Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Initial Social Login implementation #268

Merged
merged 21 commits into from
Aug 6, 2024
Merged

Initial Social Login implementation #268

merged 21 commits into from
Aug 6, 2024

Conversation

hcho112
Copy link
Collaborator

@hcho112 hcho112 commented Jul 19, 2024

This PR contains initial social login of google and apple (facebook is WIP)
Main difference compared to existing solution is that:

  1. We use social login of selected platform to either create or sign in
  2. Even user starts at sign in, if near account doesn't exist, it take create flow

You can review created account on firebase console. (To test creation after you already used your own social login, it would be easier to delete user record on firebase console and try to create again)

Currently I use random string to generate account Id. (This idea was originated from other platform that also uses social login, they also use random string to auto-generate their account id of their user. Intention is to remove extra steps of keying in account id. Assuming that user will always use social login, this is not a bad idea, however I'm happy to replace this after showcase it to rest of the team.)

This mode is currently only available on testnet.

On mainnet:
Greenshot 2024-07-19 16 35 24
Greenshot 2024-07-19 16 35 11

On testnet:
Greenshot 2024-07-19 16 14 06
Greenshot 2024-07-19 16 02 41

@hcho112 hcho112 requested review from benmalcom, esaminu and Pessina July 19, 2024 04:55
Copy link

vercel bot commented Jul 19, 2024

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
fast-auth-signer ✅ Ready (Inspect) Visit Preview 💬 Add feedback Aug 5, 2024 4:44am

const [searchParams] = useSearchParams();
const navigate = useNavigate();
const onClick = () => {
signInWithPopup(firebaseAuth, provider)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Using then/catch, async/await. Isn't better choose one and go with it?

I find async/wait more clear

setAccountIdToController({ accountId, networkId });

let publicKeyFak: string;
if (await isPassKeyAvailable()) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see the code here share a lot of similarities with AuthCallback page. Can we create functions and re-use them to avoid maintaining the same code on two parts?

@@ -0,0 +1,9 @@
export function generateRandomString(length: number) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we have the UUID library installed for this.

It's also better for collision proof

@frol
Copy link

frol commented Jul 19, 2024

@hcho112 @Pessina Sorry for jumping in, but I'd like to invite you to participate in the Race of Sloths - a fun and gamified open-source contributions program. Consider mentioning @race-of-sloths user in your github comment or PR description to join!

See how the flow works here: near/nearcore#11778

@hcho112
Copy link
Collaborator Author

hcho112 commented Jul 22, 2024

Currently there is an issue with e2e test failures due to smart contract associated on multichain tests. It has nothing to do with this PR. The team is working on resolving the issue

@hcho112
Copy link
Collaborator Author

hcho112 commented Jul 22, 2024

@race-of-sloths

@race-of-sloths
Copy link

race-of-sloths commented Jul 22, 2024

@hcho112 Thank you for your contribution! Your pull request is now a part of the Race of Sloths!
New Sloth joined the Race! Welcome!

Shows profile picture for the author of the PR

Current status: executed
Reviewer Score
@race-of-sloths 2

Your contribution is much appreciated with a final score of 2!
You have received 30 (20 base + 10 weekly bonus) Sloth points for this contribution

Another weekly streak completed, well done @hcho112! To keep your weekly streak and get another bonus make pull request next week! Looking forward to see you in race-of-sloths

What is the Race of Sloths

Race of Sloths is a friendly competition where you can participate in challenges and compete with other open-source contributors within your normal workflow

For contributors:

  • Tag @race-of-sloths inside your pull requests
  • Wait for the maintainer to review and score your pull request
  • Check out your position in the Leaderboard
  • Keep weekly and monthly streaks to reach higher positions
  • Boast your contributions with a dynamic picture of your Profile

For maintainers:

  • Score pull requests that participate in the Race of Sloths
  • Engage contributors with fair scoring and fast responses so they keep their streaks
  • Promote the Race to the point where the Race starts promoting you
  • Grow the community of your contributors

Feel free to check our website for additional details!

Bot commands
  • For contributors
    • Include a PR: @race-of-sloths include to enter the Race with your PR
  • For maintainers:
    • Assign points: @race-of-sloths score [1/2/3/5/8/13] to award points based on your assessment.
    • Reject this PR: @race-of-sloths exclude to send this PR back to the drawing board.
    • Exclude repo: @race-of-sloths pause to stop bot activity in this repo until @race-of-sloths unpause command is called

@hcho112 hcho112 requested a review from Pessina July 23, 2024 01:27
await window.fastAuthController.setAccountId(accountId);
}

await window.fastAuthController.claimOidcToken(accessToken);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This still duplicated no?

await window.fastAuthController.claimOidcToken(accessToken);

I think it would be good to extract the common logic from AuthCallback and SocialLogin to a separated component

1 - passkeys
2 - claimoidc
3 - call createAccount or signIn

What do you think? Otherwise we have to maintain the same flow on two places.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also I've extracted some function in the AuthCallback component in my PR, I think we should look for how to reconcile them.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I thought previous comment was about refactoring the part that I pull out and replace with setAccountIdToController.

I did notice that @benmalcom also made refactor on this PR, perhaps I will reuse his one. (Either we merge this PR first and once @benmalcom 's PR merged, I refactor or we merge his one first and I will rebase on top of his)

Also the this part is actually different to Authcallback

const isNewUser = shouldCreateAccount(user.metadata.creationTime, user.metadata.lastSignInTime);
      let callback;
      if (isNewUser) {
        callback = onCreateAccount;
      } else if (isRecovery) {
        callback = onSignIn;
      } else {
        callback = onCreateAccount;
      }

so its not fully refactor-able

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cool! No problem then, let's work on it after merge both PRs.

oidcToken: accessToken,
});

const isNewUser = shouldCreateAccount(user.metadata.creationTime, user.metadata.lastSignInTime);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you use the https://firebase.google.com/docs/reference/js/auth.md#operationtype available on the result from const result = await signInWithPopup(firebaseAuth, provider);? Instead of the custom function to check if it's account creation?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unfortunately, it will always return with signIn which it cant used to distinguish if we are using it for create or sign in

label,
isRecovery,
disabled,
}: SocialButtonProps) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Either way is fine, just sharing knowledge, but you can type a component with:

const SocialButton: React.FC<SocialButtonProps> = (props) => {....}

So we can improve a little bit the type of the function.

window.location.replace(parsedUrl.href);
}
}
});
}

const getProvider = (socialName: string) => {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of string you can specify the strings allowed here.

Copy link
Collaborator

@benmalcom benmalcom left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good.

@hcho112 hcho112 merged commit a3b29f6 into main Aug 6, 2024
4 checks passed
@race-of-sloths
Copy link

🥁 Score it!

@Pessina @benmalcom, please score the PR with @race-of-sloths score [1/2/3/5/8/13]. The contributor deserves it.
If no scoring is provided within 24 hours, this PR will be scored as 2 🦥

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants