58 lines
1.7 KiB
Go
58 lines
1.7 KiB
Go
package nostr
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
|
|
"git.devvul.com/asara/gologger"
|
|
"git.devvul.com/asara/well-goknown/config"
|
|
"github.com/fiatjaf/khatru"
|
|
"github.com/nbd-wtf/go-nostr"
|
|
)
|
|
|
|
func RejectUnregisteredNpubs(ctx context.Context, event *nostr.Event) (reject bool, msg string) {
|
|
l := gologger.Get(config.GetConfig().LogLevel).With().Caller().Logger()
|
|
|
|
// always allow the following kinds
|
|
// 13: nip-59 seals
|
|
// 9735: nip-57 zap receipt
|
|
// 21000: lightning.pub rpc
|
|
// 22242: nip-42 client auth
|
|
// 30078: nip-78 addressable events
|
|
switch event.Kind {
|
|
case 13, 9735, 21000, 22242, 30078:
|
|
return false, ""
|
|
}
|
|
|
|
// ensure pubkey has authenticated their pubkey
|
|
authenticatedUser := khatru.GetAuthed(ctx)
|
|
if authenticatedUser == "" {
|
|
l.Debug().Msgf("kind: %v, pubkey not authed: %s", event.Kind, event.PubKey)
|
|
khatru.RequestAuth(ctx)
|
|
return true, fmt.Sprintf("auth-required: interacting with this relay requires authentication")
|
|
}
|
|
|
|
// check if the message is by or for someone who is registered
|
|
npubs := []string{authenticatedUser}
|
|
// in addition to the registered users, others can use the relay for the following kinds
|
|
// as long as a registered user is tagged in the `p` tag
|
|
// 4: nip-04 encrypted dms
|
|
// 7: nip-25 reactions
|
|
// 14: nip-17 private dms
|
|
// 1059: nip-59 gift wraps
|
|
// 24133: nip-46 nostr connect
|
|
switch event.Kind {
|
|
case 4, 7, 14, 1059, 24133:
|
|
for _, npub := range event.Tags.GetAll([]string{"p"}) {
|
|
npubs = append(npubs, npub.Value())
|
|
}
|
|
}
|
|
|
|
// check if npubs are registered
|
|
if authz := checknPubsInDb(npubs); authz == false {
|
|
l.Debug().Msgf("kind: %v, pubkey: %s, unauthorized", event.Kind, event.PubKey)
|
|
return true, fmt.Sprintf("restricted: this event is not from or to any registered users/npubs")
|
|
}
|
|
return false, ""
|
|
}
|