npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

myd.js

v0.0.46

Published

Single Sign On and API library to be used with the myd.online self sovereign identity service.

Downloads

103

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

theblockstalktheblockstalkgimly-caspargimly-caspar

Keywords

Readme

Myd.js

Single Sign On and API library to be used with the Myd self sovereign identity service.

MyD is the self sovereign identity (SSI) provider for the Europechain enterprise blockchain. MyD identities can be used for sovereign personal and other data to be stored and exclusively controlled by the user. MyD nor Europechain can view or manipulate data of their users.

Developed by Gimly Blockchain Projects, commissioned by Europechain.

Gimly

Install

npm i myd.js

Usage

Applications can use the MyD single sign on (SSO) features to provide an easy way to sign in, provide an identity, access the user's sovereign data vault (with explicit permission authorization from the user) and call smart contracts on the Europechain blockchain.

Users use a familiar username and password system to log in. Behind the scenes, a unique private key (EC secp256k1) is created on the client's browser which authorizes requests and encrypts data before it is sent to the MyD server. This key can also be used to control the user's MyD account directly on the Europechain blockchain. Each app using MyD SSO get a separate key scoped to their origin.

This private key is never visible to the server (sovereign authentication). The private key can be used to send digital signatures to prove their identity. The server stores the public key to do this verification. This is significantly different from traditional SSO authentication which generates and stores the same secret token on both the client and server. The main advantage of the private key model is that if there is a data breach, the user's authentication is not compromised and the user in the client must be active online to make data requests for data consent.

Using the private key

When you receive the private key in your domain's client it retains this property of being sovereign authentication. You can validate that the private key works by making a request for the user's data in the client as shown in Step 3 of the documentation.

You can send the private key received in the SSO flow to your server. At this point, the private key will lose the property of being sovereign authentication. The server should be able to make requests using the private key for the user data the same as on the client.

So should I use Myd from the client or from the server?

The system has been designed so that the user does not need to give their private key to a server. This is a security decision designed to empower the user so that they will always know when their data is being used. We have built it in a way so that you can request user data from your clients in a secure way without sending the private key to your server.

That said, sometimes it is handy to have the private key on your server. For example, if you need to make programmatic requests on behalf of the user when they are not online for their data, you would need to do this from the server. This is okay, and a decision of the developer of the application to do. But it is important to know that this compromises one of the enhanced security properties we have built, and that the application is then responsible for securely managing this private key.

SSO Sign in with myd button

See SDK Guide below for usage in development

Step 1. Signup page with "Sign up with myd" button

import React from 'react';
import Myd from 'myd.js';

// Dowload from https://unpkg.com/myd.js/dist/myd.min.css
import './myd.min.css';
  
function SignupButtonPage(props) {
    function onSignup() {
        const myd = new Myd();
        myd.signupWithMyd();
    }

    return (
        <div>
            <link href="https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@700&display=swap" rel="stylesheet" />
            <div onClick={onSignup} class="myD-link">
                Create account with <img src="https://unpkg.com/myd.js/dist/logo-short.svg" alt="" />
            </div>
        </div>
    )
}

export default SignupButtonPage;

Step 1. Login page with "Sign up with myd" button

import React from 'react';
import Myd from 'myd.js';

// Dowload from https://unpkg.com/myd.js/dist/myd.min.css
import './myd.min.css';
  
function LoginButtonPage(props) {
    function onLogin() {
        const myd = new Myd();
        myd.loginWithMyd();
    }

    return (
        <div>
            <link href="https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@700&display=swap" rel="stylesheet" />
            <div onClick={onLogin} class="myD-link">
                Login in with <img src="https://unpkg.com/myd.js/dist/logo-short.svg" alt="" />
            </div>
        </div>
    )
}

export default LoginButtonPage;

Step 3. Create a new user on myd.online and register app with myd.online

You can create in occasion here:

https://myd.online/user/my-apps

Step 4. Create auth redirect page "https://example.com/auth-redirect"

import React, { useEffect } from 'react';
import Myd from 'myd.js';

function AuthRedirectPage(props) {
    useEffect(() => {
        // useEffect() is run when the page first renders (it's a React thing, no need to do anything with this unless using React)
        async function main() {
            // This should be run when the page first renders
            const myd = new Myd();
            let user = await myd.getAuthorizedUser();
            console.log(user);

            let userProfile = await myd.userGet()
            console.log(userProfile.profile);
            
            const europechainApi = myd.blockchainAccounts.find(x => x.blockchainName === "europechain");
            const txHelloWorld = await europechainApi.transact("hello", "hi", { message: "hello world" });
            console.log(txHelloWorld);
            const txTransfer = await europechainApi.transfer(myd.euroechainAccountName, "dablockstalk", "1.0000 XEC", "Memo of transfer");
            console.log(txTransfer);
        }
        main();
    })

    return (
        <div>
            Hello
        </div>
    )
}

export default AuthRedirectPage;

SDK

/**
    Spec: Constructs a new myd object
    @arg {object} options
    @property {string} client - origin of myd client (e.g. to "http://localhost:3000" for testing)
    @property {string} server - origin of myd server (e.g. to "http://localhost:4000" for testing)
    @property {string} europechainApi - origin of Europechain API (e.g. to "http://localhost:8888" for testing)
    @property {string} waxApi - origin of WAX API (e.g. to "http://localhost:8888" for testing)
*/
constructor(options)
/**
    Spec: Sends the user to myd.online to create a new account as part of SSO flow, afterwhich they will be be redirect back to this app
*/
async function signupWithMyd()
/**
    Spec: Sends the user to myd.online to login as part of SSO flow, afterwhich they will be be redirect back to this app
*/
async function loginWithMyd();
/**
    Spec: Unpackages the user's credentials after they have signed in using the SSO workflow
    and initializes the myd instance to send calls using these credentials
    @return {object}
    @property {string} userId - Unique user ID for the logged in user
    @property {string} privKey - private key for this app for this user in WIF format
        https://en.bitcoin.it/wiki/Wallet_import_format
*/
async function getAuthorizedUser();
/**
    Spec: If requested by an application, returns the user and their decrypted data vault with fields as consented by user
    @return {object}
    @property {object} auth - Object with data related to webauthn login
    @property {object} profile
    @property {string} profile._id - unique user id
    @property {date}   created - time the user was created
    @property {object} permission - Object with information about the permission used to create the request
    @property {object} myVault - decrypted data vault with personal information
    @property {string} ecdhPubkey - Public key used to make this request
*/
async function userGet();