ThetaPass - JavaScript

📘

OAuth 2.0 Apps

Only ThetaDrop creators can make apps on ThetaDrop. Please contact your project manager for access.

Example Project

View on GitHub

OAuth2.0 Login

Getting started

ThetaDropConnect - slim library to interact with the ThetaDrop accounts .

Installing ThetaDropConnect

Dapps must use the ThetaDropConnect library to interact (read-only) with the user's accounts on ThetaDrop to prove ownership of NFTs.

npm install --save @thetalabs/theta-drop-connect

Importing

Three different ways to import depending on your project.

node.js require

const ThetaDropConnect = require("@thetalabs/theta-drop-connect");

ES6

import {ThetaDropConnect} from '@thetalabs/theta-drop-connect';

JS Script Tag

<script type="application/javascript" src="//unpkg.com/@thetalabs/[email protected]/dist/theta-drop-connect.umd.js"></script>

<!-- Using the UMD version requires a bit of extra setup because of the setup of the ThetaDropConnect module (i.e. exporting ThetaDropConnect class)-->
<script type="application/javascript">
const ThetaDropConnect = window.ThetaDropConnect.ThetaDropConnect;
</script>

Initialize a ThetaDropConnect object

const thetaDrop = new ThetaDropConnect();

Login with ThetaDrop

Users must login to ThetaDrop to fetch their OAuth2.0 credentials.

Via Popup

const AppId = 'YOUR_THETA_APP_ID';
const RedirectUrl = 'YOUR_THETA_APP_REDIRECT_URL';
const result = await thetaDrop.connectViaPopup(AppId, RedirectUrl);
const {snsId, oauth2Token} = result;

Via Redirect

const AppId = 'YOUR_THETA_APP_ID';
const RedirectUrl = 'YOUR_THETA_APP_REDIRECT_URL';
thetaDrop.connectViaRedirect(AppId, RedirectUrl);

Exchange authorization token for access token

🚧

Secret token safety

Never expose your secret token on your frontend. This request should ONLY be made from your backend API.

The authorization code is an intermediate credential, which encodes the authorization obtained at step 1. It is therefore opaque to the client and only has meaning to the authorization server. To retrieve the access token your backend should make a request to the Theta Platform Services authorization endpoint.

Request:

curl -X POST https://services-api.thetatoken.org/application/authorize
?authorization_code=INSERT_CLIENT_AUTHORIZATION_CODE_HERE 
-H "Content-Type: application/json" 
-H "x-client-id: YOUR_DAPP_ID" 
-H "x-client-secret: YOUR_DAPP_SECRET"

Response:

{
  "status": "success",
  "body": {
    "user_sessions": [
      {
        "id": "sess_somesessionid",
        "user_id": "user_someuserid",
        "type": "access_token",
        "access_token": "someaccesstoken",
        "expiration": "2022-02-21T19:41:45.198Z"
      }
    ]
  }
}

You should use the user_id returned here and ignore the sns_id from the redirectUrl.

Using ThetaPass to prove ownership of NFT

Fetch User

Fetch the account info for a connected user.

 const userData = await thetaDrop.fetchUser();

Check User Ownership

Fetch the account info for a connected user.

Example proving ownership ThetaZilla NFT

const ThetaZillaId = 'type_2s2kcznsu3e06en43r3kg50b90c';
const filters = {
    content_id: ThetaZillaId
};
const isOwner = await thetaDrop.checkUserIsOwner(filters); 

Example proving ownership by any NFT created by ThetaZilla NFT

const ThetaZillaCreatorId = 'user_446i201m6304j1ts23d48cwuyxq';
const filters = {
    content_creator_id: ThetaZillaCreatorId
};
const isOwner = await thetaDrop.checkUserIsOwner(filters); 

Fetch NFTs

Example fetching all NFTs created by ThetaZilla NFT

const ThetaZillaCreatorId = 'user_446i201m6304j1ts23d48cwuyxq';
const filters = {
    content_creator_id: ThetaZillaCreatorId
};
const response = thetaDrop.fetchUserNFTs();

Did this page help you?