update: change auth mechanism to be unified for all sites

2025-12-18 14:54:23 +01:00 · 2022-06-15 17:58:12 +03:00
parent f5eee8691e
commit cc566df768
4 changed files with 23 additions and 24 deletions
--- a/api/auth/services/lnurlAuth.service.js
+++ b/api/auth/services/lnurlAuth.service.js
@@ -57,7 +57,7 @@ function removeExpiredHashes() {
 }

 async function generateAuthUrl() {
-    const hostname = CONSTS.LNURL_AUTH_HOST;
+    const hostname = 'https://auth.bolt.fun/.netlify/functions/login';
    const secret = await generateK1();
    const hash = createHash(secret);
    await addHash(hash)
--- a/api/functions/get-login-url/get-login-url.js
+++ b/api/functions/get-login-url/get-login-url.js
@@ -13,9 +13,8 @@ const { JWT_SECRET } = require('../../utils/consts');
 const getLoginUrl = async (req, res) => {
    try {
        const data = await LnurlAuthService.generateAuthUrl();
-        const maxAge = 1000 * 60 * 3; //2 mins

-        const jwt = await new jose.SignJWT({ hash: data.secretHash })
+        const session_token = await new jose.SignJWT({ hash: data.secretHash })
            .setProtectedHeader({ alg: 'HS256' })
            .setIssuedAt()
            .setExpirationTime('5min')
@@ -23,13 +22,7 @@ const getLoginUrl = async (req, res) => {

        return res
            .status(200)
-            .cookie('login_session', jwt, {
-                maxAge,
-                secure: true,
-                httpOnly: true,
-                sameSite: "none",
-            })
-            .json(data);
+            .json({ ...data, session_token });
    } catch (error) {
        console.log(error);
        res.status(500).send("Unexpected error happened, please try again")
--- a/api/functions/is-logged-in/is-logged-in.js
+++ b/api/functions/is-logged-in/is-logged-in.js
@@ -9,7 +9,7 @@ const lnurlAuthService = require('../../auth/services/lnurlAuth.service');

 const isLoggedInHandler = async (req, res) => {
    try {
-        const login_session = req.cookies?.login_session;
+        const login_session = req.headers.session_token;
        if (login_session) {
            const { payload } = await jose.jwtVerify(login_session, Buffer.from(JWT_SECRET), {
                algorithms: ['HS256'],
@@ -61,7 +61,7 @@ if (process.env.LOCAL) {
 }
 else {
    const router = express.Router();
-    router.get('/is-logged-in', isLoggedInHandler)
+    router.get('/is-logged-in', (isLoggedInHandler))
    app = createExpressApp(router)
 }

--- a/src/features/Auth/pages/LoginPage/LoginPage.tsx
+++ b/src/features/Auth/pages/LoginPage/LoginPage.tsx
@@ -23,7 +23,7 @@ const fetchLnurlAuth = async () => {
 const useLnurlQuery = () => {
    const [loading, setLoading] = useState(true)
    const [error, setError] = useState<any>(null);
-    const [data, setData] = useState("")
+    const [data, setData] = useState<{ lnurl: string, session_token: string }>({ lnurl: '', session_token: '' })


    useEffect(() => {
@@ -35,7 +35,10 @@ const useLnurlQuery = () => {
                setError(true)
            else {
                setLoading(false);
-                setData(res.encoded);
+                setData({
+                    lnurl: res.encoded,
+                    session_token: res.session_token
+                });
                timeOut = setTimeout(doFetch, 1000 * 60 * 2)
            }
        }
@@ -47,7 +50,7 @@ const useLnurlQuery = () => {
    return {
        loadingLnurl: loading,
        error,
-        lnurlAuth: data
+        data
    }
 }

@@ -57,14 +60,14 @@ export default function LoginPage() {
    const navigate = useNavigate();
    const [copied, setCopied] = useState(false);

-    const { loadingLnurl, lnurlAuth, error } = useLnurlQuery();
+    const { loadingLnurl, data: { lnurl, session_token }, error } = useLnurlQuery();
    const clipboard = useCopyToClipboard()



    useEffect(() => {
        setCopied(false);
-    }, [lnurlAuth])
+    }, [lnurl])

    const meQuery = useMeQuery({
        onCompleted: (data) => {
@@ -81,7 +84,7 @@ export default function LoginPage() {

    const copyToClipboard = () => {
        setCopied(true);
-        clipboard(lnurlAuth);
+        clipboard(lnurl);
    }

    const refetch = meQuery.refetch;
@@ -89,7 +92,10 @@ export default function LoginPage() {
        () => {
            const interval = setInterval(() => {
                fetch(CONSTS.apiEndpoint + '/is-logged-in', {
-                    credentials: 'include'
+                    credentials: 'include',
+                    headers: {
+                        session_token
+                    }
                }).then(data => data.json())
                    .then(data => {
                        if (data.logged_in) {
@@ -101,20 +107,20 @@ export default function LoginPage() {

            return interval;
        }
-        , [refetch],
+        , [refetch, session_token],
    )



    useEffect(() => {
        let interval: NodeJS.Timer;
-        if (lnurlAuth)
+        if (lnurl)
            interval = startPolling();

        return () => {
            clearInterval(interval)
        }
-    }, [lnurlAuth, startPolling])
+    }, [lnurl, startPolling])



@@ -149,13 +155,13 @@ export default function LoginPage() {
            <QRCodeSVG
                width={160}
                height={160}
-                value={lnurlAuth}
+                value={lnurl}
            />
            <p className="text-gray-600 text-body4 text-center">
                Scan this code or copy + paste it to your lightning wallet. Or click to login with your browser's wallet.
            </p>
            <div className="flex flex-wrap gap-16">
-                <a href={lnurlAuth}
+                <a href={lnurl}
                    className='grow block text-body4 text-center text-white font-bolder bg-primary-500 hover:bg-primary-600 rounded-10 px-16 py-12 active:scale-90 transition-transform'
                >Click to connect <IoRocketOutline /></a>
                <Button