moon
/
ditto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

auth98: make requireProof obtain the event over NIP-46

This commit is contained in:
Alex Gleason 2023-09-02 19:33:13 -05:00
parent c8d6389132
commit 7595dfa2e5
No known key found for this signature in database
GPG Key ID: 7211D1F99744FBB7
3 changed files with 31 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/middleware/auth98.ts
View File

@ -1,7 +1,8 @@
import { type AppMiddleware } from '@/app.ts'; import { type AppMiddleware } from '@/app.ts';
import { HTTPException } from '@/deps.ts'; import { HTTPException } from '@/deps.ts';
import { parseAuthRequest, type ParseAuthRequestOpts } from '@/utils/nip98.ts'; import { buildAuthEventTemplate, parseAuthRequest, type ParseAuthRequestOpts } from '@/utils/nip98.ts';
import { localRequest } from '@/utils/web.ts'; import { localRequest } from '@/utils/web.ts';
import { signNostrConnect } from '@/sign.ts';
/** /**
* NIP-98 auth. * NIP-98 auth.
@ -22,12 +23,16 @@ function auth98(opts: ParseAuthRequestOpts = {}): AppMiddleware {
} }
const requireProof: AppMiddleware = async (c, next) => { const requireProof: AppMiddleware = async (c, next) => {
const header = c.req.headers.get('x-nostr-sign');
const pubkey = c.get('pubkey'); const pubkey = c.get('pubkey');
const proof = c.get('proof'); const proof = c.get('proof') || header ? await obtainProof() : undefined;
// if (!proof && hasWebsocket(c.req)) { /** Get the proof over Nostr Connect. */
// // TODO: attempt to sign nip98 event through websocket async function obtainProof() {
// } const req = localRequest(c);
const event = await buildAuthEventTemplate(req);
return signNostrConnect(event, c);
}
if (!pubkey || !proof || proof.pubkey !== pubkey) { if (!pubkey || !proof || proof.pubkey !== pubkey) {
throw new HTTPException(401); throw new HTTPException(401);

2
src/sign.ts
View File

@ -101,4 +101,4 @@ async function signAdminEvent<K extends number = number>(event: EventTemplate<K>
return finishEvent(event, Conf.seckey); return finishEvent(event, Conf.seckey);
} }
export { signAdminEvent, signEvent }; export { signAdminEvent, signEvent, signNostrConnect };

23
src/utils/nip98.ts
View File

@ -1,7 +1,7 @@
import { type Event } from '@/deps.ts'; import { type Event, type EventTemplate } from '@/deps.ts';
import { decode64Schema, jsonSchema } from '@/schema.ts'; import { decode64Schema, jsonSchema } from '@/schema.ts';
import { signedEventSchema } from '@/schemas/nostr.ts'; import { signedEventSchema } from '@/schemas/nostr.ts';
import { eventAge, findTag, sha256 } from '@/utils.ts'; import { eventAge, findTag, nostrNow, sha256 } from '@/utils.ts';
import { Time } from '@/utils/time.ts'; import { Time } from '@/utils/time.ts';
/** Decode a Nostr event from a base64 encoded string. */ /** Decode a Nostr event from a base64 encoded string. */
@ -38,9 +38,26 @@ function parseAuthRequest(req: Request, opts: ParseAuthRequestOpts = {}) {
return schema.safeParseAsync(base64); return schema.safeParseAsync(base64);
} }
/** Create an auth EventTemplate from a Request. */
async function buildAuthEventTemplate(req: Request): Promise<EventTemplate<27235>> {
const { method, url } = req;
const payload = await req.clone().text().then(sha256);
return {
kind: 27235,
content: '',
tags: [
['method', method],
['u', url],
['payload', payload],
],
created_at: nostrNow(),
};
}
/** Get the value for the first matching tag name in the event. */ /** Get the value for the first matching tag name in the event. */
function tagValue(event: Event, tagName: string): string | undefined { function tagValue(event: Event, tagName: string): string | undefined {
return findTag(event.tags, tagName)?.[1]; return findTag(event.tags, tagName)?.[1];
} }
export { parseAuthRequest, type ParseAuthRequestOpts }; export { buildAuthEventTemplate, parseAuthRequest, type ParseAuthRequestOpts };