nostr/nips
1
0
Fork 0
mirror of https://github.com/nostr-protocol/nips.git synced 2024-11-09 22:09:06 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

NIP-97

Browse Source
This commit is contained in:
Semisol 2024-02-12 23:30:31 +03:00 committed by GitHub
parent 84541be741
commit 101cd793ee
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 25 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
97.md Normal file
View File

@ -0,0 +1,25 @@
NIP-97
======
Nostr Login
-----------
`draft` `optional`
This NIP defines a method for a way for users to prove to apps that they control a certain private key. This can be used to enable login for services like the management panel of image hosts.
## Login URI
A login URI is defined of the format `nostr+login:<domain>:<identifier>` where `domain` MUST be a valid DNS domain or .onion service. The `identifier` MUST only consist of `A-Z a-z 0-9 _ - .`.
This login URI can be presented as a clickable link, a QR code or a copyable string.
## Login process
A client that wishes to log in to a service SHOULD display the domain associated with the service to the end user before allowing them to log in to prevent services showing a login string for another service.
After the user approves the login, the client should send a POST request to `/.well-known/nostr-login` to the `domain` with the `i` query parameter set to the `identifier` and a valid NIP-98 authentication header present.
HTTPS should always be used except for `.onion` services, which should be contacted using HTTP.
Clients MAY or MAY NOT decide to implement support for `.onion` services.