update go-nostr to fix some bugs.

go.mod

@@ -4,8 +4,8 @@ go 1.21.4
 
 require (
 	github.com/fasthttp/websocket v1.5.7
-	github.com/fiatjaf/eventstore v0.3.8
-	github.com/nbd-wtf/go-nostr v0.30.0
+	github.com/fiatjaf/eventstore v0.5.1
+	github.com/nbd-wtf/go-nostr v0.34.3
 	github.com/puzpuzpuz/xsync/v3 v3.0.2
 	github.com/rs/cors v1.7.0
 )
@@ -37,7 +37,7 @@ require (
 	github.com/google/flatbuffers v23.5.26+incompatible // indirect
 	github.com/jmoiron/sqlx v1.3.5 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
-	github.com/klauspost/compress v1.17.3 // indirect
+	github.com/klauspost/compress v1.17.8 // indirect
 	github.com/lib/pq v1.10.9 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mattn/go-sqlite3 v1.14.18 // indirect
@@ -51,6 +51,6 @@ require (
 	go.opencensus.io v0.24.0 // indirect
 	golang.org/x/exp v0.0.0-20231006140011-7918f672742d // indirect
 	golang.org/x/net v0.18.0 // indirect
-	golang.org/x/sys v0.14.0 // indirect
+	golang.org/x/sys v0.20.0 // indirect
 	google.golang.org/protobuf v1.31.0 // indirect
 )

go.sum

@@ -47,8 +47,8 @@ github.com/fasthttp/websocket v1.5.7 h1:0a6o2OfeATvtGgoMKleURhLT6JqWPg7fYfWnH4KH
 github.com/fasthttp/websocket v1.5.7/go.mod h1:bC4fxSono9czeXHQUVKxsC0sNjbm7lPJR04GDFqClfU=
 github.com/fatih/structs v1.1.0 h1:Q7juDM0QtcnhCpeyLGQKyg4TOIghuNXrkL32pHAUMxo=
 github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M=
-github.com/fiatjaf/eventstore v0.3.8 h1:q4jcN95O2CVA+wP47V25BcVSNvjfOiPPIWgPmQ6hTRk=
-github.com/fiatjaf/eventstore v0.3.8/go.mod h1:Qsm5loQICkazpsj8tQmcOK95AVkQQNF09Xx/NS/Biow=
+github.com/fiatjaf/eventstore v0.5.1 h1:tTh+JYP0RME51VY2QB2Gvtzj6QTaZAnSVhgZtrYqY2A=
+github.com/fiatjaf/eventstore v0.5.1/go.mod h1:r5yCFmrVNT2b1xUOuMnDVS3xPGh97y8IgTcLyY2rYP8=
 github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
 github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI=
 github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
@@ -103,8 +103,8 @@ github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8Hm
 github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
 github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
-github.com/klauspost/compress v1.17.3 h1:qkRjuerhUU1EmXLYGkSH6EZL+vPSxIrYjLNAK4slzwA=
-github.com/klauspost/compress v1.17.3/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM=
+github.com/klauspost/compress v1.17.8 h1:YcnTYrq7MikUT7k0Yb5eceMmALQPYBW/Xltxn0NAMnU=
+github.com/klauspost/compress v1.17.8/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw=
 github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
 github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
 github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
@@ -113,8 +113,8 @@ github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJ
 github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
 github.com/mattn/go-sqlite3 v1.14.18 h1:JL0eqdCOq6DJVNPSvArO/bIV9/P7fbGrV00LZHc+5aI=
 github.com/mattn/go-sqlite3 v1.14.18/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
-github.com/nbd-wtf/go-nostr v0.30.0 h1:rN085pe4IxmSBVht8LChZbWLggonjA8hPIk8l4/+Hjk=
-github.com/nbd-wtf/go-nostr v0.30.0/go.mod h1:tiKJY6fWYSujbTQb201Y+IQ3l4szqYVt+fsTnsm7FCk=
+github.com/nbd-wtf/go-nostr v0.34.3 h1:JfDOHOje7gzUhisbZD0v2Y9b9vh2PmP6eHsU/GfU8QE=
+github.com/nbd-wtf/go-nostr v0.34.3/go.mod h1:NZQkxl96ggbO8rvDpVjcsojJqKTPwqhP4i82O7K5DJs=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
@@ -133,8 +133,8 @@ github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81P
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
-github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
+github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/tidwall/gjson v1.17.0 h1:/Jocvlh98kcTfpN2+JzGQWQcqrPQwDrVEMApx/M5ZwM=
 github.com/tidwall/gjson v1.17.0/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
 github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA=
@@ -184,8 +184,8 @@ golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20221010170243-090e33056c14/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q=
-golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y=
+golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=

handlers.go

@@ -5,7 +5,6 @@ import (
 	"crypto/rand"
 	"crypto/sha256"
 	"encoding/hex"
-	"encoding/json"
 	"errors"
 	"net/http"
 	"strings"
@@ -28,6 +27,8 @@ func (rl *Relay) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		rl.HandleWebsocket(w, r)
 	} else if r.Header.Get("Accept") == "application/nostr+json" {
 		cors.AllowAll().Handler(http.HandlerFunc(rl.HandleNIP11)).ServeHTTP(w, r)
+	} else if r.Header.Get("Content-Type") == "application/nostr+json+rpc" {
+		cors.AllowAll().Handler(http.HandlerFunc(rl.HandleNIP86)).ServeHTTP(w, r)
 	} else {
 		rl.serveMux.ServeHTTP(w, r)
 	}
@@ -36,7 +37,7 @@ func (rl *Relay) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 func (rl *Relay) HandleWebsocket(w http.ResponseWriter, r *http.Request) {
 	for _, reject := range rl.RejectConnection {
 		if reject(r) {
-			w.WriteHeader(418) // I'm a teapot
+			w.WriteHeader(429) // Too many requests
 			return
 		}
 	}
@@ -277,14 +278,3 @@ func (rl *Relay) HandleWebsocket(w http.ResponseWriter, r *http.Request) {
 		}
 	}()
 }
-
-func (rl *Relay) HandleNIP11(w http.ResponseWriter, r *http.Request) {
-	w.Header().Set("Content-Type", "application/nostr+json")
-
-	info := *rl.Info
-	for _, ovw := range rl.OverwriteRelayInformation {
-		info = ovw(r.Context(), r, info)
-	}
-
-	json.NewEncoder(w).Encode(info)
-}

nip11.go

@@ -0,0 +1,25 @@
+package khatru
+
+import (
+	"encoding/json"
+	"net/http"
+)
+
+func (rl *Relay) HandleNIP11(w http.ResponseWriter, r *http.Request) {
+	w.Header().Set("Content-Type", "application/nostr+json")
+
+	info := *rl.Info
+
+	if len(rl.DeleteEvent) > 0 {
+		info.SupportedNIPs = append(info.SupportedNIPs, 9)
+	}
+	if len(rl.CountEvents) > 0 {
+		info.SupportedNIPs = append(info.SupportedNIPs, 45)
+	}
+
+	for _, ovw := range rl.OverwriteRelayInformation {
+		info = ovw(r.Context(), r, info)
+	}
+
+	json.NewEncoder(w).Encode(info)
+}

