Authentication Integration Flow

Some of the key features include:

• Assign an EOA to an enduser

• Authenticate the user in backend

Outline

If you are using Ethereum Signature Validator for verification, you need to restore the message that was used for the signature on the backend. Please add the following code to your backend. The reason for not sending the restored message directly from the frontend is to ensure that the message generated on the backend is revealed to be used for the signature. Without this assurance, there is a possibility of picking up any string and signature and impersonating someone else.

Summary

1. Refetch the originalMessage

2. Add the logic to generate messageToBeSigned from originalMessage

// ① Fetch the originally generated string that was passed to the user
const originalMessage = await this.findOne(eoa)

let messageToBeSigned
if (prefix) {
	// ② Restore the messageToBeSigned, from the originalMessage, that was signed inside Startrail-sdk-js.
  messageToBeSigned = `${prefix}${originalMessage.length.toString()}${originalMessage}`;
} else {
	// Write the logic in case the prefix is undefined given the usecase that popup is not hidden
  messageToBeSigned = originalMessage
}

// HTTP call to Validator-API (message: messageToBeSigned, signature, address )