#[0] playing with your web AUTH flow now. I think we will try to use something very similar so we can at least start to build a standard. We’ll share any ideas we come up with along the way.
Not sure how to offer this on mobile though without extensions. Really would prefer to not offer putting in your private key…
Web auth?
Basically using NIP-42 to have users sign a challenge from browser extension to authenticate them for some type of web application.
Blake uses it for his Dashboard https://nostrgraph.net/dashboard
Ah, I'm already doing this for the snort api
How are you formatting it? Any advice?
Myself and nostr:npub1melv683fw6n2mvhl5h6dhqd8mqfv3wmxnz4qph83ua4dk4006ezsrt5c24 are using a similar approach by using ephemerial events with certain http related tags ("url"/"method")
Would be happy to write up the NIP and you can also give your inputs too
And just seeing this now. I really hope we can get it merged!
For some reason on Damus this reply (and your previous one) didn’t tag me.
There is extension for ios
Nostore, right? Good, but still probably need a solution for users without an extension for whatever reason.
that solution would be ideal
I use Nostore on mobile and it’s nice enough. However Apple makes it hard I think to onboard and familiarise new users on how to access it. It’s harder than the Adblock apps to setup/use.
I kind of see Nostr Connect or something similar as being an alternative for mobile.
It’s pretty tough, as Nostr key management is still underdeveloped - and iOS limitations around UI, notifications, app to app comms, is very restrictive still.
What would be cool is an app like Authy that the webpage login calls, and then the Authy app has a notification to approve, or if given access prior, it could perhaps approve in the background.
