https://github.com/proofoftom/drupal_siwe_server
Custom Drupal module for decoupled authentication with JWT tokens compliant with Sign in with Ethereum (EIP-4361) standards.
https://github.com/proofoftom/drupal_siwe_server
Last synced: 10 months ago
JSON representation
Custom Drupal module for decoupled authentication with JWT tokens compliant with Sign in with Ethereum (EIP-4361) standards.
- Host: GitHub
- URL: https://github.com/proofoftom/drupal_siwe_server
- Owner: proofoftom
- Created: 2025-08-29T10:09:39.000Z (10 months ago)
- Default Branch: main
- Last Pushed: 2025-08-29T15:44:30.000Z (10 months ago)
- Last Synced: 2025-08-29T18:43:55.385Z (10 months ago)
- Language: PHP
- Size: 13.7 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# SIWE Server for Drupal
## Overview
This module provides API endpoints for SIWE authentication with Next-Drupal, using the Drupal JWT module for token generation and validation.
## Requirements
- Drupal 10.0 or higher
- PHP 8.1 or higher
- Composer
- siwe_login module
- Drupal JWT module
## Installation
1. Install via Composer: `composer require drupal/siwe_server`
2. Enable modules: `drush en siwe_server jwt jwt_auth_issuer -y`
3. Configure the JWT module at `/admin/config/system/jwt` (see below)
4. Import configuration: `drush config-import --partial --source=modules/custom/siwe_server/config/install`
5. Configure at `/admin/config/services/siwe-server` or through the admin menu under "Configuration > Web services > SIWE Server"
## JWT Module Configuration
This module relies on the Drupal JWT module for token generation. You'll need to:
1. Create a key at `/admin/config/system/keys`:
- Type: JWT HMAC Key or JWT RSA Key
- Provider: Configuration or File
2. Configure the JWT module at `/admin/config/system/jwt` to use your key
## API Endpoints
- `GET /api/siwe/nonce` - Get authentication nonce
- `POST /api/siwe/auth` - Authenticate with SIWE
- `POST /api/siwe/refresh` - Refresh access token (not currently supported with JWT module)
- `POST /api/siwe/logout` - Logout user
## Configuration
See `/admin/config/services/siwe-server` for configuration options.
### Allowed Origins
The "Allowed Origins" setting allows you to specify which origins are allowed to access the SIWE API endpoints. These same origins are used to configure the expected domains in the SIWE Login module.
This ensures that SIWE messages generated by your frontend application are properly validated by the SIWE Login module.
You can specify multiple origins, one per line (e.g., `http://localhost:3000`, `https://your-nextjs-app.com`). Enter the exact URLs that will be used by your frontend applications.
All specified origins are used for SIWE domain validation.
### Allow Drupal Login
The "Allow Drupal login with SIWE Login Block" checkbox controls whether users can login to the Drupal site using the SIWE Login Block. When enabled, the current site domain is included in the allowed domains for SIWE validation.
## Security
- Uses JWT tokens with configurable algorithm (defaults to HS256)
- Configurable token expiration
## Support
Report issues at: [https://github.com/proofoftom/drupal_siwe_server/issues](https://github.com/proofoftom/drupal_siwe_server/issues)
## Implementation Details
This module provides REST API endpoints for SIWE authentication that are compatible with Next-Drupal:
1. The `/api/siwe/auth` endpoint validates the SIWE message and signature using the siwe_login module
2. If the authentication is successful, a JWT token is generated using the Drupal JWT module
3. The JWT token can be used to authenticate subsequent requests to Drupal
4. The `/api/siwe/logout` endpoint handles user logout
## Testing
Unit tests are available in the `tests/src/Unit/Form` directory.