
A plugin for passport that allows users to authenticate in your express app using their NEAR wallet.
How does it work?
passport-local-near asks the NEAR user to provide a signed message plus their public key, and checks that:
- The message can be decrypted using the public key, and therefore, it was signed with its private-key counterpart
- The public key effectively belongs to the user
Because of this, in order to use passport-local-near, you will need to include code both on your server and client side.
Install the passport-local-near package using npm
npm install passport-local-near
Setting up the Server side
To use passport-local-near you simply need to include it, and use its functions (authenticate, seralizeUser, and deserializeUser) in passport.
const express = require('express');
const passport = require('passport');
const LocalStrategy = require('passport-local').Strategy;
const passport_local_near = require('passport-local-near')
var app = express();
app.use(session({secret: 'keyboard cat', resave: false,
saveUninitialized: false}))
passport.use(new LocalStrategy(passport_local_near.authenticate))
Setting up the Client side
After the user authorized your smartcontract usint the NEAR wallet, this is, window.walletAccount.getAccountId() is setted, call the following function:
async function logged_in(){
const accountId = window.walletAccount.getAccountId()
const networkId = "testnet"
const signed = await near.connection.signer.signMessage(
accountId, accountId, networkId
{method: "POST",
headers: {'Content-Type': 'application/json'},
body: JSON.stringify({username: accountId,
password: JSON.stringify(signed)})
}).then(res => res.json())
.then(res => callback(res))
function callback(response){
console.log('server-side login with NEAR succeded')
console.log('server-side login with NEAR failed')
where window.walletAccount
is an instance of nearAPI.WalletConnection
This function asks the user to sign a message, and sends the signed message + user's public key to the middleware /user/login
You can find a minimal example using local-passport-near here.