counterweight/secajs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nostr service and fix usage in invites

Browse source
This commit is contained in:
counterweight 2025-03-06 02:19:23 +01:00
parent 15217dc77a
commit f8a185e879
Signed by: counterweight
GPG key ID: 883EDBAA726BD96C
4 changed files with 124 additions and 110 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/commands/createAppInvite.js
View file

@ -1,4 +1,5 @@
const nostrService = require('../services/nostrService'); const NostrServiceProvider = require('../services/nostrService');
const nostrService = new NostrServiceProvider().provide();
const InvitesServiceProvider = require('../services/invitesService'); const InvitesServiceProvider = require('../services/invitesService');
const invitesService = new InvitesServiceProvider({ const invitesService = new InvitesServiceProvider({
nostrService, nostrService,

3
src/services/index.js
View file

@ -2,9 +2,10 @@ class ServicesProvider {
constructor() {} constructor() {}
provide() { provide() {
const nostrService = require('../services/nostrService');
const loginService = require('../services/loginService'); const loginService = require('../services/loginService');
const NostrServiceProvider = require('../services/nostrService');
const nostrService = new NostrServiceProvider().provide();
const InvitesServiceProvider = require('../services/invitesService'); const InvitesServiceProvider = require('../services/invitesService');
const invitesService = new InvitesServiceProvider({ const invitesService = new InvitesServiceProvider({
nostrService, nostrService,

17
src/services/invitesService.js
View file

@ -1,6 +1,5 @@
const uuid = require('uuid'); const uuid = require('uuid');
const nostrService = require('./nostrService');
const models = require('../models'); const models = require('../models');
const errors = require('../errors'); const errors = require('../errors');
@ -49,7 +48,7 @@ class InvitesServiceProvider {
}); });
} }
async function createSignUpChallenge(appInviteUuid) { const createSignUpChallenge = async (appInviteUuid) => {
if (!(await appInviteExists(appInviteUuid))) { if (!(await appInviteExists(appInviteUuid))) {
throw new errors.NotFoundError("Invite doesn't exist."); throw new errors.NotFoundError("Invite doesn't exist.");
} }
@ -58,7 +57,7 @@ class InvitesServiceProvider {
throw new errors.AlreadyUsedError('Invite has already been used.'); throw new errors.AlreadyUsedError('Invite has already been used.');
} }
const nostrChallenge = await nostrService.createNostrChallenge(); const nostrChallenge = await this.nostrService.createNostrChallenge();
return await models.SignUpChallengeCreated.create({ return await models.SignUpChallengeCreated.create({
uuid: uuid.v7(), uuid: uuid.v7(),
@ -66,15 +65,15 @@ class InvitesServiceProvider {
app_invite_uuid: appInviteUuid, app_invite_uuid: appInviteUuid,
created_at: new Date().toISOString(), created_at: new Date().toISOString(),
}); });
} };
async function verifySignUpChallenge(signedEvent) { const verifySignUpChallenge = async (signedEvent) => {
const challengeTag = signedEvent.tags.find( const challengeTag = signedEvent.tags.find(
(tag) => tag[0] === 'challenge' (tag) => tag[0] === 'challenge'
); );
const challenge = challengeTag[1]; const challenge = challengeTag[1];
const nostrChallenge = await nostrService.getNostrChallenge( const nostrChallenge = await this.nostrService.getNostrChallenge(
null, null,
challenge challenge
); );
@ -85,14 +84,14 @@ class InvitesServiceProvider {
}, },
}); });
if (await nostrService.hasNostrChallengeBeenCompleted(challenge)) { if (await this.nostrService.hasNostrChallengeBeenCompleted(challenge)) {
throw new errors.AlreadyUsedError( throw new errors.AlreadyUsedError(
'This challenge has already been used.' 'This challenge has already been used.'
); );
} }
const completedNostrChallenge = const completedNostrChallenge =
await nostrService.verifyNostrChallenge(signedEvent); await this.nostrService.verifyNostrChallenge(signedEvent);
const completedSignUpChallenge = const completedSignUpChallenge =
await models.SignUpChallengeCompleted.create({ await models.SignUpChallengeCompleted.create({
@ -104,7 +103,7 @@ class InvitesServiceProvider {
}); });
return completedSignUpChallenge; return completedSignUpChallenge;
} };
async function isPublicKeySignedUp(publicKey) { async function isPublicKeySignedUp(publicKey) {
const signUpChallengeCompleted = const signUpChallengeCompleted =

