mirror of
https://github.com/nostr-protocol/nips.git
synced 2024-12-23 00:45:53 -05:00
Add authorize by payment
This commit is contained in:
parent
f3244a0903
commit
eebf1f0446
17
42.md
17
42.md
|
@ -23,7 +23,16 @@ A relay may want to require clients to authenticate to access restricted resourc
|
||||||
This NIP defines a new message, `AUTH`, which relays CAN send when they support authentication and clients can send to relays when they want to authenticate. When sent by relays the message has the following form:
|
This NIP defines a new message, `AUTH`, which relays CAN send when they support authentication and clients can send to relays when they want to authenticate. When sent by relays the message has the following form:
|
||||||
|
|
||||||
```
|
```
|
||||||
["AUTH", <challenge-string>]
|
["AUTH", <challenge-string>, <payment-request>]
|
||||||
|
```
|
||||||
|
- `<payment-request>` (optional) is a Cashu [NUT-18](https://github.com/cashubtc/nuts/blob/main/18.md) payment request. Its transports field must include at least the following transport method:
|
||||||
|
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
"type" : "nostr",
|
||||||
|
"target" : "",
|
||||||
|
"tags" : [ [ "n", "42" ] ]
|
||||||
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
And, when sent by clients, the following form:
|
And, when sent by clients, the following form:
|
||||||
|
@ -32,7 +41,7 @@ And, when sent by clients, the following form:
|
||||||
["AUTH", <signed-event-json>]
|
["AUTH", <signed-event-json>]
|
||||||
```
|
```
|
||||||
|
|
||||||
`AUTH` messages sent by clients MUST be answered with an `OK` message, like any `EVENT` message.
|
- `AUTH` messages sent by clients MUST be answered with an `OK` message, like any `EVENT` message.
|
||||||
|
|
||||||
### Canonical authentication event
|
### Canonical authentication event
|
||||||
|
|
||||||
|
@ -45,10 +54,13 @@ The signed event is an ephemeral event not meant to be published or queried, it
|
||||||
["relay", "wss://relay.example.com/"],
|
["relay", "wss://relay.example.com/"],
|
||||||
["challenge", "challengestringhere"]
|
["challenge", "challengestringhere"]
|
||||||
],
|
],
|
||||||
|
"content": "<payment>"
|
||||||
// other fields...
|
// other fields...
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
`<payment>` (optional) is only to be filled as a response to a [NUT-18](https://github.com/cashubtc/nuts/blob/main/18.md) `<payment-request>`. It must be a valid [NUT-00](https://github.com/cashubtc/nuts/blob/main/00.md#03---methods) cashu token.
|
||||||
|
|
||||||
### `OK` and `CLOSED` machine-readable prefixes
|
### `OK` and `CLOSED` machine-readable prefixes
|
||||||
|
|
||||||
This NIP defines two new prefixes that can be used in `OK` (in response to event writes by clients) and `CLOSED` (in response to rejected subscriptions by clients):
|
This NIP defines two new prefixes that can be used in `OK` (in response to event writes by clients) and `CLOSED` (in response to rejected subscriptions by clients):
|
||||||
|
@ -103,3 +115,4 @@ To verify `AUTH` messages, relays must ensure:
|
||||||
- that the `"challenge"` tag matches the challenge sent before;
|
- that the `"challenge"` tag matches the challenge sent before;
|
||||||
- that the `"relay"` tag matches the relay URL:
|
- that the `"relay"` tag matches the relay URL:
|
||||||
- URL normalization techniques can be applied. For most cases just checking if the domain name is correct should be enough.
|
- URL normalization techniques can be applied. For most cases just checking if the domain name is correct should be enough.
|
||||||
|
- that the `content` field (if present) contains a valid, unspent cashu token.
|
Loading…
Reference in New Issue
Block a user