jdnichollsc/user-signature.dto.ts

## user-signature.dto.ts
import { ApiProperty } from '@nestjs/swagger';

export class UserSignatureDto {
  @ApiProperty({ description: 'Wallet base58-encoded public key' })
  walletPK: string;

  @ApiProperty({ description: 'base58-encoded signature of a unique message' })
  signature: string;
}

## user.controller.ts
import {
  Controller,
  UseGuards,
  Req,
  Post,
  Body,
  UnauthorizedException,
} from '@nestjs/common';
import { AuthGuard } from '@nestjs/passport';
import { ApiBearerAuth, ApiOperation, ApiTags } from '@nestjs/swagger';
import { Request } from 'express';
import nacl from 'tweetnacl';
import { PublicKey } from '@solana/web3.js';
import b58 from 'bs58';

import { UserService } from './user.service';
import { UserSignatureDto } from './user-signature.dto';

@ApiBearerAuth()
@UseGuards(AuthGuard('jwt'))
@ApiTags('User')
@Controller('user')
export class UserController {
  constructor(private readonly userService: UserService) {}

  @ApiOperation({ summary: `Verify that the request is signed by the owner of the public key` })
  @Post('wallet')
  async verifySignature(
    @Req() req: Request,
    @Body() signatureDto: UserSignatureDto,
  ) {
    const { walletPK, signature } = signatureDto;
    const message = `UserId: ${req.user.userId}`;
    const encodedMessage = new TextEncoder().encode(message);
    const hasValidSig = nacl.sign.detached.verify(
      encodedMessage,
      b58.decode(signature),
      new PublicKey(walletPK).toBytes(),
    );

    if (!hasValidSig) {
      throw new UnauthorizedException('Invalid signature');
    }
    const user = await this.userService.findOneByEmail(req.user.email);
    user.walletPK = walletPK;
    return await this.userService.update(user.userId, user);
  }
}
	import { ApiProperty } from '@nestjs/swagger';

	export class UserSignatureDto {
	@ApiProperty({ description: 'Wallet base58-encoded public key' })
	walletPK: string;

	@ApiProperty({ description: 'base58-encoded signature of a unique message' })
	signature: string;
	}
	import {
	Controller,
	UseGuards,
	Req,
	Post,
	Body,
	UnauthorizedException,
	} from '@nestjs/common';
	import { AuthGuard } from '@nestjs/passport';
	import { ApiBearerAuth, ApiOperation, ApiTags } from '@nestjs/swagger';
	import { Request } from 'express';
	import nacl from 'tweetnacl';
	import { PublicKey } from '@solana/web3.js';
	import b58 from 'bs58';

	import { UserService } from './user.service';
	import { UserSignatureDto } from './user-signature.dto';

	@ApiBearerAuth()
	@UseGuards(AuthGuard('jwt'))
	@ApiTags('User')
	@Controller('user')
	export class UserController {
	constructor(private readonly userService: UserService) {}

	@ApiOperation({ summary: `Verify that the request is signed by the owner of the public key` })
	@Post('wallet')
	async verifySignature(
	@Req() req: Request,
	@Body() signatureDto: UserSignatureDto,
	) {
	const { walletPK, signature } = signatureDto;
	const message = `UserId: ${req.user.userId}`;
	const encodedMessage = new TextEncoder().encode(message);
	const hasValidSig = nacl.sign.detached.verify(
	encodedMessage,
	b58.decode(signature),
	new PublicKey(walletPK).toBytes(),
	);

	if (!hasValidSig) {
	throw new UnauthorizedException('Invalid signature');
	}
	const user = await this.userService.findOneByEmail(req.user.email);
	user.walletPK = walletPK;
	return await this.userService.update(user.userId, user);
	}
	}