updateCredentials: allow setting nip05 through the API, remove restrictions on update_credentials

src/app.ts

@@ -143,11 +143,7 @@ app.get('/oauth/authorize', oauthController);
 
 app.post('/api/v1/accounts', requireProof({ pow: 20 }), createAccountController);
 app.get('/api/v1/accounts/verify_credentials', requirePubkey, verifyCredentialsController);
-app.patch(
+app.patch('/api/v1/accounts/update_credentials', requirePubkey, updateCredentialsController);
-  '/api/v1/accounts/update_credentials',
-  requireRole('user', { validatePayload: false }),
-  updateCredentialsController,
-);
 app.get('/api/v1/accounts/search', accountSearchController);
 app.get('/api/v1/accounts/lookup', accountLookupController);
 app.get('/api/v1/accounts/relationships', relationshipsController);

src/controllers/api/accounts.ts

@@ -181,11 +181,11 @@ const updateCredentialsSchema = z.object({
   locked: z.boolean().optional(),
   bot: z.boolean().optional(),
   discoverable: z.boolean().optional(),
+  nip05: z.string().optional(),
 });
 
 const updateCredentialsController: AppController = async (c) => {
   const pubkey = c.get('pubkey')!;
-  const user = c.get('user')!;
   const body = await parseBody(c.req.raw);
   const result = updateCredentialsSchema.safeParse(body);
 
@@ -201,6 +201,7 @@ const updateCredentialsController: AppController = async (c) => {
     header: headerFile,
     display_name,
     note,
+    nip05,
   } = result.data;
 
   const [avatar, header] = await Promise.all([
@@ -212,7 +213,7 @@ const updateCredentialsController: AppController = async (c) => {
   meta.about = note ?? meta.about;
   meta.picture = avatar?.url ?? meta.picture;
   meta.banner = header?.url ?? meta.banner;
-  meta.nip05 = `${user.username}@${Conf.url.host}` ?? meta.nip05;
+  meta.nip05 = nip05 ?? meta.nip05;
 
   const event = await createEvent({
     kind: 0,

src/utils.ts

@@ -34,6 +34,8 @@ interface Nip05 {
   handle: string;
   /** The localpart, if available and not `_`. Otherwise the domain. */
   nickname: string;
+  /** The full NIP-05 identifier. */
+  value: string;
 }
 
 /**
@@ -50,6 +52,7 @@ function parseNip05(value: string): Nip05 {
     domain,
     handle: local === '_' ? domain : value,
     nickname: (local && local !== '_') ? local : domain,
+    value,
   };
 }
 

src/views/mastodon/accounts.ts

@@ -65,6 +65,9 @@ async function renderAccount(
         privacy: 'public',
         sensitive: false,
         follow_requests_count: 0,
+        nostr: {
+          nip05: parsed05?.value,
+        },
       }
       : undefined,
     statuses_count: event.author_stats?.notes_count ?? 0,