Removed all login methods besides nostr-login on noogle.lol Should give better support to Amber on Android now too 🌝 Browser Extensions still work on nostr-login on supported browsers. If you have issues lmk.
nostr:nprofile1qqsrx4k7vxeev3unrn5ty9qt9w4cxlsgzrqw752mh6fduqjgqs9chhgppemhxue69uhkummn9ekx7mp0qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qg3waehxw309ahx7um5wgh8w6twv5hsxct838 is there some tutorial how to make the login via DM work? 🤔
There's a description here https://github.com/nostrband/nostr-login?tab=readme-ov-file#otp-login Does it help?
I saw this but I don't really know how this interplays with the lib or how the server should look like. But maybe I need to investigate in more detail
Server should provide two api endpoints, one accepts npub and should send the one time code as dm. The other one accepts the code and should either set a cookie, or return some payload identifying the session. Nostr-login will pass that payload with onAuth event so you could use it to make future api calls. Codes should be bound to npub and expire
I did something similar: - User enters npub to authorize - Server visually displays one-time code and also send encrypted DMs to user - User visually confirms DM code is same and replies ‘OK’ if satisfied. - Server listens for decrypted DM ‘OK’ from npub where event.created_at > DM sent event created at. - If ‘OK’, sets a status login ok for one time query - Browser client polls for one time status, if login True, session cookie is set for logged in, status is cleared. I had this all working for NIP-04, upgrading to NIP-17.