Merge pull request #76 from String-xyz/task/sean/str-249

auroter · web-flow · commit 2d4390099bfe · 2023-01-09T18:26:13.000-07:00
Task/sean/str 249
diff --git a/pkg/service/auth.go b/pkg/service/auth.go
@@ -22,6 +22,8 @@ type SignablePayload struct {
 
 var hexRegex *regexp.Regexp = regexp.MustCompile(`^0x[a-fA-F0-9]{40}$`)
 
+var walletAuthenticationPrefix string = "Thank you for using String! By signing this message you are:\n\n1) Authorizing String to initiate off-chain transactions on your behalf, including your bank account, credit card, or debit card.\n\n2) Confirming that this wallet is owned by you.\n\nThis request will not trigger any blockchain transaction or cost any gas.\n\nNonce: "
+
 type RefreshTokenResponse struct {
 	Token string    `json:"token"`
 	ExpAt time.Time `json:"expAt"`
@@ -80,13 +82,13 @@ func (a auth) PayloadToSign(walletAddress string) (SignablePayload, error) {
 	if err != nil {
 		return signable, common.StringError(err)
 	}
-	return SignablePayload{encrypted}, nil
+	return SignablePayload{walletAuthenticationPrefix + encrypted}, nil
 }
 
 func (a auth) VerifySignedPayload(request model.WalletSignaturePayloadSigned) (UserCreateResponse, error) {
 	resp := UserCreateResponse{}
 	key := os.Getenv("STRING_ENCRYPTION_KEY")
-	payload, err := common.Decrypt[model.WalletSignaturePayload](request.Nonce, key)
+	payload, err := common.Decrypt[model.WalletSignaturePayload](request.Nonce[len(walletAuthenticationPrefix):], key)
 	if err != nil {
 		return resp, common.StringError(err)
 	}
@@ -252,7 +254,7 @@ func (a auth) RefreshToken(refreshToken string, walletAddress string) (JWT, erro
 
 func verifyWalletAuthentication(request model.WalletSignaturePayloadSigned) error {
 	key := os.Getenv("STRING_ENCRYPTION_KEY")
-	preSignedPayload, err := common.Decrypt[model.WalletSignaturePayload](request.Nonce, key)
+	preSignedPayload, err := common.Decrypt[model.WalletSignaturePayload](request.Nonce[len(walletAuthenticationPrefix):], key)
 	if err != nil {
 		return common.StringError(err)
 	}
diff --git a/pkg/service/user.go b/pkg/service/user.go
@@ -63,7 +63,7 @@ func (u user) GetStatus(userID string) (model.UserOnboardingStatus, error) {
 func (u user) Create(request model.WalletSignaturePayloadSigned) (UserCreateResponse, error) {
 	resp := UserCreateResponse{}
 	key := os.Getenv("STRING_ENCRYPTION_KEY")
-	payload, err := common.Decrypt[model.WalletSignaturePayload](request.Nonce, key)
+	payload, err := common.Decrypt[model.WalletSignaturePayload](request.Nonce[len(walletAuthenticationPrefix):], key)
 	if err != nil {
 		return resp, common.StringError(err)
 	}

Original file line number	Diff line number	Diff line change
`@@ -63,7 +63,7 @@ func (u user) GetStatus(userID string) (model.UserOnboardingStatus, error) {`
`63`	`63`	`func (u user) Create(request model.WalletSignaturePayloadSigned) (UserCreateResponse, error) {`
`64`	`64`	`resp := UserCreateResponse{}`
`65`	`65`	`key := os.Getenv("STRING_ENCRYPTION_KEY")`
`66`		`- payload, err := common.Decrypt[model.WalletSignaturePayload](request.Nonce, key)`
	`66`	`+ payload, err := common.Decrypt[model.WalletSignaturePayload](request.Nonce[len(walletAuthenticationPrefix):], key)`
`67`	`67`	`if err != nil {`
`68`	`68`	`return resp, common.StringError(err)`
`69`	`69`	`}`