Zen on Nostr: hodlbod fiatjaf What do you think of an HTTP-based login flow for NIP-46? I find the ...
hodlbod (nprofile…fcen) fiatjaf (nprofile…mtez)
What do you think of an HTTP-based login flow for NIP-46? I find the current spec to be needlessly complicated for a protocol that is supposed to be as simple as possible. Here's what I do in my home-cooked client:
1. User wants to sign in as pleb:password@nostr.relay, so the client queries for /login and /sign endpoints specified by the /.well-known/nostr.json file at nostr.relay
2. Client sends a POST to the /login endpoint containing the username and their password. On successful auth, the client receives a session key.
3. When the user wants to post a note, they send the unsigned event to the /sign endpoint with their session key in the header. Server responds with the signed event.
4. Client posts the signed note.
For clarity, I use a locally hosted server to do the signing. I would sign in as pleb@localhost if a client asked for it.
Is this worth (re)writing a NIP for? I'm honestly kind of surprised that nobody has done this yet.
What do you think of an HTTP-based login flow for NIP-46? I find the current spec to be needlessly complicated for a protocol that is supposed to be as simple as possible. Here's what I do in my home-cooked client:
1. User wants to sign in as pleb:password@nostr.relay, so the client queries for /login and /sign endpoints specified by the /.well-known/nostr.json file at nostr.relay
2. Client sends a POST to the /login endpoint containing the username and their password. On successful auth, the client receives a session key.
3. When the user wants to post a note, they send the unsigned event to the /sign endpoint with their session key in the header. Server responds with the signed event.
4. Client posts the signed note.
For clarity, I use a locally hosted server to do the signing. I would sign in as pleb@localhost if a client asked for it.
Is this worth (re)writing a NIP for? I'm honestly kind of surprised that nobody has done this yet.