aljaz/ditto
1
0
Fork 0
mirror of https://github.com/aljazceru/ditto.git synced 2026-01-05 14:44:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add media endpoints, require nip98 proof to upload them

Browse Source
This commit is contained in:
Alex Gleason
2023-09-08 17:00:07 -05:00
parent 2c943872a8
commit 969d8bfe7f
2 changed files with 36 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
src/middleware/auth98.ts
View File

@@ -3,7 +3,7 @@ import { HTTPException } from '@/deps.ts';
import { buildAuthEventTemplate, parseAuthRequest, type ParseAuthRequestOpts } from '@/utils/nip98.ts';
import { localRequest } from '@/utils/web.ts';
import { signNostrConnect } from '@/sign.ts';
import { findUser } from '@/db/users.ts';
import { findUser, User } from '@/db/users.ts';
/**
* NIP-98 auth.
@@ -23,20 +23,36 @@ function auth98(opts: ParseAuthRequestOpts = {}): AppMiddleware {
};
}
/** Require the user to prove they're an admin before invoking the controller. */
const requireAdmin: AppMiddleware = async (c, next) => {
const header = c.req.headers.get('x-nostr-sign');
const proof = c.get('proof') || header ? await obtainProof(c) : undefined;
const user = proof ? await findUser({ pubkey: proof.pubkey }) : undefined;
type UserRole = 'user' | 'admin';
if (proof && user?.admin) {
c.set('pubkey', proof.pubkey);
c.set('proof', proof);
await next();
} else {
throw new HTTPException(401);
/** Require the user to prove their role before invoking the controller. */
function requireRole(role: UserRole): AppMiddleware {
return async (c, next) => {
const header = c.req.headers.get('x-nostr-sign');
const proof = c.get('proof') || header ? await obtainProof(c) : undefined;
const user = proof ? await findUser({ pubkey: proof.pubkey }) : undefined;
if (proof && user && matchesRole(user, role)) {
c.set('pubkey', proof.pubkey);
c.set('proof', proof);
await next();
} else {
throw new HTTPException(401);
}
};
}
/** Check whether the user fulfills the role. */
function matchesRole(user: User, role: UserRole): boolean {
switch (role) {
case 'user':
return true;
case 'admin':
return user.admin;
default:
return false;
}
};
}
/** Get the proof over Nostr Connect. */
async function obtainProof(c: AppContext) {
@@ -45,4 +61,4 @@ async function obtainProof(c: AppContext) {
return signNostrConnect(event, c);
}
export { auth98, requireAdmin };
export { auth98, requireRole };