moon
/
soapbox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/main' into fix-classnames

This commit is contained in:
danidfra 2024-11-01 12:18:21 -03:00
parent 9453d10bec fbfac7b5a3
commit 16fc323fb2
38 changed files with 599 additions and 284 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
package.json
View File

@ -35,7 +35,7 @@
},
"license": "AGPL-3.0-or-later",
"browserslist": [
"> 0.5%",
"> 1%",
"last 2 versions",
"not dead"
],
@ -155,7 +155,8 @@
"vite-plugin-html": "^3.2.2",
"vite-plugin-require": "^1.2.14",
"vite-plugin-static-copy": "^1.0.6",
"zod": "^3.23.5"
"zod": "^3.23.5",
"zustand": "^5.0.0"
},
"devDependencies": {
"@formatjs/cli": "^6.2.0",

5
src/actions/about.test.ts
View File

@ -1,5 +1,4 @@
import MockAdapter from 'axios-mock-adapter';
import { Map as ImmutableMap } from 'immutable';
import { staticClient } from 'soapbox/api';
import { mockStore } from 'soapbox/jest/test-helpers';
@ -23,7 +22,7 @@ describe('fetchAboutPage()', () => {
{ type: FETCH_ABOUT_PAGE_REQUEST, slug: 'index' },
{ type: FETCH_ABOUT_PAGE_SUCCESS, slug: 'index', html: '<h1>Hello world</h1>' },
];
const store = mockStore(ImmutableMap());
const store = mockStore({});
return store.dispatch(fetchAboutPage()).then(() => {
expect(store.getActions()).toEqual(expectedActions);
@ -35,7 +34,7 @@ describe('fetchAboutPage()', () => {
{ type: FETCH_ABOUT_PAGE_REQUEST, slug: 'asdf' },
{ type: FETCH_ABOUT_PAGE_FAIL, slug: 'asdf', error: new Error('Request failed with status code 404') },
];
const store = mockStore(ImmutableMap());
const store = mockStore({});
return store.dispatch(fetchAboutPage('asdf')).catch(() => {
expect(store.getActions()).toEqual(expectedActions);

7
src/actions/admin.ts
View File

@ -149,18 +149,15 @@ function closeReports(ids: string[]) {
return patchReports(ids, 'closed');
}
function fetchUsers(filters: string[] = [], page = 1, query?: string | null, pageSize = 50, url?: string | null) {
function fetchUsers(filters: Record<string, boolean>, page = 1, query?: string | null, pageSize = 50, url?: string | null) {
return async (dispatch: AppDispatch, getState: () => RootState) => {
dispatch({ type: ADMIN_USERS_FETCH_REQUEST, filters, page, pageSize });
const params: Record<string, any> = {
...filters,
username: query,
};
if (filters.includes('local')) params.local = true;
if (filters.includes('active')) params.active = true;
if (filters.includes('need_approval')) params.pending = true;
try {
const { data: accounts, ...response } = await api(getState).get(url || '/api/v1/admin/accounts', { params });
const next = getLinks(response as AxiosResponse<any, any>).refs.find(link => link.rel === 'next')?.uri;

87
src/actions/nostr.ts
View File

@ -1,4 +1,10 @@
import { RootState, type AppDispatch } from 'soapbox/store';
import { NostrSigner, NRelay1, NSecSigner } from '@nostrify/nostrify';
import { generateSecretKey } from 'nostr-tools';
import { NBunker } from 'soapbox/features/nostr/NBunker';
import { keyring } from 'soapbox/features/nostr/keyring';
import { useBunkerStore } from 'soapbox/hooks/nostr/useBunkerStore';
import { type AppDispatch } from 'soapbox/store';
import { authLoggedIn, verifyCredentials } from './auth';
import { obtainOAuthToken } from './oauth';
@ -6,42 +12,83 @@ import { obtainOAuthToken } from './oauth';
const NOSTR_PUBKEY_SET = 'NOSTR_PUBKEY_SET';
/** Log in with a Nostr pubkey. */
function logInNostr(pubkey: string) {
return async (dispatch: AppDispatch, getState: () => RootState) => {
dispatch(setNostrPubkey(pubkey));
function logInNostr(signer: NostrSigner, relay: NRelay1) {
return async (dispatch: AppDispatch) => {
const authorization = generateBunkerAuth();
const secret = sessionStorage.getItem('soapbox:nip46:secret');
if (!secret) {
throw new Error('No secret found in session storage');
}
const pubkey = await signer.getPublicKey();
const bunkerPubkey = await authorization.signer.getPublicKey();
const relay = getState().instance.nostr?.relay;
let authorizedPubkey: string | undefined;
// HACK: waits 1 second to ensure the relay subscription is open
await new Promise((resolve) => setTimeout(resolve, 1000));
const bunker = new NBunker({
relay,
userSigner: signer,
bunkerSigner: authorization.signer,
onConnect(request, event) {
const [, secret] = request.params;
if (secret === authorization.secret) {
bunker.authorize(event.pubkey);
authorizedPubkey = event.pubkey;
return { id: request.id, result: 'ack' };
} else {
return { id: request.id, result: '', error: 'Invalid secret' };
}
},
});
await bunker.waitReady;
const token = await dispatch(obtainOAuthToken({
grant_type: 'nostr_bunker',
pubkey,
relays: relay ? [relay] : undefined,
secret,
pubkey: bunkerPubkey,
relays: [relay.socket.url],
secret: authorization.secret,
}));
const { access_token } = dispatch(authLoggedIn(token));
await dispatch(verifyCredentials(access_token as string));
if (!authorizedPubkey) {
throw new Error('Authorization failed');
}
dispatch(setNostrPubkey(undefined));
const accessToken = dispatch(authLoggedIn(token)).access_token as string;
const bunkerState = useBunkerStore.getState();
keyring.add(authorization.seckey);
bunkerState.connect({
pubkey,
accessToken,
authorizedPubkey,
bunkerPubkey,
});
await dispatch(verifyCredentials(accessToken));
// TODO: get rid of `vite-plugin-require` and switch to `using` for the bunker. :(
bunker.close();
};
}
/** Log in with a Nostr extension. */
function nostrExtensionLogIn() {
function nostrExtensionLogIn(relay: NRelay1) {
return async (dispatch: AppDispatch) => {
if (!window.nostr) {
throw new Error('No Nostr signer available');
}
const pubkey = await window.nostr.getPublicKey();
return dispatch(logInNostr(pubkey));
return dispatch(logInNostr(window.nostr, relay));
};
}
/** Generate a bunker authorization object. */
function generateBunkerAuth() {
const secret = crypto.randomUUID();
const seckey = generateSecretKey();
return {
secret,
seckey,
signer: new NSecSigner(seckey),
};
}

4
src/actions/preload.test.ts
View File

@ -1,5 +1,3 @@
import { Map as ImmutableMap } from 'immutable';
import { __stub } from 'soapbox/api';
import { mockStore } from 'soapbox/jest/test-helpers';
@ -19,7 +17,7 @@ describe('preloadMastodon()', () => {
.reply(200, {});
});
const store = mockStore(ImmutableMap());
const store = mockStore({});
store.dispatch(preloadMastodon(data));
const actions = store.getActions();

17
src/api/hooks/admin/useAdminAccounts.ts
View File

@ -3,16 +3,25 @@ import { useEntities } from 'soapbox/entity-store/hooks';
import { useApi } from 'soapbox/hooks';
import { adminAccountSchema } from 'soapbox/schemas/admin-account';
type Filter = 'local' | 'remote' | 'active' | 'pending' | 'disabled' | 'silenced' | 'suspended' | 'sensitized';
interface MastodonAdminFilters {
local?: boolean;
remote?: boolean;
active?: boolean;
pending?: boolean;
disabled?: boolean;
silenced?: boolean;
suspended?: boolean;
sensitized?: boolean;
}
/** https://docs.joinmastodon.org/methods/admin/accounts/#v1 */
export function useAdminAccounts(filters: Filter[] = [], limit?: number) {
export function useAdminAccounts(filters: MastodonAdminFilters, limit?: number) {
const api = useApi();
const searchParams = new URLSearchParams();
for (const filter of filters) {
searchParams.append(filter, 'true');
for (const [name, value] of Object.entries(filters)) {
searchParams.append(name, value.toString());
}
if (typeof limit === 'number') {

64
src/api/hooks/nostr/useSignerStream.ts
View File

@ -1,64 +0,0 @@
import { useEffect, useState } from 'react';
import { useNostr } from 'soapbox/contexts/nostr-context';
import { NBunker } from 'soapbox/features/nostr/NBunker';
const secretStorageKey = 'soapbox:nip46:secret';
sessionStorage.setItem(secretStorageKey, crypto.randomUUID());
function useSignerStream() {
const [isSubscribed, setIsSubscribed] = useState(false);
const [isSubscribing, setIsSubscribing] = useState(true);
const { relay, signer, hasNostr } = useNostr();
const [pubkey, setPubkey] = useState<string | undefined>(undefined);
const authStorageKey = `soapbox:nostr:auth:${pubkey}`;
useEffect(() => {
let isCancelled = false;
if (signer && hasNostr) {
signer.getPublicKey().then((newPubkey) => {
if (!isCancelled) {
setPubkey(newPubkey);
}
}).catch(console.warn);
}
return () => {
isCancelled = true;
};
}, [signer, hasNostr]);
useEffect(() => {
if (!relay || !signer || !pubkey) return;
const bunker = new NBunker({
relay,
signer,
onAuthorize(authorizedPubkey) {
localStorage.setItem(authStorageKey, authorizedPubkey);
sessionStorage.setItem(secretStorageKey, crypto.randomUUID());
},
onSubscribed() {
setIsSubscribed(true);
setIsSubscribing(false);
},
authorizedPubkey: localStorage.getItem(authStorageKey) ?? undefined,
getSecret: () => sessionStorage.getItem(secretStorageKey)!,
});
return () => {
bunker.close();
};
}, [relay, signer, pubkey]);
return {
isSubscribed,
isSubscribing,
};
}
export { useSignerStream };

14
src/components/scroll-context.tsx
View File

@ -1,24 +1,18 @@
import React, { useEffect } from 'react';
import { useLocation } from 'react-router-dom';
import { usePrevious } from 'soapbox/hooks';
export type Location<T> = ReturnType<typeof useLocation<T>>;
interface IScrollContext {
shouldUpdateScroll(prevLocation: Location<any> | undefined, location: Location<any>): boolean;
children: React.ReactNode;
}
export const ScrollContext: React.FC<IScrollContext> = ({ shouldUpdateScroll, children }) => {
const location = useLocation();
const prevLocation = usePrevious(location);
export const ScrollContext: React.FC<IScrollContext> = ({ children }) => {
const location = useLocation<{ soapboxModalKey?: number } | undefined>();
useEffect(() => {
if (prevLocation && shouldUpdateScroll(prevLocation, location)) {
if (!location.state?.soapboxModalKey) {
window.scrollTo(0, 0);
}
}, [location, shouldUpdateScroll]);
}, [location]);
return children;
};

35
src/contexts/nostr-context.tsx
View File

@ -1,15 +1,11 @@
import { NRelay, NRelay1, NostrSigner } from '@nostrify/nostrify';
import React, { createContext, useContext, useState, useEffect, useMemo } from 'react';
import { NRelay1 } from '@nostrify/nostrify';
import React, { createContext, useContext, useState, useEffect } from 'react';
import { NKeys } from 'soapbox/features/nostr/keys';
import { useAppSelector } from 'soapbox/hooks';
import { useInstance } from 'soapbox/hooks/useInstance';
interface NostrContextType {
relay?: NRelay;
signer?: NostrSigner;
hasNostr: boolean;
isRelayOpen: boolean;
relay?: NRelay1;
isRelayLoading: boolean;
}
const NostrContext = createContext<NostrContextType | undefined>(undefined);
@ -20,37 +16,32 @@ interface NostrProviderProps {
export const NostrProvider: React.FC<NostrProviderProps> = ({ children }) => {
const { instance } = useInstance();
const hasNostr = !!instance.nostr;
const [relay, setRelay] = useState<NRelay1>();
const [isRelayOpen, setIsRelayOpen] = useState(false);
const [isRelayLoading, setIsRelayLoading] = useState(true);
const url = instance.nostr?.relay;
const accountPubkey = useAppSelector(({ meta, auth }) => meta.pubkey ?? auth.users[auth.me!]?.id);
const signer = useMemo(
() => accountPubkey ? NKeys.get(accountPubkey) ?? window.nostr : undefined,
[accountPubkey, window.nostr],
);
const relayUrl = instance.nostr?.relay;
const handleRelayOpen = () => {
setIsRelayOpen(true);
setIsRelayLoading(false);
};
useEffect(() => {
if (url) {
const relay = new NRelay1(url);
if (relayUrl) {
const relay = new NRelay1(relayUrl);
relay.socket.underlyingWebsocket.addEventListener('open', handleRelayOpen);
setRelay(relay);
} else {
setIsRelayLoading(false);
}
return () => {
relay?.socket.underlyingWebsocket.removeEventListener('open', handleRelayOpen);
relay?.close();
};
}, [url]);
}, [relayUrl]);
return (
<NostrContext.Provider value={{ relay, signer, isRelayOpen, hasNostr }}>
<NostrContext.Provider value={{ relay, isRelayLoading }}>
{children}
</NostrContext.Provider>
);

4
src/entity-store/reducer.ts
View File

@ -1,4 +1,4 @@
import { produce, enableMapSet } from 'immer';
import { produce } from 'immer';
import {
ENTITIES_IMPORT,
@ -17,8 +17,6 @@ import { createCache, createList, updateStore, updateList } from './utils';
import type { DeleteEntitiesOpts } from './actions';
import type { EntitiesTransaction, Entity, EntityCache, EntityListState, ImportPosition } from './types';
enableMapSet();
/** Entity reducer state. */
interface State {
[entityType: string]: EntityCache | undefined;

9
src/features/admin/components/latest-accounts-panel.tsx
View File

@ -18,7 +18,14 @@ const LatestAccountsPanel: React.FC<ILatestAccountsPanel> = ({ limit = 5 }) => {
const intl = useIntl();
const history = useHistory();
const { accounts } = useAdminAccounts(['local', 'active'], limit);
const { accounts } = useAdminAccounts({
local: true,
active: true,
pending: false,
disabled: false,
silenced: false,
suspended: false,
}, limit);
const handleAction = () => {
history.push('/soapbox/admin/users');

