Skip to content

Commit

Permalink
fix: resolve issues with siwe
Browse files Browse the repository at this point in the history
  • Loading branch information
martines3000 committed Mar 25, 2024
1 parent d1fb6d3 commit 9a33e42
Show file tree
Hide file tree
Showing 11 changed files with 749 additions and 752 deletions.
6 changes: 3 additions & 3 deletions packages/dapp/.env.example
Original file line number Diff line number Diff line change
Expand Up @@ -10,14 +10,14 @@ SEPOLIA_RPC_URL=
IPFS_GATEWAY=
POLYGON_RPC_URL=
POLYGON_MUMBAI_RPC_URL=
=


# Masca version
NEXT_PUBLIC_MASCA_VERSION=v1.1.0

# SupaBase Public
NEXT_PUBLIC_SUPABASE_URL=
NEXT_PUBLIC_SUPABASE_ANON_KEY=
NEXT_PUBLIC_SUPABASE_URL=https://nqgexdszsnrliuzuobul.supabase.co
NEXT_PUBLIC_SUPABASE_ANON_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6Im5xZ2V4ZHN6c25ybGl1enVvYnVsIiwicm9sZSI6ImFub24iLCJpYXQiOjE3MTA3NjQ5NDcsImV4cCI6MjAyNjM0MDk0N30.GtmyqLhsptRv-w-BNMtzTJX1Jquwym61qMagpNs7Hso

# SupaBase Private
SUPABASE_SECRET_KEY=
Expand Down
6 changes: 6 additions & 0 deletions packages/dapp/next.config.js
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,12 @@ const nextConfig = {
},
env: {
USE_LOCAL: process.env.USE_LOCAL || 'false',
NEXT_PUBLIC_SUPABASE_URL:
process.env.NEXT_PUBLIC_SUPABASE_URL ||
'https://nqgexdszsnrliuzuobul.supabase.co',
NEXT_PUBLIC_SUPABASE_ANON_KEY:
process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY ||
'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6Im5xZ2V4ZHN6c25ybGl1enVvYnVsIiwicm9sZSI6ImFub24iLCJpYXQiOjE3MTA3NjQ5NDcsImV4cCI6MjAyNjM0MDk0N30.GtmyqLhsptRv-w-BNMtzTJX1Jquwym61qMagpNs7Hso',
},
typescript: {
// We can ignore build errors because we are using tsc to type check
Expand Down
6 changes: 3 additions & 3 deletions packages/dapp/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
"lint:stylelint": "stylelint \"src/**/*.{css,scss}\"",
"lint:tsc": "tsc -p tsconfig.json --noEmit --incremental false",
"start": "next start",
"supabase:generate": "supabase gen types typescript --project-id vfxyvzkprpeegheyapzg --schema public > src/utils/supabase/database.types.ts"
"supabase:generate": "supabase gen types typescript --project-id nqgexdszsnrliuzuobul --schema public > src/utils/supabase/database.types.ts"
},
"dependencies": {
"@blockchain-lab-um/did-provider-key": "1.0.8-beta.0",
Expand All @@ -29,7 +29,7 @@
"@nextui-org/react": "^2.2.9",
"@radix-ui/react-toast": "^1.1.5",
"@react-oauth/google": "^0.11.1",
"@supabase/supabase-js": "^2.38.5",
"@supabase/supabase-js": "^2.40.0",
"@tanstack/react-query": "^5.17.15",
"@tanstack/react-table": "^8.10.7",
"@types/js-cookie": "^3.0.6",
Expand Down Expand Up @@ -94,7 +94,7 @@
"stylelint-config-standard-scss": "^11.0.0",
"stylelint-prettier": "^4.0.2",
"stylelint-webpack-plugin": "^4.1.1",
"supabase": "^1.113.3",
"supabase": "^1.150.0",
"tailwindcss": "^3.3.5"
},
"nx": {
Expand Down
196 changes: 98 additions & 98 deletions packages/dapp/src/app/api/encrypted-session/route.ts
Original file line number Diff line number Diff line change
@@ -1,118 +1,118 @@
import { NextRequest, NextResponse } from 'next/server';
import { createClient } from '@supabase/supabase-js';
import jwt from 'jsonwebtoken';
import { type NextRequest, NextResponse } from "next/server";
import { createClient } from "@supabase/supabase-js";
import jwt from "jsonwebtoken";

import { Database } from '@/utils/supabase/database.types';
import type { Database } from "@/utils/supabase/database.types";

const CORS_HEADERS = {
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'GET OPTIONS',
'Access-Control-Allow-Headers': 'Content-Type',
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Methods": "GET OPTIONS",
"Access-Control-Allow-Headers": "Content-Type",
};

export async function GET(request: NextRequest) {
try {
const token = request.headers.get('Authorization')?.replace('Bearer ', '');
try {
const token = request.headers.get("Authorization")?.replace("Bearer ", "");

if (!token) {
return new NextResponse('Unauthorized', {
status: 401,
headers: {
...CORS_HEADERS,
},
});
}
if (!token) {
return new NextResponse("Unauthorized", {
status: 401,
headers: {
...CORS_HEADERS,
},
});
}

const user = jwt.verify(token, process.env.SUPABASE_JWT_SECRET!) as {
sub: string;
address: string;
aud: string;
role: string;
iat: number;
exp: number;
};
const user = jwt.verify(token, process.env.SUPABASE_JWT_SECRET!) as {
sub: string;
address: string;
aud: string;
role: string;
iat: number;
exp: number;
};

const supabase = createClient<Database>(
process.env.NEXT_PUBLIC_SUPABASE_URL!,
process.env.SUPABASE_SECRET_KEY!
);
const supabase = createClient<Database>(
process.env.NEXT_PUBLIC_SUPABASE_URL!,
process.env.SUPABASE_SECRET_KEY!,
);

const { data: selectData, error: selectError } = await supabase
.from('encrypted_sessions')
.select('id')
.eq('user_id', user.sub);
const { data: selectData, error: selectError } = await supabase
.from("sessions")
.select("id")
.eq("user_id", user.sub);

if (selectError) {
return new NextResponse('Internal Server Error', {
status: 500,
headers: {
...CORS_HEADERS,
},
});
}
if (selectError) {
return new NextResponse("Internal Server Error", {
status: 500,
headers: {
...CORS_HEADERS,
},
});
}

