Auth API in moralis

kyawthet · December 28, 2022, 3:12am

Hello all,

I am trying out to use Auth API(https://docs.moralis.io/moralis-dapp/users/auth-api) in my web app.

I would like to know where to get “X-API-Key” on moralis admin dashboard

cryptokid · August 2, 2022, 7:25am

You can get that form web3api interface, it is the same api key that you use for web3api requests

Also, make sure to change the dates in that request when you try it.

kyawthet · August 2, 2022, 7:47am

It keeps responding the following error code.

statusCode	400
name	“NotFoundException”
message	“Cannot POST /challenge”

cryptokid · August 2, 2022, 7:49am

try it directly in this interface until you learn how to make it work:
https://authapi.moralis.io/api-docs/#/challenge/requestChallengeEvm

kyawthet · August 2, 2022, 7:50am

Thanks a lot @cryptokid

kyawthet · August 2, 2022, 8:04am

@cryptokid

When I change https://authapi.moralis.io/challenge to https://authapi.moralis.io/challenge/request/evm, it works.But in docs https://authapi.moralis.io/challenge is described.

kyawthet · August 3, 2022, 3:26am

try {
            // Auth Challenge
            const challengeRequest = await fetch("https://authapi.moralis.io/challenge/request/evm", {
                    method: 'POST',
                    headers: {
                        'accept': 'application/json',
                        'X-API-Key': MY_API_KEY,
                        'Content-Type': 'application/json'
                    },
                    body: JSON.stringify({
                        "domain": "admin.moralis.io",
                        "chainId": 80001,
                        "address": "0xC63778B4A9C8E1A6751df3468Eb6DDA79e91061f",
                        "statement": "Please confirm",
                        "uri": "https://admin.moralis.io/",
                        "expirationTime": "2023-01-01T00:00:00.000Z",
                        "notBefore": "2023-01-01T00:00:00.000Z",
                        "resources": [
                            "https://docs.moralis.io/"
                        ],
                        "timeout": 15
                    })
                });
                
            const challengeResult = await challengeRequest.json();
            const message = challengeResult.message;

            const provider = new ethers.providers.Web3Provider(window.ethereum);
            await provider.send("eth_requestAccounts", []);
            const signer = provider.getSigner();
            const signature = await signer.signMessage(message);

            // const verifier = await verifyApi(message, signature);
            // Verify Challenge
           // https://authapi.moralis.io/challenge/complete does not work.

            const verifyyRequest = await fetch("https://authapi.moralis.io/challenge/verify/evm", {
                method: 'POST',
                headers: {
                    'accept': 'application/json',
                    'X-API-Key': MY_API_KEY,
                    'Content-Type': 'application/json'
                },
                body: JSON.stringify({message, signature })
            });

            const verifier = await verifyyRequest.json();
            console.log("verifier", verifier);

        } catch (error) {
            console.log("verifier error: ", error);
        }

Using this code, I tried to verify by signing message (tried using also online message signer).Same result on this interface as well(https://authapi.moralis.io/api-docs/#/challenge/verifyChallengeEvm).It always yields this error.

message: "Invalid Signature"
name: "BadRequestException"
statusCode: 400

cryptokid · August 3, 2022, 7:14am

It is not going to work before 2023 based on this field

kyawthet · August 3, 2022, 7:21am

https://authapi.moralis.io/challenge/complete
should be changed to https://authapi.moralis.io/challenge/verify/evm in docs

Thanks @cryptokid Really appreciated. everything is working properly.