Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[WIP] Feature/api login - requesting feedback #1880

Draft
wants to merge 11 commits into
base: develop
Choose a base branch
from

Conversation

xeroc
Copy link
Member

@xeroc xeroc commented Aug 5, 2019

(paging @Dimfred)

This feature enables to "login" to the RPC endpoint by using a signed transaction containing a transfer operation.

The reason is that we would like to offer a way to provide a premium endpoint to users iff
the fulfill certain conditions, such as:

  • required_lifetime_member
  • required_registrar
  • required_referrer
  • and potentially more going forward

This is work in progress, but feedback is very welcome.

Please, could someone page Crypto Clara as I had an extended discussion about this feature with her in Shanghai

@xeroc xeroc force-pushed the feature/api-login2 branch from 3caf697 to 8fdcd8f Compare August 5, 2019 15:16
@xeroc xeroc force-pushed the feature/api-login2 branch from 8fdcd8f to d36e6a4 Compare August 5, 2019 15:18
@Dimfred Dimfred force-pushed the feature/api-login2 branch from f4b80c6 to dd09f81 Compare August 5, 2019 16:32
@ryanRfox
Copy link
Contributor

ryanRfox commented Aug 5, 2019

@manikey123 please have a look into this PR. You should find it relevant to prior conversations with @xeroc

@abitmore
Copy link
Member

abitmore commented Aug 6, 2019

I didn't get why it need a transfer. I think, to prevent replay attack, the login should use a hand-shaking model:

  • server->client: my memo key is XYZ
  • server->client: what's your username?
  • client->server: my name is abc
  • server get abc's memo key which is UVW
  • server generates a string STR, encrypt it using sign_memo with UVW and XYZ's private key
  • server->client: the encrypted_memo is ENCRYPTED_STR, what does it contain?
  • client->server: STR
  • server->client: validated

@manikey123
Copy link
Contributor

@XeroX Extended information is captured under #1882.
Look forward towards your feedback.

@sschiessl-bcp
Copy link

We are also working to add the login possibility of having a withdrawal permission set to the node operators account. Use case implicit.

@xeroc
Copy link
Member Author

xeroc commented Aug 6, 2019

I didn't get why it need a transfer. I think, to prevent replay attack, the login should use a hand-shaking model

The motivation here was to reduce number of round trips for communication.
A transfer (or any other operation that comes with a fee_payer() - all) could be used but we limited the code for transfer_operation. Open for suggestions to make this more modular.

Also, you made a great comment on the other issue. Let me quote:

About implementation, the PR added a login_signed API. Alternatively, due to the optional parameter support (bitshares/bitshares-fc#126), we can extend current login API, keep the status that currently the login API is the entry point of the authentication process. For example, extend login API from login(user,pass_string) to login(user,auth_string,optional_auth_method). There are reasons for this. For example, currently we support Basic HTTP Authentication for clients, it's best if the new authentication method has similar support.

I think this makes sense. We could (later) add other authentication schemes to the login-api (such as Bearer) and even maybe connect an sqlite database to the backend to make changes to authentications easier (just thinking).

Would it make sense (if it even works) to extract that code into a plugin and add sqlite support for that plugin specifically? The plugin would either extend or overwrite the login api and allow authentication via sqlite schema, or other means - like SASL as you proposed in the other thread?

@pmconrad
Copy link
Contributor

We are also working to add the login possibility of having a withdrawal permission set to the node operators account.

This sounds like payment channels would be a better solution.

@sschiessl-bcp
Copy link

Where do you see the downside of using recurring payments, and where do you see benefits in using a payment channel?

@pmconrad
Copy link
Contributor

A payment channel is better for a series of off-chain micropayments, e. g. pay-per-minute or maybe even pay-per-API-call.
Recurring payments requires an on-chain transaction for each payment and is thus more suitable for a daily/weekly/monthly fixed fee.

@xeroc
Copy link
Member Author

xeroc commented Nov 13, 2019

Recurring payments requires an on-chain transaction for each payment and is thus more suitable for a daily/weekly/monthly fixed fee.

We were thinking a monthly subscription fee.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

8 participants