Skip to content

Use user_uid over user_email ubiquitously #3386

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Apr 14, 2025
Merged

Use user_uid over user_email ubiquitously #3386

merged 5 commits into from
Apr 14, 2025

Conversation

Kailai-Wang
Copy link
Collaborator

@Kailai-Wang Kailai-Wang commented Apr 14, 2025
edited
Loading

Context

As topic - hopefully we get the same mapped omni-account as backend this way so we don't have to move assets.
For some cases where email verification code needs to be validated, a user_email is still needed.

In exportWallet and withdraw it verifies if the user_id and user_email match

It also provides a helper rpc pumpx_getOmniAccount for cross-check

@Kailai-Wang Kailai-Wang self-assigned this Apr 14, 2025
@linear Linear
Copy link

linear bot commented Apr 14, 2025

P-1464 Use `user_uid` over `user_email` ubiquitously

@Kailai-Wang Kailai-Wang requested review from 0xverin and a team April 14, 2025 11:21
silva-fj
silva-fj reviewed Apr 14, 2025
View reviewed changes
Copy link
Contributor

@silva-fj silva-fj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should get the user ID from the BE, for us there is no way to verify it and map it to the user's email. We can keep the email authentication as it is, call the BE to get the user ID for that email and issue the JWTs with the OmniAcccount (sub) derived from that ID

@Kailai-Wang Kailai-Wang marked this pull request as draft April 14, 2025 12:15
@Kailai-Wang Kailai-Wang marked this pull request as ready for review April 14, 2025 13:01
kziemianek
kziemianek reviewed Apr 14, 2025
View reviewed changes
tee-worker/omni-executor/rpc-server/src/methods/pumpx/export_wallet.rs
);
};

if res.user_id != params.user_id {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we query it from backend anyway can we simply not accept it from frontend ?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it gives us extra chance to tell F/E something goes wrong early.
If F/E doesn't pass in user_email - it could still give the wrong/arbitrary user_id. Now at least they need to pass in matching pairs.

@Kailai-Wang Kailai-Wang enabled auto-merge (squash) April 14, 2025 13:26
@Kailai-Wang Kailai-Wang merged commit ddc9595 into dev Apr 14, 2025
23 of 38 checks passed
@Kailai-Wang Kailai-Wang deleted the p-1464-use-user_uid-over-user_email-ubiquitously branch April 14, 2025 14:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kziemianek kziemianek kziemianek approved these changes

@silva-fj silva-fj silva-fj approved these changes

@0xverin 0xverin Awaiting requested review from 0xverin

Assignees

@Kailai-Wang Kailai-Wang

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Kailai-Wang @kziemianek @silva-fj