From f33961232bd7d5a1fd572849db28672a0f7cf54b Mon Sep 17 00:00:00 2001
From: Martti Malmi <sirius@iki.fi>
Date: Sat, 30 Sep 2023 13:21:47 +0300
Subject: [PATCH] add challenges.cloudflare.com to content security policy

---
 packages/app/_headers                         |   2 +-
 .../src/Element/IrisAccount/AccountName.tsx   |  11 +-
 .../src/Element/IrisAccount/ActiveAccount.tsx |  18 +--
 .../src/Element/IrisAccount/IrisAccount.tsx   | 121 ++++++++----------
 .../Element/IrisAccount/ReservedAccount.tsx   |   4 +-
 packages/app/src/lang.json                    |   3 +
 packages/app/src/translations/en.json         |   1 +
 7 files changed, 75 insertions(+), 85 deletions(-)

diff --git a/packages/app/_headers b/packages/app/_headers
index 5921f9943..46544d632 100644
--- a/packages/app/_headers
+++ b/packages/app/_headers
@@ -1,2 +1,2 @@
 /*
-  Content-Security-Policy: default-src 'self'; manifest-src *; child-src 'none'; worker-src 'self'; frame-src youtube.com www.youtube.com https://platform.twitter.com https://embed.tidal.com https://w.soundcloud.com https://www.mixcloud.com https://open.spotify.com https://player.twitch.tv https://embed.music.apple.com https://nostrnests.com https://embed.wavlake.com; style-src 'self' 'unsafe-inline'; connect-src *; img-src * data: blob:; font-src 'self'; media-src * blob:; script-src 'self' 'wasm-unsafe-eval' https://analytics.v0l.io https://platform.twitter.com https://embed.tidal.com;
\ No newline at end of file
+  Content-Security-Policy: default-src 'self'; manifest-src *; child-src 'none'; worker-src 'self'; frame-src youtube.com www.youtube.com https://platform.twitter.com https://embed.tidal.com https://w.soundcloud.com https://www.mixcloud.com https://open.spotify.com https://player.twitch.tv https://embed.music.apple.com https://nostrnests.com https://embed.wavlake.com https://challenges.cloudflare.com; style-src 'self' 'unsafe-inline'; connect-src *; img-src * data: blob:; font-src 'self'; media-src * blob:; script-src 'self' 'wasm-unsafe-eval' https://analytics.v0l.io https://platform.twitter.com https://embed.tidal.com https://challenges.cloudflare.com;
\ No newline at end of file
diff --git a/packages/app/src/Element/IrisAccount/AccountName.tsx b/packages/app/src/Element/IrisAccount/AccountName.tsx
index 77d494ac8..82c98f252 100644
--- a/packages/app/src/Element/IrisAccount/AccountName.tsx
+++ b/packages/app/src/Element/IrisAccount/AccountName.tsx
@@ -1,6 +1,6 @@
-import {useNavigate} from "react-router-dom";
+import { useNavigate } from "react-router-dom";
 
-export default function AccountName({ name = '', link = true }) {
+export default function AccountName({ name = "", link = true }) {
   const navigate = useNavigate();
   return (
     <>
@@ -8,15 +8,14 @@ export default function AccountName({ name = '', link = true }) {
         Username: <b>{name}</b>
       </div>
       <div>
-        Short link:{' '}
+        Short link:{" "}
         {link ? (
           <a
             href={`https://iris.to/${name}`}
-            onClick={(e) => {
+            onClick={e => {
               e.preventDefault();
               navigate(`/${name}`);
-            }}
-          >
+            }}>
             iris.to/{name}
           </a>
         ) : (
diff --git a/packages/app/src/Element/IrisAccount/ActiveAccount.tsx b/packages/app/src/Element/IrisAccount/ActiveAccount.tsx
index f237f86b2..6bdaea720 100644
--- a/packages/app/src/Element/IrisAccount/ActiveAccount.tsx
+++ b/packages/app/src/Element/IrisAccount/ActiveAccount.tsx
@@ -1,12 +1,12 @@
-import AccountName from './AccountName';
+import AccountName from "./AccountName";
 import useLogin from "../../Hooks/useLogin";
-import {useUserProfile} from "@snort/system-react";
-import {System} from "../../index";
-import {UserCache} from "../../Cache";
+import { useUserProfile } from "@snort/system-react";
+import { System } from "../../index";
+import { UserCache } from "../../Cache";
 import useEventPublisher from "../../Hooks/useEventPublisher";
-import {mapEventToProfile} from "@snort/system";
+import { mapEventToProfile } from "@snort/system";
 
-export default function ActiveAccount({ name = '', setAsPrimary = () => {} }) {
+export default function ActiveAccount({ name = "", setAsPrimary = () => {} }) {
   const { publicKey, readonly } = useLogin(s => ({
     publicKey: s.publicKey,
     readonly: s.readonly,
@@ -20,7 +20,7 @@ export default function ActiveAccount({ name = '', setAsPrimary = () => {} }) {
     }
     // copy user object and delete internal fields
     const userCopy = {
-      ...profile,
+      ...(profile || {}),
       nip05,
     } as Record<string, string | number | undefined | boolean>;
     delete userCopy["loaded"];
@@ -44,7 +44,7 @@ export default function ActiveAccount({ name = '', setAsPrimary = () => {} }) {
   }
 
