Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Privy #14822

Merged
merged 101 commits into from
Oct 22, 2024
Merged

Privy #14822

merged 101 commits into from
Oct 22, 2024

Conversation

julien51
Copy link
Member

@julien51 julien51 commented Oct 8, 2024
edited
Loading

Description

A couple of months ago, we introduced Unlock Accounts 2.0 to improve our existing Unlock Accounts. At the time, the main goal was to add support for Google and Email magic links to existing passwords. For this we use Coinbase's wallet as a service... but they are deprecating this so we need to replace that.
We decided to go with Privy which offers a few benefits (mostly they manage everything so we don't have to worry about much), but that also presents 2 challenges:

  • first one is rather easy to solve. Normally Privy loads as a modal. We need to be able to also "embed" their UI so that it does not use a modal because our checkout is already a modal (and a modal in a modal would be bad UI). Luckily they recently added support for that thru _render: { standalone: true, } option when loading it.
  • the second one is a bit more challenging. Currently, in order to perform API calls, we generate a JWT token from a signed SIWE message. Since Privy already asks for a SIWE message, we should not ask for a 2nd signature. Luckily, Privy already provides a JWT that we could use. This means locksmith will need to support both our legacy tokens (because that is what our API uses) and the Privy tokens.

Custom checklist:

A test plan for the newly integrated auth system, focusing on different authentication methods using Privy:

  1. Email Authentication:
    • User enters email address
    • User receives one-time password (OTP)
    • User enters OTP to authenticate
    • Verify successful login and access to checkout
    • Checkout (unlock-protocol.com domain)
      • Make a purchase
      • Save metadata
      • Network swicth
    • Embedded Paywall & provider (loaded from 2rd party site, for example dirt.fyi)
      • Make a purchase
      • Save metadata
      • Network switch
  • Dashboard
    • check user settings (save CC)
    • Deploy lock (probably won't work because no gas)
    • Update Lock settings
    • Network switch
  • OAuth flow
    • can login on ouvre-boite.com
  • Events
    • RSVP free event
    • RSVP paid event (with CC)
  • Keychain
    • Add to Mobile wallet (iOS or Android)
  1. Wallet Authentication (Sign In With Ethereum):
    • User connects their wallet
    • User signs the authentication message
    • Verify successful login and access to checkout
    • Checkout
      • Make a purchase
      • Save metadata
      • Network switch
    • Embedded Paywall
      • Make a purchase
      • Save metadata
      • Network switch
  • Dashboard
    • check user settings (save CC)
    • Deploy lock
    • Update Lock settings
    • Network switch
  • OAuth flow
    • can login on ouvre-boite.com
  • Events
    • Create event
    • RSVP free event
    • RSVP paid event (with CC)
    • RSVP paid event (with crypto)
  • Keychain
    • Add to Mobile wallet (iOS or Android)
  • Certification
    • CReate a certification
    • Airdrop certifications
  • Subscription
    • Create a subscription
  1. Error Handling:
    • Test with invalid credentials for each auth method
    • Verify appropriate error messages are displayed

@cla-bot cla-bot bot added the cla-signed label Oct 8, 2024
@julien51 julien51 requested a review from 0xTxbi October 8, 2024 12:48
julien51
julien51 commented Oct 8, 2024
View reviewed changes
unlock-app/src/components/interface/checkout/main/Disconnect.tsx Outdated
@@ -22,7 +22,7 @@ const Disconnect = ({ service }: DisconnectProps) => {

if (email) {
userText = `User: ${email}`
signOutText = 'Sign out'
signOutText = 'Sign out now'
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is not needed :)

julien51
julien51 commented Oct 8, 2024
View reviewed changes
unlock-app/src/config/PrivyProvider.tsx
Comment on lines +13 to +15
_render: {
standalone: true,
},
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is what makes the privy load inside a component rather than as a modal.

0xTxbi
0xTxbi reviewed Oct 11, 2024
View reviewed changes
locksmith/src/config/config.ts Outdated
@@ -129,6 +129,9 @@ const config = {
signerKeyBase64: process.env.APPLE_WALLET_SIGNER_KEY,
wwdrBase64: process.env.APPLE_WALLET_WWDR_CERT,
signerKeyPassphrase: process.env.APPLE_WALLET_SIGNER_KEY_PASSPHRASE,
privyAppId: process.env.PRIVY_APP_ID,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

necessary configs for privy on locksmith.

@julien51 julien51 marked this pull request as ready for review October 22, 2024 14:57
@julien51 julien51 merged commit d673525 into master Oct 22, 2024
4 checks passed
@julien51 julien51 deleted the privy branch October 22, 2024 21:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@0xTxbi 0xTxbi 0xTxbi approved these changes

Assignees
No one assigned
Labels
cla-signed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@julien51 @0xTxbi