fix(rcart): use rstack-identity auth instead of separate passkey flow
folk-payment-request now triggers the rstack-identity auth modal instead of its own passkey flow. This ensures the username displays correctly in the identity badge and avoids duplicate session management. Also checks both session sources for wallet address and access token. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
parent
841a5ff2b6
commit
911713e9aa
|
|
@ -71,75 +71,56 @@ class FolkPaymentRequest extends HTMLElement {
|
|||
|
||||
private async checkExistingSession() {
|
||||
try {
|
||||
// Check both session managers (SessionManager + rstack-identity)
|
||||
const { getSessionManager } = await import('../../../src/encryptid/session');
|
||||
const session = getSessionManager();
|
||||
if (session.isValid()) {
|
||||
this.did = session.getDID() || '';
|
||||
const state = session.getSession();
|
||||
this.walletAddress = state?.claims?.eid?.walletAddress || '';
|
||||
const sm = getSessionManager();
|
||||
const { getSession } = await import('../../../shared/components/rstack-identity');
|
||||
const rstackSession = getSession();
|
||||
|
||||
// If session exists but no wallet address, try deriving from key manager
|
||||
if (!this.walletAddress) {
|
||||
try {
|
||||
const { getKeyManager } = await import('../../../src/encryptid/key-derivation');
|
||||
const km = getKeyManager();
|
||||
if (km.isInitialized()) {
|
||||
const keys = await km.getKeys();
|
||||
if (keys.eoaAddress) this.walletAddress = keys.eoaAddress;
|
||||
}
|
||||
} catch { /* key manager not ready */ }
|
||||
}
|
||||
const hasSession = sm.isValid() || !!rstackSession;
|
||||
if (!hasSession) return;
|
||||
|
||||
if (this.walletAddress) {
|
||||
this.authenticated = true;
|
||||
this.render();
|
||||
}
|
||||
// Get DID from either source
|
||||
this.did = sm.getDID() || rstackSession?.claims?.did || rstackSession?.claims?.sub || '';
|
||||
|
||||
// Get wallet address from session claims
|
||||
const smState = sm.getSession();
|
||||
this.walletAddress = smState?.claims?.eid?.walletAddress || rstackSession?.claims?.eid?.walletAddress || '';
|
||||
|
||||
// If session exists but no wallet address, try deriving from key manager
|
||||
if (!this.walletAddress) {
|
||||
try {
|
||||
const { getKeyManager } = await import('../../../src/encryptid/key-derivation');
|
||||
const km = getKeyManager();
|
||||
if (km.isInitialized()) {
|
||||
const keys = await km.getKeys();
|
||||
if (keys.eoaAddress) this.walletAddress = keys.eoaAddress;
|
||||
}
|
||||
} catch { /* key manager not ready */ }
|
||||
}
|
||||
|
||||
if (this.walletAddress) {
|
||||
this.authenticated = true;
|
||||
this.render();
|
||||
}
|
||||
}
|
||||
} catch { /* session module not available */ }
|
||||
}
|
||||
|
||||
private async authenticate() {
|
||||
this.authenticating = true;
|
||||
this.authError = '';
|
||||
this.render();
|
||||
|
||||
try {
|
||||
const { authenticatePasskey } = await import('../../../src/encryptid/webauthn');
|
||||
const { deriveEOAFromPRF } = await import('../../../src/encryptid/eoa-derivation');
|
||||
const { getSessionManager } = await import('../../../src/encryptid/session');
|
||||
const { EncryptIDKeyManager } = await import('../../../src/encryptid/key-derivation');
|
||||
|
||||
const result = await authenticatePasskey();
|
||||
if (!result.prfOutput) {
|
||||
throw new Error('Your passkey does not support PRF — wallet address cannot be derived');
|
||||
}
|
||||
|
||||
const eoa = deriveEOAFromPRF(new Uint8Array(result.prfOutput));
|
||||
this.walletAddress = eoa.address;
|
||||
|
||||
// Initialize key manager for session
|
||||
const km = new EncryptIDKeyManager();
|
||||
await km.initFromPRF(result.prfOutput);
|
||||
const keys = await km.getKeys();
|
||||
this.did = keys.did;
|
||||
|
||||
// Create session
|
||||
const session = getSessionManager();
|
||||
await session.createSession(result, keys.did, {
|
||||
encrypt: true,
|
||||
sign: true,
|
||||
wallet: true,
|
||||
// Trigger the rstack-identity auth modal instead of a separate passkey flow
|
||||
const identity = document.querySelector('rstack-identity') as any;
|
||||
if (identity?.showAuthModal) {
|
||||
identity.showAuthModal({
|
||||
onSuccess: () => {
|
||||
// Re-check session after auth completes
|
||||
this.checkExistingSession();
|
||||
},
|
||||
});
|
||||
|
||||
// Zero private key — we don't need to sign anything here
|
||||
eoa.privateKey.fill(0);
|
||||
|
||||
this.authenticated = true;
|
||||
} catch (e) {
|
||||
this.authError = e instanceof Error ? e.message : String(e);
|
||||
} else {
|
||||
this.authError = 'Identity component not available. Please sign in from the top-right menu.';
|
||||
this.render();
|
||||
}
|
||||
this.authenticating = false;
|
||||
this.render();
|
||||
}
|
||||
|
||||
// ── Load existing payment from URL ──
|
||||
|
|
@ -195,8 +176,9 @@ class FolkPaymentRequest extends HTMLElement {
|
|||
|
||||
try {
|
||||
const { getSessionManager } = await import('../../../src/encryptid/session');
|
||||
const { getSession: getRstackSession } = await import('../../../shared/components/rstack-identity');
|
||||
const session = getSessionManager();
|
||||
const accessToken = session.getSession()?.accessToken;
|
||||
const accessToken = session.getSession()?.accessToken || getRstackSession()?.accessToken;
|
||||
|
||||
const res = await fetch(`${this.getApiBase()}/api/payments`, {
|
||||
method: 'POST',
|
||||
|
|
|
|||
Loading…
Reference in New Issue