mirror of
https://github.com/fiatjaf/khatru.git
synced 2025-03-18 22:03:03 +01:00
47 lines
1.0 KiB
Go
47 lines
1.0 KiB
Go
package blossom
|
|
|
|
import (
|
|
"bytes"
|
|
"encoding/base64"
|
|
"encoding/json"
|
|
"fmt"
|
|
"io"
|
|
"net/http"
|
|
"strconv"
|
|
"strings"
|
|
|
|
"github.com/nbd-wtf/go-nostr"
|
|
)
|
|
|
|
func readAuthorization(r *http.Request) (*nostr.Event, error) {
|
|
token := r.Header.Get("Authorization")
|
|
if !strings.HasPrefix(token, "Nostr ") {
|
|
return nil, nil
|
|
}
|
|
|
|
var reader io.Reader
|
|
reader = bytes.NewReader([]byte(token)[6:])
|
|
reader = base64.NewDecoder(base64.StdEncoding, reader)
|
|
var evt nostr.Event
|
|
err := json.NewDecoder(reader).Decode(&evt)
|
|
|
|
if err != nil || evt.Kind != 24242 || len(evt.ID) != 64 || !evt.CheckID() {
|
|
return nil, fmt.Errorf("invalid event")
|
|
}
|
|
|
|
if ok, _ := evt.CheckSignature(); !ok {
|
|
return nil, fmt.Errorf("invalid signature")
|
|
}
|
|
|
|
expirationTag := evt.Tags.GetFirst([]string{"expiration", ""})
|
|
if expirationTag == nil {
|
|
return nil, fmt.Errorf("missing \"expiration\" tag")
|
|
}
|
|
expiration, _ := strconv.ParseInt((*expirationTag)[1], 10, 64)
|
|
if nostr.Timestamp(expiration) < nostr.Now() {
|
|
return nil, fmt.Errorf("event expired")
|
|
}
|
|
|
|
return &evt, nil
|
|
}
|