Authentication Mechanism in Hyperledger Fabric based Web and Mobile application

Question

How to implement User Authentication in Hyperledger Fabric based Web and Mobile application? We know that Fabric CA returns Private key and Certificate on user registration.

1. What are the possible ways of authenticating users in Hyperledger Fabric based Web App?

2. Can we use password based authentication? If not, how to implement authentication using private key in Web app.

3. How to implement in Android Mobile App? How to secure private key in Android App?

Can someone share sample or pointers?

Answer 1

Typically you'll want to have an authentication layer that translates your typical user interactions, via a website or mobile app, into requests to the various Fabric nodes.

What that means is that you'll stand up some sort of api, we'll say it's in nodejs as the nodejs sdk is the most mature. You can set up whatever authentication you want to with that api: password, oauth, jwt, mutual tls, the same way you would with any other api. Now that your users are able to login to your api using whatever auth mechanism you selected, you can write endpoints that your authenticated users can hit that will then make requests to the fabric nodes on their behalf.

Once your api is up and running, you can make whichever front-end you want. Whether that front-end is a website or a mobile app, they'll both login to your api and then make requests to it using that login token.

Most of this is manual, meaning there's no utility that will stand up an api with an auth mechanism that'll make fabric requests for you. There used to be hyperledger composer but that's now defunct. However, you'll need to write your api in either nodejs or golang, which are the two languages with a mature sdk for communicating with fabric nodes.