# PR: feat(auth): Architect Decentralized Identity (DID) Authentication Module

[BigBen-7]

**Closes #16 **

Description

This pull request introduces a secure, Web3-native authentication system based on the Sign-In with Ethereum (SIWE, EIP-4361) standard, adapted for the Flare Network.

This new module replaces traditional login methods with a decentralized identity approach. It allows users to authenticate by simply signing a human-readable message with their wallet, providing a seamless and secure login experience. Upon successful signature verification, a session is established, linking the user's blockchain address to their application profile.

---

Implementation Details

SIWE Authentication Flow

• Message Generation:

  • A dedicated service has been created to generate a unique, EIP-4361 compliant message for each login attempt.
  • This message includes critical security details: the app's domain, the user's address, the Flare Network chain ID, a unique nonce to prevent replay attacks, and a session issuedAt timestamp.

• UI & Wallet Interaction:

  • When a user initiates a login, the UI presents them with the generated message.
  • It then prompts them to sign this message using their connected wallet (e.g., MetaMask). This proves they own the private key for the address they are claiming.

• Backend Verification (Mocked):

  • The signature and the original message are sent to a /api/auth/verify endpoint.
  • For robust frontend development, this endpoint is currently mocked using MSW. The mock handler simulates a successful signature verification and returns a JWT session token.

• Session Management:

  • Upon receiving a successful response from the mock backend, the JWT is stored, and the user's session is established.
  • The application state is updated to reflect that the user is authenticated, and their profile is now linked to their verified wallet address.

---

How to Test

Successful Login Flow

1. Navigate to the login page.
2. Click the "Connect Wallet" button and connect your wallet (e.g., MetaMask, set to the Flare Network).
3. Click the "Sign In with Ethereum" button.
4. Observe: A signature request pop-up should appear in your wallet, displaying the formatted SIWE message.
5. Click "Sign" in your wallet.
6. Observe: You should be successfully logged in and redirected to the main application page. Your session data should now contain your wallet address.

Rejected Signature Flow

1. Follow steps 1-4 from the successful flow.
2. In your wallet, click "Reject" or "Cancel".
3. Observe: The login process should be aborted. You should remain on the login page, and an appropriate UI message should indicate that the signature was required to proceed.