Посторонним в

Блог-форум Винни Пуха
 
ФорумФорум  ЧаВоЧаВо  ПоискПоиск  ПользователиПользователи  ГруппыГруппы  РегистрацияРегистрация  ВходВход  

Поделиться | 
 

 NEMid

Предыдущая тема Следующая тема Перейти вниз 
АвторСообщение
Winnie
Admin


Сообщения : 679
Дата регистрации : 2015-06-10

СообщениеТема: NEMid    2017-06-29, 08:35

РЕЗЕРВ
здесь будет перевод на русский
Вернуться к началу Перейти вниз
Посмотреть профиль http://free.userboard.net
Winnie
Admin


Сообщения : 679
Дата регистрации : 2015-06-10

СообщениеТема: Re: NEMid    2017-06-29, 08:47

NEMid: Securely Sign Into Websites and Apps With Your NEM Account
https://blog.nem.io/nemid/, 29 июня 2017

Written by Nikhil Jha (Telegram: @ReverseCold)

Decentralized websites and applications shouldn’t have to rely on the outworn authentication system of usernames and passwords. In order to sign in, one has to remember their passwords for each service. Even when using a password manager, passwords are still susceptible to being stolen through a website hack.

Meet NEMid, a secure way to sign in for the modern era. Using secure public key cryptography, NEMid can sign you into compatible websites and apps with only a NEM account through a standalone application.


Protocol Explanation

This is a technical description of the protocol behind NEMid. It is useful if you wish to implement NEMid into your website. If you would just like to have a demo of the technology, scroll down to the sample implementation section.


Application / Website Side

The application wishing to implement nemid needs to generate a link in the nemid: // format. The format is as follows.
Код:
nemid://unique-string/https-callback-url/

The unique-string is a long string that should be randomly (or deterministically) generated as well as unique. This signifies the session ID that should be logged in once the callback is generated. This “UUID” can be generated following RFC4122, or however the application owner decides as long as it is unique and time sensitive.

The https-callback-url is simply a callback URL that the application will need to visit in order to send back the signed string. It takes three parameters: sig, pub, and uuid.

Upon receiving the callback, the website should verify the signature and sign the user into either the first session or to a new session.


Client Side

The entire NEMid string is signed, including the callback URL and nemid: // at the beginning. This is then sent to the callback URL as
Код:
https://https-callback-url?sig=&pub=&uuid=


Sample Implementation

Server Side

A dummy server is available on GitHub. It gives a fake login experience for you to try out NEMid. This needs to be hosted behind an HTTPS proxy for it to work properly.

The demo server is, at time of publication, hosted at feint.io, so after installing the client, you can try it out with a mainnet account.


Client Side

A standalone desktop application is available on GitHub for both Mac and Windows.


Client Screenshot

How To Use Samples

For the server just npm install and then node index.js.

Once the dummy server is running...
  1. Open the client app
  2. Go to http://feint.io for the hosted version, or http://localhost/ for the local version.
  3. Click on the link and then fill out the rest of the information in the client.

Note: If using localhost your browser may fail to connect. Just add an http before localhost in the browser URL bar. This is because NEMid REQUIRES SSL, and the dummy server does not have SSL. If you want to remove this step, you’ll have to run the dummy server behind an SSL nginx proxy or similar.


Conclusion

If you’re building a website or an app that focuses on users of NEM and other cryptocurrencies, add NEMid for a modern, secure experience!
Вернуться к началу Перейти вниз
Посмотреть профиль http://free.userboard.net
 
NEMid
Предыдущая тема Следующая тема Вернуться к началу 
Страница 1 из 1

Права доступа к этому форуму:Вы не можете отвечать на сообщения
Посторонним в :: Блокчейн проекты :: NEM и связанные с ним проекты :: NEM-
Перейти: