[identity] verify nonce in siwe message
ClosedPublic
Actions

Authored by varun on Oct 10 2023, 4:11 AM.

Details

Reviewers

kamil
bartek
• jon

Commits

rCOMM04be4bd3ba84: [identity] verify nonce in siwe message

Summary

get the nonce from the SIWE message provided by the user and check if it exists in our nonces table. if it doesn't, return an error. if it does, remove it and proceed.

Depends on D9440

Test Plan

tried to use the same nonce for consecutive sign-in requests and only the first request succeeded.

Diff Detail

Repository

rCOMM Comm

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

varun created this revision.Oct 10 2023, 4:11 AM

Herald added a reviewer: • jon. · View Herald TranscriptOct 10 2023, 4:11 AM

Herald added subscribers: will, tomek, ashoat. · View Herald Transcript

Harbormaster completed remote builds in B23136: Diff 31850.Oct 10 2023, 4:28 AM

varun requested review of this revision.Oct 10 2023, 4:28 AM

bartek accepted this revision.Oct 10 2023, 6:20 AM

This revision is now accepted and ready to land.Oct 10 2023, 6:20 AM

varun added a child revision: D9448: [shared] add new interceptor to identity gRPC clients.Oct 11 2023, 4:20 AM

Closed by commit rCOMM04be4bd3ba84: [identity] verify nonce in siwe message. · Explain WhyOct 11 2023, 4:25 AM

This revision was automatically updated to reflect the committed changes.

varun added a commit: rCOMM04be4bd3ba84: [identity] verify nonce in siwe message.

Revision Contents
Changeset List

Path

Size

services/

identity/

src/

client_service.rs

19 lines

siwe.rs

6 lines

Diff 31887

View Options

services/identity/src/client_service.rs