Skip to content

Add wallet context to auth guard and store nonce in sessions #915

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
Copilot wants to merge 5 commits into
base: main
Choose a base branch
from
Draft

Add wallet context to auth guard and store nonce in sessions #915

Copilot wants to merge 5 commits into from
+112 −19

Conversation

Copy link

Copilot AI commented Jan 28, 2026
edited
Loading

Auth guard now provides wallet context to authenticated endpoints, eliminating redundant wallet lookups. Device sessions now capture the full authentication tuple (device, wallet, nonce, signature) for complete audit trails.

Changes

Enhanced VerifiedAuth

pub struct VerifiedAuth {
    pub device: DeviceRow,
    pub address: String,
    pub wallet_id: i32,           // Direct DB reference
    pub wallet_identifier: String, // e.g., "multicoin_0x123..."
}

Added nonce to devices_sessions

  • Migration adds nonce VARCHAR(256) NOT NULL
  • Complete authentication record: device + wallet + nonce + signature + timestamp

Eliminated redundant operations

  • Rewards endpoints previously recreated WalletId::Multicoin(address).id() and re-fetched wallet
  • Now use auth.wallet_id and auth.wallet_identifier directly
  • One wallet operation at auth time, reused everywhere

Code organization

  • Moved primitives::WalletType and primitives::WalletSource to top-level imports
  • Removed inline primitives:: qualifiers throughout

Example

Before:

pub async fn create_referral(request: Authenticated<ReferralCode>, ...) {
    let wallet_identifier = WalletId::Multicoin(request.auth.address.clone()).id();
    client.create_username(&wallet_identifier, ...)
}

After:

pub async fn create_referral(request: Authenticated<ReferralCode>, ...) {
    client.create_username(&request.auth.wallet_identifier, ...)
}
Original prompt

can you add devices_sessions table that will contain signsture, device id when it's used to login, see rewards logic that has a auth guard, it should contain logic there

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

@semanticdiff-com
Copy link

semanticdiff-com bot commented Jan 28, 2026
edited
Loading

Review changes with  SemanticDiff

Changed Files
File Status
  apps/api/src/referral/client.rs  65% smaller
  apps/api/src/referral/mod.rs  43% smaller
  apps/api/src/auth/guard.rs  10% smaller
  crates/storage/src/database/devices_sessions.rs  0% smaller
  crates/storage/src/database/mod.rs  0% smaller
  crates/storage/src/migrations/2026-01-28-052000_devices_sessions/down.sql Unsupported file format
  crates/storage/src/migrations/2026-01-28-052000_devices_sessions/up.sql Unsupported file format
  crates/storage/src/models/device_session.rs  0% smaller
  crates/storage/src/models/mod.rs  0% smaller
  crates/storage/src/schema.rs  0% smaller

@gemcoder21
Add devices_sessions table and auth guard integration
7733635 
Co-authored-by: gemcoder21 <104884878+gemcoder21@users.noreply.github.com>
Copilot AI changed the title [WIP] Add devices_sessions table for login signatures and device IDs Add devices_sessions table for authentication audit trail Jan 28, 2026
Copilot AI requested a review from gemcoder21 January 28, 2026 05:25
@gemcoder21
Change devices_sessions to use wallet_id FK instead of address
a0c6e9c 
Co-authored-by: gemcoder21 <104884878+gemcoder21@users.noreply.github.com>
Copilot AI changed the title Add devices_sessions table for authentication audit trail Use wallet_id FK in devices_sessions instead of address string Jan 28, 2026
Copilot AI and others added 2 commits January 28, 2026 17:08
@gemcoder21
Plan comprehensive refactor for reusability and completeness
23b757e 
Co-authored-by: gemcoder21 <104884878+gemcoder21@users.noreply.github.com>
@gemcoder21
Refactor for reusability: add wallet to auth, store nonce, fix imports
59f96a6 
Co-authored-by: gemcoder21 <104884878+gemcoder21@users.noreply.github.com>
Copilot AI changed the title Use wallet_id FK in devices_sessions instead of address string Add wallet context to auth guard and store nonce in sessions Jan 28, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gemcoder21 gemcoder21 Awaiting requested review from gemcoder21

1 more reviewer

@Aarcsupplier Aarcsupplier Aarcsupplier approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@gemcoder21 gemcoder21

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Aarcsupplier @gemcoder21