The intent of this simple project is to put the cipher-logic of Lightning authentication into one place. Normally, a Lightning wallet would process the QR-code handshake for authentication. However, this is a simple API that allows for a private key to be passed in (with appropriate permissions), to sign the k1 challenge.
For context, I wanted to created a working example of LUDS04.
You can use this with Lightning Login for testing.
If you want to run this in docker, only Docker is required. Otherwise, you'll need to setup a local environment.
NOTE: you'll see users=user1:password,user2:password
with these examples. For now, this code doesn't leverage anything but hardcoded users injected into the envvars. These creds are passed along via BASIC auth on the POST to the /authenticate
endpoint.
- Create a .env file:
#!/bin/bash
export users=JBlow:JoePass,SusieQ:SuePass
Note: you'll likely want to come back and adjust this file.
- Open terminal #1, change directory to this one, and then source that .env to get the envvars:
source .env
- Docker:
make run
. Skip theusers
if you leverage a .env file. - Open terminal #2, get New Private Key from the
/generateKey
endpoint:
curl -u SusieQ:SuePass -X GET -H "Content-Type: application/json" http://127.0.0.1:8511/generateKey
- Copy the Private Key for usage in the next few steps.
- Navigate to Lightning Login in your browser for testing.
- Attempt to login via Lightning, showing the QR code. Right-click and save the QR code "link".
- Modify your envvars to include LNURL and privateKey:
#!/bin/bash
export users=JBlow:JoePass,SusieQ:SuePass
export LNURL=lightning:LNURL1DP68GURN8GHJ7E3JXUEJ6V3KXQCJ6CE595URZVPS956XVWFS95UNSVFE95UN2VF595EKZWRZ94JRSE3N9EHXWUN0DVKKVUN9V5HXZURS9AKX7EMFDCLKKVFAVV6R2D3SVGMR2VR9V33NXEP4XF3RYCFEXAJRXWRRVC6XYWP4XCCNWVNXX43NXV3NXUERSVFSXV6KGV3KXESNVC3NXSUNXVFS8QURGE3XW3SKW0TVDANKJMS75VZPQ
export PRIVATE_KEY=7ccca75d019dbae79ac4266501578684ee64eeb3c9212105f7a3bdc0ddb0f27e
- Using second terminal, re-source your .env (
source .env
) to get the changes. - Curl the authenticate endpoint for your flask app:
curl -u SusieQ:SuePass -X POST -H "Content-Type: application/json" http://127.0.0.1:8511/authenticate -d '{"LNURL":"'$LNURL'","key":"'$PRIVATE_KEY'"}'
- Copy the returned URL, and paste into a new tab in your browser, and press enter. If you get a 200, with "OK" in the return, you have successfully logged in.
- Your public key (tied to the privateKey injected to the endpoint) is now registered on the site.
- Clone repo into a new directory.
- Create virtualenv:
python3 -m venv .venv
- Activate it:
source .venv/bin/activate
- Install dependencies
pip install -r requirements.txt
- Create .env as indicated above.
- Use
make runlocal
instead of the dockermake run
.