nip86.go

@@ -0,0 +1,267 @@
+package khatru
+
+import (
+	"context"
+	"crypto/sha256"
+	"encoding/base64"
+	"encoding/hex"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net"
+	"net/http"
+	"reflect"
+	"strings"
+
+	"github.com/nbd-wtf/go-nostr"
+	"github.com/nbd-wtf/go-nostr/nip86"
+)
+
+type RelayManagementAPI struct {
+	RejectAPICall []func(ctx context.Context, mp nip86.MethodParams) (reject bool, msg string)
+
+	BanPubKey                   func(ctx context.Context, pubkey string, reason string) error
+	ListBannedPubKeys           func(ctx context.Context) ([]nip86.PubKeyReason, error)
+	AllowPubKey                 func(ctx context.Context, pubkey string, reason string) error
+	ListAllowedPubKeys          func(ctx context.Context) ([]nip86.PubKeyReason, error)
+	ListEventsNeedingModeration func(ctx context.Context) ([]nip86.IDReason, error)
+	AllowEvent                  func(ctx context.Context, id string, reason string) error
+	BanEvent                    func(ctx context.Context, id string, reason string) error
+	ListBannedEvents            func(ctx context.Context) ([]nip86.IDReason, error)
+	ChangeRelayName             func(ctx context.Context, name string) error
+	ChangeRelayDescription      func(ctx context.Context, desc string) error
+	ChangeRelayIcon             func(ctx context.Context, icon string) error
+	AllowKind                   func(ctx context.Context, kind int) error
+	DisallowKind                func(ctx context.Context, kind int) error
+	ListAllowedKinds            func(ctx context.Context) ([]int, error)
+	BlockIP                     func(ctx context.Context, ip net.IP, reason string) error
+	UnblockIP                   func(ctx context.Context, ip net.IP, reason string) error
+	ListBlockedIPs              func(ctx context.Context) ([]nip86.IPReason, error)
+}
+
+func (rl *Relay) HandleNIP86(w http.ResponseWriter, r *http.Request) {
+	w.Header().Set("Content-Type", "application/nostr+json+rpc")
+
+	var (
+		resp        nip86.Response
+		ctx         = r.Context()
+		req         nip86.Request
+		mp          nip86.MethodParams
+		evt         nostr.Event
+		payloadHash [32]byte
+	)
+
+	payload, err := io.ReadAll(r.Body)
+	if err != nil {
+		resp.Error = "empty request"
+		goto respond
+	}
+	payloadHash = sha256.Sum256(payload)
+
+	{
+		auth := r.Header.Get("Authorization")
+		spl := strings.Split(auth, "Nostr ")
+		if len(spl) != 2 {
+			resp.Error = "missing auth"
+			goto respond
+		}
+		if evtj, err := base64.StdEncoding.DecodeString(spl[1]); err != nil {
+			resp.Error = "invalid base64 auth"
+			goto respond
+		} else if err := json.Unmarshal(evtj, &evt); err != nil {
+			resp.Error = "invalid auth event json"
+			goto respond
+		} else if ok, _ := evt.CheckSignature(); !ok {
+			resp.Error = "invalid auth event"
+			goto respond
+		} else if pht := evt.Tags.GetFirst([]string{"payload", hex.EncodeToString(payloadHash[:])}); pht == nil {
+			resp.Error = "invalid auth event payload hash"
+			goto respond
+		} else if evt.CreatedAt < nostr.Now()-30 {
+			resp.Error = "auth event is too old"
+			goto respond
+		}
+	}
+
+	if err := json.Unmarshal(payload, &req); err != nil {
+		resp.Error = "invalid json body"
+		goto respond
+	}
+
+	mp, err = nip86.DecodeRequest(req)
+	if err != nil {
+		resp.Error = fmt.Sprintf("invalid params: %s", err)
+		goto respond
+	}
+
+	ctx = context.WithValue(ctx, nip86HeaderAuthKey, evt.PubKey)
+	for _, rac := range rl.ManagementAPI.RejectAPICall {
+		if reject, msg := rac(ctx, mp); reject {
+			resp.Error = msg
+			goto respond
+		}
+	}
+
+	if _, ok := mp.(nip86.SupportedMethods); ok {
+		mat := reflect.TypeOf(rl.ManagementAPI)
+		mav := reflect.ValueOf(rl.ManagementAPI)
+
+		methods := make([]string, 0, mat.NumField())
+		for i := 0; i < mat.NumField(); i++ {
+			field := mat.Field(i)
+
+			// danger: this assumes the struct fields are appropriately named
+			methodName := strings.ToLower(field.Name)
+
+			// assign this only if the function was defined
+			if mav.Field(i).Interface() != nil {
+				methods[i] = methodName
+			}
+		}
+		resp.Result = methods
+	} else {
+		switch thing := mp.(type) {
+		case nip86.BanPubKey:
+			if rl.ManagementAPI.BanPubKey == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if err := rl.ManagementAPI.BanPubKey(ctx, thing.PubKey, thing.Reason); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = true
