This project explores a very simple domain system authentication with an Ethereum-compatible crypto wallet and compatible browser (web or mobile).
and surely many others!
Putting into words, the flow goes down exactly like this:
- The user clicks the Sign-In button
- Browser requests a signature to Wallet (browser extension or mobile)
- Wallet returns signed request
- Browser redirects to the authenticate endpoint with encrypted payload (containing address and signature)
- API initiates a session for the user
- API redirects to redirect URI (pre-registered at Auth API service for security) with Set-Cookie for the encrypted session and session ID
- Browser loads page with signed-in behavior (by detecting the presence of the session ID cookie)
A dead simple web application made with React, with the following functionalities:
- Connect to Wallet
- Authenticate to domain systems (create a cookie-based session for the domain)
- Manage to-do tasks for the authenticated wallet
A Golang API to handle authentication and query for authenticated wallet info.
A Golang API to handle To Do's management (.a.k.a CRUD) operations.
A NoSQL database service to store To Do's managed documents.