// If session is found delete it
if (selectData.length !== 0) {
const { error: deleteError } = await supabase
.from('encrypted_sessions')
.delete()
.eq('user_id', user.sub);
// If session is found delete it
if (selectData.length !== 0) {
const { error: deleteError } = await supabase
.from("sessions")
.delete()
.eq("user_id", user.sub);

if (deleteError) {
return new NextResponse('Internal Server Error', {
status: 500,
headers: {
...CORS_HEADERS,
},
});
}
}
if (deleteError) {
return new NextResponse("Internal Server Error", {
status: 500,
headers: {
...CORS_HEADERS,
},
});
}
}

// Create a new session
const { data: insertData, error: insertError } = await supabase
.from('encrypted_sessions')
.insert({
user_id: user.sub,
})
.select()
.limit(1)
.single();
// Create a new session
const { data: insertData, error: insertError } = await supabase
.from("sessions")
.insert({
user_id: user.sub,
})
.select()
.limit(1)
.single();

if (insertError || !insertData) {
return new NextResponse('Internal Server Error', {
status: 500,
headers: {
...CORS_HEADERS,
},
});
}
if (insertError || !insertData) {
return new NextResponse("Internal Server Error", {
status: 500,
headers: {
...CORS_HEADERS,
},
});
}

return NextResponse.json(
{
sessionId: insertData.id,
},
{
status: 201,
headers: {
...CORS_HEADERS,
},
}
);
} catch (error) {
return new NextResponse('Internal Server Error', {
status: 500,
headers: {
...CORS_HEADERS,
},
});
}
return NextResponse.json(
{
sessionId: insertData.id,
},
{
status: 201,
headers: {
...CORS_HEADERS,
},
},
);
} catch (error) {
return new NextResponse("Internal Server Error", {
status: 500,
headers: {
...CORS_HEADERS,
},
});
}
}

export async function OPTIONS() {
return new NextResponse(null, {
status: 200,
headers: {
...CORS_HEADERS,
},
});
return new NextResponse(null, {
status: 200,
headers: {
...CORS_HEADERS,
},
});
}
104 changes: 52 additions & 52 deletions packages/dapp/src/app/api/siwe/nonce/route.ts
Original file line number Diff line number Diff line change
@@ -1,65 +1,65 @@
import { NextResponse } from 'next/server';
import { createClient } from '@supabase/supabase-js';
import { add, format } from 'date-fns';
import { NextResponse } from "next/server";
import { createClient } from "@supabase/supabase-js";
import { add, format } from "date-fns";

import { Database } from '@/utils/supabase/database.types';
import type { Database } from "@/utils/supabase/database.types";

const CORS_HEADERS = {
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'GET OPTIONS',
'Access-Control-Allow-Headers': 'Content-Type',
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Methods": "GET OPTIONS",
"Access-Control-Allow-Headers": "Content-Type",
};

export async function GET() {
const supabase = createClient<Database>(
process.env.NEXT_PUBLIC_SUPABASE_URL!,
process.env.SUPABASE_SECRET_KEY!
);
const supabase = createClient<Database>(
process.env.NEXT_PUBLIC_SUPABASE_URL!,
process.env.SUPABASE_SECRET_KEY!,
);

// Insert a new nonce and select 1 row
const { data, error } = await supabase
.from('authorization')
.insert({
// Expires in 5 minutes (ISO String)
expires_at: format(
add(new Date(), { minutes: 5 }),
"yyyy-MM-dd'T'HH:mm:ss.SSSxxx"
),
})
.select()
.limit(1)
.single();
// Insert a new nonce and select 1 row
const { data, error } = await supabase
.from("siwe")
.insert({
// Expires in 5 minutes (ISO String)
expires_at: format(
add(new Date(), { minutes: 5 }),
"yyyy-MM-dd'T'HH:mm:ss.SSSxxx",
),
})
.select()
.limit(1)
.single();

if (error || !data) {
return new NextResponse('Internal server error', {
status: 500,
headers: {
...CORS_HEADERS,
},
});
}
if (error || !data) {
return new NextResponse("Internal server error", {
status: 500,
headers: {
...CORS_HEADERS,
},
});
}

return NextResponse.json(
{
nonce: data.nonce,
expiresAt: data.expires_at,
createdAt: data.created_at,
},
{
headers: {
...CORS_HEADERS,
'Set-Cookie': `verify.session=${data.id}; Path=/; HttpOnly; Secure; SameSite=Strict;`,
},
status: 200,
}
);
return NextResponse.json(
{
nonce: data.nonce,
expiresAt: data.expires_at,
createdAt: data.created_at,
},
{
headers: {
...CORS_HEADERS,
"Set-Cookie": `verify.session=${data.id}; Path=/; HttpOnly; Secure; SameSite=Strict;`,
},
status: 200,
},
);
}

export async function OPTIONS() {
return new NextResponse(null, {
status: 200,
headers: {
...CORS_HEADERS,
},
});
return new NextResponse(null, {
status: 200,
headers: {
...CORS_HEADERS,
},
});
}
Loading

0 comments on commit 9a33e42

Please sign in to comment.