+			}
+		case nip86.ListBannedPubKeys:
+			if rl.ManagementAPI.ListBannedPubKeys == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if result, err := rl.ManagementAPI.ListBannedPubKeys(ctx); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = result
+			}
+		case nip86.AllowPubKey:
+			if rl.ManagementAPI.AllowPubKey == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if err := rl.ManagementAPI.AllowPubKey(ctx, thing.PubKey, thing.Reason); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = true
+			}
+		case nip86.ListAllowedPubKeys:
+			if rl.ManagementAPI.ListAllowedPubKeys == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if result, err := rl.ManagementAPI.ListAllowedPubKeys(ctx); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = result
+			}
+		case nip86.BanEvent:
+			if rl.ManagementAPI.BanEvent == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if err := rl.ManagementAPI.BanEvent(ctx, thing.ID, thing.Reason); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = true
+			}
+		case nip86.AllowEvent:
+			if rl.ManagementAPI.AllowEvent == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if err := rl.ManagementAPI.AllowEvent(ctx, thing.ID, thing.Reason); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = true
+			}
+		case nip86.ListEventsNeedingModeration:
+			if rl.ManagementAPI.ListEventsNeedingModeration == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if result, err := rl.ManagementAPI.ListEventsNeedingModeration(ctx); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = result
+			}
+		case nip86.ListBannedEvents:
+			if rl.ManagementAPI.ListBannedEvents == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if result, err := rl.ManagementAPI.ListEventsNeedingModeration(ctx); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = result
+			}
+		case nip86.ChangeRelayName:
+			if rl.ManagementAPI.ChangeRelayName == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if err := rl.ManagementAPI.ChangeRelayName(ctx, thing.Name); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = true
+			}
+		case nip86.ChangeRelayDescription:
+			if rl.ManagementAPI.ChangeRelayDescription == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if err := rl.ManagementAPI.ChangeRelayDescription(ctx, thing.Description); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = true
+			}
+		case nip86.ChangeRelayIcon:
+			if rl.ManagementAPI.ChangeRelayIcon == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if err := rl.ManagementAPI.ChangeRelayIcon(ctx, thing.IconURL); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = true
+			}
+		case nip86.AllowKind:
+			if rl.ManagementAPI.AllowKind == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if err := rl.ManagementAPI.AllowKind(ctx, thing.Kind); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = true
+			}
+		case nip86.DisallowKind:
+			if rl.ManagementAPI.DisallowKind == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if err := rl.ManagementAPI.DisallowKind(ctx, thing.Kind); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = true
+			}
+		case nip86.ListAllowedKinds:
+			if rl.ManagementAPI.ListAllowedKinds == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if result, err := rl.ManagementAPI.ListAllowedKinds(ctx); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = result
+			}
+		case nip86.BlockIP:
+			if rl.ManagementAPI.BlockIP == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if err := rl.ManagementAPI.BlockIP(ctx, thing.IP, thing.Reason); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = true
+			}
+		case nip86.UnblockIP:
+			if rl.ManagementAPI.UnblockIP == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if err := rl.ManagementAPI.UnblockIP(ctx, thing.IP, thing.Reason); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = true
+			}
+		case nip86.ListBlockedIPs:
+			if rl.ManagementAPI.ListBlockedIPs == nil {
+				resp.Error = fmt.Sprintf("method %s not supported", thing.MethodName())
+			} else if result, err := rl.ManagementAPI.ListBlockedIPs(ctx); err != nil {
+				resp.Error = err.Error()
+			} else {
+				resp.Result = result
+			}
+		default:
+			resp.Error = fmt.Sprintf("method '%s' not known", mp.MethodName())
+		}
+	}
+
+respond:
+	json.NewEncoder(w).Encode(resp)
+}