2
src/features/admin/components/unapproved-account.tsx
View File

@ -26,7 +26,7 @@ const UnapprovedAccount: React.FC<IUnapprovedAccount> = ({ accountId }) => {
<Account
key={adminAccount.id}
account={account}
acct={`${adminAccount.username}@${adminAccount.domain}`}
acct={adminAccount.domain ? `${adminAccount.username}@${adminAccount.domain}` : adminAccount.username}
note={adminAccount?.invite_request || ''}
action={(
<AuthorizeRejectButtons

2
src/features/admin/tabs/awaiting-approval.tsx
View File

@ -20,7 +20,7 @@ const AwaitingApproval: React.FC = () => {
const [isLoading, setLoading] = useState(true);
useEffect(() => {
dispatch(fetchUsers(['local', 'need_approval']))
dispatch(fetchUsers({ pending: true }))
.then(() => setLoading(false))
.catch(() => {});
}, []);

9
src/features/admin/user-index.tsx
View File

@ -15,7 +15,14 @@ const messages = defineMessages({
const UserIndex: React.FC = () => {
const intl = useIntl();
const { accounts, isLoading, hasNextPage, fetchNextPage } = useAdminAccounts(['local']);
const { accounts, isLoading, hasNextPage, fetchNextPage } = useAdminAccounts({
local: true,
active: true,
pending: false,
disabled: false,
silenced: false,
suspended: false,
});
const handleLoadMore = () => {
if (!isLoading) {

2
src/features/compose/components/search-zap-split.tsx
View File

@ -96,8 +96,6 @@ const SearchZapSplit = (props: ISearchZapSplit) => {
const getAccount = (accountId: string) => (dispatch: any, getState: () => RootState) => {
const account = selectAccount(getState(), accountId);
console.log(account);
props.onChange(account!);
};

4
src/features/nostr-relays/index.tsx
View File

@ -5,6 +5,7 @@ import { Button, Column, Form, FormActions, Stack } from 'soapbox/components/ui'
import { useNostr } from 'soapbox/contexts/nostr-context';
import { useNostrReq } from 'soapbox/features/nostr/hooks/useNostrReq';
import { useOwnAccount } from 'soapbox/hooks';
import { useSigner } from 'soapbox/hooks/nostr/useSigner';
import RelayEditor, { RelayData } from './components/relay-editor';
@ -15,7 +16,8 @@ const messages = defineMessages({
const NostrRelays = () => {
const intl = useIntl();
const { account } = useOwnAccount();
const { relay, signer } = useNostr();
const { relay } = useNostr();
const { signer } = useSigner();
const { events } = useNostrReq(
account?.nostr?.pubkey

