Example front-end and back-end to sign and verify ownership of NFTs implementing SNIP721 NFT Authorization. The token ID alone will serve as the user's credentials. The user's wallet address does not need to be exposed to the back-end.
On window load, Keplr will popup and prompt the user to sign a permit message for the front-end to read the private meta-data for the NFT contract. If pulsar-2 is not configured in Keplr, it will suggest to add it.
Once the permit query is complete, the dropdown list will be populated with all tokens the user owns from the NFT contract. On "Submit", the front-end signs an arbitrary message with the private auth_key, and sends the signature and token ID in a POST request to the Express back-end.
The back-end queries the public auth_key metadata for the given token ID and verifies the signature against the same arbitary message, returning a true boolean value to the front-end to confirm the user is authorized login.
npm installcp .env_example .env
Update .env values as needed.
npm run devIn a new terminal:
npm run backend