Website for Session watch OS client
| .vscode | ||
| docs | ||
| public | ||
| src | ||
| .eslintrc.cjs | ||
| .gitignore | ||
| next.config.mjs | ||
| package.json | ||
| pnpm-lock.yaml | ||
| postcss.config.js | ||
| README.md | ||
| tailwind.config.ts | ||
| tsconfig.json | ||
Session watch OS client website
Website for Session watch OS client
Used to sign in with mnemonic into the app. Mnemonic is encrypted with a key that is not sent to server.
Usage
- Clone repository
- Run Redis database with
npm run db - Run Next.js server with
npm run dev
Login flow
- Make GET request to /api/start-login-flow, it will respond with JSON like
{"ok": true,"flowID": "URlf0dTn8"} - Generate AES-256 key for encryption and store it in a local variable, it will be used later for decryption. Encode it in base64 as iv+key where iv is 16 bytes length and key is 32 bytes length
- Grab that flowID and open /login/[flowID]#[encryptionKey] page. For example
/login/URlf0dTn8#123456789 - User will input their mnemonic, and it will be stored in Redis database encrypted with this key. Encryption is done clientside in browser, server only receives encrypted mnemonic and never receives key.
- Periodically check /api/login-flow-result/[flowID], it will respond with JSON like
{"ok": true,"result": null}meaning user has not yet inputted their mnemonic. Once result is string, decrypt it with the key and you've got what user inputted. As soon as server responded with resulted encrypted string, this flow will be deleted and you won't be able to request results for the same flow again