github/TheGame
1
1
Fork 0
mirror of https://github.com/MetaFam/TheGame.git synced 2026-01-14 08:58:02 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix(login): signing welcome message only for did

Browse Source
This commit is contained in:
dan13ram
2022-09-30 15:53:21 +05:30
committed by vidvidvid
parent 131db5ed8c
commit f8f3f444be
2 changed files with 7 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
packages/utils/src/did/index.ts
View File

@@ -7,6 +7,8 @@ import { Maybe } from '../extendedProfileTypes';
const tokenDuration = 1000 * 60 * 60 * 24 * 7; // 7 days
const WELCOME_MESSAGE = `Welcome to MetaGame Anon 🐙 \n Please sign this message so we know it is you.\n We care about privacy and assure you, we don't harvest your data. Unless you create a Player account, we simply store a token in your browser's local storage. This can be removed by using the disconnect button.\n `;
type Claim = {
iat: Date;
exp: Date;
@@ -31,7 +33,8 @@ export async function createToken(
};
const serializedClaim = JSON.stringify(claim);
const proof = await getSignature(provider, serializedClaim);
const msgToSign = `${WELCOME_MESSAGE}${serializedClaim}`;
const proof = await getSignature(provider, msgToSign);
return Base64.encode(JSON.stringify([proof, serializedClaim]));
}
@@ -52,7 +55,8 @@ export async function verifyToken(
);
}
const valid = await verifySignature(claimant, rawClaim, proof, provider);
const msgToVerify = `${WELCOME_MESSAGE}${rawClaim}`;
const valid = await verifySignature(claimant, msgToVerify, proof, provider);
if (!valid) {
throw new Error('Invalid Signature');

8
packages/utils/src/ethereumHelper.ts
View File

@@ -1,7 +1,5 @@
import { Contract, providers, utils } from 'ethers';
const WELCOME_MESSAGE = `Welcome to MetaGame Anon 🐙 \n Please sign this message so we know it is you.\n We care about privacy and assure you, we don't harvest your data. Unless you create a Player account, we simply store a token in your browser's local storage. This can be removed by using the disconnect button.\n `;
export async function getSignature(
provider: providers.Web3Provider,
msg: string,
@@ -11,8 +9,7 @@ export async function getSignature(
const signer = provider.getSigner();
const address = await signer.getAddress();
if (!ethereum.request) throw new Error('No `request` On Ethereum Provider');
const signMsg = `${WELCOME_MESSAGE}${msg}`;
let params = [signMsg, address];
let params = [msg, address];
if (extraParams) {
params = [...params, ...extraParams];
@@ -66,9 +63,6 @@ export async function verifySignature(
): Promise<boolean> {
const walletType = await getWalletType(address, provider);
// eslint-disable-next-line no-param-reassign
message = `${WELCOME_MESSAGE}${message}`;
if (walletType === WalletType.EOA) {
const recoveredAddress = utils.verifyMessage(message, signature);
return address === recoveredAddress;