Soliciting feedback for a major overhaul to the Ethereum Auth Client. Recently I “extended”
dbAuth to work with my own custom OAuth2, see Combining dbAuth + OAuth2.
I think we should completely overhaul
ethereum-auth package to extend
dbAuth, rather than duplicate efforts on the authentication side of things. We can just focus on the ethereum stuff! More explanation on github if you’re interested: [Discussion] "Extend" DbAuth · Issue #7 · oneclickdapp/ethereum-auth · GitHub
Ethereum explainer: In the context of authentication, ethereum user are their own “authority”, since they bring their own private keys via a wallet. When a user signs a message using this private key, the app can verify their identity, and create an account for them, issue a JWT or session, etc. This means we can authenticate anyone with an ethereum wallet without relying on any third-party services.
Thoughts? Concerns? Cat GIFs?