class OmniAuth::Strategies::Ethereum
Public Instance Methods
callback_phase()
click to toggle source
Calls superclass method
# File lib/omniauth-ethereum.rb, line 42 def callback_phase address = request.params['eth_address'].downcase message = request.params['eth_message'] signature = request.params['eth_signature'] signature_pubkey = Eth::Key.personal_recover message, signature signature_address = (Eth::Utils.public_key_to_address signature_pubkey).downcase unix_time = message.scan(/\d+/).first.to_i ten_min = 10 * 60 return fail!(:invalid_time) unless unix_time + ten_min >= now && unix_time - ten_min <= now return fail!(:invalid_credentials) unless signature_address == address super end
request_phase()
click to toggle source
# File lib/omniauth-ethereum.rb, line 20 def request_phase form = OmniAuth::Form.new :title => 'Ethereum Authentication', :url => callback_path options.fields.each do |field| # these fields are read-only and will be filled by javascript in the process if field == :eth_message form.html("<input type='hidden' id='eth_message' name='eth_message' value='#{now}' />") else form.html("<input type='hidden' id='#{field.to_s}' name='#{field.to_s}' />") end end # the form button will be heavy on javascript, requesting account, nonce, and signature before submission form.button 'Sign In' path = File.join( File.dirname(__FILE__), 'new_session.js') js = File.read(path) mod = "<script type='module'>\n#{js}\n</script>" form.html(mod) form.to_response end
Private Instance Methods
now()
click to toggle source
# File lib/omniauth-ethereum.rb, line 64 def now Time.now.utc.to_i end