211
src/services/nostrService.js
View file

@ -8,105 +8,118 @@ const models = require('../models');
const constants = require('../constants'); const constants = require('../constants');
const errors = require('../errors'); const errors = require('../errors');
async function createNostrChallenge() { class NostrServiceProvider {
const currentTimestamp = new Date(); constructor() {}
const expiryTimestamp = new Date(currentTimestamp.getTime());
expiryTimestamp.setSeconds(
expiryTimestamp.getSeconds() +
constants.DEFAULT_NOSTR_CHALLENGE_DURATION_SECONDS
);
const nostrChallenge = await models.NostrChallengeCreated.create({ provide() {
uuid: uuid.v7(), async function createNostrChallenge() {
challenge: crypto.randomBytes(32).toString('hex'), const currentTimestamp = new Date();
expires_at: expiryTimestamp.toISOString(), const expiryTimestamp = new Date(currentTimestamp.getTime());
created_at: currentTimestamp.toISOString(), expiryTimestamp.setSeconds(
}); expiryTimestamp.getSeconds() +
constants.DEFAULT_NOSTR_CHALLENGE_DURATION_SECONDS
);
return nostrChallenge; const nostrChallenge = await models.NostrChallengeCreated.create({
uuid: uuid.v7(),
challenge: crypto.randomBytes(32).toString('hex'),
expires_at: expiryTimestamp.toISOString(),
created_at: currentTimestamp.toISOString(),
});
return nostrChallenge;
}
async function getNostrChallenge(
nostrChallengeUuid = null,
challenge = null
) {
if (nostrChallengeUuid) {
return await models.NostrChallengeCreated.findOne({
where: {
uuid: nostrChallengeUuid,
},
});
}
if (challenge) {
return await models.NostrChallengeCreated.findOne({
where: {
challenge,
},
});
}
throw Error('You need to pass a uuid or a challenge.');
}
async function verifyNostrChallenge(signedEvent) {
const challengeTag = signedEvent.tags.find(
(tag) => tag[0] === 'challenge'
);
const challenge = challengeTag[1];
if (!(await isNostrChallengeFresh(challenge))) {
throw TimeoutError('Challenge expired, request new one.');
}
if (await hasNostrChallengeBeenCompleted(challenge)) {
throw new errors.AlreadyUsedError(
'Challenge already used, request new one.'
);
}
const isSignatureValid = verifyEvent(signedEvent);
if (!isSignatureValid) {
throw new errors.InvalidSignatureError('Signature is not valid.');
}
return await models.NostrChallengeCompleted.create({
uuid: uuid.v7(),
challenge: challenge,
signed_event: signedEvent,
public_key: signedEvent.pubkey,
created_at: new Date().toISOString(),
});
}
async function isNostrChallengeFresh(challengeString) {
const nostrChallenge = await models.NostrChallengeCreated.findOne({
where: {
challenge: challengeString,
expires_at: {
[Op.gt]: new Date(),
},
},
});
if (nostrChallenge) {
return true;
}
return false;
}
async function hasNostrChallengeBeenCompleted(challengeString) {
const completedNostrChallenge =
await models.NostrChallengeCompleted.findOne({
where: {
challenge: challengeString,
},
});
if (completedNostrChallenge) {
return true;
}
return false;
}
return {
createNostrChallenge,
getNostrChallenge,
verifyNostrChallenge,
isNostrChallengeFresh,
hasNostrChallengeBeenCompleted,
};
}
} }
module.exports = NostrServiceProvider;
async function getNostrChallenge(nostrChallengeUuid = null, challenge = null) {
if (nostrChallengeUuid) {
return await models.NostrChallengeCreated.findOne({
where: {
uuid: nostrChallengeUuid,
},
});
}
if (challenge) {
return await models.NostrChallengeCreated.findOne({
where: {
challenge,
},
});
}
throw Error('You need to pass a uuid or a challenge.');
}
async function verifyNostrChallenge(signedEvent) {
const challengeTag = signedEvent.tags.find((tag) => tag[0] === 'challenge');
const challenge = challengeTag[1];
if (!(await isNostrChallengeFresh(challenge))) {
throw TimeoutError('Challenge expired, request new one.');
}
if (await hasNostrChallengeBeenCompleted(challenge)) {
throw new errors.AlreadyUsedError(
'Challenge already used, request new one.'
);
}
const isSignatureValid = verifyEvent(signedEvent);
if (!isSignatureValid) {
throw new errors.InvalidSignatureError('Signature is not valid.');
}
return await models.NostrChallengeCompleted.create({
uuid: uuid.v7(),
challenge: challenge,
signed_event: signedEvent,
public_key: signedEvent.pubkey,
created_at: new Date().toISOString(),
});
}
async function isNostrChallengeFresh(challengeString) {
const nostrChallenge = await models.NostrChallengeCreated.findOne({
where: {
challenge: challengeString,
expires_at: {
[Op.gt]: new Date(),
},
},
});
if (nostrChallenge) {
return true;
}
return false;
}
async function hasNostrChallengeBeenCompleted(challengeString) {
const completedNostrChallenge = await models.NostrChallengeCompleted.findOne({
where: {
challenge: challengeString,
},
});
if (completedNostrChallenge) {
return true;
}
return false;
}
module.exports = {
createNostrChallenge,
getNostrChallenge,
verifyNostrChallenge,
isNostrChallengeFresh,
hasNostrChallengeBeenCompleted,
};