7.3. Logging in with a login key¶
To log in with a Blockchain key, the following happens:
- User requests a challenge phase from the BDTS app
- The phrase is locally signed using the private key
- The signed message is sent to the server
- The server verifies the signature on the blockchain using the smart contract
- The user receives an OAuth token which he uses for further requests
Example:
Request the challenge:
# Get the challenge
curl -s -L https://app.smartbl.io/api/v1/challenge/
Response:
{
"challenge_string": "cHoPMZxRry_hnhXnmRofKHJGKgU"
}
Now sign the challenge locally using web3 and log in using the signed challenge:
# username is the public Ethereum address of the key
# Password is the HEX encoded signed challenge
curl -s https://client_id:[email protected]/oauth/token/ \
--data="scope=read%20write
&username=0xc1B8C5fFe3e21060d6Bd23e331043d8F02a560dA
&password=0xaa6ab9b32f5ecdd7a209c016e3a76f85d7ed6469
75f3eee959b2f5ebc958208b252d22d90ae7f694b4
73d13ab155211e46958c0615ec52878dfd7c9fc42c
fa9501
&grant_type=password"
Response:
{
// Token expiry time
"expires_in": 600,
// Refresh token
"refresh_token": "cU8PqVszJXX8A3bzFWKjMUfJK3nXXB",
// Access token to be used in Authentication: Bearer <token>
"access_token": "WlMxwPLaAG3krmvJxyzkSiVgIGaPIdH",
// Token type. Currently only “Bearer” is available
"token_type": "Bearer",
"scope": "read write"
}