well-goknown/nostr/policies.go

60 lines
1.8 KiB
Go
Raw Permalink Normal View History

2024-08-17 19:18:55 +00:00
package nostr
import (
"context"
"fmt"
"git.devvul.com/asara/gologger"
"git.devvul.com/asara/well-goknown/config"
"github.com/fiatjaf/khatru"
"github.com/nbd-wtf/go-nostr"
)
func RejectUnregisteredNpubs(ctx context.Context, event *nostr.Event) (reject bool, msg string) {
l := gologger.Get(config.GetConfig().LogLevel).With().Caller().Logger()
2024-08-17 19:18:55 +00:00
// always allow the following kinds
// 13: nip-59 seals
2024-09-24 01:35:31 +00:00
// 9735: nip-57 zap receipt
// 21000: lightning.pub rpc
// 22242: nip-42 client auth
// 30078: nip-78 addressable events
switch event.Kind {
2024-09-24 01:35:31 +00:00
case 13, 9735, 21000, 22242, 30078:
2024-08-17 19:18:55 +00:00
return false, ""
}
// ensure pubkey has authenticated their pubkey
2024-08-17 19:18:55 +00:00
authenticatedUser := khatru.GetAuthed(ctx)
if authenticatedUser == "" {
2024-08-31 13:49:47 +00:00
l.Debug().Msgf("kind: %v, pubkey not authed: %s", event.Kind, event.PubKey)
2024-08-17 19:18:55 +00:00
return true, fmt.Sprintf("auth-required: interacting with this relay requires authentication")
}
// check if the message is by or for someone who is registered
2024-08-17 19:18:55 +00:00
npubs := []string{authenticatedUser}
// in addition to the registered users, others can use the relay for the following kinds
// as long as a registered user is tagged in the `p` tag
// 4: nip-04 encrypted dms
2024-09-25 02:29:00 +00:00
// 6: nip-18 reposts (kind 1)
2024-09-24 01:49:34 +00:00
// 7: nip-25 reactions
// 14: nip-17 private dms
2024-09-25 02:29:00 +00:00
// 16: nip-18 reposts (generic)
// 1059: nip-59 gift wraps
2024-09-25 02:29:00 +00:00
// 9802: nip-84 highlights
// 24133: nip-46 nostr connect
switch event.Kind {
2024-09-25 02:29:00 +00:00
case 4, 6, 7, 14, 16, 1059, 9802, 24133:
2024-08-17 19:18:55 +00:00
for _, npub := range event.Tags.GetAll([]string{"p"}) {
npubs = append(npubs, npub.Value())
}
}
// check if npubs are registered
if authz := checknPubsInDb(npubs); authz == false {
2024-09-24 01:49:34 +00:00
l.Debug().Msgf("kind: %v, pubkey: %s, unauthorized", event.Kind, event.PubKey)
return true, fmt.Sprintf("restricted: this event is not from or to any registered users/npubs")
2024-08-17 19:18:55 +00:00
}
return false, ""
}