Step 2.a: Get concordium account nonce #3
Comments
|
@CongThuong Can you check again with my ip, it works when I create the first time but then it show Error: connect ECONNREFUSED 127.0.0.1:8083 |
|
@CongThuong When I create a request GET with the account invalid |
#3: Step 2.a: Get concordium account nonce
|
{{domain}}/account/{{account}}/nonce |
|
When I use another address, it does not as expected: |
|
it's a wrong API to get nonce chị @thaoredweb : {{domain}}/account/{{account}}/nonce . Please use the collection that I shared you |
|
@CongThuong There is no problem with the API e. only 1 thing the expected result does not correct |
|
yeah, of course you cannot pass special characters directly to URL. it must be encoded first Chị @thaoredweb |
|
@jatitoam I have put an invalid address= 36FYT269JK4bqVVbwaXXzWBEZ9Q4DvR4GC6BiAwTk4JC7mUFGy#@ |
|
Not a critical error... you can get a nonce but good luck after that validating the signature |
|
We don't need signature to get nonce @jatitoam |
|
No, of course. But what I meant is simply that even if you can forge an account and get a nonce for it, you won't be able to get a valid signature of an invalid account, so it doesn't matter if the validation doesn't "work" here. |
Similar to the demo, we need an
/account/:account/nonceendpoint (GET) to generate a new random nonce, store it under anaccountscollection and return it to the frontend with a json structure:{ "nonce": "<nonce>" }If the account does not exist then it needs to be stored in the collection with its nonce. If it exists, the nonce needs to be updated with a new random nonce.
Additionally, add a regex validation for concordium accounts. If the account does not match the regex it should return a 406 with a json:
{ "error": "Account is not valid" }The text was updated successfully, but these errors were encountered: