Blockstack
Blockstack is
Contents
Authentication
Blockstack can work as an authentication provider for other Blockstack apps or for traditional websites. You can use the local app or the web version to perform the log-in service.
Using Blockstack
Install
To install yo and the Blockstack generator globally run:
sudo npm i -g yo generator-blockstack
To generate the app structure and install dependencies run (in the project directory):
yo blockstack
npm i
Then you can start the app like so:
npm run start
It will open a window in your browser at http://localhost:5000/
Notes
Manifest File
Blockstack needs access to a manifest.json file for the purposes of obtaining the details of your app, the file must have the following headers set:
- Access-Control-Allow-Origin "*"
- Access-Control-Allow-Methods "GET, POST, PUT, DELETE"
- Access-Control-Allow-Headers "Content-Type"
If your manifest.json file does not have the correct domain/ip of the blockstack site requesting your ip it will complain that the "Access-Control-Allow-Origin" header is not set.
The Browser version requires the manifest page to be encrypted using ssl.
There does appear to be some caching issues with the app making it not work - try restarting the browser.
Login Page
The login page appears to need the header: Access-Control-Allow-Origin "*" set.
Blockstack Sign-in Page
The sign in page is located at localhost:8888/ or for the browser version browser.blockstack.org/
To make a manual request to the blockstack service you need to direct the browser to: browser.blockstack.org/auth/?authRequest={THE REQUEST TOKEN} or localhost:8888/auth/?authRequest={THE REQUEST TOKEN}
{THE REQUEST TOKEN} is a JWT token created by blockstack.
The blockstack service page will display the permissions the app is requesting along with the manifest data from your app, it gives the user two options: Approve and Deny
If the user clicks deny it will leave them in the blockstack browser.
If the user clicks approve it will take them to the redirect link that was defined in the authRequest and have the url parameter authResponse={THE AUTH RESPONSE TOKEN}
{THE AUTH RESPONSE TOKEN} is a JWT token containing the users profile data