Hello, I am learning motoko.
The question is: If I have an application and I have a Principal whitelist that who can login the application.
but when a user login it will generate a new principal. How do I know whether the user is in my whitelist?
You need to store the principal that II provides to the backend canister.
The simplest approach is probably to have a method in your backend canister return the principal it sees from II to your frontend, then display this principal to the user (either in the UI or a simple console.log), eg:
public shared(msg) func whoAmI() : async Principal {
msg.caller;
};
The user would need to then communicate this principal to you and you can add the principal to the whitelist.
——
Another option could be to give out random password strings to users which they can use to claim whitelist spaces and have some logic in your canister store the calling principal in the whitelist when this string is entered in your frontend UI. You could consume the strings to make them single use.
The user will get a new DelegationIdentity each time, but will have a consistent Principal. You can store the Principal and use that to represent your user.
You can see that here in my IC Avatar example app ic-avatar/main.mo at main · krpeacock/ic-avatar · GitHub
1 Like