feat: add logical flow to decide if solana auth is used for login/link/register/verify

Author: beeman

app/features/auth/data-access/get-user-by-identity.ts

@@ -0,0 +1,9 @@
+import { prisma } from '~/lib/db.server'
+import { IdentityProvider } from '@prisma/client'
+
+export async function getUserByIdentity({ provider, providerId }: { provider: IdentityProvider; providerId: string }) {
+  return await prisma.user.findFirst({
+    include: { identities: true },
+    where: { identities: { some: { provider, providerId } } },
+  })
+}

app/features/auth/data-access/get-user-by-solana-identity.ts

@@ -0,0 +1,10 @@
+import { isValidSolanaPubKey } from '~/lib/solana/is-valid-solana-pubkey'
+import { IdentityProvider } from '@prisma/client'
+import { getUserByIdentity } from '~/features/auth/data-access/get-user-by-identity'
+
+export async function getUserBySolanaIdentity({ providerId }: { providerId: string }) {
+  if (!isValidSolanaPubKey(providerId)) {
+    throw new Error('Invalid Solana providerId')
+  }
+  return getUserByIdentity({ provider: IdentityProvider.Solana, providerId })
+}

app/features/pubkey/pubkey-feature-profile-create.tsx

@@ -12,8 +12,9 @@ import { UiCard } from '~/ui/ui-card'
 import { PubkeyUiProfileCreateForm } from './ui/pubkey-ui-profile-create-form'
 import { getPubkeySdkCommunity } from '~/lib/pubkey/get-pubkey-sdk-community'
 import { useConnection, useWallet } from '@solana/wallet-adapter-react'
-import { PublicKey, VersionedTransaction } from '@solana/web3.js'
+import { VersionedTransaction } from '@solana/web3.js'
 import { base58 } from '@metaplex-foundation/umi'
+import { isValidSolanaPubKey } from '~/lib/solana/is-valid-solana-pubkey'
 
 export function meta() {
   return appMeta('Profiles')
@@ -114,14 +115,6 @@ export default function PubkeyFeatureCommunityCreate({ loaderData: { config } }:
   )
 }
 
-function isValidSolanaPubKey(address: string) {
-  try {
-    return !!new PublicKey(address)
-  } catch {
-    return false
-  }
-}
-
 function txToBase58(tx: VersionedTransaction): string {
   const [res] = base58.deserialize(tx.serialize())
   return res

app/features/solana/get-solana-verification-type.ts

@@ -0,0 +1,54 @@
+export enum SolanaVerificationType {
+  Error = 'Error',
+  Login = 'Login',
+  Register = 'Register',
+  Link = 'Link',
+  Verify = 'Verify',
+}
+
+export function getSolanaVerificationType({
+  actorId,
+  ownerId,
+  enabledTypes = [
+    SolanaVerificationType.Login,
+    SolanaVerificationType.Link,
+    SolanaVerificationType.Register,
+    SolanaVerificationType.Verify,
+  ],
+}: {
+  actorId?: string
+  ownerId?: string
+  enabledTypes?: SolanaVerificationType[]
+}): {
+  message?: string
+  type: SolanaVerificationType
+} {
+  function ensureEnabledType(type: SolanaVerificationType) {
+    if (!enabledTypes.includes(type)) {
+      throw new Error(`Solana verification type ${type} is not enabled`)
+    }
+    return type
+  }
+
+  // If the wallet isn't owned by any user
+  if (!ownerId) {
+    return actorId
+      ? // If actor is set, we want to link the wallet
+        { type: ensureEnabledType(SolanaVerificationType.Link) }
+      : // Otherwise, we want to register a new user
+        { type: ensureEnabledType(SolanaVerificationType.Register) }
+  }
+
+  // We are not logged in, so this is a login
+  if (!actorId) {
+    return { type: ensureEnabledType(SolanaVerificationType.Login) }
+  }
+
+  // We are logged in, make sure that the user owns the wallet
+  if (ownerId !== actorId) {
+    return { type: SolanaVerificationType.Error, message: 'User does not own public key' }
+  }
+
+  // Actor owns the wallet, we can now verify it
+  return { type: ensureEnabledType(SolanaVerificationType.Verify) }
+}

app/features/solana/user-solana-wallet.tsx

@@ -5,6 +5,9 @@ import type { Route } from './+types/user-solana-wallet'
 import { useWallet } from '@solana/wallet-adapter-react'
 import { solanaAuth } from '~/lib/solana-auth/solana-auth'
 import type { SolanaAuthMessage, SolanaAuthMessageSigned } from '~/lib/solana-auth/solana-auth-message'
+import { getUserBySolanaIdentity } from '~/features/auth/data-access/get-user-by-solana-identity'
+import { getUser } from '~/features/auth/data-access/get-user'
+import { getSolanaVerificationType, SolanaVerificationType } from './get-solana-verification-type'
 
 function parsePayload(payload: string = ''): SolanaAuthMessageSigned {
   try {
@@ -23,8 +26,27 @@ export async function action({ request }: Route.LoaderArgs) {
   if (!publicKey) {
     return { success: false, message: `No public key` }
   }
+  const actor = await getUser(request)
+  const owner = await getUserBySolanaIdentity({ providerId: publicKey })
+
+  // This determines the type of verification we are performing
+  const verification = getSolanaVerificationType({
+    actorId: actor?.id ?? undefined,
+    ownerId: owner?.id ?? undefined,
+    enabledTypes: [
+      SolanaVerificationType.Login,
+      SolanaVerificationType.Link,
+      SolanaVerificationType.Register,
+      SolanaVerificationType.Verify,
+    ],
+  })
+  if (verification.type === SolanaVerificationType.Error) {
+    return { success: false, message: verification.message }
+  }
 
-  console.log(`user-solana-wallet -> action`, action, 'publicKey', publicKey)
+  console.log(
+    `user-solana-wallet [${action}] -> publicKey: ${publicKey} -> owner: ${owner ? owner.username : 'NONE'} -> type: ${verification.type}`,
+  )
 
   switch (formData.get('action')) {
     case 'sign-message-create':
@@ -34,16 +56,14 @@ export async function action({ request }: Route.LoaderArgs) {
         type: 'solana-auth-message',
       }
     case 'sign-message-verify':
-      const { message, signature, blockhash, nonce } = parsePayload(payload)
-      console.log(`sign message -> verify`, 'message', message, 'signature', signature, 'blockhash', blockhash)
-      const result = await solanaAuth.verifyMessage({
-        method: 'solana:signMessage',
-        publicKey,
-        message,
-        signature,
-        blockhash,
-        nonce,
-      })
+      const parsed = parsePayload(payload)
+      const result = await solanaAuth.verifyMessage(parsed)
+      if (!result) {
+        throw new Error('Invalid signature')
+      }
+      console.log(`sign message -> verify`, 'message', parsed, 'signature', parsed.signature, 'result', result)
+      // TODO: Wallet is verified. We can now:
+      // - Check if the wallet exists
       return {
         success: true,
         message: result,

app/lib/solana/is-valid-solana-pubkey.ts

@@ -0,0 +1,9 @@
+import { PublicKey } from '@solana/web3.js'
+
+export function isValidSolanaPubKey(address: string) {
+  try {
+    return !!new PublicKey(address)
+  } catch {
+    return false
+  }
+}