212
src/features/nostr/NBunker.ts
View File

@ -1,73 +1,131 @@
import { NRelay, NostrConnectRequest, NostrConnectResponse, NostrEvent, NostrSigner, NSchema as n } from '@nostrify/nostrify';
import {
NRelay,
NostrConnectRequest,
NostrConnectResponse,
NostrEvent,
NostrFilter,
NostrSigner,
NSchema as n,
} from '@nostrify/nostrify';
interface NBunkerOpts {
/** Options passed to `NBunker`. */
export interface NBunkerOpts {
/** Relay to subscribe to for NIP-46 requests. */
relay: NRelay;
signer: NostrSigner;
authorizedPubkey: string | undefined;
onAuthorize(pubkey: string): void;
onSubscribed(): void;
getSecret(): string;
/** Signer to complete the actual NIP-46 requests, such as `get_public_key`, `sign_event`, `nip44_encrypt` etc. */
userSigner: NostrSigner;
/** Signer to sign, encrypt, and decrypt the kind 24133 transport events events. */
bunkerSigner: NostrSigner;
/**
* Callback when a `connect` request has been received.
* This is a good place to call `bunker.authorize()` with the remote client's pubkey.
* It's up to the caller to verify the request parameters and secret, and then return a response object.
* All other methods are handled by the bunker automatically.
*
* ```ts
* const bunker = new Bunker({
* ...opts,
* onConnect(request, event) {
* const [, secret] = request.params;
*
* if (secret === authorization.secret) {
* bunker.authorize(event.pubkey); // Authorize the pubkey for signer actions.
* return { id: request.id, result: 'ack' }; // Return a success response.
* } else {
* return { id: request.id, result: '', error: 'Invalid secret' };
* }
* },
* });
* ```
*/
onConnect?(request: NostrConnectRequest, event: NostrEvent): Promise<NostrConnectResponse> | NostrConnectResponse;
/**
* Callback when an error occurs while parsing a request event.
* Client errors are not captured here, only errors that occur before arequest's `id` can be known,
* eg when decrypting the event content or parsing the request object.
*/
onError?(error: unknown, event: NostrEvent): void;
}
/**
* Modular NIP-46 remote signer bunker class.
*
* Runs a remote signer against a given relay, using `bunkerSigner` to sign transport events,
* and `userSigner` to complete NIP-46 requests.
*/
export class NBunker {
private relay: NRelay;
private signer: NostrSigner;
private authorizedPubkey: string | undefined;
private onAuthorize: (pubkey: string) => void;
private onSubscribed: () => void;
private getSecret: () => string;
private controller = new AbortController();
private authorizedPubkeys = new Set<string>();
constructor(opts: NBunkerOpts) {
this.relay = opts.relay;
this.signer = opts.signer;
this.authorizedPubkey = opts.authorizedPubkey;
this.onAuthorize = opts.onAuthorize;
this.onSubscribed = opts.onSubscribed;
this.getSecret = opts.getSecret;
/** Wait for the bunker to be ready before sending requests. */
public waitReady: Promise<void>;
private setReady!: () => void;
constructor(private opts: NBunkerOpts) {
this.waitReady = new Promise((resolve) => {
this.setReady = resolve;
});
this.open();
}
async open() {
const pubkey = await this.signer.getPublicKey();
const signal = this.controller.signal;
/** Open the signer subscription to the relay. */
private async open() {
const { relay, bunkerSigner, onError } = this.opts;
const sub = this.relay.req([{ kinds: [24133], '#p': [pubkey], limit: 0 }], { signal });
this.onSubscribed();
const signal = this.controller.signal;
const bunkerPubkey = await bunkerSigner.getPublicKey();
const filters: NostrFilter[] = [
{ kinds: [24133], '#p': [bunkerPubkey], limit: 0 },
];
const sub = relay.req(filters, { signal });
this.setReady();
for await (const msg of sub) {
if (msg[0] === 'EVENT') {
const event = msg[2];
this.handleEvent(event);
const [,, event] = msg;
try {
const decrypted = await this.decrypt(event.pubkey, event.content);
const request = n.json().pipe(n.connectRequest()).parse(decrypted);
await this.handleRequest(request, event);
} catch (error) {
onError?.(error, event);
}
}
}
}
private async handleEvent(event: NostrEvent): Promise<void> {
const decrypted = await this.signer.nip04!.decrypt(event.pubkey, event.content);
const request = n.json().pipe(n.connectRequest()).safeParse(decrypted);
/**
* Handle NIP-46 requests.
*
* The `connect` method must be handled passing an `onConnect` option into the class
* and then calling `bunker.authorize()` within that callback to authorize the pubkey.
*
* All other methods are handled automatically, as long as the key is authorized,
* by invoking the appropriate method on the `userSigner`.
*/
private async handleRequest(request: NostrConnectRequest, event: NostrEvent): Promise<void> {
const { userSigner, onConnect } = this.opts;
const { pubkey } = event;
if (!request.success) {
console.warn(decrypted);
console.warn(request.error);
return;
}
await this.handleRequest(event.pubkey, request.data);
}
private async handleRequest(pubkey: string, request: NostrConnectRequest): Promise<void> {
// Connect is a special case. Any pubkey can try to request it.
if (request.method === 'connect') {
return this.handleConnect(pubkey, request as NostrConnectRequest & { method: 'connect' });
if (onConnect) {
const response = await onConnect(request, event);
return this.sendResponse(pubkey, response);
}
return;
}
// Prevent unauthorized access.
if (pubkey !== this.authorizedPubkey) {
return;
if (!this.authorizedPubkeys.has(pubkey)) {
return this.sendResponse(pubkey, {
id: request.id,
result: '',
error: 'Unauthorized',
});
}
// Authorized methods.
@ -75,7 +133,7 @@ export class NBunker {
case 'sign_event':
return this.sendResponse(pubkey, {
id: request.id,
result: JSON.stringify(await this.signer.signEvent(JSON.parse(request.params[0]))),
result: JSON.stringify(await userSigner.signEvent(JSON.parse(request.params[0]))),
});
case 'ping':
return this.sendResponse(pubkey, {
@ -85,32 +143,32 @@ export class NBunker {
case 'get_relays':
return this.sendResponse(pubkey, {
id: request.id,
result: JSON.stringify(await this.signer.getRelays?.() ?? []),
result: JSON.stringify(await userSigner.getRelays?.() ?? []),
});
case 'get_public_key':
return this.sendResponse(pubkey, {
id: request.id,
result: await this.signer.getPublicKey(),
result: await userSigner.getPublicKey(),
});
case 'nip04_encrypt':
return this.sendResponse(pubkey, {
id: request.id,
result: await this.signer.nip04!.encrypt(request.params[0], request.params[1]),
result: await userSigner.nip04!.encrypt(request.params[0], request.params[1]),
});
case 'nip04_decrypt':
return this.sendResponse(pubkey, {
id: request.id,
result: await this.signer.nip04!.decrypt(request.params[0], request.params[1]),
result: await userSigner.nip04!.decrypt(request.params[0], request.params[1]),
});
case 'nip44_encrypt':
return this.sendResponse(pubkey, {
id: request.id,
result: await this.signer.nip44!.encrypt(request.params[0], request.params[1]),
result: await userSigner.nip44!.encrypt(request.params[0], request.params[1]),
});
case 'nip44_decrypt':
return this.sendResponse(pubkey, {
id: request.id,
result: await this.signer.nip44!.decrypt(request.params[0], request.params[1]),
result: await userSigner.nip44!.decrypt(request.params[0], request.params[1]),
});
default:
return this.sendResponse(pubkey, {
@ -121,33 +179,49 @@ export class NBunker {
}
}
private async handleConnect(pubkey: string, request: NostrConnectRequest & { method: 'connect' }) {
const [remotePubkey, secret] = request.params;
/** Encrypt the response with the bunker key, then publish it to the relay. */
private async sendResponse(pubkey: string, response: NostrConnectResponse): Promise<void> {
const { bunkerSigner, relay } = this.opts;
if (secret === this.getSecret() && remotePubkey === await this.signer.getPublicKey()) {
this.authorizedPubkey = pubkey;
this.onAuthorize(pubkey);
const content = await bunkerSigner.nip04!.encrypt(pubkey, JSON.stringify(response));
await this.sendResponse(pubkey, {
id: request.id,
result: 'ack',
});
}
}
private async sendResponse(pubkey: string, response: NostrConnectResponse) {
const event = await this.signer.signEvent({
const event = await bunkerSigner.signEvent({
kind: 24133,
content: await this.signer.nip04!.encrypt(pubkey, JSON.stringify(response)),
content,
tags: [['p', pubkey]],
created_at: Math.floor(Date.now() / 1000),
});
await this.relay.event(event);
await relay.event(event);
}
close() {
/** Auto-decrypt NIP-44 or NIP-04 ciphertext. */
private async decrypt(pubkey: string, ciphertext: string): Promise<string> {
const { bunkerSigner } = this.opts;
try {
return await bunkerSigner.nip44!.decrypt(pubkey, ciphertext);
} catch {
return await bunkerSigner.nip04!.decrypt(pubkey, ciphertext);
}
}
/** Authorize the pubkey to perform signer actions (ie any other actions besides `connect`). */
authorize(pubkey: string): void {
this.authorizedPubkeys.add(pubkey);
}
/** Revoke authorization for the pubkey. */
revoke(pubkey: string): void {
this.authorizedPubkeys.delete(pubkey);
}
/** Stop the bunker and unsubscribe relay subscriptions. */
close(): void {
this.controller.abort();
}
[Symbol.dispose](): void {
this.close();
}
}

2
src/features/nostr/NKeyStorage.ts → src/features/nostr/NKeyring.ts
View File

@ -8,7 +8,7 @@ import { z } from 'zod';
* When instantiated, it will lock the storage key to prevent tampering.
* Changes to the object will sync to storage.
*/
export class NKeyStorage implements ReadonlyMap<string, NostrSigner> {
export class NKeyring implements ReadonlyMap<string, NostrSigner> {
#keypairs = new Map<string, Uint8Array>();
#storage: Storage;

8
src/features/nostr/hooks/useNostrReq.ts
View File

@ -5,7 +5,13 @@ import { useEffect, useRef, useState } from 'react';
import { useNostr } from 'soapbox/contexts/nostr-context';
import { useForceUpdate } from 'soapbox/hooks/useForceUpdate';
/** Streams events from the relay for the given filters. */
/**
* Streams events from the relay for the given filters.
*
* @deprecated Add a custom HTTP endpoint to Ditto instead.
* Integrating Nostr directly has too many problems.
* Soapbox should only connect to the Nostr relay to sign events, because it's required for Nostr to work.
*/
export function useNostrReq(filters: NostrFilter[]): { events: NostrEvent[]; eose: boolean; closed: boolean } {
const { relay } = useNostr();

6
src/features/nostr/keyring.ts Normal file
View File

@ -0,0 +1,6 @@
import { NKeyring } from './NKeyring';
export const keyring = new NKeyring(
localStorage,
'soapbox:nostr:keys',
);

6
src/features/nostr/keys.ts
View File

@ -1,6 +0,0 @@
import { NKeyStorage } from './NKeyStorage';
export const NKeys = new NKeyStorage(
localStorage,
'soapbox:nostr:keys',
);

8
src/features/ui/components/modals/nostr-login-modal/components/nostr-extension-indicator.tsx
View File

