HiveAuth
Search…
HAS Wrapper library
The hive-auth-wrapper library relieves you from managing a WebSocket connection and the events it generates. It allows you to use the functionality of the HAS infrastructure in the same way as you would with a traditional API.

Installation

npm install hive-auth-wrapper

Usage

1
import HAS from 'hive-auth-wrapper'
2
3
// Your application information
4
const APP_META = {name:"myapp", description:"My HAS compatible application", icon:undefined}
5
6
// Create an authentication object
7
const auth = {
8
username: "username" // (required)
9
token: undefined
10
expire: undefined
11
key: undefined
12
}
13
14
// Retrieving connection status
15
const status = HAS.status()
16
console.log(status)
Copied!

Configuration

The HAS wrapper should work with its default configuration. However, you can change it by calling setOptions(options). The options object has the following structure:
1
{
2
host: string = undefined,
3
auth_key_secret: string = undefined
4
}
Copied!
Properties
  • host: (optional) HAS server to connect to (default to wss://hive-autj.arcange.eu)
  • auth_key_secret: (optional) the PKSA pre-shared encryption key to use to encrypt any auth_key passed with an auth_req payload.
auth_key_secret should be defined only if you are running your own PKSA in service mode and the app sends the auth_key online with the auth_req payload!

Authentication

When the app perform it's first authentication, it can use a auth object with undefined token and expire properties. The auth.token and auth.expire will be updated if the authentication succeeds.
If the app already own an auth object with a token which has not expired, it may be reused without calling authenticate() again.
1
if(auth.token && auth.expire > Date.now()) {
2
// token exists and is still valid - no need to login again
3
resolve(true)
4
} else {
5
HAS.authenticate(auth, APP_META, (evt) => {
6
console.log(evt) // process auth_wait message
7
}))
8
.then(res => resolve(res)) // Authentication request approved
9
.catch(err => reject(err)) // Authentication request rejected or error occured
10
}
Copied!

Broadcasting transactions

The APP can request the PKSA to sign and/or broadcast a transaction.
1
const op = [
2
"vote",
3
{
4
voter: auth.username,
5
author: "author",
6
permlink: "permlink",
7
weight: 10000
8
}
9
]
10
11
HAS.broadcast(auth, "posting", [op], (evt)=> {
12
console.log(evt) // process sign_wait message
13
}) )
14
.then(res => resolve(res) ) // transaction approved and successfully broadcasted
15
.catch(err => reject(err) ) // transaction rejected or failed
Copied!

Signing a challenge

Apps may want to validate an account by asking it to sign a predefined text string (challenge) with one of its keys.
1
try {
2
const challenge = JSON.stringify({login:auth.username,ts:Date.now()})
3
const res = await HAS.challenge(auth, "posting",challenge)
4
5
// Validate signature against account public key
6
const sig = ecc.Signature.fromHex(resC.data.challenge)
7
const buf = ecc.hash.sha256(challenge, null, 0)
8
const verified = sig.verifyHash(buf, ecc.PublicKey.fromString(resC.data.pubkey));
9
10
if(verified) {
11
console.log("challenge succeeded")
12
} else {
13
console.error("challenge failed")
14
}
15
} catch(e) {
16
console.error("challenge failed")
17
}
Copied!