fix: nostr auth #5
1 changed files with 20 additions and 7 deletions
|
@ -31,6 +31,7 @@ type nostrUser struct {
|
||||||
type nostrWellKnown struct {
|
type nostrWellKnown struct {
|
||||||
Names map[string]string `json:"names"`
|
Names map[string]string `json:"names"`
|
||||||
Relays map[string][]string `json:"relays,omitempty"`
|
Relays map[string][]string `json:"relays,omitempty"`
|
||||||
|
NIP46 map[string][]string `json:"nip46,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func GetNostrAddr(w http.ResponseWriter, r *http.Request) {
|
func GetNostrAddr(w http.ResponseWriter, r *http.Request) {
|
||||||
|
@ -39,6 +40,9 @@ func GetNostrAddr(w http.ResponseWriter, r *http.Request) {
|
||||||
// get query string for username
|
// get query string for username
|
||||||
r.ParseForm()
|
r.ParseForm()
|
||||||
name := strings.ToLower(r.FormValue("name"))
|
name := strings.ToLower(r.FormValue("name"))
|
||||||
|
if name == "_" {
|
||||||
|
name = ""
|
||||||
|
}
|
||||||
|
|
||||||
// normalize domain
|
// normalize domain
|
||||||
domain, _, err := net.SplitHostPort(r.Host)
|
domain, _, err := net.SplitHostPort(r.Host)
|
||||||
|
@ -76,7 +80,11 @@ func GetNostrAddr(w http.ResponseWriter, r *http.Request) {
|
||||||
// map of names
|
// map of names
|
||||||
n := make(map[string]string)
|
n := make(map[string]string)
|
||||||
for _, name := range names {
|
for _, name := range names {
|
||||||
n[name] = user.Pubkey
|
if name == "" {
|
||||||
|
n["_"] = user.Pubkey
|
||||||
|
} else {
|
||||||
|
n[name] = user.Pubkey
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// map of relays
|
// map of relays
|
||||||
|
@ -89,9 +97,14 @@ func GetNostrAddr(w http.ResponseWriter, r *http.Request) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// map of nip46
|
||||||
|
t := make(map[string][]string)
|
||||||
|
t[user.Pubkey] = []string{"wss://relay.devvul.com"}
|
||||||
|
|
||||||
ret := nostrWellKnown{
|
ret := nostrWellKnown{
|
||||||
Names: n,
|
Names: n,
|
||||||
Relays: s,
|
Relays: s,
|
||||||
|
NIP46: t,
|
||||||
}
|
}
|
||||||
|
|
||||||
j, err := json.Marshal(ret)
|
j, err := json.Marshal(ret)
|
||||||
|
@ -101,7 +114,7 @@ func GetNostrAddr(w http.ResponseWriter, r *http.Request) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
l.Debug().Msgf("returning nip05 for %s@%s", name, domain)
|
l.Debug().Msgf("returning nip05 for %s@%s: %s", name, domain, user.Pubkey)
|
||||||
w.Header().Set("Content-Type", "application/json")
|
w.Header().Set("Content-Type", "application/json")
|
||||||
w.WriteHeader(http.StatusOK)
|
w.WriteHeader(http.StatusOK)
|
||||||
w.Write(j)
|
w.Write(j)
|
||||||
|
@ -134,7 +147,7 @@ func NewRelay(version string) *khatru.Relay {
|
||||||
relay.DeleteEvent = append(relay.DeleteEvent, RelayDb.DeleteEvent)
|
relay.DeleteEvent = append(relay.DeleteEvent, RelayDb.DeleteEvent)
|
||||||
|
|
||||||
// apply policies
|
// apply policies
|
||||||
policies.ApplySaneDefaults(relay)
|
//policies.ApplySaneDefaults(relay)
|
||||||
|
|
||||||
relay.RejectEvent = append(
|
relay.RejectEvent = append(
|
||||||
relay.RejectEvent,
|
relay.RejectEvent,
|
||||||
|
@ -152,10 +165,10 @@ func NewRelay(version string) *khatru.Relay {
|
||||||
|
|
||||||
func RejectUnregisteredNpubs(ctx context.Context, event *nostr.Event) (reject bool, msg string) {
|
func RejectUnregisteredNpubs(ctx context.Context, event *nostr.Event) (reject bool, msg string) {
|
||||||
l := gologger.Get(config.GetConfig().LogLevel).With().Str("context", "nostr-reject-unregistered").Logger()
|
l := gologger.Get(config.GetConfig().LogLevel).With().Str("context", "nostr-reject-unregistered").Logger()
|
||||||
authenticatedUser := khatru.GetAuthed(ctx)
|
|
||||||
|
|
||||||
if authenticatedUser == "" {
|
// always allow auth messages
|
||||||
return true, fmt.Sprintf("auth-required: user (%s) not authed", event.PubKey)
|
if event.Kind == 22242 {
|
||||||
|
return false, ""
|
||||||
}
|
}
|
||||||
|
|
||||||
// reject nip-04 messages to users who aren't registered
|
// reject nip-04 messages to users who aren't registered
|
||||||
|
@ -185,7 +198,7 @@ func RejectUnregisteredNpubs(ctx context.Context, event *nostr.Event) (reject bo
|
||||||
err := DB.QueryRow("SELECT id FROM users WHERE pubkey=$1", event.PubKey).Scan(&uid)
|
err := DB.QueryRow("SELECT id FROM users WHERE pubkey=$1", event.PubKey).Scan(&uid)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
l.Debug().Msgf("kind: %v, pubkey: %s, error: %s", event.Kind, event.PubKey, err.Error())
|
l.Debug().Msgf("kind: %v, pubkey: %s, error: %s", event.Kind, event.PubKey, err.Error())
|
||||||
return true, fmt.Sprintf("pubkey %s is not registered to any users", event.PubKey)
|
return true, fmt.Sprintf("restricted: pubkey %s is not registered to any users", event.PubKey)
|
||||||
}
|
}
|
||||||
return false, ""
|
return false, ""
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue