@pooflabs/server 0.0.4 → 0.0.5

package/dist/index.js

@@ -6262,24 +6262,15 @@ async function genSolanaMessage(address, nonce) {
     const statement = "Sign this message to authenticate with our application.";
     const currentDate = new Date();
     const issuedAt = currentDate.toISOString();
-    // If nonce is provided, include it and expiration time (for secure authentication)
-    if (nonce) {
-        const expirationDate = new Date(currentDate.getTime() + 5 * 60 * 1000);
-        const expirationTime = expirationDate.toISOString();
-        return `${statement}\n\n` +
-            `Wallet address:\n${address}\n\n` +
-            `Domain: ${domain}\n` +
-            `Origin: ${origin}\n` +
-            `Nonce: ${nonce}\n` +
-            `Issued At: ${issuedAt}\n` +
-            `Expiration Time: ${expirationTime}`;
-    }
-    // Backward compatible: without nonce (for server-side usage)
+    const expirationDate = new Date(currentDate.getTime() + 5 * 60 * 1000);
+    const expirationTime = expirationDate.toISOString();
     return `${statement}\n\n` +
         `Wallet address:\n${address}\n\n` +
         `Domain: ${domain}\n` +
         `Origin: ${origin}\n` +
-        `Issued At: ${issuedAt}`;
+        `Nonce: ${nonce}\n` +
+        `Issued At: ${issuedAt}\n` +
+        `Expiration Time: ${expirationTime}`;
 }
 // ─────────────────────────────────────────────────────────────
 // Serialization Helpers
@@ -6447,7 +6438,9 @@ function loadKeypairFromEnv$1() {
 async function createSession() {
     const kp = loadKeypairFromEnv$1();
     const address = kp.publicKey.toBase58();
-    const message = await genSolanaMessage(address);
+    /* fetch nonce from auth API */
+    const nonce = await genAuthNonce();
+    const message = await genSolanaMessage(address, nonce);
     /* sign the message */
     const sigBytes = nacl$1.sign.detached(new TextEncoder().encode(message), kp.secretKey);
     const signature = Buffer.from(sigBytes).toString("base64");