mirror of
https://github.com/HolgerHatGarKeineNode/einundzwanzig-app.git
synced 2026-06-17 16:40:31 +00:00
Add verified App Link handoff and mobile token exchange endpoint
Replaces the custom-scheme auto-redirect (which triggers Chrome's confirmation prompt) with a verified Android App Link handoff: - public/.well-known/assetlinks.json for space.einundzwanzig.mobile (debug cert fingerprint; add the release cert before store builds) - GET /app/auth handoff: opens the app directly when the App Link is verified; renders a button-based fallback page otherwise - POST /api/mobile/token: trades a NIP-55-signed login event for a Sanctum token — used when Amber's callback opens the app directly - complete/confirm/signedCallback now redirect to the handoff URL
This commit is contained in:
HolgerHatGarKeineNode
@@ -89,5 +89,12 @@ Route::get('/nostr-login-callback', [MobileAuthController::class, 'nostrCallback
|
||||
->middleware('throttle:30,1')
|
||||
->name('auth.nostr.callback');
|
||||
|
||||
// Token exchange for the mobile app: trades a NIP-55-signed login event
|
||||
// for a Sanctum personal access token (used when the signer callback
|
||||
// opens the app directly via a verified App Link).
|
||||
Route::post('/mobile/token', [MobileAuthController::class, 'token'])
|
||||
->middleware('throttle:30,1')
|
||||
->name('auth.mobile.token');
|
||||
|
||||
Route::post('/check-auth-error', [LnurlAuthController::class, 'checkError'])
|
||||
->name('auth.check-error');
|
||||
|
||||
Reference in New Issue
Block a user