Merge pull request #55 from hyle-team/feature/add-auth-session

feat: add auth session

src/components/UI/ConnectButton/ConnectButton.tsx

@@ -6,8 +6,6 @@ import useUpdateUser from '@/hook/useUpdateUser';
 import AlertType from '@/interfaces/common/AlertType';
 import ConnectButtonProps from '@/interfaces/props/components/UI/ConnectButton/ConnectButtonProps';
 import ZanoWindow from '@/interfaces/common/ZanoWindow';
-import { getSavedWalletCredentials, setWalletCredentials } from '@/utils/utils';
-import { uuid } from 'uuidv4';
 import Button from '../Button/Button';
 
 function ConnectButton(props: ConnectButtonProps) {
@@ -28,41 +26,51 @@ function ConnectButton(props: ConnectButtonProps) {
 				await (window as unknown as ZanoWindow).zano.request('GET_WALLET_DATA')
 			).data;
 
-			if (!walletData?.address) {
+			const walletAddress = walletData?.address;
+			const walletAlias = walletData?.alias;
+
+			if (!walletAddress) {
 				throw new Error('Companion is offline');
 			}
 
-			if (!walletData?.alias) {
+			if (!walletAlias) {
 				throw new Error('Alias not found');
 			}
 
-			let nonce = '';
+			if (typeof walletAddress !== 'string' || typeof walletAlias !== 'string') {
-			let signature = '';
+				throw new Error('Invalid wallet data');
-			let publicKey = '';
-
-			const existingWallet = getSavedWalletCredentials();
-
-			if (existingWallet) {
-				nonce = existingWallet.nonce;
-				signature = existingWallet.signature;
-				publicKey = existingWallet.publicKey;
-			} else {
-				const generatedNonce = uuid();
-				const signResult = await (window as unknown as ZanoWindow).zano.request(
-					'REQUEST_MESSAGE_SIGN',
-					{ message: generatedNonce },
-					null,
-				);
-
-				if (!signResult?.data?.result) {
-					throw new Error('Sign denied');
-				}
-
-				nonce = generatedNonce;
-				signature = signResult.data.result.sig;
-				publicKey = signResult.data.result.pkey;
 			}
 
+			const authRequestRes = await fetch('/api/auth/request-auth', {
+				method: 'POST',
+				headers: {
+					'Content-Type': 'application/json',
+				},
+				body: JSON.stringify({
+					address: walletAddress,
+					alias: walletAlias,
+				}),
+			}).then((res) => res.json());
+
+			const authMessage = authRequestRes?.data;
+
+			if (!authRequestRes.success || typeof authMessage !== 'string') {
+				throw new Error('Unknown error during auth request');
+			}
+
+			const signResult = await (window as unknown as ZanoWindow).zano.request(
+				'REQUEST_MESSAGE_SIGN',
+				{ message: authMessage },
+				null,
+			);
+
+			if (!signResult?.data?.result) {
+				throw new Error('Sign denied');
+			}
+
+			const signature = signResult.data.result.sig;
+			const publicKey = signResult.data.result.pkey;
+
 			const result = await fetch('/api/auth', {
 				method: 'POST',
 				headers: {
@@ -70,11 +78,11 @@ function ConnectButton(props: ConnectButtonProps) {
 				},
 				body: JSON.stringify({
 					data: {
-						alias: walletData.alias,
+						alias: walletAlias,
-						address: walletData.address,
+						address: walletAddress,
 						signature,
 						publicKey,
-						message: nonce,
+						message: authMessage,
 					},
 				}),
 			}).then((res) => res.json());
@@ -83,14 +91,6 @@ function ConnectButton(props: ConnectButtonProps) {
 				throw new Error('Server auth error');
 			}
 
-			if (!existingWallet) {
-				setWalletCredentials({
-					publicKey,
-					signature,
-					nonce,
-				});
-			}
-
 			sessionStorage.setItem('token', result?.data);
 
 			updateWalletState(dispatch, { ...walletData, connected: true });
@@ -105,7 +105,6 @@ function ConnectButton(props: ConnectButtonProps) {
 			setAlertState('error');
 			setAlertErrMessage((error as { message: string }).message);
 			setTimeout(() => setAlertState(null), 3000);
-			setWalletCredentials(undefined);
 		}
 	}
 

src/components/default/Header/Header.tsx

@@ -18,7 +18,7 @@ import Button from '@/components/UI/Button/Button';
 
 import { useWindowWidth } from '@react-hook/window-size';
 import ConnectButton from '@/components/UI/ConnectButton/ConnectButton';
-import { classes, notationToString, setWalletCredentials, shortenAddress } from '@/utils/utils';
+import { classes, notationToString, shortenAddress } from '@/utils/utils';
 import useAdvancedTheme from '@/hook/useTheme';
 
 import { Store } from '@/store/store-reducer';
@@ -54,7 +54,6 @@ function Header({ isLg }: { isLg?: boolean }) {
 
 	function logout() {
 		sessionStorage.removeItem('token');
-		setWalletCredentials(undefined);
 		updateWalletState(dispatch, null);
 	}
 

src/utils/utils.ts

@@ -111,16 +111,6 @@ export const localeTimeLeft = (now: number | null, timestamp: number) => {
 	return `${intToStrFixedLen(hours)}:${intToStrFixedLen(minutes)}:${intToStrFixedLen(seconds)}`;
 };
 
-export function getSavedWalletCredentials() {
-	const savedWallet = localStorage.getItem('wallet');
-	if (!savedWallet) return undefined;
-	try {
-		return JSON.parse(savedWallet) as WalletCredentials;
-	} catch {
-		return undefined;
-	}
-}
-
 export function setWalletCredentials(credentials: WalletCredentials | undefined) {
 	if (credentials) {
 		localStorage.setItem('wallet', JSON.stringify(credentials));