Oddbean new post about | logout
 @brugeman 
Wondering why nostr-login account creation does not work in my client?
#nostrdev
https://nostrmeet.me/invite/186f62be0ff4776?npub=npub1xdtducdnjerex88gkg2qk2atsdlqsyxqaag4h05jmcpyspqt30wscmntxy&ts=1709568464726&usenip46=true 
 Not sure what's not working for you, I've just created and account there, you can see the created pubkey in console. I landed on the homepage of nostrmeet though, maybe something's wrong with result handling?https://i.nostr.build/Dzr4.png 
 Thank you. Here’s what I get on iOS safari.
https://image.nostr.build/59eddc3b3c52eb52ad0063453715f1a1ac700019975ade8bbbefec7be71a8195.jpg 
 Ok Safari is a problem. The error message will be more meaningful and an explainer will be shown. You should go to ios setting advanced experimental and turn push api on and then add nsec.app to homescreen as pwa. Then this error should go away. I need to do more testing on apple devices  
 Moving forward with this “mobile first” onboarding app …  local nsec storage via nip46 seems like a great fit for this use case. But maybe nostr-login is not ready for production? The solution you suggested is no go (for account creation UX flow), but maybe there is a better way (for me) to get something working for my client?

I Haven’t quite wrapped my head around what you’ve built wiith nostr-login (and noauth) … but I think I need to. Do you have time for a paid consult with me to go over my best options for moving forward?


 
 Nsec.app on iOS needs these settings for now, until the web push technology graduates from 'experimental'. Not sure if 'add to homescreen' requirement stays or not. On other platforms it works out of the box.

Nostr-login is nip46 client, noauth/nsec.app is nip46 server (running in your browser) - there isn't much more than that.

The smoothest mobile-first signup experience is when you just generate nsec in your client and eventually when user is ready start explaining to them how to get their nsec 'reused' in other apps. If you need to immediately give them an option to sign into other apps then you could host your own nsecbunker instance and generate nsecs inside it and store on your server - it would be as smooth, but custodial. The next option is nsec.app - non-custodial, but more friction on some platforms/browsers like iOS or Brave.  
 That does help. How does one “port” existing keys into nsec.app? 
 On use.nsec.app click Get started (or Add account) and then Import keys. 
 Ok. I like your recommended onboard flow. So I’d just generate nsecs for new accounts, pass them “raw” to the NDKSigner, and encrypt/decrypt them with a password for local storage? (In case the user closes the browser) Wd this be best practice? 
 Right, but also I am not sure adding a password is that necessary for starters. 
 Hmm … yea. I can see that.