'How to handle user login in Ethereum DApps?

I have locally created a DApp in Solidity for Ethereum framework. I have a smart contract, a js file (using web3 API) and html file. What I want to achieve is the login feature since the smart contract will return different results depending from the caller. I know I can access the functions using the Mist Browser, but I want a complete custom 'user interface'. Currently, I am simulating the login by manually specifying the 'logged in' user using web3.eth.accounts[0] in the javascript file where the contract functions are called.

I have seen this answer: Handling user profiles in Ethereum DApps but it mentions IPFS and Json file and does not seem the solution for me.
My questions are:

  • Should I handle the login (registration, create of Ethereum account) myself like a custom wallet generating the private, public keys and signing of the transactions?

    Or

  • Is there a feature in MetaMask or Mist Browser that offers also the deploying of html and js?

  • This is an article for SWARM as a distributed storage for html, js etc https://blog.ethereum.org/2016/12/15/swarm-alpha-public-pilot-basics-swarm/ but I cannot figure out if it the case for my problem.

Which of my points can be a solution for login in DApps?

soliditymetamask


Solution 1:[1]

This largely depends on a number of factors including what your definition of login or authentication means. If you're truly talking just about registration or creation of an Ethereum account (public/private key pairing), I would suggest using an external wallet such as MetaMask and not storing the private keys on the nodes as the simplest route.

MetaMask will inject an instance of web3 into the browser where the user can connect to the appropriate Ethereum network and interact with your DApp via their own self-managed account(s).

You could also handle this scenario utilizing a library such as ethereumjs-wallet. However, in doing so you will then have to securely manage the private keys off-chain on the behalf of the user. A benefit of this method would allow the end-user to be able to authenticate via any IDP and have their public address tied to that identity off-chain.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Ben Beck

Related Questions

Uploading metadata to IPFS using Pinata API for NFTs

Error in plugin @nomiclabs/hardhat-etherscan: The contract verification failed. Reason: Fail - Unable to verify - with arguments

VS Code 2 errors: 1st is "Import 'solcx' could not be resolved." 2nd issue is given in terminal as "INFO: Could not find files for the given patterns

UseDapp - useCall - How to get return value from Solidity function?

Web3 Cannot get value of a public variable from contract

ParserError: Source file requires different compiler version (current compiler is 0.8.7+commit.e28d00a7.Emscripten.clang)

can't import module from solidity file to python file in brownie; ImportError: cannot import name 'AdvancedCollectible' from 'brownie'

ERROR: brownie.exceptions.RPCConnectionError: Able to launch RPC client, but unable to connect

Solidity Error: member balance not found or not visible after argument-dependent lookup in contract

ERROR Brownie Mainnet Fork Testing `brownie.exceptions.VirtualMachineError: revert` problem or other?

Passing a Struct Array to constructor of Solidity Contract

Deploying a Smart Contract

Getting a smart contract, web3 python

I can't get "Typechain" folder when I install dependencies using hardhat

ERC721A smart contract