NAME

Digi-ID implementation in Perl5

DESCRIPTION

Perl5 implementation of [Digi-ID](https://www.digi-id.io/).

Digi-ID Open Authentication Protocol

Pure DigiByte sites and applications shouldn't have to rely on artificial identification methods such as usernames and passwords. Digi-ID is an open authentication protocol allowing simple and secure authentication using public-key cryptography.

Classical password authentication is an insecure process that could be solved with public key cryptography. The problem however is that it theoretically offloads a lot of complexity and responsibility on the user. Managing private keys securely is complex. However this complexity is already addressed in the DigiByte ecosystem. So doing public key authentication is practically a free lunch to DigiByte users.

The protocol is based on the following BIP draft

https://github.com/bitid/bitid/blob/master/BIP_draft.md

USAGE IN WEB APPLICATION

 use Dancer2;
 use DigiByte::DigiID qw(get_qrcode extract_nonce verify_signature);

 get '/login' => sub {
     template 'login' => {
         qrcode => {get_qrcode(request->host)},
     };
 };

 get '/callback' => sub {
    my $credential = from_json do { 
        my $input = request->env->{'psgi.input'};
        local $/; <$input>;
    } or halt "credential not found";

    my $nonce = extract_nonce($credential->{uri})
        or do { 
            status 403; 
            return "Nonce is missing";
        };

    eval { verify_signature(@$credential{qw(address signature uri)}) }
        or do { 
            status(403);
            return "Invalid credential, $@";
        };

    my $db = DB->schema; ## using dbix-lite for example

    my $user = $db->table('digiid_users')
        ->find({digiid => $credential->{address}})
        or do {
            status(403);
            return "digiid is not found: $credential->{address}";
        };

    $db->transaction(sub {
        $db->table('digiid_sessions')->insert({
            nonce      => $nonce,
            digiid     => $user->id,
            created_at => \'NOW()',
        });
    });

    return 'OK';
 };

 get '/ajax' => sub {
    content_type 'application/json';

    my $nonce = params->{nonce}
        or return to_json {ok => 0, error => 'missing nonce'};

    my $db = DB->schema; ## using dbix-lite for example

    my $session = $db->table('digiid_sessions')
        ->find({nonce => $nonce})
            or return to_json {ok => 0};

    my $user = $session->get_digiid_users->get_user
        or return to_json {ok => 0, next => 'scan to login in digibyte wallet'};

    $session->delete;

	return to_json {ok => 1};
 };

 dance;

Demo

https://digibyteforums.io/ (Has a custom interface on top)

Notes

* Pure Perl5 implementation, no need to run a DigiByte node

Credit

Direct Translation from PHP to Perl5 - https://github.com/DigiByte-Core/digiid-php/blob/master/DigiID.php

LINKS

Git Repo: https://github.com/mvu8912/perl5-digibyte-digiid.git

CPAN Module: https://metacpan.org/pod/DigiByte::DigiID

To install DigiByte::DigiID, copy and paste the appropriate command in to your terminal.

cpanm

cpanm DigiByte::DigiID

CPAN shell

perl -MCPAN -e shell
install DigiByte::DigiID

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)