How Login with MetaMask Works
To login to a Dapp with your public address, the Dapp needs to verify that you are the account owner. Every public key has a private key associated with it. But you can’t just hand over your private key over to someone else.
Instead, the Dapp asks you to sign a message with your private key cryptographically. MetaMask opens up, and you are prompted to sign a message, for example, “hello” which will then send the signed message to the backend.