Skip to content

Add email auth as an option for login#4

Open
0xAstraea wants to merge 4 commits intoagorafrom
dev
Open

Add email auth as an option for login#4
0xAstraea wants to merge 4 commits intoagorafrom
dev

Conversation

@0xAstraea
Copy link
Collaborator

@0xAstraea 0xAstraea commented Apr 29, 2025

Email Authentication Flow with Zupass Integration

Overview

This PR introduces a new email-based authentication flow using Zupass's Proof of Data (POD) system, complementing our existing ticket-based authentication. This enhancement provides users with a more flexible way to authenticate while maintaining high security standards through cryptographic proofs.

Authentication Flow

  1. Initial SSO Validation

    • User arrives with SSO parameters (sso, sig, return_sso_url)
    • System validates SSO signature and payload
    • Parameters are stored for the authentication process

  2. Email Proof Collection

    • User clicks "Sign In" button
    • System connects to Zupass client
    • Requests email proof with specific requirements:
      • Email address
      • Semaphore V4 public key
      • POD type verification

  3. Proof Verification

    • Backend validates the proof structure
    • Confirms POD type is "zupass.email"
    • Verifies signer public key
    • Generates new SSO payload and signature

  4. Session Completion

    • System creates authenticated session
    • Redirects user back to Agora with new SSO parameters
    • Maintains compatibility with existing Discourse SSO

Testing Instructions

  1. Start the development server:
yarn run dev
  1. Access the auth page with SSO parameters
  2. Test both email and ticket authentication flows
  3. Verify successful redirection to Agora
  4. Confirm session persistence

Future Improvements

As noted in the code comments:

  • Potential to emit PODs of received PCDs
  • Remove the need for separate email and ticket flows
  • Clean up unused components and improve type safety

@0xAstraea
WIP integrating Parcnet app connector and updating dependencies
52932f0
@0xAstraea
WIP Implement Zupass authentication flow with email proof and SSO int…
3bc7c56 
…egration

- Updated the page component to handle SSO parameters and validate them using Zupass.
- Added a new API route for authenticating the proof received from Zupass POD's
- Introduced a utility function to generate a signature for the SSO payload of POD's
@0xAstraea
Enhanced the Button component to accept custom styles for better UI f…
1981449 
…lexibility.
@0xAstraea
upass login function to return result for better popup handling
7581766
@0xAstraea 0xAstraea self-assigned this Apr 29, 2025
@vercel
Copy link

vercel bot commented Apr 29, 2025

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
zuzagora ✅ Ready (Inspect) Visit Preview 💬 Add feedback Apr 29, 2025 1:50am

@0xAstraea 0xAstraea requested a review from 0xPetra April 29, 2025 01:50
@0xAstraea 0xAstraea added the enhancement New feature or request label Apr 29, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@0xPetra 0xPetra Awaiting requested review from 0xPetra

Assignees

@0xAstraea 0xAstraea

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@0xAstraea