mirror of
https://github.com/scsibug/nostr-rs-relay.git
synced 2024-12-22 16:35:51 -05:00
nip42 authorized whitelisted client can always post
This commit is contained in:
parent
6329acd82b
commit
53429075d6
|
@ -173,6 +173,8 @@ limit_scrapers = false
|
|||
#]
|
||||
# Enable NIP-42 authentication
|
||||
#nip42_auth = false
|
||||
# Allow whitelisted NIP-42 authenticated client to post from any pubkey
|
||||
#nip42_whitelist = false
|
||||
# Send DMs (kind 4 and 44) and gift wraps (kind 1059) only to their authenticated recipients
|
||||
#nip42_dms = false
|
||||
|
||||
|
|
|
@ -83,6 +83,7 @@ pub struct Limits {
|
|||
pub struct Authorization {
|
||||
pub pubkey_whitelist: Option<Vec<String>>, // If present, only allow these pubkeys to publish events
|
||||
pub nip42_auth: bool, // if true enables NIP-42 authentication
|
||||
pub nip42_whitelist: bool, // if true allows whitelisted NIP-42 authenticated clients to publish events from any pubkey
|
||||
pub nip42_dms: bool, // if true send DMs only to their authenticated recipients
|
||||
}
|
||||
|
||||
|
@ -325,6 +326,7 @@ impl Default for Settings {
|
|||
authorization: Authorization {
|
||||
pubkey_whitelist: None, // Allow any address to publish
|
||||
nip42_auth: false, // Disable NIP-42 authentication
|
||||
nip42_whitelist: false, // Disable NIP-42 whitelist
|
||||
nip42_dms: false, // Send DMs to everybody
|
||||
},
|
||||
pay_to_relay: PayToRelay {
|
||||
|
|
12
src/db.rs
12
src/db.rs
|
@ -204,9 +204,19 @@ pub async fn db_writer(
|
|||
if !pay_to_relay_enabled {
|
||||
// check if this event is authorized.
|
||||
if let Some(allowed_addrs) = whitelist {
|
||||
let mut whitelisted = false;
|
||||
if settings.authorization.nip42_auth && settings.authorization.nip42_whitelist {
|
||||
if let Some(auth_pubkey) = subm_event.auth_pubkey.clone() {
|
||||
if allowed_addrs.contains(&hex::encode(auth_pubkey)) {
|
||||
// A nip42 authenticated whitelisted client can post whatever they want
|
||||
debug!("nip42 authenticated client may publish");
|
||||
whitelisted = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
// TODO: incorporate delegated pubkeys
|
||||
// if the event address is not in allowed_addrs.
|
||||
if !allowed_addrs.contains(&event.pubkey) {
|
||||
if !whitelisted && !allowed_addrs.contains(&event.pubkey) {
|
||||
debug!(
|
||||
"rejecting event: {}, unauthorized author",
|
||||
event.get_event_id_prefix()
|
||||
|
|
Loading…
Reference in New Issue
Block a user