Skip to content

vanbexlabs/web3-auth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
frontend.js
frontend.js
 
 
index.js
index.js
 
 
package.json
package.json
 
 

Repository files navigation

web3-auth

NPM for signing into Express apps using Web3.

Note this NPM disables non-AJAX requests to prevent XSRF attacks.

How does it work

  • The Web3 environment (MetaMask / Mist) is requested to sign a message using the account's private key.
  • The account address and the signed message are POSTed to the backend.
  • The backend verifies that the signature is correct and generates a signed Json Web Token (JWT) proving that the holder is in control of the address.
  • The JWT is sent back to the web browser as a HttpOnly (not accessible from frontend JS) session cookie.

TODO

  • token revocation
  • set secret in external config

Check out https://github.com/vanbexlabs/ethereum-auth-demo to see how to use it.

About

NPM for signing into Express apps using Web3.

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

41 stars

Watchers

3 watching

Forks

10 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages