I want to make a similar authentication system like Yuku , where user can login or signup using Email id , how can that be done ?
Can someone share the reference docs for it ? Do we need to create a Delgeation Service canister for it separately or are there any packages already present to use this service
you can look at NFID identity manager. The wallet can login with email, passkey and seedphrase for one wallet
Another example in frontend.
For short, they use DelegationChain
basically you are telling to integrate NFID right for email authentication ? but i wanted this Yuku method where after filling in email password , a verification code goes into email with which you are trying to register and then only the authentication gets completed
I dont mean to say that. I mean you have to build your own identity service and use delegation chain.
If your system is fully on chain, having a canister that issues delegations is a pretty simple solution.
The development speed is amazing with Azle and it does support the @dfinity/identity library which is all you need to issue delegations:
import { Ed25519KeyIdentity, DelegationChain } from '@dfinity/identity';
import { PublicKey } from '@dfinity/agent';
const userSeedPhrase = getUserSeedPhrase();
const seedBytes = hexToBytes(userSeedPhrase);
const seedIdentity = Ed25519KeyIdentity.generate(seedBytes);
const clientPublicKey: PublicKey = {
toDer: () => input.clientPublicKeyDer,
};
const delegationChain = await DelegationChain.create(
seedIdentity,
clientPublicKey,
expiration: new Date(Date.now() + 24 * 60 * 60 * 1000),
);
return delegationChain.toJSON();
In case it’s useful, here’s a Miro diagram for a Hybrid dApp where I developed an email authentication with magic links. The main challenge was making sure nobody but the user could access their delegation.
Keep in mind that secrets like seeds are not secure within a canister. If you need to sign something, consider using either Threshold ECDSA or canister signatures (as see in II).