@ddatabase/peer-auth NPM

ddatabase-peer-auth

Authenticate a @ddatabase/protocol connection by signing the NOISE public keys with a static key pair.

See test.js for an example.

Example

const dswarm = require('dswarm')
const Protocol = require('@ddatabase/protocol')
const crypto = require('@ddatabase/crypto')
const auth = require('.')

// each peer/device has a keypair that is stored (or derived)
// this could also be the keypair from an existing hypercore feed
const IDENTITY = crypto.keyPair()
// console.log('my key', IDENTITY.publicKey.toString('hex'))

// it also maintains a list of the pubkeys of peers it wants to connect with
const ALLOWED_KEYS = []

const swarm = dswarm()
swarm.on('connection', onconnection)
function onconnection (socket, details) {
  const isInitiator = !!details.client
  const protocol = new Protocol(!!details.client)

  pump(socket, protocol, socket)

  auth(protocol, {
    authKeyPair: IDENTITY
    onauthenticate (peerAuthKey, cb) {
      for (const key of ALLOWED_KEYS) {
        if (key.equals(peerAuthKey)) return cb(null, true)
      }
      cb(null, false)
    },
    onprotocol (protocol) {
      // if this is called, the peer has proven:
      // - it has the secret key to the peerAuthKey above
      // - the peerAuthKey passed the onauthenticate hook
      // so here you'd start replicating feeds:
      // feed.replicate(isInitiator, { stream: protocol })
    }
  })
}

@ddatabase/protocol sodium-universal

@infinitebrahmanuniverse/nolb-_dd @everything-registry/sub-chunk-228 @zalastax/nolb-_dd

0.0.1

3 years ago