[identity] verify nonce in siwe message
04be4bd3ba84
Actions

Description

[identity] verify nonce in siwe message

Summary:
get the nonce from the SIWE message provided by the user and check if it exists in our nonces table. if it doesn't, return an error. if it does, remove it and proceed.

Depends on D9440

Test Plan: tried to use the same nonce for consecutive sign-in requests and only the first request succeeded.

Reviewers: kamil, bartek, jon

Reviewed By: bartek

Subscribers: ashoat, tomek, wyilio

Differential Revision: https://phab.comm.dev/D9441

Details

Provenance

varun

Authored on Oct 9 2023, 2:01 PM

Reviewer

bartek

Differential Revision

D9441: [identity] verify nonce in siwe message

Parents

rCOMMa06b82fdb95b: [identity] Make sure username users can't use ETH addresses as usernames on the…

Branches

Unknown

Tags

Unknown

Event Timeline

varun committed rCOMM04be4bd3ba84: [identity] verify nonce in siwe message (authored by varun).Oct 10 2023, 9:24 PM

varun added an edge: D9441: [identity] verify nonce in siwe message.

Changes (2)

Path

Size

services/

identity/

src/

client_service.rs

siwe.rs

rCOMM04be4bd3ba84

View Options

services/identity/src/client_service.rs