11import { Injectable , UnauthorizedException } from '@nestjs/common' ;
22import { PassportStrategy } from '@nestjs/passport' ;
3- import { Event , verifyEvent } from 'nostr-tools' ;
4- import { Request } from 'express' ;
3+ import type { Request } from 'express' ;
4+ import type { Event } from 'nostr-tools' ;
5+ import { verifyEvent } from 'nostr-tools' ;
56import { Strategy } from 'passport-strategy' ;
67
78@Injectable ( )
89export class Nip98Strategy extends PassportStrategy ( Strategy , 'nip98' ) {
910 public Scheme = 'Nostr' ;
1011
11- constructor ( ) {
12- super ( ) ;
13- }
1412
1513 authenticate ( req : unknown ) {
16- const request = req as Request
17- const authHeader = request . headers [ ' authorization' ] ;
14+ const request = req as Request ;
15+ const authHeader = request . headers . authorization ;
1816
1917 if ( ! authHeader ) {
20- return this . fail ( new UnauthorizedException ( 'Missing Authorization header' ) , 401 ) ;
18+ this . fail ( new UnauthorizedException ( 'Missing Authorization header' ) , 401 ) ;
19+
20+ return ;
2121 }
2222
2323 if ( authHeader . slice ( 0 , 5 ) !== this . Scheme ) {
24- return this . fail ( new UnauthorizedException ( 'Invalid auth scheme' ) , 401 ) ;
24+ this . fail ( new UnauthorizedException ( 'Invalid auth scheme' ) , 401 ) ;
25+
26+ return ;
2527 }
2628
2729 const token = authHeader . slice ( 6 ) ;
2830
2931 const bToken = Buffer . from ( token , 'base64' ) . toString ( 'utf-8' ) ;
3032
31- if ( ! bToken || bToken . length === 0 || bToken [ 0 ] != '{' ) {
32- return this . fail ( new UnauthorizedException ( 'Invalid token' ) , 401 ) ;
33+ if ( ! bToken || bToken . length === 0 || ! bToken . startsWith ( '{' ) ) {
34+ this . fail ( new UnauthorizedException ( 'Invalid token' ) , 401 ) ;
35+
36+ return ;
3337 }
3438
3539 const ev = JSON . parse ( bToken ) as Event ;
3640
3741 const isValidEvent = verifyEvent ( ev ) ;
42+
3843 if ( ! isValidEvent ) {
39- return this . fail ( new UnauthorizedException ( 'Invalid event' ) , 401 ) ;
44+ this . fail ( new UnauthorizedException ( 'Invalid event' ) , 401 ) ;
45+
46+ return ;
4047 }
4148
4249 if ( ev . kind != 27_235 ) {
43- return this . fail ( new UnauthorizedException ( 'Invalid nostr event, wrong kind' ) , 401 ) ;
50+ this . fail ( new UnauthorizedException ( 'Invalid nostr event, wrong kind' ) , 401 ) ;
51+
52+ return ;
4453 }
4554
4655 const now = Date . now ( ) ;
@@ -54,8 +63,11 @@ export class Nip98Strategy extends PassportStrategy(Strategy, 'nip98') {
5463 const methodTag = ev . tags [ 1 ] ?. [ 1 ] ;
5564 const a = new URL ( urlTag ! ) . pathname ;
5665 console . log ( new URL ( urlTag ! ) . pathname == request . path ) ;
66+
5767 if ( ! urlTag || new URL ( urlTag ) . pathname !== request . path ) {
58- return this . fail ( new UnauthorizedException ( 'Invalid nostr event, URL tag invalid' ) , 401 ) ;
68+ this . fail ( new UnauthorizedException ( 'Invalid nostr event, URL tag invalid' ) , 401 ) ;
69+
70+ return ;
5971 }
6072
6173 if ( ! methodTag || methodTag . toLowerCase ( ) !== request . method . toLowerCase ( ) ) {
0 commit comments