Guide for setting up LN URL auth log in? \ stacker news ~bitcoin

pull down to refresh

Guide for setting up LN URL auth log in?

707 sats \ 28 comments \ @siggy47 5h bitcoin

Does anyone know of a good guide to setting up LN URL auth on a web site for log ins? SN has it, so @ek might know. @DarthCoin? I also think @grayruby might be setting it up on his sports app.

I know LNbits used to make this easy, but that's over, right?

view all related items

422 sats \ 8 replies \ @ek 5h

Maybe not the answer you want, but the spec should be all you need

If you’re implementing it yourself (or you’re using AI), you should def read the spec yourself anyway, it should not be too complicated

I remember I even asked @nerd2ninja something about the spec because I was concerned about something and he mentioned my concern is mentioned in the spec, I just didn’t read it properly haha

(What the spec doesn’t mention though: there’s no recovery and if users use many wallets, they can easily forget which wallet they used)

71 sats \ 4 replies \ @siggy47 OP 4h

Thanks. I will check it out, though I'm sure some of it will be over my head. I need one of those old yellow covered "Dummies Guide To... " books.

BTW, I have been half checked out the last week or so. Is there a link to your talk?

131 sats \ 3 replies \ @ek 4h

I will check it out, though I'm sure some of it will be over my head.

Afaict, your only two options is to write the code yourself or use someone else’s code but I’m not aware of any plug-and-play library

You could look up open source code like ours though and try to understand it before you copy it

Is there a link to your talk?

not yet afaik

50 sats \ 2 replies \ @siggy47 OP 4h

How do you think it went?

144 sats \ 1 reply \ @ek 4h

Pretty good for my first talk!

There weren’t many who were listening, but that was cool for my nervousness and some of the ones that were listening were very interested; they even thanked me after the talk and asked further questions 👀

0 sats \ 0 replies \ @siggy47 OP 4h

We await the link

33 sats \ 2 replies \ @BlokchainB 4h

Yes I have fell victim to this

286 sats \ 1 reply \ @ek 4h

You can feel honoured, I thought of you when I wrote this haha

50 sats \ 0 replies \ @BlokchainB 3h

Hahaha

207 sats \ 5 replies \ @nerd2ninja 4h

I'd go with NIP-46 these days over LNURL anyway.

There's just a lot better support for it.

Oh and don't forget that both of these specs are implemented in stacker news which is open source

36 sats \ 1 reply \ @ek 4h

There's just a lot better support for it.

Isn’t LNURL-auth supported by a lot more wallets and services than there is support for NIP-46 via signers or clients?

Afaik, Damus and Primal, the most popular nostr clients, do not support NIP-46 and Damus doesn’t even have plans to support it

100 sats \ 0 replies \ @nerd2ninja 3h

I am in a bubble that does not take popularity into consideration lmao.

So what I was thinking when I wrote that, was more along the lines of, when you go to implement it into your website, you're going to find SDKs and you'll be able to read the code of a few clients that have implemented it into a few different languages.

Whereas LNURL is pretty exclusively NPM.

94 sats \ 1 reply \ @siggy47 OP 4h

Thanks. There are a bunch of nostr methods, right? NIP-46 is now considered the best?

36 sats \ 0 replies \ @nerd2ninja 4h

I mean, I think so, but yeah NIP-07 is also a thing

https://nostr-nips.com/nip-07

36 sats \ 0 replies \ @DarthCoin 4h

yes, I think is much better a nostr based login. Just think about this:

people often forgot which LN wallet they used, they are not organized
a nostr key is much better because is not linked to any LN wallet and also the user can have multiple ones

Anyways, like SN did, a dual login LN-auth / nostr is perfect. User can always fall back to any of it.

57 sats \ 10 replies \ @supratic 3h

that's somehow related to this #969776 I'm still looking to fix the user side, finding an app that provide a LNURL string for auth purposes.

0 sats \ 9 replies \ @DarthCoin 3h

@justin_shocknet please explain why did you removed LN-auth from https://lightning.video and replace it with nostr?

this is a very interesting topic anyways

100 sats \ 8 replies \ @justin_shocknet 3h

We still support it but it's basically dead

For identity it's not nearly as useful as nostr because you can't easily sign interactively, its really only good for tokens... can't encrypt stuff with it etc

Also its really broken, we had a bunch of users stop being able to log in because their wallet (not ours) introduced a bug that changed their key... this is in addition to the fact its largely inconsistent among wallets, new users would often try 3-4 different wallets before finding one where it worked

Then users would forget WHICH wallet they used to log in

Whole experience was just really bad, it's dead.

89 sats \ 7 replies \ @DarthCoin 2h

very good response. I like it. @siggy47 please take notes.

21 sats \ 6 replies \ @siggy47 OP 2h

Yes. That's a good point. Personally I have a separate wallet that I only use for log ins, so I can't forget!

36 sats \ 4 replies \ @supratic 2h

which wallet do you use? Does it provide a LNURL string?

21 sats \ 2 replies \ @justin_shocknet 2h

Wallets don't provide strings, the string is a challenge by the service you're authenticating to.

What wallets contain is a secret used to sign the challenge.

0 sats \ 1 reply \ @supratic 59m

that's interesting to know. So what user should paste here (related to this plugin) and how a noob can generate one?

Is not the same, but for now I ended up using this other YEGHRO Nostr Login plugin, enabling only login for existing nostriches but not nostr-signup yet. LNURL integration still on the to-do list.

view all 1 replies

0 sats \ 0 replies \ @siggy47 OP 2h

I use blixt

36 sats \ 0 replies \ @DarthCoin 2h

finally somebody is reading my guides ! 😂😂😂😂😂

and btw, this is my 30k item on SN! And you @siggy47 deserve it

336 sats \ 1 reply \ @DarthCoin 4h

If you want a simple plugin, here is a wordpress for LN-auth https://wordpress.org/plugins/lnurl-auth/

Otherwise, like ek said, pay attention to LN-auth specs and implement it yourself in your web, if is not WP.

0 sats \ 0 replies \ @DarthCoin 3h

More resources: