Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue: Account Switch Listener and useSiweAuth Hook Causing Broken State #102

Open
0xboga opened this issue Aug 2, 2024 · 0 comments
Open

Issue: Account Switch Listener and useSiweAuth Hook Causing Broken State #102

0xboga opened this issue Aug 2, 2024 · 0 comments

Comments

@0xboga
Copy link

0xboga commented Aug 2, 2024

Client Code:

<ConnectButton
  client={client}
  chain={chain}
  chains={[chain]}
  auth={{
    isLoggedIn: async (address) => {
      const loggedIn = await isLoggedIn(address);
      if (!loggedIn) {
        await logout();
      }
      return loggedIn;
    },
    doLogin: async (params) => {
      await login(params);
    },
    getLoginPayload: async ({ address }) => generatePayload({ address }),
    doLogout: async () => {
      await logout();
    },
  }}
/>

Backend Code:

const privateKey = env.THIRDWEB_ADMIN_PRIVATE_KEY;

if (!privateKey) {
  throw new Error('Missing THIRDWEB_ADMIN_PRIVATE_KEY in .env file.');
}

const thirdwebAuth = createAuth({
  domain: env.NEXT_PUBLIC_APP_URL || '',
  adminAccount: privateKeyToAccount({ client, privateKey }),
});

export const { generatePayload } = thirdwebAuth;

export async function login(payload: VerifyLoginPayloadParams) {
  const verifiedPayload = await thirdwebAuth.verifyPayload(payload);
  if (verifiedPayload.valid) {
    const jwt = await thirdwebAuth.generateJWT({
      payload: verifiedPayload.payload,
    });
    cookies().set('jwt', jwt);
  }
}

export async function isLoggedIn(address: string) {
  const jwt = cookies().get('jwt');
  if (!jwt?.value) {
    return false;
  }

  const authResult = await thirdwebAuth.verifyJWT({ jwt: jwt.value });
  if (!authResult.valid || authResult.parsedJWT.sub !== address) {
    return false;
  }
  return true;
}

export async function logout() {
  cookies().delete('jwt');
}

Problem Description:

When connecting using a wallet like MetaMask and switching between two accounts ( using the Metamask account switcher not the modal provided by ThirdWeb ), the application ends up in a broken state. Specifically, the ConnectButton indicates that the user is connected when, in fact, they actually need to sign in again to obtain a valid JWT. This inconsistency is caused by the account switch not properly triggering the authentication state to update, resulting in the UI reflecting an incorrect state.

Expected Behavior:

Upon switching accounts from a wallet extension, the ConnectButton should correctly prompt the user to sign in again to obtain a new JWT, ensuring the authentication state is accurately maintained.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@0xboga