereWallet(),
     // ...you can include other wallets too.
  ],
});

// Setup Modal
const modal = setupModal(selector, {
  contractId: "guest-book.testnet" // nothing changes here the `signIn` will use this contractId as always.
});

Trigger signInMessage

// Construct the message
const message = "test message for verification";
let nonceArray: Uint8Array = new Uint8Array(32);
nonceArray = crypto.getRandomValues(nonceArray);
const nonce = Buffer.from(nonceArray);
const recipient = "myapp.com";

modal.signInMessage({ message, nonce,  recipient }); // Choose the wallet from the modal to sign-in via signInMessage

Subscribe/listen to events

// Listen to `signedInMessage` event 
const subscription = selector.on("signedInMessage", ({ walletId, accounts, message, signedInMessage }) => {
   console.log({ walletId, accounts, message, signedInMessage });
});

// Unsubscribe.
subscription.remove();

const signInType = selector.signInType();
console.log(signInType); // "message"

Checklist:

  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings

Type of change.

  • FIX - a PR of this type patches a bug.
  • FEATURE - a PR of this type introduces a new feature.
  • BUILD - a PR of this type introduces build changes.
  • CI - a PR of this type introduces CI changes.
  • DOCS - a PR of this type introduces DOCS improvement.
  • STYLE - a PR of this type introduces style changes.
  • REFACTOR - a PR of this type introduces refactoring.
  • PERFORMANCE - a PR of this type introduces performance changes.
  • TEST - a PR of this type adds more tests.
  • CHORE - a PR introduces other changes than the specified above.

@kujtimprenkuSQA kujtimprenkuSQA marked this pull request as ready for review August 16, 2023 07:36
@github-actions github-actions bot changed the title Add support for signInMessage method feat: Add support for signInMessage method Aug 16, 2023
HarisSQA
HarisSQA previously approved these changes Sep 13, 2023
@kujtimprenkuSQA kujtimprenkuSQA requested review from MaximusHaximus and removed request for MaximusHaximus October 6, 2023 11:57
@kujtimprenkuSQA kujtimprenkuSQA self-assigned this Oct 6, 2023
The only information we need to have in localStorage is the accountId and publicKey, having signature and other info from SignedMessage could be risky because dApps might use this info to authenticate users on their backend, dApps can subscribe to signedInMessage event to get all the info after signIn.
Added a new helper function and reused it in other packages to avoid duplication
Improved persisting data for browser wallets, when no callbackUrl is provided fallback to location.href
Rename interface keys in some places from signedInMessage to signedMessage
Refactored signMessage for Welldone and MyNearWallet to avoid code duplication.
@dim-daskalov
Copy link
Contributor

Resolving the conflicts introduced a bug in the meteor-wallet implementation, it seems that meteor-wallet-sdk - https://github.com/Meteor-Wallet/meteor_wallet_sdk should be updated, so it can work properly with the new changes introduced, more info can be found in here - Meteor-Wallet/meteor-public#25.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: NEW❗
Development

Successfully merging this pull request may close these issues.

3 participants