moon
/
ditto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'nip05-set' into 'develop' 

accounts: set nip05 during update_credentials

See merge request soapbox-pub/ditto!44
This commit is contained in:
Alex Gleason 2023-09-11 23:48:06 +00:00
parent 3394474ee2 62ac9bffa3
commit 334814056b
3 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/app.ts
View File

@ -1,4 +1,5 @@
import '@/cron.ts'; import '@/cron.ts';
import { type User } from '@/db/users.ts';
import { import {
type Context, type Context,
cors, cors,
@ -69,6 +70,8 @@ interface AppEnv extends HonoEnv {
seckey?: string; seckey?: string;
/** NIP-98 signed event proving the pubkey is owned by the user. */ /** NIP-98 signed event proving the pubkey is owned by the user. */
proof?: Event<27235>; proof?: Event<27235>;
/** User associated with the pubkey, if any. */
user?: User;
}; };
} }
@ -107,7 +110,11 @@ app.get('/oauth/authorize', oauthController);
app.post('/api/v1/accounts', requireProof(), createAccountController); app.post('/api/v1/accounts', requireProof(), createAccountController);
app.get('/api/v1/accounts/verify_credentials', requirePubkey, verifyCredentialsController); app.get('/api/v1/accounts/verify_credentials', requirePubkey, verifyCredentialsController);
app.patch('/api/v1/accounts/update_credentials', requirePubkey, updateCredentialsController); app.patch(
'/api/v1/accounts/update_credentials',
requireRole('user', { validatePayload: false }),
updateCredentialsController,
);
app.get('/api/v1/accounts/search', accountSearchController); app.get('/api/v1/accounts/search', accountSearchController);
app.get('/api/v1/accounts/lookup', accountLookupController); app.get('/api/v1/accounts/lookup', accountLookupController);
app.get('/api/v1/accounts/relationships', relationshipsController); app.get('/api/v1/accounts/relationships', relationshipsController);

2
src/controllers/api/accounts.ts
View File

@ -164,6 +164,7 @@ const updateCredentialsSchema = z.object({
const updateCredentialsController: AppController = async (c) => { const updateCredentialsController: AppController = async (c) => {
const pubkey = c.get('pubkey')!; const pubkey = c.get('pubkey')!;
const user = c.get('user')!;
const body = await parseBody(c.req.raw); const body = await parseBody(c.req.raw);
const result = updateCredentialsSchema.safeParse(body); const result = updateCredentialsSchema.safeParse(body);
@ -190,6 +191,7 @@ const updateCredentialsController: AppController = async (c) => {
meta.about = note ?? meta.about; meta.about = note ?? meta.about;
meta.picture = avatar?.url ?? meta.picture; meta.picture = avatar?.url ?? meta.picture;
meta.banner = header?.url ?? meta.banner; meta.banner = header?.url ?? meta.banner;
meta.nip05 = `${user.username}@${Conf.url.host}` ?? meta.nip05;
const event = await createEvent({ const event = await createEvent({
kind: 0, kind: 0,

3
src/middleware/auth98.ts
View File

@ -32,8 +32,9 @@ type UserRole = 'user' | 'admin';
/** Require the user to prove their role before invoking the controller. */ /** Require the user to prove their role before invoking the controller. */
function requireRole(role: UserRole, opts?: ParseAuthRequestOpts): AppMiddleware { function requireRole(role: UserRole, opts?: ParseAuthRequestOpts): AppMiddleware {
return withProof(async (_c, proof, next) => { return withProof(async (c, proof, next) => {
const user = await findUser({ pubkey: proof.pubkey }); const user = await findUser({ pubkey: proof.pubkey });
c.set('user', user);
if (user && matchesRole(user, role)) { if (user && matchesRole(user, role)) {
await next(); await next();