Complete example of web3 authentication example
Live demo App deployed on Vercel
Checkout the backend code here, deployed in Heroku
You want to verify that the user owns certain address, so the backend will provide a message and the user sign it. The user use their private key to sign the message. To validate the signature you use some maths along with the message, and you should get the public key which in turns give you the address, cryptographically you can't get the validation from the message to be equal to the public key without the private key thus proving ownership.
You can understand more here
- User connect account
- Server send a message with a token to the user
- User sign the message, and send back the to the server the signing message with the token
- Server first validate if the message it's legit using the token, and then validate the signature of the message.
- if the signature it's valid, server send back to the user a session token
- User navigates in private routes using session token
- ethers
- JWT
- Tailwindcss