@ -5,14 +5,18 @@ import { closeModal } from 'soapbox/actions/modals';
import { nostrExtensionLogIn } from 'soapbox/actions/nostr';
import Stack from 'soapbox/components/ui/stack/stack';
import Text from 'soapbox/components/ui/text/text';
import { useNostr } from 'soapbox/contexts/nostr-context';
import { useAppDispatch } from 'soapbox/hooks';
const NostrExtensionIndicator: React.FC = () => {
const dispatch = useAppDispatch();
const { relay } = useNostr();
const onClick = () => {
dispatch(nostrExtensionLogIn());
dispatch(closeModal());
if (relay) {
dispatch(nostrExtensionLogIn(relay));
dispatch(closeModal());
}
};
function renderBody(): React.ReactNode {

8
src/features/ui/components/modals/nostr-login-modal/steps/extension-step.tsx
View File

@ -6,6 +6,7 @@ import { openModal } from 'soapbox/actions/modals';
import { nostrExtensionLogIn } from 'soapbox/actions/nostr';
import EmojiGraphic from 'soapbox/components/emoji-graphic';
import { Button, Stack, Modal, Text, Divider, HStack } from 'soapbox/components/ui';
import { useNostr } from 'soapbox/contexts/nostr-context';
import { useAppDispatch, useInstance, useSoapboxConfig } from 'soapbox/hooks';
interface IExtensionStep {
@ -18,6 +19,7 @@ const ExtensionStep: React.FC<IExtensionStep> = ({ isLogin, onClickAlt, onClose
const dispatch = useAppDispatch();
const { instance } = useInstance();
const { logo } = useSoapboxConfig();
const { relay } = useNostr();
const handleClose = () => {
onClose();
@ -25,8 +27,10 @@ const ExtensionStep: React.FC<IExtensionStep> = ({ isLogin, onClickAlt, onClose
};
const onClick = () => {
dispatch(nostrExtensionLogIn());
onClose();
if (relay) {
dispatch(nostrExtensionLogIn(relay));
onClose();
}
};
return (

10
src/features/ui/components/modals/nostr-login-modal/steps/key-add-step.tsx
View File

@ -5,7 +5,8 @@ import { FormattedMessage } from 'react-intl';
import { logInNostr } from 'soapbox/actions/nostr';
import EmojiGraphic from 'soapbox/components/emoji-graphic';
import { Button, Stack, Modal, Input, FormGroup, Form, Divider } from 'soapbox/components/ui';
import { NKeys } from 'soapbox/features/nostr/keys';
import { useNostr } from 'soapbox/contexts/nostr-context';
import { keyring } from 'soapbox/features/nostr/keyring';
import { useAppDispatch } from 'soapbox/hooks';
import NostrExtensionIndicator from '../components/nostr-extension-indicator';
@ -19,6 +20,7 @@ const KeyAddStep: React.FC<IKeyAddStep> = ({ onClose }) => {
const [error, setError] = useState<string | undefined>();
const dispatch = useAppDispatch();
const { relay } = useNostr();
const handleChange = (e: React.ChangeEvent<HTMLInputElement>) => {
setNsec(e.target.value);
@ -26,13 +28,13 @@ const KeyAddStep: React.FC<IKeyAddStep> = ({ onClose }) => {
};
const handleSubmit = async () => {
if (!relay) return;
try {
const result = nip19.decode(nsec);
if (result.type === 'nsec') {
const seckey = result.data;
const signer = NKeys.add(seckey);
const pubkey = await signer.getPublicKey();
dispatch(logInNostr(pubkey));
const signer = keyring.add(seckey);
dispatch(logInNostr(signer, relay));
onClose();
return;
}

13
src/features/ui/components/modals/nostr-signup-modal/steps/keygen-step.tsx
View File

@ -8,7 +8,7 @@ import { closeSidebar } from 'soapbox/actions/sidebar';
import EmojiGraphic from 'soapbox/components/emoji-graphic';
import { Button, Stack, Modal, FormGroup, Text, Tooltip, HStack, Input } from 'soapbox/components/ui';
import { useNostr } from 'soapbox/contexts/nostr-context';
import { NKeys } from 'soapbox/features/nostr/keys';
import { keyring } from 'soapbox/features/nostr/keyring';
import { useAppDispatch, useInstance } from 'soapbox/hooks';
import { useIsMobile } from 'soapbox/hooks/useIsMobile';
import { download } from 'soapbox/utils/download';
@ -43,8 +43,9 @@ const KeygenStep: React.FC<IKeygenStep> = ({ onClose }) => {
};
const handleNext = async () => {
const signer = NKeys.add(secretKey);
const pubkey = await signer.getPublicKey();
if (!relay) return;
const signer = keyring.add(secretKey);
const now = Math.floor(Date.now() / 1000);
const [kind0, ...events] = await Promise.all([
@ -57,12 +58,12 @@ const KeygenStep: React.FC<IKeygenStep> = ({ onClose }) => {
signer.signEvent({ kind: 30078, content: '', tags: [['d', 'pub.ditto.pleroma_settings_store']], created_at: now }),
]);
await relay?.event(kind0);
await Promise.all(events.map((event) => relay?.event(event)));
await relay.event(kind0);
await Promise.all(events.map((event) => relay.event(event)));
onClose();
await dispatch(logInNostr(pubkey));
await dispatch(logInNostr(signer, relay));
if (isMobile) {
dispatch(closeSidebar());

2
src/features/ui/index.tsx
View File

@ -424,7 +424,7 @@ const UI: React.FC<IUI> = ({ children }) => {
if (account.staff) {
dispatch(fetchReports({ resolved: false }));
dispatch(fetchUsers(['local', 'need_approval']));
dispatch(fetchUsers({ pending: true }));
}
if (account.admin) {

