Implemented feature:

- NIP-42 Can be enabled in nix module or as environment variable 'CONFIG_ENABLE_AUTH' - NIP-05 Still WIP, but building up slowly
2024-02-08 19:19:03 -06:00 · 2024-02-08 19:19:03 -06:00 · f7b74bd22c
commit f7b74bd22c
parent 377da44eed
18 changed files with 1001 additions and 294 deletions
--- a/src/relay/ws.rs
+++ b/src/relay/ws.rs
@ -94,6 +94,17 @@ pub async fn client_connection(
                            }
                        }
                    },
+                    crate::bussy::Command::ServiceRegistrationRequired(client_id, relay_message) => {
+                        if client.client_id == client_id {
+                            if let Some(sender) = &client.client_connection {
+                                if !sender.is_closed() {
+                                    log::info!("[Relay] client needs to be authenticated to make request: {}", relay_message.as_json());
+                                    sender.send(Ok(Message::text(relay_message.as_json()))).unwrap();
+                                }
+
+                            }
+                        }
+                    },
                    _ => ()
                }

@ -101,13 +112,6 @@ pub async fn client_connection(
            Some(message) = client_receiver.next() => {
            match message {
                Ok(message) => {
-                    // ws_sender
-                    //     .send(message)
-                    //     .unwrap_or_else(|e| {
-                    //         log::error!("websocket send error: {}", e);
-                    //     })
-                    //     .await;
-
                    match ws_sender.send(message).await {
                        Ok(_) => (),
                        Err(e) => {
@ -194,7 +198,7 @@ async fn socket_on_message(context: &Context, client: &mut Client, msg: Message)
        }
    };

-    log::info!(
+    log::debug!(
        "[client {} - {}] message: {}",
        client.ip(),
        client.client_id,
@ -213,21 +217,63 @@ fn send(client: &Client, message: Message) {

 async fn handle_msg(context: &Context, client: &mut Client, client_message: ClientMessage) {
    match client_message {
-        ClientMessage::Event(event) => handle_event(context, client, event).await,
+        ClientMessage::Event(event) => {
+            if context.config.auth_required()
+                && event.kind() != nostr::Kind::Metadata
+                && !client.authenticated
+            {
+                request_auth(context, client).await;
+                return;
+            }
+            handle_event(context, client, event).await
+        }
        ClientMessage::Req {
            subscription_id,
            filters,
-        } => handle_req(context, client, subscription_id, filters).await,
+        } => {
+            if context.config.auth_required() && !client.authenticated {
+                request_auth(context, client).await;
+                return;
+            }
+            handle_req(context, client, subscription_id, filters).await
+        }
        ClientMessage::Count {
            subscription_id,
            filters,
-        } => handle_count(context, client, subscription_id, filters).await,
+        } => {
+            if context.config.auth_required() && !client.authenticated {
+                request_auth(context, client).await;
+                return;
+            }
+            handle_count(context, client, subscription_id, filters).await
+        }
        ClientMessage::Close(subscription_id) => handle_close(client, subscription_id).await,
-        ClientMessage::Auth(event) => handle_auth(client, event).await,
-        _ => (),
+        ClientMessage::Auth(event) => handle_auth(context, client, event).await,
+        // Unhandled messages
+        _ => unhandled_message(context, client).await,
    }
 }

+async fn request_auth(context: &Context, client: &mut Client) {
+    let challenge = uuid::Uuid::new_v4().to_string();
+    client.set_challenge(challenge.clone());
+
+    let auth_message = nostr::RelayMessage::auth(challenge);
+    context
+        .pubsub
+        .publish(
+            channels::MSG_RELAY,
+            crate::bussy::Message {
+                source: channels::MSG_RELAY,
+                content: crate::bussy::Command::ServiceRegistrationRequired(
+                    client.client_id,
+                    auth_message,
+                ),
+            },
+        )
+        .await;
+}
+
 async fn handle_event(context: &Context, client: &Client, event: Box<Event>) {
    log::debug!("handle_event is processing new event");

@ -328,14 +374,35 @@ async fn handle_count(
 }

 async fn handle_close(client: &mut Client, subscription_id: SubscriptionId) {
-    // context.pubsub.send(new nostr event) then handle possible errors
    client.unsubscribe(subscription_id);
-
-    // let message = Message::text("CLOSE not implemented");
-    // send(client, message);
 }

-async fn handle_auth(client: &Client, event: Box<Event>) {
-    let message = Message::text("AUTH not implemented");
-    send(client, message);
+async fn handle_auth(context: &Context, client: &mut Client, event: Box<Event>) {
+    client.authenticate(&event);
+    let client_status = format!("Client authenticated: {}", client.authenticated);
+    let message = nostr::RelayMessage::notice(client_status);
+    context
+        .pubsub
+        .publish(
+            channels::MSG_RELAY,
+            crate::bussy::Message {
+                source: channels::MSG_RELAY,
+                content: crate::bussy::Command::DbResOkWithStatus(client.client_id, message),
+            },
+        )
+        .await;
+}
+
+async fn unhandled_message(context: &Context, client: &Client) {
+    let message = nostr::RelayMessage::notice("Unsupported Message");
+    context
+        .pubsub
+        .publish(
+            channels::MSG_RELAY,
+            crate::bussy::Message {
+                source: channels::MSG_RELAY,
+                content: crate::bussy::Command::DbResOkWithStatus(client.client_id, message),
+            },
+        )
+        .await
 }