Skip to content

JavaScript-based TonConnect DApp backend derived from ton-connect/demo-dapp-backend.

Notifications You must be signed in to change notification settings

liketurbo/demo-dapp-backend-js

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

demo-dapp-backend-js

This backend accompanies the frontend example.

Authorization Process

  1. Generate Payload

    The client requests a payload to be signed by the wallet:

    // <host>/ton-proof/generate-payload
    
    // Response
    {
      "payload": "E5B4ARS6CdOI2b5e1jz0jnS-x-a3DgfNXprrg_3pec0="
    }
  2. Connect to Wallet

    The client connects to the wallet using TonConnect 2.0 and sends a ton_proof request with the payload. Details can be found in the frontend SDK.

  3. User Approval

    The user approves the connection, and the client receives the signed payload with additional prefixes.

  4. Verify Proof

    The client sends the signed payload to the backend for verification. The backend checks the prefixes and signature, then returns an auth token:

    // <host>/ton-proof/check-proof
    
    // Request
    {
      "address": "0:f63660ff947e5fe6ed4a8f729f1b24ef859497d0483aaa9d9ae48414297c4e1b", // User's address
      "network": "-239", // "-239" for mainnet and "-1" for testnet
      "proof": {
        "timestamp": 1668094767, // Unix epoch seconds
        "domain": {
          "lengthBytes": 21,
          "value": "ton-connect.github.io"
        },
        "signature": "28tWSg8RDB3P/iIYupySINq1o3F5xLodndzNFHOtdi16Z+MuII8LAPnHLT3E6WTB27//qY4psU5Rf5/aJaIIAA==",
        "payload": "E5B4ARS6CdOI2b5e1jz0jnS-x-a3DgfNXprrg_3pec0=", // Payload from step 1
        "state_init": "..."
      }
    }
    
    // Response
    {
      "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhZGRyZXNzIjoiMDpmNjM2NjBmZjk0N2U1ZmU2ZWQ0YThmNzI5ZjFiMjRlZjg1OTQ5N2QwNDgzYWFhOWQ5YWU0ODQxNDI5N2M0ZTFiIiwiZXhwIjoxNjY4MDk4NDkwfQ.13sg3Mgt2hT9_vChan3bmQkp_Wsigj9YjSoKABTsVGA"
    }
  5. Access Protected Endpoints

    The client uses the auth token to access endpoints requiring authentication:

    // <host>/dapp/get-account-info?network=-239
    // Bearer <token>
    
    // Response
    {
      "address": "0:f63660ff947e5fe6ed4a8f729f1b24ef859497d0483aaa9d9ae48414297c4e1b"
    }

For more details, see the Signing and Verification documentation.

About

JavaScript-based TonConnect DApp backend derived from ton-connect/demo-dapp-backend.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published