61
src/features/video/index.tsx
View File

@ -6,6 +6,7 @@ import { defineMessages, useIntl } from 'react-intl';
import Blurhash from 'soapbox/components/blurhash';
import SvgIcon from 'soapbox/components/ui/icon/svg-icon';
import { useIsMobile } from 'soapbox/hooks/useIsMobile';
import { isPanoramic, isPortrait, minimumAspectRatio, maximumAspectRatio } from 'soapbox/utils/media-aspect-ratio';
import { isFullscreen, requestFullscreen, exitFullscreen } from '../ui/util/fullscreen';
@ -129,11 +130,13 @@ const Video: React.FC<IVideo> = ({
blurhash,
}) => {
const intl = useIntl();
const isMobile = useIsMobile();
const player = useRef<HTMLDivElement>(null);
const video = useRef<HTMLVideoElement>(null);
const seek = useRef<HTMLDivElement>(null);
const slider = useRef<HTMLDivElement>(null);
const timeoutRef = useRef<NodeJS.Timeout | null>(null);
const [currentTime, setCurrentTime] = useState(0);
const [duration, setDuration] = useState(0);
@ -144,6 +147,7 @@ const Video: React.FC<IVideo> = ({
const [containerWidth, setContainerWidth] = useState(width);
const [fullscreen, setFullscreen] = useState(false);
const [hovered, setHovered] = useState(false);
const [volumeHovered, setVolumeHovered] = useState(false);
const [seekHovered, setSeekHovered] = useState(false);
const [muted, setMuted] = useState(false);
const [buffer, setBuffer] = useState(0);
@ -397,6 +401,36 @@ const Video: React.FC<IVideo> = ({
setSeekHovered(false);
};
const handleVolumeEnter = () => {
setVolumeHovered(true);
};
const handleVolumeLeave = () => {
setVolumeHovered(false);
};
const handleClickStart = () => {
setHovered(true);
setHovered(true);
if (timeoutRef.current) {
clearTimeout(timeoutRef.current);
timeoutRef.current = null;
}
timeoutRef.current = setTimeout(() => {
setHovered(false);
}, 2 * 1000);
};
const handleOnMouseMove = () => {
if (timeoutRef.current) {
clearTimeout(timeoutRef.current);
}
handleClickStart();
};
const toggleMute = () => {
if (video.current) {
const muted = !video.current.muted;
@ -434,9 +468,17 @@ const Video: React.FC<IVideo> = ({
}
};
const handleTogglePlay = () => {
if (!isMobile || paused || hovered) togglePlay();
};
const progress = (currentTime / duration) * 100;
const playerStyle: React.CSSProperties = {};
const startTimeout = () => {
timeoutRef.current = setTimeout(() => setHovered(false), 1000);
};
if (inline && containerWidth) {
width = containerWidth;
const minSize = containerWidth / (16 / 9);
@ -481,10 +523,13 @@ const Video: React.FC<IVideo> = ({
return (
<div
role='menuitem'
className={clsx('relative box-border max-w-full overflow-hidden rounded-[10px] bg-black text-white focus:outline-0', { detailed, 'w-full h-full m-0': fullscreen })}
className={clsx('relative box-border flex max-w-full overflow-hidden rounded-[10px] bg-black text-white focus:outline-0', { 'w-full h-full m-0': fullscreen })}
style={playerStyle}
ref={player}
onClick={handleClickRoot}
onMouseMove={handleOnMouseMove}
onMouseOut={startTimeout}
onBlur={startTimeout}
onKeyDown={handleKeyDown}
tabIndex={0}
>
@ -506,7 +551,7 @@ const Video: React.FC<IVideo> = ({
})}
width={width}
height={height || DEFAULT_HEIGHT}
onClick={togglePlay}
onClick={handleTogglePlay}
onKeyDown={handleVideoKeyDown}
onPlay={handlePlay}
onPause={handlePause}
@ -516,7 +561,9 @@ const Video: React.FC<IVideo> = ({
onVolumeChange={handleVolumeChange}
/>
<div className={clsx('absolute inset-x-0 bottom-0 z-20 box-border bg-gradient-to-t from-black/70 to-transparent px-[15px] opacity-0 transition-opacity duration-100 ease-linear', { 'opacity-100': paused || hovered })}>
<div
className={clsx('absolute inset-x-0 bottom-0 z-20 box-border bg-gradient-to-t from-black/70 to-transparent px-[15px] opacity-0 transition-opacity duration-100 ease-linear', { 'opacity-100': paused || hovered })}
>
<div className='relative h-6 cursor-pointer' onMouseDown={handleMouseDown} onMouseEnter={handleSeekEnter} onMouseLeave={handleSeekLeave} ref={seek}>
<div
style={{
@ -569,9 +616,9 @@ const Video: React.FC<IVideo> = ({
</button>
<div
className={clsx('relative inline-flex h-6 flex-none cursor-pointer overflow-hidden transition-all duration-100 ease-linear', { 'overflow-visible w-[50px] mr-[16px]': hovered })} onMouseDown={handleVolumeMouseDown} ref={slider}
onMouseEnter={handleMouseEnter}
onMouseLeave={handleMouseLeave}
className={clsx('relative inline-flex h-6 flex-none cursor-pointer overflow-hidden transition-all duration-100 ease-linear', { 'overflow-visible w-[50px] mr-[16px]': volumeHovered })} onMouseDown={handleVolumeMouseDown} ref={slider}
onMouseEnter={handleVolumeEnter}
onMouseLeave={handleVolumeLeave}
>
<div
className={clsx({ 'bottom-[27px]': fullscreen || detailed })}
@ -590,7 +637,7 @@ const Video: React.FC<IVideo> = ({
/>
<div className={clsx('absolute left-0 top-1/2 block h-1 -translate-y-1/2 rounded-md bg-accent-500', { 'bottom-[27px]': fullscreen || detailed })} style={{ width: `${volume * 100}%` }} />
<span
className={clsx('absolute left-0 top-1/2 z-30 -ml-1.5 size-3 -translate-y-1/2 rounded-full bg-accent-500 opacity-0 shadow-[1px_2px_6px_rgba(0,0,0,0.3)] transition-opacity duration-100', { 'opacity-100': hovered, 'bottom-[23px]': fullscreen || detailed })}
className={clsx('absolute left-0 top-1/2 z-30 -ml-1.5 size-3 -translate-y-1/2 rounded-full bg-accent-500 opacity-0 shadow-[1px_2px_6px_rgba(0,0,0,0.3)] transition-opacity duration-100', { 'opacity-100': volumeHovered, 'bottom-[23px]': fullscreen || detailed })}
tabIndex={0}
style={{ left: `${volume * 100}%` }}
/>

31
src/hooks/nostr/useBunker.ts Normal file
View File

@ -0,0 +1,31 @@
import { useEffect } from 'react';
import { useNostr } from 'soapbox/contexts/nostr-context';
import { NBunker } from 'soapbox/features/nostr/NBunker';
import { useSigner } from 'soapbox/hooks/nostr/useSigner';
function useBunker() {
const { relay } = useNostr();
const { signer: userSigner, bunkerSigner, authorizedPubkey } = useSigner();
useEffect(() => {
if (!relay || !userSigner || !bunkerSigner || !authorizedPubkey) return;
const bunker = new NBunker({
relay,
userSigner,
bunkerSigner,
onError(error, event) {
console.warn('Bunker error:', error, event);
},
});
bunker.authorize(authorizedPubkey);
return () => {
bunker.close();
};
}, [relay, userSigner, bunkerSigner, authorizedPubkey]);
}
export { useBunker };

