I’m completely new to Blockstack and (almost) everything around it. I’m building a nodejs app that runs on a lambda function and I was wondering if there is a way to request user’s credentials and call a method to authenticate the user. Essentially what I need is the ability to authenticate my users in an app that doesn’t have a visual interface (no screen, no input device, no browser).
I’m not sure if that’s even a valid thing to do using Blockstack, but it’s what I need to do at the moment.
How would the user choose their profile/account/blockstack ID?
What I did on a server without interface is to verify that the user has control of the blockstack ID by verifying that a challenge was written to the users gaia storage. (Source code at https://github.com/friedger/matrix-blockstack-password-provider) If that is a valid solution I am happy to explain in more details.
If your server is a single-user server and you have a private key then that is your authentication already.
You should take a look at the Blockstack CLI as an example of how to interact with Blockstack programmatically through blockstack.js. Please feel free to appropriate any code from it.
Hi Friedger, thanks for your reply. The user interface is in fact voice, so that’s how the user my give her ID. But then I’m wondering if that’s possible (not selecting the ID from a list but just giving it).
This device has a web app where users can set more related info and I was thinking something like the challenge you mention. The user might set a token on the website and from the device I can just read it and compare it with the one the user gives “by voice”. Is this the same thing you propose? As I said before, I don’t know very well how BS works, so I was thinking this token could just be saved on the app database but you mention gaia storage. I’m not sure what that means or how that works.
Your explanation/details are very welcome and appreciated!
You should take a look at the auth.js file in the CLI’s source code. It implements a “minimum viable authenticator” that serves a really simple HTML page for signing in. It should be straightforward to alter to accommodate alternative flows.