Authentication

Rest API authentication info

There are four types of REST API calls:

• non-logged user calls (list of current/future deals)

• logged user calls (status for current/previous allocation of the caller)

• community owner calls (community reports)

• admin calls (managing deals, communities,...)

Last three types of calls have to use following authentication schema:

• every call has to contain following headers:

  • AX-auth-signer - wallet of signer

  • AX-auth-timestamp - timestamp of the sign process (valid for 24hr)

  • AX-auth-signature - signed message

• signed message has following form:

Login 0xaddr to launchpad.angelssquad.xyz at 12345678

• where 0xaddr is signer wallet address (public key)

• 12345678 is current timestamp (number of seconds elapsed since January 1, 1970)

Sign example

import { ethers } from "ethers";

const message = "Login 0xaddr to launchpad.angelssquad.xyz at 12345678";
const walletFromPk = new ethers.Wallet(wallet.private);
walletFromPk.signMessage(message);

Request example

Testing authentication against RestAPI server

GET https://server/auth/demo/test

Headers

Name	Type	Description
AX-auth-signer*	string	Address (public key) of signer 0x6fa94aB06Ff61d049c25164d707950Ea45DA3B82
AX-auth-timestamp*	timestamp	Timestamp of signature (valid for 24hrs) 1692278228
AX-auth-signature*	string	Calculated signature 0x70aef73ac1a27323d648582de8fd2cf519e977bd2dde282c65b91e640da6d240730a83a9841385266fdf429e64723fa42623b007f2049be84336df2c15773bab1b
	String

401: Unauthorized When signature is invalid

401 is returned when signature is expired or invalid

200: OK

404: Not Found When missing signature

Generates signature for testing wallet

GET https://server/auth/demo/generate

200: OK

signer: 0x6ba2FE81D6715B6de999a8B020016Fe365F1e74d
timestamp: 1692278228
signature:
0x70aef73ac1a27323d648582de8fd2cf519e977bd2dde282c65b91e640da6d240730a83a9841385266fdf429e64723fa42623b007f2049be84336df2c15773bab1b

Postman example