Destroy everything

2025-12-30 11:44:25 +01:00 · 2024-05-14 11:40:20 -05:00
parent ee7864da8c
commit 5a2b1b7de7
4 changed files with 37 additions and 126 deletions
--- a/src/middleware/auth19.ts
+++ b/src/middleware/auth19.ts
@@ -1,49 +0,0 @@
-import { HTTPException } from 'hono';
-import { getPublicKey, nip19 } from 'nostr-tools';
-
-import { type AppMiddleware } from '@/app.ts';
-
-/** We only accept "Bearer" type. */
-const BEARER_REGEX = new RegExp(`^Bearer (${nip19.BECH32_REGEX.source})$`);
-
-/** NIP-19 auth middleware. */
-const auth19: AppMiddleware = async (c, next) => {
-  const authHeader = c.req.header('authorization');
-  const match = authHeader?.match(BEARER_REGEX);
-
-  if (match) {
-    const [_, bech32] = match;
-
-    try {
-      const decoded = nip19.decode(bech32!);
-
-      switch (decoded.type) {
-        case 'npub':
-          c.set('pubkey', decoded.data);
-          break;
-        case 'nprofile':
-          c.set('pubkey', decoded.data.pubkey);
-          break;
-        case 'nsec':
-          c.set('pubkey', getPublicKey(decoded.data));
-          c.set('seckey', decoded.data);
-          break;
-      }
-    } catch (_e) {
-      //
-    }
-  }
-
-  await next();
-};
-
-/** Throw a 401 if the pubkey isn't set. */
-const requirePubkey: AppMiddleware = async (c, next) => {
-  if (!c.get('pubkey')) {
-    throw new HTTPException(401, { message: 'No pubkey provided' });
-  }
-
-  await next();
-};
-
-export { auth19, requirePubkey };
--- a/src/middleware/signerMiddleware.ts
+++ b/src/middleware/signerMiddleware.ts
@@ -1,12 +1,43 @@
+import { NConnectSigner, NSecSigner } from '@nostrify/nostrify';
+import { nip19 } from 'nostr-tools';
+
 import { AppMiddleware } from '@/app.ts';
-import { APISigner } from '@/signers/APISigner.ts';
+import { AdminSigner } from '@/signers/AdminSigner.ts';
+import { Storages } from '@/storages.ts';
+
+/** We only accept "Bearer" type. */
+const BEARER_REGEX = new RegExp(`^Bearer (${nip19.BECH32_REGEX.source})$`);

 /** Make a `signer` object available to all controllers, or unset if the user isn't logged in. */
 export const signerMiddleware: AppMiddleware = async (c, next) => {
-  try {
-    c.set('signer', new APISigner(c));
-  } catch {
-    // do nothing
+  const header = c.req.header('authorization');
+  const match = header?.match(BEARER_REGEX);
+
+  if (match) {
+    const [_, bech32] = match;
+
+    try {
+      const decoded = nip19.decode(bech32!);
+
+      switch (decoded.type) {
+        case 'npub':
+          c.set(
+            'signer',
+            new NConnectSigner({
+              pubkey: decoded.data,
+              relay: Storages.pubsub,
+              signer: new AdminSigner(),
+              timeout: 60000,
+            }),
+          );
+          break;
+        case 'nsec':
+          c.set('signer', new NSecSigner(decoded.data));
+          break;
+      }
+    } catch {
+      // the user is not logged in
+    }
  }

  await next();