diff --git a/src/models/InvitedNpub.js b/src/models/PublicKeyInvited.js similarity index 74% rename from src/models/InvitedNpub.js rename to src/models/PublicKeyInvited.js index b706a8d..a4e681f 100644 --- a/src/models/InvitedNpub.js +++ b/src/models/PublicKeyInvited.js @@ -1,7 +1,7 @@ const { DataTypes } = require('sequelize'); const sequelize = require('../database'); -const InvitedNpub = sequelize.define('InvitedNpub', { +const PublicKeyInvited = sequelize.define('PublicKeyInvited', { uuid: { type: DataTypes.UUID, allowNull: false, @@ -13,7 +13,7 @@ const InvitedNpub = sequelize.define('InvitedNpub', { allowNull: false, unique: true, }, - invited_npub: { + public_key_invited: { type: DataTypes.STRING, allowNull: false, }, @@ -22,7 +22,7 @@ const InvitedNpub = sequelize.define('InvitedNpub', { allowNull: false } }, { - tableName: 'invited_npub' + tableName: 'public_key_invited' }); -module.exports = InvitedNpub; \ No newline at end of file +module.exports = PublicKeyInvited; \ No newline at end of file diff --git a/src/routes/apiRoutes.js b/src/routes/apiRoutes.js index 04f5519..b0d6415 100644 --- a/src/routes/apiRoutes.js +++ b/src/routes/apiRoutes.js @@ -3,7 +3,7 @@ const { getPublicKey, verifyEvent } = require("nostr-tools"); const crypto = require("crypto"); const appInviteService = require('../services/appInviteService'); -const invitedNpubService = require('../services/invitedNpubService'); +const PublicKeyInvitedService = require('../services/PublicKeyInvitedService'); const sessionService = require('../services/sessionService'); const nostrService = require('../services/nostrService'); @@ -49,7 +49,7 @@ router.post('/invited-npub', async (req, res) => { return res.status(410).json({ error: 'Invite has already been used.' }); } - await invitedNpubService.createInvitedNpub( + await PublicKeyInvitedService.createPublicKeyInvite( inviteUuid, npub ); @@ -92,6 +92,15 @@ router.post("/nostr-verify", async (req, res) => { return res.status(400).json({ success: false, error: "Invalid signature" }); } + if (!PublicKeyInvitedService.isPublicKeyInvited(signedEvent.pubkey)) { + return res.status(400).json( + { + success: false, + error: "Valid signature, but npub is not invited to app." + } + ) + } + await nostrService.completeNostrChallenge( challenge, signedEvent diff --git a/src/services/PublicKeyInvitedService.js b/src/services/PublicKeyInvitedService.js new file mode 100644 index 0000000..2d97857 --- /dev/null +++ b/src/services/PublicKeyInvitedService.js @@ -0,0 +1,33 @@ +const uuid = require("uuid"); + +const PublicKeyInvited = require('../models/PublicKeyInvited'); + +const appInviteService = require('./appInviteService'); + +async function createPublicKeyInvite(inviteUuid, publicKey) { + + if (await appInviteService.isAppInviteSpent(inviteUuid)) { + throw new Error("Can't invite npub, invite is already spent."); + } + + await PublicKeyInvited.create({ + uuid: uuid.v7(), + app_invite_uuid: inviteUuid, + public_key_invited: publicKey, + created_at: new Date().toISOString() + }); +} + +async function isPublicKeyInvited(publicKey) { + + if (await PublicKeyInvited.findOne({ + where: { public_key_invited: publicKey } + })) { + return true; + } + + return false; +} + +exports.createPublicKeyInvite = createPublicKeyInvite; +exports.isPublicKeyInvited = isPublicKeyInvited; \ No newline at end of file diff --git a/src/services/appInviteService.js b/src/services/appInviteService.js index 9f3b036..a9199c9 100644 --- a/src/services/appInviteService.js +++ b/src/services/appInviteService.js @@ -1,7 +1,7 @@ const uuid = require('uuid'); const AppInviteCreated = require('../models/AppInviteCreated'); -const InvitedNpub = require('../models/InvitedNpub'); +const PublicKeyInvited = require('../models/PublicKeyInvited'); async function appInviteExists(inviteUuid) { const invite = await AppInviteCreated.findOne({ where: { uuid: inviteUuid } }); @@ -17,7 +17,7 @@ async function getAppInvite(inviteUuid) { } async function isAppInviteSpent(inviteUuid) { - const invitedNpub = await InvitedNpub.findOne({ + const invitedNpub = await PublicKeyInvited.findOne({ where: { app_invite_uuid: inviteUuid } diff --git a/src/services/invitedNpubService.js b/src/services/invitedNpubService.js deleted file mode 100644 index 6f74273..0000000 --- a/src/services/invitedNpubService.js +++ /dev/null @@ -1,33 +0,0 @@ -const uuid = require("uuid"); - -const InvitedNpub = require('../models/InvitedNpub'); - -const appInviteService = require('./appInviteService'); - -async function createInvitedNpub(inviteUuid, npub) { - - if (await appInviteService.isAppInviteSpent(inviteUuid)) { - throw new Error("Can't invite npub, invite is already spent."); - } - - await InvitedNpub.create({ - uuid: uuid.v7(), - app_invite_uuid: inviteUuid, - invited_npub: npub, - created_at: new Date().toISOString() - }); -} - -async function isNpubInvited(npub) { - - if (await InvitedNpub.findOne({ - where: { invited_npub: npub } - })) { - return true; - } - - return false; -} - -exports.createInvitedNpub = createInvitedNpub; -exports.isNpubInvited = isNpubInvited; \ No newline at end of file diff --git a/src/services/sessionService.js b/src/services/sessionService.js index 48ee116..867974f 100644 --- a/src/services/sessionService.js +++ b/src/services/sessionService.js @@ -3,7 +3,7 @@ const uuid = require("uuid"); const SessionCreated = require('../models/SessionCreated'); const SessionNpubbed = require('../models/SessionNpubbed'); -const invitedNpubService = require('./invitedNpubService'); +const invitedNpubService = require('./PublicKeyInvitedService'); const constants = require('../constants');