New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Integration on new mpc service + firestore + relayer #51
Conversation
9a09c7a
to
84fa2ee
Compare
|
||
export const useAuthState = () => { | ||
const [authenticated, setAuthenticated] = useState(undefined); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This needs to start as undefined
because we need to identify when the user has not authenticated yet vs failed authentication in some cases
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
On that exact reason, I used controllerState
which already does it inside the code and export it:
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
so I have updated the logic on Sign component
b1cd34c
to
a4c59e7
Compare
68205e7
to
5a524c4
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM ✅
This PR contains following implementation:
There are more work need on following:
claim_oidc
tokenFirestore permission setting:
To test this branch locally, need to run near discovery locally by pull down and run following:
Then checkout to this branch and run following:
High level description on authentication flow:
On create account:
-> create new account through firebase
-> hit
/new_account
endpoint on mpc service-> create new firestore record that contains one FAK and one LAK
-> back to app
On Signin to a browser that has setup passKey
-> use webauthn key to get recovery key
-> attempt to create new LAK and delete old LAK associated to webauthn key
(If fail due to too much key, it will redirect to
/devices
endpoint, will be described later)-> update firestore collection with only new LAK
-> back to app
On Signin to a browser that has no passkey setup yet
-> use webauthn to check if browser has key
-> if no key, create a new webAuthN key and LAK
(If fail due to too much key, it will redirect to
/devices
endpoint, will be described later)-> create new firestore record that contains one FAK and one LAK
-> back to app
On Signin to a browser that has passkey but no longer on chain (deleted by
/devices
page)-> use webauthn to check if browser has key
-> if it has key, but doesn't exist on chain, create a new webAuthN key and LAK
(If fail due to too much key, it will redirect to
/devices
endpoint, will be described later)-> create new firestore record that contains one FAK and one LAK
-> back to app
On Redirected to a
/devices
page-> Get list of device records from firestore
-> User select and delete firestore record
-> Also delete FAK and LAK associated to deleted firestore record
-> create new WebAuthN FAK and LAK
-> create new firestore record that contains one FAK and one LAK
-> back to app