🔷 Implement /create-account route

[esaminu]

Move the implementation on near.org/signup into the signer app /create-account route

In the new signing flow, near.org will popup the fast-auth-signer when the user clicks Create Account.

The route should take optional publicKey and redirectUrl query params.

At that point if there is no account on the signer app:

1. Collect the user's email address and accountId
2. Generate a keypair for the user on webauthn using the email address (same as currently done on near.org)
3. Send a firebase auth link to the user's email with the publicKey from the webauthn keypair, accountId, publicKey from query params and redirectUrl as query params on the firebase redirect
4. Call new-account on the recovery service when the user comes back to the signer (no longer in iframe) adding the webauthn publicKey to the account as a FAK and the publicKey on the initial query param as a LAK that calls socialdb.
5. redirect to the redirectUrl with the publicKey and accountId

Tasks

Beta Give feedback

1. UX for creating a new FastAuth Account #30
   product design +1
   

[hcho112]

@esaminu @volovyks Is above steps need to be updated with recent changes on recovery service?
There is no notion of claim_oidc_token step.

[esaminu]

@hcho112 yes this will be done on the second iteration of the signer app

[hcho112]

hmm if it happens on second iteration, #12 will be postponed as well.
I have implemented half of the process and I can only proceed to next step of implementation if create account flow is using latest end point from recovery service

[esaminu]

@hcho112 Persisting the addition of a new device via create-account or add-device to firestore should be independent of how that device was added no?

[hcho112]

@esaminu adding/listing/removing firebase collection was already done on my PR. (branch I made)

However, what we actually want is to be able to:

1. List devices (And any keys that are NOT recovery key)
2. Upon deletion, it doesn't only delete firebase collection, but it should also delete the selected keys

To do so, create account need to use the latest endpoint from mpc recovery. (It only then register recovery key to indexer) which I'm blocked at right now.

recall from our previous communication, your feedback was:

Can you add another branch on top of this to fetch the user’s keys and key from mpc service and associate it with the keys in firestore?

So I was trying to get the whole flow working properly..