auth98: make requireProof obtain the event over NIP-46
This commit is contained in:
Alex Gleason
parent
c8d6389132
commit
7595dfa2e5
|
|
@ -1,7 +1,8 @@
|
|||
import { type AppMiddleware } from '@/app.ts';
|
||||
import { HTTPException } from '@/deps.ts';
|
||||
import { parseAuthRequest, type ParseAuthRequestOpts } from '@/utils/nip98.ts';
|
||||
import { buildAuthEventTemplate, parseAuthRequest, type ParseAuthRequestOpts } from '@/utils/nip98.ts';
|
||||
import { localRequest } from '@/utils/web.ts';
|
||||
import { signNostrConnect } from '@/sign.ts';
|
||||
|
||||
/**
|
||||
* NIP-98 auth.
|
||||
|
|
@ -22,12 +23,16 @@ function auth98(opts: ParseAuthRequestOpts = {}): AppMiddleware {
|
|||
}
|
||||
|
||||
const requireProof: AppMiddleware = async (c, next) => {
|
||||
const header = c.req.headers.get('x-nostr-sign');
|
||||
const pubkey = c.get('pubkey');
|
||||
const proof = c.get('proof');
|
||||
const proof = c.get('proof') || header ? await obtainProof() : undefined;
|
||||
|
||||
// if (!proof && hasWebsocket(c.req)) {
|
||||
// // TODO: attempt to sign nip98 event through websocket
|
||||
// }
|
||||
/** Get the proof over Nostr Connect. */
|
||||
async function obtainProof() {
|
||||
const req = localRequest(c);
|
||||
const event = await buildAuthEventTemplate(req);
|
||||
return signNostrConnect(event, c);
|
||||
}
|
||||
|
||||
if (!pubkey || !proof || proof.pubkey !== pubkey) {
|
||||
throw new HTTPException(401);
|
||||
|
|
|
|||
|
|
@ -101,4 +101,4 @@ async function signAdminEvent<K extends number = number>(event: EventTemplate<K>
|
|||
return finishEvent(event, Conf.seckey);
|
||||
}
|
||||
|
||||
export { signAdminEvent, signEvent };
|
||||
export { signAdminEvent, signEvent, signNostrConnect };
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import { type Event } from '@/deps.ts';
|
||||
import { type Event, type EventTemplate } from '@/deps.ts';
|
||||
import { decode64Schema, jsonSchema } from '@/schema.ts';
|
||||
import { signedEventSchema } from '@/schemas/nostr.ts';
|
||||
import { eventAge, findTag, sha256 } from '@/utils.ts';
|
||||
import { eventAge, findTag, nostrNow, sha256 } from '@/utils.ts';
|
||||
import { Time } from '@/utils/time.ts';
|
||||
|
||||
/** Decode a Nostr event from a base64 encoded string. */
|
||||
|
|
@ -38,9 +38,26 @@ function parseAuthRequest(req: Request, opts: ParseAuthRequestOpts = {}) {
|
|||
return schema.safeParseAsync(base64);
|
||||
}
|
||||
|
||||
/** Create an auth EventTemplate from a Request. */
|
||||
async function buildAuthEventTemplate(req: Request): Promise<EventTemplate<27235>> {
|
||||
const { method, url } = req;
|
||||
const payload = await req.clone().text().then(sha256);
|
||||
|
||||
return {
|
||||
kind: 27235,
|
||||
content: '',
|
||||
tags: [
|
||||
['method', method],
|
||||
['u', url],
|
||||
['payload', payload],
|
||||
],
|
||||
created_at: nostrNow(),
|
||||
};
|
||||
}
|
||||
|
||||
/** Get the value for the first matching tag name in the event. */
|
||||
function tagValue(event: Event, tagName: string): string | undefined {
|
||||
return findTag(event.tags, tagName)?.[1];
|
||||
}
|
||||
|
||||
export { parseAuthRequest, type ParseAuthRequestOpts };
|
||||
export { buildAuthEventTemplate, parseAuthRequest, type ParseAuthRequestOpts };
|
||||
|
|
|
|||
Loading…
Reference in New Issue