2024-02-22 17:08:09 +07:00
|
|
|
"use strict";
|
2024-02-18 12:56:00 +07:00
|
|
|
const { validateEvent, verifyEvent } = require("nostr-tools");
|
2024-02-19 19:38:31 +07:00
|
|
|
const { authorized_keys, private_keys } = require(process.env.BOSTR_CONFIG_PATH || "./config");
|
2023-11-16 21:53:58 +07:00
|
|
|
|
2023-11-20 21:21:22 +07:00
|
|
|
module.exports = (authKey, data, ws, req) => {
|
2024-04-28 21:20:25 +07:00
|
|
|
if (!(authorized_keys?.length || Object.keys(private_keys).length)) return; // do nothing
|
2024-02-18 12:56:00 +07:00
|
|
|
if (!validateEvent(data) || !verifyEvent(data)) {
|
2023-11-16 21:53:58 +07:00
|
|
|
ws.send(JSON.stringify(["NOTICE", "error: invalid challenge response."]));
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2024-04-28 21:20:25 +07:00
|
|
|
if (!authorized_keys?.includes(data.pubkey) && !private_keys[data.pubkey]) {
|
2023-11-16 21:53:58 +07:00
|
|
|
ws.send(JSON.stringify(["OK", data.id, false, "unauthorized."]));
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (data.kind != 22242) {
|
|
|
|
|
ws.send(JSON.stringify(["OK", data.id, false, "not kind 22242."]));
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2024-04-28 21:20:25 +07:00
|
|
|
const tags = Object.fromEntries(data.tags);
|
2024-02-17 19:35:33 +07:00
|
|
|
|
2024-04-28 21:20:25 +07:00
|
|
|
if (!tags.relay?.includes(req.headers.host)) {
|
2023-11-16 21:53:58 +07:00
|
|
|
ws.send(JSON.stringify(["OK", data.id, false, "unmatched relay url."]));
|
|
|
|
|
return false;
|
|
|
|
|
};
|
|
|
|
|
|
2024-04-28 21:20:25 +07:00
|
|
|
if (tags.challenge !== authKey) {
|
2023-11-16 21:53:58 +07:00
|
|
|
ws.send(JSON.stringify(["OK", data.id, false, "unmatched challenge string."]));
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2023-11-20 21:21:22 +07:00
|
|
|
ws.send(JSON.stringify(["OK", data.id, true, `Hello ${data.pubkey}`]));
|
2023-11-16 21:53:58 +07:00
|
|
|
return true;
|
|
|
|
|
}
|