policies/events.go

@@ -67,31 +67,10 @@ func PreventLargeTags(maxTagValueLen int) func(context.Context, *nostr.Event) (b
 // RestrictToSpecifiedKinds returns a function that can be used as a RejectFilter that will reject
 // any events with kinds different than the specified ones.
 func RestrictToSpecifiedKinds(kinds ...uint16) func(context.Context, *nostr.Event) (bool, string) {
-	max := 0
-	min := 0
-	for _, kind := range kinds {
-		if int(kind) > max {
-			max = int(kind)
-		}
-		if int(kind) < min {
-			min = int(kind)
-		}
-	}
-
 	// sort the kinds in increasing order
 	slices.Sort(kinds)
 
 	return func(ctx context.Context, event *nostr.Event) (reject bool, msg string) {
-		// these are cheap and very questionable optimizations, but they exist for a reason:
-		// we would have to ensure that the kind number is within the bounds of a uint16 anyway
-		if event.Kind > max {
-			return true, fmt.Sprintf("event kind not allowed (it should be lower than %d)", max)
-		}
-		if event.Kind < min {
-			return true, fmt.Sprintf("event kind not allowed (it should be higher than %d)", min)
-		}
-
-		// hopefully this map of uint16s is very fast
 		if _, allowed := slices.BinarySearch(kinds, uint16(event.Kind)); allowed {
 			return false, ""
 		}

relay.go

@@ -20,7 +20,7 @@ func NewRelay() *Relay {
 		Info: &nip11.RelayInformationDocument{
 			Software:      "https://github.com/fiatjaf/khatru",
 			Version:       "n/a",
-			SupportedNIPs: []int{1, 11, 70},
+			SupportedNIPs: []int{1, 11, 42, 70, 86},
 		},
 
 		upgrader: websocket.Upgrader{
@@ -60,7 +60,10 @@ type Relay struct {
 	OnEventSaved              []func(ctx context.Context, event *nostr.Event)
 	OnEphemeralEvent          []func(ctx context.Context, event *nostr.Event)
 
-	// editing info will affect
+	// setting up handlers here will enable these methods
+	ManagementAPI RelayManagementAPI
+
+	// editing info will affect the NIP-11 responses
 	Info *nip11.RelayInformationDocument
 
 	// Default logger, as set by NewServer, is a stdlib logger prefixed with "[khatru-relay] ",

responding.go

@@ -41,6 +41,9 @@ func (rl *Relay) handleRequest(ctx context.Context, id string, eose *sync.WaitGr
 			ws.WriteJSON(nostr.NoticeEnvelope(err.Error()))
 			eose.Done()
 			continue
+		} else if ch == nil {
+			eose.Done()
+			continue
 		}
 
 		go func(ch chan *nostr.Event) {

utils.go

@@ -9,6 +9,7 @@ import (
 const (
 	wsKey = iota
 	subscriptionIdKey
+	nip86HeaderAuthKey
 )
 
 func RequestAuth(ctx context.Context) {
@@ -22,11 +23,21 @@ func RequestAuth(ctx context.Context) {
 }
 
 func GetConnection(ctx context.Context) *WebSocket {
-	return ctx.Value(wsKey).(*WebSocket)
+	wsi := ctx.Value(wsKey)
+	if wsi != nil {
+		return wsi.(*WebSocket)
+	}
+	return nil
 }
 
 func GetAuthed(ctx context.Context) string {
-	return GetConnection(ctx).AuthedPublicKey
+	if conn := GetConnection(ctx); conn != nil {
+		return conn.AuthedPublicKey
+	}
+	if nip86Auth := ctx.Value(nip86HeaderAuthKey); nip86Auth != nil {
+		return nip86Auth.(string)
+	}
+	return ""
 }
 
 func GetIP(ctx context.Context) string {