[identity] verify nonce in siwe message
ClosedPublic
Actions

Authored by varun on Oct 9 2023, 9:11 PM.

Details

Reviewers

kamil
bartek
• jon

Commits

rCOMM04be4bd3ba84: [identity] verify nonce in siwe message

Summary

get the nonce from the SIWE message provided by the user and check if it exists in our nonces table. if it doesn't, return an error. if it does, remove it and proceed.

Depends on D9440

Test Plan

tried to use the same nonce for consecutive sign-in requests and only the first request succeeded.

Diff Detail

Repository

rCOMM Comm

Lint

No Lint Coverage

Unit

No Test Coverage

Event Timeline

varun created this revision.Oct 9 2023, 9:11 PM

Herald added a reviewer: • jon. · View Herald TranscriptOct 9 2023, 9:11 PM

Herald added subscribers: will, tomek, ashoat. · View Herald Transcript

Harbormaster completed remote builds in B23136: Diff 31850.Oct 9 2023, 9:28 PM

varun requested review of this revision.Oct 9 2023, 9:28 PM

bartek accepted this revision.Oct 9 2023, 11:20 PM

This revision is now accepted and ready to land.Oct 9 2023, 11:20 PM

varun added a child revision: D9448: [shared] add new interceptor to identity gRPC clients.Oct 10 2023, 9:20 PM

Closed by commit rCOMM04be4bd3ba84: [identity] verify nonce in siwe message (authored by varun). · Explain WhyOct 10 2023, 9:25 PM

This revision was automatically updated to reflect the committed changes.

varun added a commit: rCOMM04be4bd3ba84: [identity] verify nonce in siwe message.

Revision Contents
Changeset List

Path

Size

services/

identity/

src/

client_service.rs

19 lines

siwe.rs

6 lines

Diff 31850

View Options

services/identity/src/client_service.rs