diff --git a/src/lib/Login.svelte b/src/lib/Login.svelte
index 4da3752..238114d 100644
--- a/src/lib/Login.svelte
+++ b/src/lib/Login.svelte
@@ -2,7 +2,17 @@
import Cookies from "js-cookie";
async function login() {
- const response = await fetch("/api/auth", { method: "POST" });
+ const response = await fetch("/api/auth", {
+ method: "POST",
+ headers: {
+ "Content-Type": "application/json",
+ },
+ body: JSON.stringify({
+ name: "Sam",
+ loggedIn: true,
+ roles: ["admin"],
+ }),
+ });
if (!response.ok) {
alert("Login failed");
} else {
diff --git a/src/lib/Signer.svelte b/src/lib/Signer.svelte
index 81aaeb1..1ea59bb 100644
--- a/src/lib/Signer.svelte
+++ b/src/lib/Signer.svelte
@@ -68,63 +68,68 @@
v: result.recid,
});
- // Display the signed JSON
- status = JSON.stringify(messageToSign, null, 2);
-
- // Verify the signature
- const recoveredAddr = ethers.verifyMessage(jsonString, messageSignature);
-
- // Check if the address associated with the signature is the same as the current PKP
- const verified =
- currentPKP.ethAddress.toLowerCase() === recoveredAddr.toLowerCase();
-
- if (verified) {
- status = "The signature is valid.";
- } else {
- status = "The signature is invalid.";
- }
+ // verify();
} catch (err) {
console.error(err);
}
}
-
- async function getJWT() {
- var unifiedAccessControlConditions = [
- {
- conditionType: "evmBasic",
- contractAddress: "",
- standardContractType: "",
- chain: "xdai",
- method: "eth_getBalance",
- parameters: [":userAddress", "latest"],
- returnValueTest: {
- comparator: ">=",
- value: "10000000000000",
- },
+ async function verify() {
+ const response = await fetch("/api/verify", {
+ method: "POST",
+ headers: {
+ "Content-Type": "application/json",
},
- ];
-
- // Saving signing condition
- await litNodeClient.saveSigningCondition({
- unifiedAccessControlConditions,
- sessionSigs,
- resourceId: { test: "hello" },
- chain: "litSessionSign",
+ body: JSON.stringify({
+ messageToSign,
+ messageSignature,
+ currentPKP,
+ }),
});
-
- // Retrieving a signature
- let jwt = await litNodeClient.getSignedToken({
- unifiedAccessControlConditions,
- sessionSigs,
- resourceId: { test: "hello" },
- });
-
- alert("JWT: " + jwt);
+ if (!response.ok) {
+ alert("verify failed");
+ } else {
+ let json = await response.json();
+ alert(json.verified ? "Signature valid" : "! Signature NOT valid !");
+ }
}
+
+ // async function getJWT() {
+ // var unifiedAccessControlConditions = [
+ // {
+ // conditionType: "evmBasic",
+ // contractAddress: "",
+ // standardContractType: "",
+ // chain: "xdai",
+ // method: "eth_getBalance",
+ // parameters: [":userAddress", "latest"],
+ // returnValueTest: {
+ // comparator: ">=",
+ // value: "10000000000000",
+ // },
+ // },
+ // ];
+
+ // // Saving signing condition
+ // await litNodeClient.saveSigningCondition({
+ // unifiedAccessControlConditions,
+ // sessionSigs,
+ // resourceId: { test: "hello" },
+ // chain: "litSessionSign",
+ // });
+
+ // // Retrieving a signature
+ // let jwt = await litNodeClient.getSignedToken({
+ // unifiedAccessControlConditions,
+ // sessionSigs,
+ // resourceId: { test: "hello" },
+ // });
+
+ // alert("JWT: " + jwt);
+ // }
-
+
{#if messageToSign}
{JSON.stringify(messageToSign)}
@@ -140,4 +145,5 @@
Signature
{JSON.stringify(messageSignature)}
+
{/if}
diff --git a/src/routes/api/auth/+server.ts b/src/routes/api/auth/+server.ts
index 1977532..4928997 100644
--- a/src/routes/api/auth/+server.ts
+++ b/src/routes/api/auth/+server.ts
@@ -1,10 +1,11 @@
import jwt from 'jsonwebtoken';
import { error } from '@sveltejs/kit';
-const secretKey = 'mysecrettestkey';
+const secretKey = process.env.JWT_KEY;
-export async function POST() {
- const token = jwt.sign({ name: 'Samuel', loggedIn: true, roles: ['admin'] }, secretKey);
+export async function POST({ request }) {
+ const user = await request.json();
+ const token = jwt.sign(user, secretKey);
if (!token) {
throw error(400, 'No token created.');
}
diff --git a/src/routes/api/auth/session/+server.js b/src/routes/api/auth/session/+server.js
index 033be0b..15731ad 100644
--- a/src/routes/api/auth/session/+server.js
+++ b/src/routes/api/auth/session/+server.js
@@ -2,7 +2,7 @@
import jwt from 'jsonwebtoken';
import { error } from '@sveltejs/kit';
-const secretKey = 'mysecrettestkey';
+const secretKey = process.env.JWT_KEY;
export async function GET({ request }) {
const authHeader = request.headers.get('Authorization');
diff --git a/src/routes/api/login/+server.js b/src/routes/api/login/+server.js
new file mode 100644
index 0000000..4928997
--- /dev/null
+++ b/src/routes/api/login/+server.js
@@ -0,0 +1,13 @@
+import jwt from 'jsonwebtoken';
+import { error } from '@sveltejs/kit';
+
+const secretKey = process.env.JWT_KEY;
+
+export async function POST({ request }) {
+ const user = await request.json();
+ const token = jwt.sign(user, secretKey);
+ if (!token) {
+ throw error(400, 'No token created.');
+ }
+ return new Response(JSON.stringify({ token }), { status: 200 });
+}
\ No newline at end of file
diff --git a/src/routes/api/verify/+server.ts b/src/routes/api/verify/+server.ts
new file mode 100644
index 0000000..c0f2864
--- /dev/null
+++ b/src/routes/api/verify/+server.ts
@@ -0,0 +1,15 @@
+import { json } from '@sveltejs/kit';
+import { ethers } from 'ethers';
+
+export async function POST({ request }) {
+ const { messageToSign, messageSignature, currentPKP } = await request.json();
+
+ // Verify the signature
+ const jsonString = JSON.stringify(messageToSign);
+ const recoveredAddr = ethers.verifyMessage(jsonString, messageSignature);
+
+ // Check if the address associated with the signature is the same as the current PKP
+ const verified = currentPKP.ethAddress.toLowerCase() === recoveredAddr.toLowerCase();
+
+ return json({ verified }, { status: 200 });
+}
\ No newline at end of file