lukechilds
/
docs
mirror of https://github.com/lukechilds/docs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
749 Commits
80 Branches
0 Tags
152 MiB
Tree: 8425066918
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8425066918'
${ noResults }
docs/_storage/authentication.md

36 lines
2.3 KiB
Raw Normal View History

[REVIEW] Gaia move to docs.blockstack (#111) * Adding in new Gaia material Closes #104, Closes #72, Closes #80, Closes #81,Closes #111, Closes blockstack/gaia#184, Closes blockstack/gaia#191 Entering review comments Signed-off-by: Mary Anthony <mary@blockstack.com> * Updating with more comments from this morning Signed-off-by: Mary Anthony <mary@blockstack.com> * Updating with last minute comments Signed-off-by: Mary Anthony <mary@blockstack.com>
6 years ago
---
layout: storage
Updating the global tagline Signed-off-by: Mary Anthony <mary@blockstack.com>
6 years ago
description: "Storing user data with Blockstack"
[REVIEW] Gaia move to docs.blockstack (#111) * Adding in new Gaia material Closes #104, Closes #72, Closes #80, Closes #81,Closes #111, Closes blockstack/gaia#184, Closes blockstack/gaia#191 Entering review comments Signed-off-by: Mary Anthony <mary@blockstack.com> * Updating with more comments from this morning Signed-off-by: Mary Anthony <mary@blockstack.com> * Updating with last minute comments Signed-off-by: Mary Anthony <mary@blockstack.com>
6 years ago
permalink: /:collection/:path.html
---
# Authentication and Gaia
Blockstack authentication is a bearer token-based authentication system. From an app user's perspective, login similar to third-party authentication techniques that they're familiar with. For an app developer, the flow is unlike the typical client-server flow of centralized sign-in services such as OAuth. With Blockstack the authentication flow happens entirely client-side.
In this section, you get an overview of the authentication system and learn how Gaia fits into it.
## Authentication and Gaia
Replace references to "Blockstack Browser"; resolve #565
5 years ago
A decentralized application (DApp) and the Blockstack authenticator communicate during
[REVIEW] Gaia move to docs.blockstack (#111) * Adding in new Gaia material Closes #104, Closes #72, Closes #80, Closes #81,Closes #111, Closes blockstack/gaia#184, Closes blockstack/gaia#191 Entering review comments Signed-off-by: Mary Anthony <mary@blockstack.com> * Updating with more comments from this morning Signed-off-by: Mary Anthony <mary@blockstack.com> * Updating with last minute comments Signed-off-by: Mary Anthony <mary@blockstack.com>
6 years ago
the authentication flow by passing back and forth two tokens. The requesting
Replace references to "Blockstack Browser"; resolve #565
5 years ago
application sends the Blockstack authenticator an `authRequest` token. Once a user
approves a sign-in, the Blockstack authenticator responds to the application with an
[REVIEW] Gaia move to docs.blockstack (#111) * Adding in new Gaia material Closes #104, Closes #72, Closes #80, Closes #81,Closes #111, Closes blockstack/gaia#184, Closes blockstack/gaia#191 Entering review comments Signed-off-by: Mary Anthony <mary@blockstack.com> * Updating with more comments from this morning Signed-off-by: Mary Anthony <mary@blockstack.com> * Updating with last minute comments Signed-off-by: Mary Anthony <mary@blockstack.com>
6 years ago
`authResponse` token. These tokens are <a href="https://jwt.io/" target="\_blank">JSON Web Tokens</a>, and they are passed via
URL query strings.
Replace references to &#34;Blockstack Browser&#34;; resolve #565
5 years ago
When a user chooses to "Sign in with Blockstack" on your DApp, the `redirectToSignIn()` method sends the user to the Blockstack authenticator. The browser responds with an authentication token and an _app private key_.
[REVIEW] Gaia move to docs.blockstack (#111) * Adding in new Gaia material Closes #104, Closes #72, Closes #80, Closes #81,Closes #111, Closes blockstack/gaia#184, Closes blockstack/gaia#191 Entering review comments Signed-off-by: Mary Anthony &lt;mary@blockstack.com&gt; * Updating with more comments from this morning Signed-off-by: Mary Anthony &lt;mary@blockstack.com&gt; * Updating with last minute comments Signed-off-by: Mary Anthony &lt;mary@blockstack.com&gt;
6 years ago
![](/storage/images/app-sign-in.png)
Replace references to &#34;Blockstack Browser&#34;; resolve #565
5 years ago
The app private key is application-specific. It is generated from the user's identity address private key using the `appDomain` as input. This key is deterministic, meaning that for a given Blockstack ID and domain name, the same private key is generated each time. The app private key is securely shared with the app on each authentication and encrypted by the Blockstack authenticator. The key serves three functions, it:
[REVIEW] Gaia move to docs.blockstack (#111) * Adding in new Gaia material Closes #104, Closes #72, Closes #80, Closes #81,Closes #111, Closes blockstack/gaia#184, Closes blockstack/gaia#191 Entering review comments Signed-off-by: Mary Anthony &lt;mary@blockstack.com&gt; * Updating with more comments from this morning Signed-off-by: Mary Anthony &lt;mary@blockstack.com&gt; * Updating with last minute comments Signed-off-by: Mary Anthony &lt;mary@blockstack.com&gt;
6 years ago
* is used to create the credentials that give an app access to the Gaia hub storage bucket for that specific app
* is used in the end-to-end encryption of files stored for the app on the user's Gaia hub
* serves as a cryptographic secret that apps can use to perform other cryptographic functions
When an application writes to a Gaia hub, the authentication token, key, and the data are passed to the Gaia hub.
![Gaia writes](/storage/images/gaia-writes.png)
The token ensures the DApp has the authorization to write to the hub on the user's behalf.