Added verify signature api service

This commit is contained in:
Samuel Andert 2023-08-30 12:22:33 +02:00
parent 042f9209ed
commit 9aa3bfc0d2
6 changed files with 97 additions and 52 deletions

View File

@ -2,7 +2,17 @@
import Cookies from "js-cookie"; import Cookies from "js-cookie";
async function login() { async function login() {
const response = await fetch("/api/auth", { method: "POST" }); const response = await fetch("/api/auth", {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({
name: "Sam",
loggedIn: true,
roles: ["admin"],
}),
});
if (!response.ok) { if (!response.ok) {
alert("Login failed"); alert("Login failed");
} else { } else {

View File

@ -68,63 +68,68 @@
v: result.recid, v: result.recid,
}); });
// Display the signed JSON // verify();
status = JSON.stringify(messageToSign, null, 2);
// Verify the signature
const recoveredAddr = ethers.verifyMessage(jsonString, messageSignature);
// Check if the address associated with the signature is the same as the current PKP
const verified =
currentPKP.ethAddress.toLowerCase() === recoveredAddr.toLowerCase();
if (verified) {
status = "The signature is valid.";
} else {
status = "The signature is invalid.";
}
} catch (err) { } catch (err) {
console.error(err); console.error(err);
} }
} }
async function verify() {
async function getJWT() { const response = await fetch("/api/verify", {
var unifiedAccessControlConditions = [ method: "POST",
{ headers: {
conditionType: "evmBasic", "Content-Type": "application/json",
contractAddress: "",
standardContractType: "",
chain: "xdai",
method: "eth_getBalance",
parameters: [":userAddress", "latest"],
returnValueTest: {
comparator: ">=",
value: "10000000000000",
}, },
}, body: JSON.stringify({
]; messageToSign,
messageSignature,
// Saving signing condition currentPKP,
await litNodeClient.saveSigningCondition({ }),
unifiedAccessControlConditions,
sessionSigs,
resourceId: { test: "hello" },
chain: "litSessionSign",
}); });
if (!response.ok) {
// Retrieving a signature alert("verify failed");
let jwt = await litNodeClient.getSignedToken({ } else {
unifiedAccessControlConditions, let json = await response.json();
sessionSigs, alert(json.verified ? "Signature valid" : "! Signature NOT valid !");
resourceId: { test: "hello" },
});
alert("JWT: " + jwt);
} }
}
// async function getJWT() {
// var unifiedAccessControlConditions = [
// {
// conditionType: "evmBasic",
// contractAddress: "",
// standardContractType: "",
// chain: "xdai",
// method: "eth_getBalance",
// parameters: [":userAddress", "latest"],
// returnValueTest: {
// comparator: ">=",
// value: "10000000000000",
// },
// },
// ];
// // Saving signing condition
// await litNodeClient.saveSigningCondition({
// unifiedAccessControlConditions,
// sessionSigs,
// resourceId: { test: "hello" },
// chain: "litSessionSign",
// });
// // Retrieving a signature
// let jwt = await litNodeClient.getSignedToken({
// unifiedAccessControlConditions,
// sessionSigs,
// resourceId: { test: "hello" },
// });
// alert("JWT: " + jwt);
// }
</script> </script>
<button on:click={signMessageWithPKP}>Sign Message</button> <button on:click={signMessageWithPKP}>Sign Message</button>
<button on:click={getJWT}>Get JWT</button> <!-- <button on:click={getJWT}>Get JWT</button> -->
{#if messageToSign} {#if messageToSign}
<pre>{JSON.stringify(messageToSign)}</pre> <pre>{JSON.stringify(messageToSign)}</pre>
@ -140,4 +145,5 @@
<h3>Signature</h3> <h3>Signature</h3>
<pre>{JSON.stringify(messageSignature)}</pre> <pre>{JSON.stringify(messageSignature)}</pre>
</div> </div>
<button on:click={verify}>Verify</button><br />
{/if} {/if}

View File

@ -1,10 +1,11 @@
import jwt from 'jsonwebtoken'; import jwt from 'jsonwebtoken';
import { error } from '@sveltejs/kit'; import { error } from '@sveltejs/kit';
const secretKey = 'mysecrettestkey'; const secretKey = process.env.JWT_KEY;
export async function POST() { export async function POST({ request }) {
const token = jwt.sign({ name: 'Samuel', loggedIn: true, roles: ['admin'] }, secretKey); const user = await request.json();
const token = jwt.sign(user, secretKey);
if (!token) { if (!token) {
throw error(400, 'No token created.'); throw error(400, 'No token created.');
} }

View File

@ -2,7 +2,7 @@
import jwt from 'jsonwebtoken'; import jwt from 'jsonwebtoken';
import { error } from '@sveltejs/kit'; import { error } from '@sveltejs/kit';
const secretKey = 'mysecrettestkey'; const secretKey = process.env.JWT_KEY;
export async function GET({ request }) { export async function GET({ request }) {
const authHeader = request.headers.get('Authorization'); const authHeader = request.headers.get('Authorization');

View File

@ -0,0 +1,13 @@
import jwt from 'jsonwebtoken';
import { error } from '@sveltejs/kit';
const secretKey = process.env.JWT_KEY;
export async function POST({ request }) {
const user = await request.json();
const token = jwt.sign(user, secretKey);
if (!token) {
throw error(400, 'No token created.');
}
return new Response(JSON.stringify({ token }), { status: 200 });
}

View File

@ -0,0 +1,15 @@
import { json } from '@sveltejs/kit';
import { ethers } from 'ethers';
export async function POST({ request }) {
const { messageToSign, messageSignature, currentPKP } = await request.json();
// Verify the signature
const jsonString = JSON.stringify(messageToSign);
const recoveredAddr = ethers.verifyMessage(jsonString, messageSignature);
// Check if the address associated with the signature is the same as the current PKP
const verified = currentPKP.ethAddress.toLowerCase() === recoveredAddr.toLowerCase();
return json({ verified }, { status: 200 });
}