We are using metamask
to login. Meanwhile, we also use Bearer token
from the server after signing with metamask
to get user's authentication to visit server.
So, there are 2 kinds of APIs, one is public to everyone, the other is only for the user's own account witch is loged in by metamask
wallet.
The demo of login by metamask
is: https://github.com/jackygu2006/wallet_login_sample, and demo Dapp: vercel.com.
In the front-end code, the key code is in /src/services/walletLogin
.
I have posted the back-end code here: https://gist.github.com/jackygu2006/e970d8c26d4225694861dd53e7b502a8.
Call the public APT by:
router.get('/route/:params', (req, res) => {}
And call the private APIs with Bearer token
by:
router.post('/route/:params', passport.authenticate('jwt', {session: false}), (req, res) => {}