JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 13
  • Score
    100M100P100Q16356F
  • License MIT

Direct login with torus to get user private key

Package Exports

  • @toruslabs/torus-direct-web-sdk

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@toruslabs/torus-direct-web-sdk) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

Torus-direct-web-sdk

npm version npm

Introduction

This repo allows web applications to directly retrieve keys stored on the Torus Network. The attestation layer for the Torus Network is generalizable, below is an example of how to access keys via the SDK via Google.

Features

  • Typescript compatible. Includes Type definitions
  • All API's return Promises

Installation

Bundling

This module is distributed in 3 formats

  • commonjs build dist/directWebSdk.cjs.js in es5 format
  • umd build dist/directWebSdk.umd.min.js in es5 format without polyfilling corejs minified
  • umd build dist/directWebSdk.polyfill.umd.min.js in es5 format with polyfilling corejs minified

By default, the appropriate format is used for your specified usecase You can use a different format (if you know what you're doing) by referencing the correct file

The cjs build is not polyfilled with core-js. It is upto the user to polyfill based on the browserlist they target

Directly in Browser

CDN's serve the non-core-js polyfilled version by default. You can use a different

jsdeliver

<script src="https://cdn.jsdelivr.net/npm/@toruslabs/torus-direct-web-sdk"></script>

unpkg

<script src="https://unpkg.com/@toruslabs/torus-direct-web-sdk"></script>

Tips for NUXT

This is a plugin that works only on the client side. So please register it as a ssr-free plugin.

Usage

Add @toruslabs/torus-direct-web-sdk to your project:

To allow your web app to retrieve keys:

  1. Install the package npm i @toruslabs/torus-direct-web-sdk

  2. Serve service worker from baseUrl where baseUrl is the one passed while instantiating DirectWebSdk for specific login (example http://localhost:3000/serviceworker/). If you're already using a sw, pls ensure to port over the fetch override from our service worker

  3. For browsers where service workers are not supported or if you wish to not use service workers, create and serve redirect page from baseUrl/redirect where baseUrl is the one passed while instantiating DirectWebSdk for specific login ( example http://localhost:3000/serviceworker/)

  4. At verifier's interface (where you obtain client id), please use baseUrl/redirect (eg: http://localhost:3000/serviceworker/redirect) as the redirect_uri where baseUrl is the one passed while instantiating DirectWebSdk

  5. Instantiate the package with your own specific client-id

const torus = new DirectWebSdk({
  baseUrl: "http://localhost:3000/serviceworker/",
  proxyContractAddress: "0x4023d2a0D330bF11426B12C6144Cfb96B7fa6183", // details for test net
  network: "ropsten", // details for test net
});
await torus.init();
  1. Trigger the login
const userInfo = await torus.triggerLogin({
  typeOfLogin: "google",
  verifier: "YOUR VERIFER DEPLOYED BY TORUS",
  clientId: "MY CLIENT ID GOOGLE",
});
  1. Reach out to hello@tor.us to get your verifier spun up on the testnet today!

Info

The following links help you create OAuth accounts with different login providers

For other verifiers,

  • you'll need to create an Auth0 account
  • create an application for the login type you want
  • Pass in the clientId, domain of the Auth0 application into the torus login request

Please refer to examples, vue.js, gatsby for configuration

Hosted Example for testing is here

Best practices

  • Due to browser restrictions on popups, you should reduce the time taken between user interaction and the login popups being opened. This is highly browser dependent, but the best practice for this is to separate the initialization of the SDK and the user login method calls.

  • Please check if redirect.html is being served correctly by navigating to baseUrl/redirect#a=123

For nginx, here is a simple server configuration

    location ~* (/serviceworker/redirect) {
            add_header 'Access-Control-Allow-Origin' '*';
            add_header Content-Security-Policy "default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline';";
            add_header X-Content-Type-Options nosniff;
            add_header X-XSS-Protection "1; mode=block";
            add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";
            default_type "text/html";
            alias PATH_TO_REDIRECT_HTML_FILE;
            autoindex off;
    }

Requirements

  • This package requires a peer dependency of @babel/runtime
  • Node 10+