Auth-Core SDK enables basic functionality for onboarding users to Web3 apps via social login. It uses the Arcana Keystore APIs to interact with the distributed key generation subsystem in the Arcana Network.
The Arcana Auth product is built using the Auth-Core SDK and the Arcana wallet UI. It ensures that only authenticated users have access to the private keys for signing blockchain transactions. With Arcana Auth, the app developers cannot access the user's private keys.
Web3 apps that choose to integrate directly with the Auth-Core SDK instead of using Arcana Auth must implement some of the functionality related to handling user authentication via social login. In addition, developers must ensure the security and privacy of the user's keys. See the Usage section below for details.
Note that the 'Global Keys' and enhanced wallet security 'MFA' features available via Arcana Auth are not available through the Auth-Core SDK.
npm install --save @arcana/auth-core
yarn add @arcana/auth-core
<script src="https://cdn.jsdelivr.net/npm/@arcana/auth-core"></script>
<script src="https://unpkg.com/@arcana/auth-core"></script>
const { AuthProvider, SocialLoginType, CURVE } = window.arcana.auth_core;
// or
import { AuthProvider, CURVE } from '@arcana/auth-core';
AuthProvider
const auth = new AuthProvider({
curve: CURVE.ED25519, // defaults to CURVE.SECP256K1
appId: `${appId}`,
redirectUri: ''
});
await auth.loginWithSocial(SocialLoginType.google);
const result = await auth.loginWithPasswordlessStart({
email: 'abc@example.com'
});
await auth.handleRedirect();
const loggedIn = auth.isLoggedIn(); /* boolean response */
After successful login, the user information is saved in memory. Before the page unload
event, the user information gets stored in session-storage
. After a successful page reload, it is fetched again to memory and removed from the session-storage
.
const userInfo = auth.getUserInfo();
/*
UserInfo: {
loginType: 'google',
userInfo: {
id: 'abc@example.com',
name: 'ABC DEF',
email: '',
picture: ''
},
privateKey: ''
}
*/
For userInfo type details, see Exported Types.
const publicKey = await auth.getPublicKey({
verifier: SocialLoginType.google,
id: `abc@example.com`,
});
For details regarding SocialLoginType
, see Exported Enums.
await auth.logout();
enum SocialLoginType {
google = 'google',
discord = 'discord',
twitch = 'twitch',
github = 'github',
twitter = 'twitter',
passwordless = 'passwordless',
}
interface KeystoreInput {
id: string;
verifier: LoginType;
}
interface InitParams {
/**
* appId: arcana app id without network hint,
* example: for clientId `xar_dev_xyz` - `xyz` is the appId.
*/
appId: string;
network?: 'dev' | 'testnet'| 'mainnet'; /* defaults to testnet */
/**
* autoRedirect: is redirected via SDK internally,
* instead of `loginWithSocial` output being `{ url }`.
*/
autoRedirect: boolean /* defaults to true */
/**
* shouldVerifyState: by default state is compared internally,
* the state is stored to local storage on login init.
* Set to false if you want to compare it yourself.
*/
shouldVerifyState: boolean /* defaults to true */
/**
* revokeTokenPostLogin: Some tokens need to be revoked to get new tokens
* on subsequent login or to prevent misuse, SDK does this internally. If
* set to `false` there is a cleanup function that is outputted from
* `auth.handleRedirect()` which should be called after token is used
* for secondary purpose.
*/
revokeTokenPostLogin: boolean /* defaults to true */
debug?: boolean; /* defaults to false */
}
interface GetInfoOutput {
loginType: SocialLoginType;
userInfo: UserInfo {
id: string;
email?: string;
name?: string;
picture?: string;
};
privateKey: string;
}
login.js
window.onload = async () => {
const auth = new AuthProvider({
appId: `${appId}`,
redirectUri:'path/to/redirect'
});
googleLoginBtn.addEventListener('click', async () => {
await auth.loginWithSocial(SocialLoginType.google);
});
}
redirect.js
window.onload = async () => {
const auth = new AuthProvider({
appId: `${appId}`,
redirectUri:'path/to/redirect'
});
await auth.handleRedirect();
if(auth.isLoggedIn()) {
const info = auth.getUserInfo();
}
}
origin
- Base URL of the app.For any support or integration-related queries, contact the Arcana support team.
Arcana Auth Core SDK is distributed under the MIT License. For details see Arcana License.
Generated using TypeDoc, the 2/12/2024 at 7:15:57 PM