4nk/anchorage_layer_simple
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
anchorage_layer_simple/service-login-verify
History
ncantu 695aff4f85 api-relay DB migration, auth, service-login-verify PersistentNonceCache, UserWallet crypto settings 
**Motivations:**
- Migrer api-relay vers base de données SQLite (production)
- Ajouter authentification API key pour endpoints POST (protection abus)
- PersistentNonceCache pour service-login-verify (IndexedDB/localStorage)
- Écran paramètres crypto avancés UserWallet
- Documenter options non implémentées (Merkle, évolutions api-relay)

**Root causes:**
- N/A (évolutions + correctifs)

**Correctifs:**
- N/A

**Evolutions:**
- api-relay: DatabaseStorageService (SQLite), StorageAdapter (compatibilité), ApiKeyService (génération/validation), auth middleware (Bearer/X-API-Key), endpoints admin (/admin/api-keys), migration script (migrate-to-db.ts), suppression saveToDisk périodique
- service-login-verify: PersistentNonceCache (IndexedDB avec fallback localStorage, TTL, cleanup), export dans index
- userwallet: CryptoSettingsScreen (hashAlgorithm, jsonCanonizationStrict, ecdhCurve, nonceTtlMs, timestampWindowMs), modifications LoginScreen, LoginForm, CreateIdentityScreen, ImportIdentityScreen, DataExportImportScreen, PairingDisplayScreen, RelaySettingsScreen, ServiceListScreen, MemberSelectionScreen, GlobalActionBar
- features: OPTIONS_NON_IMPLENTEES.md (analyse Merkle trees, évolutions api-relay)

**Pages affectées:**
- api-relay: package.json, index.ts, middleware/auth.ts, services/database.ts, services/storageAdapter.ts, services/apiKeyService.ts, scripts/migrate-to-db.ts
- service-login-verify: persistentNonceCache.ts, index.ts, tsconfig.json, dist/
- userwallet: App, CryptoSettingsScreen, LoginScreen, LoginForm, CreateIdentityScreen, ImportIdentityScreen, DataExportImportScreen, PairingDisplayScreen, RelaySettingsScreen, ServiceListScreen, MemberSelectionScreen, GlobalActionBar
- features: OPTIONS_NON_IMPLENTEES.md
- data: sync-utxos.log
2026-01-28 07:36:01 +01:00
..
dist
api-relay DB migration, auth, service-login-verify PersistentNonceCache, UserWallet crypto settings
2026-01-28 07:36:01 +01:00
node_modules
Cron restart services (bitcoind, mempool), service-login-verify, website-skeleton, docs
2026-01-28 00:48:37 +01:00
src
api-relay DB migration, auth, service-login-verify PersistentNonceCache, UserWallet crypto settings
2026-01-28 07:36:01 +01:00
package-lock.json
Cron restart services (bitcoind, mempool), service-login-verify, website-skeleton, docs
2026-01-28 00:48:37 +01:00
package.json
Cron restart services (bitcoind, mempool), service-login-verify, website-skeleton, docs
2026-01-28 00:48:37 +01:00
README.md
Cron restart services (bitcoind, mempool), service-login-verify, website-skeleton, docs
2026-01-28 00:48:37 +01:00
tsconfig.json
api-relay DB migration, auth, service-login-verify PersistentNonceCache, UserWallet crypto settings
2026-01-28 07:36:01 +01:00

README.md

service-login-verify

Verify login proof and anti-replay policy for services that embed UserWallet in an iframe.

Purpose

The service is the parent application that embeds UserWallet. It receives login-proof via postMessage and must verify the proof before accepting a session, without a central server. This package provides:

  • verifyLoginProof(proof, context) full verification (crypto, allowed pubkeys, timestamp window, nonce anti-replay)
  • NonceCache in-memory anti-replay cache (TTL configurable)
  • buildAllowedPubkeysFromValidateurs(validateurs) build allowed pubkeys from action login validators (cle_publique only)

Usage

See features/service-login-verify.md for explanation and usage example.

Install

From the repo root:

cd service-login-verify && npm install && npm run build

Consuming apps can add a workspace dependency or link to ../service-login-verify.

References

  • features/service-login-verify.md
  • features/userwallet-contrat-login-reste-a-faire.md (§ 3.7)