Skip to content

feat(auth): add fetchAuthChallenge and complete SEP-10 wallet auth flow#809

Merged
Akshola00 merged 3 commits into
Web3Novalabs:mainfrom
priscaenoch:feature/698-700-fetch-auth-challenge-wallet-sep10
Jun 29, 2026
Merged

feat(auth): add fetchAuthChallenge and complete SEP-10 wallet auth flow#809
Akshola00 merged 3 commits into
Web3Novalabs:mainfrom
priscaenoch:feature/698-700-fetch-auth-challenge-wallet-sep10

Conversation

@priscaenoch

Copy link
Copy Markdown
Contributor

Summary

Changes

nevo_frontend/lib/api-client.ts

  • Added AuthChallenge interface ({ nonce: string; expiresAt: number })
  • Added fetchAuthChallenge(publicKey: string): Promise<AuthChallenge> calling GET /auth/challenge with requireAuth: false and cacheResponse: false

nevo_frontend/src/store/walletStore.ts

  • Imported signWithWallet from @/app/stellar-wallets-kit
  • Imported fetchAuthChallenge and verifyAuthSignature from @/lib/api-client
  • Updated connectWallet(): after obtaining publicKey, runs fetchAuthChallengesignWithWallet(nonce)verifyAuthSignature → sets accessToken and isAuthenticated: true

nevo_frontend/__tests__/api-client.test.ts

  • Added fetchAuthChallenge tests: success path and 4xx error throwing ApiError

nevo_frontend/__tests__/walletStore.test.ts

  • Mocked @/lib/api-client and @/lib/stellar
  • Added connectWallet SEP-10 auth suite: full flow success, onSuccess callback, and error propagation from verifyAuthSignature

Testing

  • New unit tests cover fetchAuthChallenge (success + error) and the connectWallet SEP-10 flow (success, callback, and auth failure propagation)
  • Existing disconnectWallet test preserved and unaffected

closes #698
closes #700

- Add fetchAuthChallenge(publicKey) to lib/api-client.ts calling
  GET /auth/challenge?publicKey=<pubkey>, returns { nonce, expiresAt }
- Export AuthChallenge interface from api-client.ts
- Update walletStore connectWallet() to run the full SEP-10 flow:
  fetch challenge → sign nonce via Freighter → verify → store JWT
- isAuthenticated is set to true only after successful auth verification
- Add tests for fetchAuthChallenge (success and 4xx error cases)
- Add tests for walletStore SEP-10 flow (success, callback, error cases)

Closes Web3Novalabs#698
Closes Web3Novalabs#700
@drips-wave

drips-wave Bot commented Jun 29, 2026

Copy link
Copy Markdown

@priscaenoch Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

Frontend:
- Add missing recentDonations useState declaration in profile/page.tsx;
  state was referenced in render and useEffect but never declared

Server:
- auth.module.ts: remove duplicate ConfigModule import and deduplicate
  PassportModule/TypeOrmModule.forFeature entries in imports array
- donations.service.ts: add missing InjectRepository, Repository imports
  and Donation entity import; export DonationSortBy type consumed by
  donations.controller.ts
- pools.controller.ts: add missing Query decorator import from
  @nestjs/common; inject DonationsService into constructor (already
  provided via DonationsModule import in PoolsModule)
@Akshola00 Akshola00 merged commit f6697a7 into Web3Novalabs:main Jun 29, 2026
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[S4] Update walletStore to complete SEP-10 auth after wallet connect [S4] Add fetchAuthChallenge() function to API client

2 participants