84
src/hooks/nostr/useBunkerStore.ts Normal file
View File

@ -0,0 +1,84 @@
import { NSchema as n } from '@nostrify/nostrify';
import { produce } from 'immer';
import { z } from 'zod';
import { create } from 'zustand';
// eslint-disable-next-line import/extensions
import { persist } from 'zustand/middleware';
import { filteredArray, jsonSchema } from 'soapbox/schemas/utils';
/**
* A bunker connection maps an OAuth token from Mastodon API to a user pubkey and bunker keypair.
* The user pubkey is used to determine whether to use keys from localStorage or a browser extension,
* and the bunker keypair is used to sign and encrypt NIP-46 messages.
*/
interface BunkerConnection {
/** User pubkey. Events will be signed by this pubkey. */
pubkey: string;
/** Mastodon API access token associated with this connection. */
accessToken: string;
/** Pubkey of the app authorized to sign events with this connection. */
authorizedPubkey: string;
/** Pubkey for this connection. Secret key is stored in the keyring. NIP-46 responses will be signed by this key. */
bunkerPubkey: string;
}
const connectionSchema: z.ZodType<BunkerConnection> = z.object({
pubkey: n.id(),
accessToken: z.string(),
authorizedPubkey: n.id(),
bunkerPubkey: n.id(),
});
interface BunkerState {
connections: BunkerConnection[];
connect(connection: BunkerConnection): void;
revoke(accessToken: string): void;
}
export const useBunkerStore = create<BunkerState>()(
persist(
(setState) => ({
connections: [],
/** Connect to a bunker using the authorization secret. */
connect(connection: BunkerConnection): void {
setState((state) => {
return produce(state, (draft) => {
draft.connections.push(connection);
});
});
},
/** Revoke any connections associated with the access token. */
revoke(accessToken: string): void {
setState((state) => {
return produce(state, (draft) => {
draft.connections = draft.connections.filter((conn) => conn.accessToken !== accessToken);
});
});
},
}),
{
name: 'soapbox:bunker',
storage: {
getItem(name) {
const value = localStorage.getItem(name);
const connections = jsonSchema()
.pipe(filteredArray(connectionSchema))
.catch([])
.parse(value);
return { state: { connections } };
},
setItem(name, { state }) {
localStorage.setItem(name, JSON.stringify(state.connections));
},
removeItem(name) {
localStorage.removeItem(name);
},
},
},
),
);

49
src/hooks/nostr/useSigner.ts Normal file
View File

@ -0,0 +1,49 @@
import { useQuery } from '@tanstack/react-query';
import { useMemo } from 'react';
import { keyring } from 'soapbox/features/nostr/keyring';
import { useAppSelector } from 'soapbox/hooks';
import { useBunkerStore } from 'soapbox/hooks/nostr/useBunkerStore';
export function useSigner() {
const { connections } = useBunkerStore();
const connection = useAppSelector(({ auth }) => {
const accessToken = auth.me ? auth.users[auth.me]?.access_token : undefined;
if (accessToken) {
return connections.find((conn) => conn.accessToken === accessToken);
}
});
const { pubkey, bunkerPubkey, authorizedPubkey } = connection ?? {};
const { data: signer, ...rest } = useQuery({
queryKey: ['nostr', 'signer', pubkey ?? ''],
queryFn: async () => {
if (!pubkey) return null;
const signer = keyring.get(pubkey);
if (signer) return signer;
if (window.nostr && await window.nostr.getPublicKey() === pubkey) {
return window.nostr;
}
return null;
},
enabled: !!pubkey,
});
const bunkerSigner = useMemo(() => {
if (bunkerPubkey) {
return keyring.get(bunkerPubkey);
}
}, [bunkerPubkey]);
return {
signer: signer ?? undefined,
bunkerSigner,
authorizedPubkey,
...rest,
};
}

11
src/init/soapbox-load.tsx
View File

@ -3,7 +3,6 @@ import { IntlProvider } from 'react-intl';
import { fetchMe } from 'soapbox/actions/me';
import { loadSoapboxConfig } from 'soapbox/actions/soapbox';
import { useSignerStream } from 'soapbox/api/hooks/nostr/useSignerStream';
import LoadingScreen from 'soapbox/components/loading-screen';
import { useNostr } from 'soapbox/contexts/nostr-context';
import {
@ -13,6 +12,8 @@ import {
useLocale,
useInstance,
} from 'soapbox/hooks';
import { useBunker } from 'soapbox/hooks/nostr/useBunker';
import { useSigner } from 'soapbox/hooks/nostr/useSigner';
import MESSAGES from 'soapbox/messages';
/** Load initial data from the backend */
@ -44,10 +45,12 @@ const SoapboxLoad: React.FC<ISoapboxLoad> = ({ children }) => {
const [localeLoading, setLocaleLoading] = useState(true);
const [isLoaded, setIsLoaded] = useState(false);
const { hasNostr, isRelayOpen, signer } = useNostr();
const { isSubscribed } = useSignerStream();
const nostr = useNostr();
const signer = useSigner();
const nostrLoading = Boolean(hasNostr && signer && (!isRelayOpen || !isSubscribed));
const nostrLoading = Boolean(nostr.isRelayLoading || signer.isLoading);
useBunker();
/** Whether to display a loading indicator. */
const showLoading = [

12
src/init/soapbox-mount.tsx
View File

@ -6,7 +6,7 @@ import { CompatRouter } from 'react-router-dom-v5-compat';
import { openModal } from 'soapbox/actions/modals';
import * as BuildConfig from 'soapbox/build-config';
import LoadingScreen from 'soapbox/components/loading-screen';
import { Location, ScrollContext } from 'soapbox/components/scroll-context';
import { ScrollContext } from 'soapbox/components/scroll-context';
import SiteErrorBoundary from 'soapbox/components/site-error-boundary';
import {
ModalContainer,
@ -24,10 +24,6 @@ const GdprBanner = React.lazy(() => import('soapbox/components/gdpr-banner'));
const EmbeddedStatus = React.lazy(() => import('soapbox/features/embedded-status'));
const UI = React.lazy(() => import('soapbox/features/ui'));
interface LocationState {
soapboxModalKey?: string;
}
/** Highest level node with the Redux store. */
const SoapboxMount = () => {
useCachedLocationHandler();
@ -54,15 +50,11 @@ const SoapboxMount = () => {
const { redirectRootNoLogin, gdpr } = soapboxConfig;
function shouldUpdateScroll<T extends LocationState>(prev: Location<T> | undefined, location: Location<T>): boolean {
return !(location.state?.soapboxModalKey && location.state?.soapboxModalKey !== prev?.state?.soapboxModalKey);
}
return (
<SiteErrorBoundary>
<BrowserRouter basename={BuildConfig.FE_SUBDIRECTORY}>
<CompatRouter>
<ScrollContext shouldUpdateScroll={shouldUpdateScroll}>
<ScrollContext>
<Switch>
{(!isLoggedIn && redirectRootNoLogin) && (
<Redirect exact from='/' to={redirectRootNoLogin} />

5
src/main.tsx
View File

@ -1,3 +1,4 @@
import { enableMapSet } from 'immer';
import React from 'react';
import { createRoot } from 'react-dom/client';
@ -14,7 +15,7 @@ import '@fontsource/inter/700.css';
import '@fontsource/inter/900.css';
import '@fontsource/roboto-mono/400.css';
import 'line-awesome/dist/font-awesome-line-awesome/css/all.css';
import 'soapbox/features/nostr/keys';
import 'soapbox/features/nostr/keyring';
import './iframe';
import './styles/i18n/arabic.css';
@ -25,6 +26,8 @@ import './styles/tailwind.css';
import ready from './ready';
import { registerSW, lockSW } from './utils/sw';
enableMapSet();
if (BuildConfig.NODE_ENV === 'production') {
printConsoleWarning();
registerSW('/sw.js');

