Disable password generation at signup

This commit is contained in:
silverpill 2022-02-15 20:07:13 +00:00
parent c778025899
commit 685ca20bb2
3 changed files with 8 additions and 64 deletions

View file

@ -38,17 +38,11 @@ export interface User extends Profile {
export interface UserCreateForm {
username: string;
password: string;
message: string;
signature: string;
invite_code: string | null;
}
export interface UserLoginForm {
signature: string;
wallet_address: string;
}
export async function createUser(userData: UserCreateForm): Promise<User> {
const url = `${BACKEND_URL}/api/v1/accounts`
const response = await http(url, {
@ -63,26 +57,7 @@ export async function createUser(userData: UserCreateForm): Promise<User> {
}
}
export async function getAccessToken(user: UserLoginForm): Promise<string> {
const url = `${BACKEND_URL}/oauth/token`
const tokenRequestData = {
grant_type: "ethereum",
wallet_address: user.wallet_address,
password: user.signature,
}
const response = await http(url, {
method: "POST",
json: tokenRequestData,
})
const data = await response.json()
if (response.status !== 200) {
throw new Error(data.message)
} else {
return data.access_token
}
}
export async function getAccessTokenEip4361(
export async function getAccessToken(
message: string,
signature: string,
): Promise<string> {

View file

@ -40,31 +40,13 @@ export async function getWalletAddress(provider: Web3Provider): Promise<string |
return walletAddress.toLowerCase()
}
export async function getWalletSignature(
provider: Web3Provider,
walletAddress: string,
message: string,
): Promise<string | null> {
let signature
try {
signature = await provider.send(
"personal_sign",
[message, walletAddress],
)
} catch (error) {
// Signature request rejected
console.warn(error)
return null
}
return signature
}
function generateRandomString(len: number): string {
const arr = new Uint8Array(len / 2)
window.crypto.getRandomValues(arr)
return Array.from(arr, (val) => val.toString(16).padStart(2, "0")).join("")
}
// https://eips.ethereum.org/EIPS/eip-4361
export async function createEip4361_SignedMessage(
signer: Signer,
domain: string,

View file

@ -55,7 +55,7 @@ import { Options, Vue, setup } from "vue-class-component"
import {
createUser,
getAccessTokenEip4361,
getAccessToken,
getCurrentUser,
} from "@/api/users"
import { InstanceInfo } from "@/api/instance"
@ -63,10 +63,7 @@ import Loader from "@/components/Loader.vue"
import { useInstanceInfo } from "@/store/instance"
import { useCurrentUser } from "@/store/user"
import {
getWeb3Provider,
getWallet,
getWalletAddress,
getWalletSignature,
createEip4361_SignedMessage,
} from "@/utils/ethereum"
@ -93,25 +90,16 @@ export default class LandingPage extends Vue {
async register() {
this.registrationErrorMessage = null
const provider = getWeb3Provider()
if (!provider || !this.store.instance) {
if (!this.store.instance) {
return
}
const instanceHost = this.store.instance.uri
const loginMessage = this.store.instance.login_message
const walletAddress = await getWalletAddress(provider)
if (!walletAddress) {
return
}
const signature = await getWalletSignature(provider, walletAddress, loginMessage)
if (!signature) {
return
}
const signer = await getWallet()
if (!signer) {
return
}
const { message, signature: eip4361signature } = await createEip4361_SignedMessage(
const { message, signature } = await createEip4361_SignedMessage(
signer,
instanceHost,
loginMessage,
@ -122,12 +110,11 @@ export default class LandingPage extends Vue {
try {
user = await createUser({
username: this.username,
password: signature,
message,
signature: eip4361signature,
signature,
invite_code: this.inviteCode,
})
authToken = await getAccessTokenEip4361(message, eip4361signature)
authToken = await getAccessToken(message, signature)
} catch (error) {
this.isLoading = false
this.registrationErrorMessage = error.message
@ -158,7 +145,7 @@ export default class LandingPage extends Vue {
let user
let authToken
try {
authToken = await getAccessTokenEip4361(message, signature)
authToken = await getAccessToken(message, signature)
user = await getCurrentUser(authToken)
} catch (error) {
this.loginErrorMessage = error.message