Wallet Authenticator
> This API is provided as a preview for developers and may change based on feedback that we receive. Do not use this API in a production environment.
The wallet authenticator enables server-side applications to securely identify the connected wallet address of users on the client-side, and also enables users to authenticate to any backend using just their wallet. It implements the JSON Web Token (JWT) authentication standard.
You can use the wallet authenticator as follows:
// First we specify the domain of the application to authenticate to
domain := "thirdweb.com"
// We can then generate a payload for the connected wallet to login
// This can also be done on the client side with the thirdweb TypeScript SDK
payload, err := sdk.Auth.Login(domain, nil)
// Then, on the server, we can securely verify the connected address that signed the payload
address, err := sdk.Auth.Verify(domain, payload, nil)
// And we can also generate an authentication token to send back to the original payload sender
token, err := sdk.Auth.GenerateAuthToken(domain, payload, nil)
// Finally, the token can be use dby the original payload sender to authenticate to the backend
// And the server can use the following function to authenticate the token and verify the address
address, err := sdk.Auth.Authenticate(domain, token)
type WalletAuthenticator struct {
*ProviderHandler
}
func (*WalletAuthenticator) Authenticate
func (auth *WalletAuthenticator) Authenticate(domain string, token string) (string, error)
Server-side function that authenticates the provided JWT token. This function verifies that the provided authentication token is valid and returns the address of the authenticated wallet.
domain: The domain of the application to authenticate the token to
token: The authentication token to authenticate with
returns: The address of the authenticated wallet
Example
domain := "thirdweb.com"
payload, err := sdk.Auth.Login(domain)
token, err := sdk.Auth.GenerateAuthToken(domain, payload)
// Authenticate the token and get the address of the authenticating wallet
address, err := sdk.Auth.Authenticate(domain, token)
func (*WalletAuthenticator) GenerateAuthToken
func (auth *WalletAuthenticator) GenerateAuthToken(domain string, payload *WalletLoginPayload, options *WalletAuthenticationOptions) (string, error)
Server-side function that generates a JWT token from the provided login request that the client-side wallet can use to authenticate to the server-side application.
domain: The domain of the application to authenticate to
payload: The login payload to authenticate with
options: Optional configuration options for the authentication token
returns: An authentication token that can be used to make authenticated requests to the server
Example
domain := "thirdweb.com"
payload, err := sdk.Auth.Login(domain, nil)
// Generate an authentication token for the logged in wallet
token, err := sdk.Auth.GenerateAuthToken(domain, payload, nil)
func (*WalletAuthenticator) Login
func (auth *WalletAuthenticator) Login(domain string, options *WalletLoginOptions) (*WalletLoginPayload, error)
Client-side function that allows the connected wallet to login to a server-side application. Generates a login payload that can be sent to the server-side for verification or authentication.
domain: The domain of the application that you want to log in to
options: Optional configuration options for the login payload
returns: A login payload that can be sent to the server-side for verification or authentication
Example
// Add the domain of the application that you want to log in to
domain := "thirdweb.com"
// Generate a signed login payload for the connected wallet to authenticate with
payload, err := sdk.Auth.Login(domain, nil)
func (*WalletAuthenticator) Verify
func (auth *WalletAuthenticator) Verify(domain string, payload *WalletLoginPayload, options *WalletVerifyOptions) (string, error)
Server-side function to securely verify the address of the logged in client-side wallet by validating the provided client-side login request.
domain: The domain of the application to verify the login request for
payload: The login payload to verify
returns: The address of the logged in wallet that signed the payload
Example
domain := "thirdweb.com"
payload, err := sdk.Auth.Login(domain, nil)
// Verify the login request
address, err := sdk.Auth.Verify(domain, payload, nil)
type WalletLoginOptions
type WalletLoginOptions struct {
Nonce string
ExpirationTime time.Time
ChainId int
}
type WalletLoginPayload
type WalletLoginPayload struct {
Payload *WalletLoginPayloadData `json:"payload"`
Signature string `json:"signature"`
}
type WalletLoginPayloadData
type WalletLoginPayloadData struct {
Domain string `json:"domain"`
Address string `json:"address"`
Nonce string `json:"nonce"`
ExpirationTime time.Time `json:"expiration_time"`
ChainId int `json:"chain_id"`
}
type WalletVerifyOptions
type WalletVerifyOptions struct {
ChainId int
}