Skip to content

sinpapeles/auth.sinpapeles

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

auth.sinpapeles

Trustless authentication using domains

Custom Browser Protocol

This app registers itself to resolve web+auth: requests.

URL

web+auth:[email protected]/callback

Property Type Description
web+auth: Protocol Should not have // in the end
challenge String 30 The challenge to be solved
callback URL The URL that will be called with the challenge proof. If no protocol specified, https:// will be used

Example: web+auth:[email protected]/login/callback?session=c9096806a0

Note: in this example, session is part of the callback URL param.

Callback

Once the user providers a valid domain (that exposes a public auth key) and the private key, the challenge will be solved and send back to the application that requests the auth.

Query string Description
challenge The same challenge sent in the original request.
key The public key used to sign the challenge.
signature The signed challenge.
domain The domain used to login. Important: this must to be validated on the requestor side.
  • The authentication process will check what's the public auth key for a give domain.
  • The user provides the private key for that.
  • The proof is generated by signing the challenge.
  • After the callback, the requestor must validate if the domain really exposes the public auth key. Also verify the challenge was correct solved.

Remember: public keys are disposable. You must to identify the user by the domain.

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published