20
src/reducers/admin.ts
View File

@ -1,11 +1,9 @@
import {
Map as ImmutableMap,
List as ImmutableList,
Set as ImmutableSet,
Record as ImmutableRecord,
OrderedSet as ImmutableOrderedSet,
fromJS,
is,
} from 'immutable';
import {
@ -64,12 +62,8 @@ type SetKeys = keyof FilterConditionally<State, ImmutableOrderedSet<string>>;
type APIReport = { id: string; state: string; statuses: any[] };
type APIUser = { id: string; email: string; nickname: string; registration_reason: string };
type Filter = 'local' | 'need_approval' | 'active';
type Filters = Record<string, boolean>;
const FILTER_UNAPPROVED: Filter[] = ['local', 'need_approval'];
const FILTER_LATEST: Filter[] = ['local', 'active'];
const filtersMatch = (f1: string[], f2: string[]) => is(ImmutableSet(f1), ImmutableSet(f2));
const toIds = (items: any[]) => items.map(item => item.id);
const mergeSet = (state: State, key: SetKeys, users: APIUser[]): State => {
@ -82,16 +76,16 @@ const replaceSet = (state: State, key: SetKeys, users: APIUser[]): State => {
return state.set(key, ImmutableOrderedSet(newIds));
};
const maybeImportUnapproved = (state: State, users: APIUser[], filters: Filter[]): State => {
if (filtersMatch(FILTER_UNAPPROVED, filters)) {
const maybeImportUnapproved = (state: State, users: APIUser[], filters: Filters): State => {
if (filters.pending) {
return mergeSet(state, 'awaitingApproval', users);
} else {
return state;
}
};
const maybeImportLatest = (state: State, users: APIUser[], filters: Filter[], page: number): State => {
if (page === 1 && filtersMatch(FILTER_LATEST, filters)) {
const maybeImportLatest = (state: State, users: APIUser[], filters: Filters, page: number): State => {
if (page === 1 && !filters.pending) {
return replaceSet(state, 'latestUsers', users);
} else {
return state;
@ -110,7 +104,7 @@ const fixUser = (user: APIEntity): ReducerAdminAccount => {
}) as ReducerAdminAccount;
};
function importUsers(state: State, users: APIUser[], filters: Filter[], page: number): State {
function importUsers(state: State, users: APIUser[], filters: Filters, page: number): State {
return state.withMutations(state => {
maybeImportUnapproved(state, users, filters);
maybeImportLatest(state, users, filters, page);
@ -202,7 +196,7 @@ export default function admin(state: State = ReducerRecord(), action: AnyAction)
case ADMIN_REPORTS_PATCH_SUCCESS:
return handleReportDiffs(state, action.reports);
case ADMIN_USERS_FETCH_SUCCESS:
return importUsers(state, action.users, action.filters, action.page);
return importUsers(state, action.accounts, action.filters, action.page);
case ADMIN_USERS_DELETE_REQUEST:
case ADMIN_USERS_DELETE_SUCCESS:
case ADMIN_USERS_REJECT_REQUEST:

34
src/reducers/auth.ts
View File

@ -2,6 +2,8 @@ import { AxiosError } from 'axios';
import { produce } from 'immer';
import { z } from 'zod';
import { keyring } from 'soapbox/features/nostr/keyring';
import { useBunkerStore } from 'soapbox/hooks/nostr/useBunkerStore';
import { Account, accountSchema } from 'soapbox/schemas';
import { Application, applicationSchema } from 'soapbox/schemas/application';
import { AuthUser, SoapboxAuth, soapboxAuthSchema } from 'soapbox/schemas/soapbox/soapbox-auth';
@ -24,6 +26,17 @@ import type { UnknownAction } from 'redux';
const STORAGE_KEY = 'soapbox:auth';
const SESSION_KEY = 'soapbox:auth:me';
// Log out legacy Nostr/Ditto users.
for (let i = 0; i < localStorage.length; i++) {
const key = localStorage.key(i);
if (key && /^soapbox:nostr:auth:[0-9a-f]{64}$/.test(key)) {
localStorage.clear();
sessionStorage.clear();
location.reload();
}
}
/** Get current user's URL from session storage. */
function getSessionUser(): string | undefined {
const value = sessionStorage.getItem(SESSION_KEY);
@ -37,7 +50,7 @@ function getSessionUser(): string | undefined {
/** Retrieve state from browser storage. */
function getLocalState(): SoapboxAuth | undefined {
const data = localStorage.getItem(STORAGE_KEY);
const result = jsonSchema.pipe(soapboxAuthSchema).safeParse(data);
const result = jsonSchema().pipe(soapboxAuthSchema).safeParse(data);
if (!result.success) {
return undefined;
@ -105,7 +118,26 @@ function importCredentials(auth: SoapboxAuth, accessToken: string, account: Acco
});
}
/** Delete Nostr credentials when an access token is revoked. */
// TODO: Rework auth so this can all be conrolled from one place.
function revokeNostr(accessToken: string): void {
const { connections, revoke } = useBunkerStore.getState();
for (const conn of connections) {
if (conn.accessToken === accessToken) {
// Revoke the Bunker connection.
revoke(accessToken);
// Revoke the user's private key.
keyring.delete(conn.pubkey);
// Revoke the bunker's private key.
keyring.delete(conn.bunkerPubkey);
}
}
}
function deleteToken(auth: SoapboxAuth, accessToken: string): SoapboxAuth {
revokeNostr(accessToken);
return produce(auth, draft => {
delete draft.tokens[accessToken];

6
src/reducers/index.ts
View File

@ -56,7 +56,7 @@ import trending_statuses from './trending-statuses';
import trends from './trends';
import user_lists from './user-lists';
const reducers = {
export default combineReducers({
accounts_meta,
admin,
aliases,
@ -111,6 +111,4 @@ const reducers = {
trending_statuses,
trends,
user_lists,
};
export default combineReducers(reducers);
});

18
src/schemas/utils.ts
View File

@ -30,14 +30,16 @@ function makeCustomEmojiMap(customEmojis: CustomEmoji[]) {
}, {});
}
const jsonSchema = z.string().transform((value, ctx) => {
try {
return JSON.parse(value) as unknown;
} catch (_e) {
ctx.addIssue({ code: z.ZodIssueCode.custom, message: 'Invalid JSON' });
return z.NEVER;
}
});
function jsonSchema(reviver?: (this: any, key: string, value: any) => any) {
return z.string().transform((value, ctx) => {
try {
return JSON.parse(value, reviver) as unknown;
} catch (_e) {
ctx.addIssue({ code: z.ZodIssueCode.custom, message: 'Invalid JSON' });
return z.NEVER;
}
});
}
/** MIME schema, eg `image/png`. */
const mimeSchema = z.string().regex(/^\w+\/[-+.\w]+$/);

5
yarn.lock
View File

@ -9292,3 +9292,8 @@ zod@^3.23.4, zod@^3.23.5:
version "3.23.5"
resolved "https://registry.yarnpkg.com/zod/-/zod-3.23.5.tgz#c7b7617d017d4a2f21852f533258d26a9a5ae09f"
integrity sha512-fkwiq0VIQTksNNA131rDOsVJcns0pfVUjHzLrNBiF/O/Xxb5lQyEXkhZWcJ7npWsYlvs+h0jFWXXy4X46Em1JA==
zustand@^5.0.0:
version "5.0.0"
resolved "https://registry.yarnpkg.com/zustand/-/zustand-5.0.0.tgz#71f8aaecf185592a3ba2743d7516607361899da9"
integrity sha512-LE+VcmbartOPM+auOjCCLQOsQ05zUTp8RkgwRzefUk+2jISdMMFnxvyTjA4YNWr5ZGXYbVsEMZosttuxUBkojQ==