highperfocused/bostr
1
0
Fork 0
mirror of https://github.com/Yonle/bostr.git synced 2025-03-18 05:42:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

bouncer: improve NIP-42 compatibilities

Browse Source 
Signed-off-by: Yonle <yonle@lecturify.net>
This commit is contained in:
Yonle 2024-04-28 21:20:25 +07:00
parent 07bca8d9cf
commit a3ae67a2c4
2 changed files with 16 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
auth.js
View File

@ -3,12 +3,13 @@ const { validateEvent, verifyEvent } = require("nostr-tools");
const { authorized_keys, private_keys } = require(process.env.BOSTR_CONFIG_PATH || "./config");
module.exports = (authKey, data, ws, req) => {
if (!(authorized_keys?.length || Object.keys(private_keys).length)) return; // do nothing
if (!validateEvent(data) || !verifyEvent(data)) {
ws.send(JSON.stringify(["NOTICE", "error: invalid challenge response."]));
return false;
}
if ((authorized_keys?.length || Object.keys(private_keys).length) && !authorized_keys?.includes(data.pubkey) && !(private_keys && private_keys[data.pubkey])) {
if (!authorized_keys?.includes(data.pubkey) && !private_keys[data.pubkey]) {
ws.send(JSON.stringify(["OK", data.id, false, "unauthorized."]));
return false;
}
@ -18,14 +19,14 @@ module.exports = (authKey, data, ws, req) => {
return false;
}
const tags = new Map(data.tags);
const tags = Object.fromEntries(data.tags);
if (!tags.get("relay").includes(req.headers.host)) {
if (!tags.relay?.includes(req.headers.host)) {
ws.send(JSON.stringify(["OK", data.id, false, "unmatched relay url."]));
return false;
};
if (tags.get("challenge") !== authKey) {
if (tags.challenge !== authKey) {
ws.send(JSON.stringify(["OK", data.id, false, "unmatched challenge string."]));
return false;
}

13
bouncer.js
View File

@ -202,10 +202,18 @@ function handleConnection(ws, req, onClose) {
ws.send(JSON.stringify(["CLOSED", origID, ""]));
break;
case "AUTH":
if (authorized) return;
if (auth(authKey, data[1], ws, req)) {
authKey = Date.now() + Math.random().toString(36);
ws.pubkey = data[1].pubkey;
console.log(process.pid, "---", ws.ip, "successfully authorized as", ws.pubkey, private_keys[ws.pubkey] ? "(admin)" : "(user)");
if (private_keys[ws.pubkey]) {
for (const relay of userRelays.get(ws.id)) {
for (const challenge of relay.pendingNIP42) {
nip42(relay, client.pubkey, private_keys[ws.pubkey], challenge);
relay.pendingNIP42.delete(challenge);
}
}
}
if (authorized) return;
authorized = true;
lastEvent = Date.now();
@ -323,6 +331,7 @@ function newConn(addr, id, reconn_t = 0) {
relay.isCache = relay_type(addr) === "cache_relay";
relay.isLoadBalancer = relay_type(addr) === "loadbalancer";
relay.ratelimit = 0;
relay.pendingNIP42 = new Set();
relay.on('open', _ => {
if (!csess.has(id)) return relay.terminate();
const client = csess.get(id);
@ -414,7 +423,7 @@ function newConn(addr, id, reconn_t = 0) {
}
break;
case "AUTH":
if (!private_keys || typeof(data[1]) !== "string" || !client.pubkey) return;
if (!private_keys || typeof(data[1]) !== "string" || !client.pubkey) return relay.pendingNIP42.add(data[1]);
nip42(relay, client.pubkey, private_keys[client.pubkey], data[1]);
break;