The login system used in Web3 dApps is very different from the ones used in conventional Web2 applications.
In Web2 applications, companies provide services to the consumers in exchange for their personal data. Hence, traditional LogIn/SignUp mechanism works by providing a password against a username, which is verified by the server and a session cookie is issued to a user indicating successful authentication. However, this comes with a drawback of our data being stored in some server out there in th world which is potentially vulnerable to any form of mutation.
In Web3 applications, authentication is done majorly done via Crypto Wallets. This is because wallets hold the keys on your device’s browser, rather than storing them on some remote server.
The wallet is first connected using a simple web3 function. Then, the user is prompted to sign a message or a nonce generated by the server using the wallet's private key. This signature is used to verify the authenticity of the user. A session token is granted by the server indicating successful authentication.
- Next js
- Axios for posting requests
- Next-auth library
- Moralis services for web3
- Wagmi hooks for web3