JavaScript implementation of the Digi-ID authentication protocol: https://www.digi-id.io/
This is the javascript implementation of the DigiID authentication protocol. Checkout the original Ruby version at https://github.com/digiid/digiid-ruby
Basically, what the module does is build a message challenge and verifying the signature.
Add this line to your application's package.json dependencies:
'digiid': 'latest'
Or install it yourself as:
$ npm install digiid
To build a challenge, you need to initialize a DigiID object with a nonce and a callback.
var digiid = new DigiID({nonce:nonce, callback:callback});
nonce is a random string associated with the user's session id.
callback is the url without the scheme where the wallet will post the challenge's signature.
One example of callback could be www.site.com/callback. A callback cannot have parameters. By
default the POST call will be done using https. If you need to tell the wallet to POST on
http then you need to add unsecure:true.
var digiid = new DigiID({nonce:nonce, callback:callback, unsecure:true});
Once the DigiID object is initialized, you have access to the following methods :
digiid.uri
This is the uri which will trigger the wallet when clicked (or scanned as QRcode). For instance :
digiid://digiid-demo.herokuapp.com/callback?x=987f20277c015ce7
If you added unsecure:true when initializing the object then uri will be like :
digiid://digiid-demo.herokuapp.com/callback?x=987f20277c015ce7&u=1
To get the uri as QRcode :
digiid.qrcode
This is actualy an URL pointing to the QRcode image.
When getting the callback from the wallet, you must initialize a DigiID object with the received
parameters address, uri, signature as well as the excpected callback :
var digiid = new DigiID(address:address, uri:uri, signature:signature, callback:callback);
You can after call the following methods :
digiid.nonce
Return the nonce, which would get you the user's session.
digiid.uriValid()
Returns true if the submitted URI is valid and corresponds to the correct callback url.
digiid.signatureValid()
If returns true, then you can authenticate the user's session with address (public Bitcoin
address used to sign the challenge).
JavaScript application using the digiid lib: https://github.com/porkchop/digiid-js-demo
Live demonstration: http://digiid-js-demo.herokuapp.com/
The following projects use digiid-js.
If you are using digiid-js in a project, app, or module, get on the list below by getting in touch or submitting a pull request with changes to the README.
Aaron Caswell aaron@captureplay.com
Eric Larchevêque (The creator of the DigiID protocol and the original Ruby gem this code is based on) elarch@gmail.com
git checkout -b my-new-feature)git commit -am 'Add some feature')git push origin my-new-feature)FAQs
JavaScript implementation of the Digi-ID authentication protocol: https://www.digi-id.io/
We found that digiid demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Axios compromise traced to social engineering, showing how attacks on maintainers can bypass controls and expose the broader software supply chain.
Security News
Node.js has paused its bug bounty program after funding ended, removing payouts for vulnerability reports but keeping its security process unchanged.
Security News
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.