   const onClick = () => {
-    const newNip = name + '@iris.to';
+    const newNip = name + "@iris.to";
     const timeout = setTimeout(() => {
       saveProfile(newNip);
     }, 2000);
@@ -64,7 +64,7 @@ export default function ActiveAccount({ name = '', setAsPrimary = () => {} }) {
         <AccountName name={name} />
       </div>
       <p>
-        <button className="btn btn-sm btn-primary" onClick={onClick}>
+        <button type="button" onClick={onClick}>
           Set as primary Nostr address (nip05)
         </button>
       </p>
diff --git a/packages/app/src/Element/IrisAccount/IrisAccount.tsx b/packages/app/src/Element/IrisAccount/IrisAccount.tsx
index 1ea18a2f6..1e658b866 100644
--- a/packages/app/src/Element/IrisAccount/IrisAccount.tsx
+++ b/packages/app/src/Element/IrisAccount/IrisAccount.tsx
@@ -1,10 +1,11 @@
 /* eslint-disable @typescript-eslint/no-explicit-any  */
-import { Component, FormEvent} from 'react';
+import { Component, FormEvent } from "react";
 import { LoginStore } from "Login";
 
-import AccountName from './AccountName';
-import ActiveAccount from './ActiveAccount';
-import ReservedAccount from './ReservedAccount';
+import AccountName from "./AccountName";
+import ActiveAccount from "./ActiveAccount";
+import ReservedAccount from "./ReservedAccount";
+import { ProfileLoader } from "../../index";
 //import {ProfileLoader} from "../../index";
 
 declare global {
@@ -19,7 +20,7 @@ export default class IrisAccount extends Component {
     irisToActive: false,
     existing: null as any,
     profile: null as any,
-    newUserName: '',
+    newUserName: "",
     newUserNameValid: false,
     error: null as any,
     showChallenge: false,
@@ -30,14 +31,11 @@ export default class IrisAccount extends Component {
     let view: any;
 
     if (this.state.irisToActive) {
-      const username = this.state.profile.nip05.split('@')[0];
-      view = <AccountName name={username}/>;
+      const username = this.state.profile?.nip05.split("@")[0];
+      view = <AccountName name={username} />;
     } else if (this.state.existing && this.state.existing.confirmed) {
       view = (
-        <ActiveAccount
-          name={this.state.existing.name}
-          setAsPrimary={() => this.setState({irisToActive: true})}
-        />
+        <ActiveAccount name={this.state.existing.name} setAsPrimary={() => this.setState({ irisToActive: true })} />
       );
     } else if (this.state.existing) {
       view = (
@@ -56,36 +54,33 @@ export default class IrisAccount extends Component {
           <div
             className="cf-turnstile"
             data-sitekey={
-              ['iris.to', 'beta.iris.to', 'snort.social'].includes(window.location.hostname)
-                ? '0x4AAAAAAACsEd8XuwpPTFwz'
-                : '3x00000000000000000000FF'
+              ["iris.to", "beta.iris.to", "snort.social"].includes(window.location.hostname)
+                ? "0x4AAAAAAACsEd8XuwpPTFwz"
+                : "3x00000000000000000000FF"
             }
-            data-callback="cf_turnstile_callback"
-          ></div>
+            data-callback="cf_turnstile_callback"></div>
         </>
       );
     } else {
       view = (
         <div>
           <p>Register an Iris username (iris.to/username)</p>
-          <form onSubmit={(e) => this.showChallenge(e)}>
+          <form onSubmit={e => this.showChallenge(e)}>
             <div className="flex gap-2">
               <input
                 className="input"
                 type="text"
                 placeholder="Username"
                 value={this.state.newUserName}
-                onInput={(e) => this.onNewUserNameChange(e)}
+                onInput={e => this.onNewUserNameChange(e)}
               />
-              <button className="btn btn-primary" type="submit">
-                Register
-              </button>
+              <button type="submit">Register</button>
             </div>
             <div>
               {this.state.newUserNameValid ? (
                 <>
                   <span className="text-iris-green">Username is available</span>
-                  <AccountName name={this.state.newUserName} link={false}/>
+                  <AccountName name={this.state.newUserName} link={false} />
                 </>
               ) : (
                 <span className="text-iris-red">{this.state.invalidUsernameMessage}</span>
@@ -113,7 +108,7 @@ export default class IrisAccount extends Component {
       this.setState({
         newUserName,
         newUserNameValid: false,
-        invalidUsernameMessage: '',
+        invalidUsernameMessage: "",
       });
       return;
     }
@@ -121,7 +116,7 @@ export default class IrisAccount extends Component {
       this.setState({
         newUserName,
         newUserNameValid: false,
-        invalidUsernameMessage: 'Username must be between 8 and 15 characters',
+        invalidUsernameMessage: "Username must be between 8 and 15 characters",
       });
       return;
     }
@@ -129,13 +124,13 @@ export default class IrisAccount extends Component {
       this.setState({
         newUserName,
         newUserNameValid: false,
-        invalidUsernameMessage: 'Username must only contain lowercase letters and numbers',
+        invalidUsernameMessage: "Username must only contain lowercase letters and numbers",
       });
       return;
     }
     this.setState({
       newUserName,
-      invalidUsernameMessage: '',
+      invalidUsernameMessage: "",
     });
     this.checkAvailabilityFromAPI(newUserName);
   }
@@ -148,7 +143,7 @@ export default class IrisAccount extends Component {
     if (res.status < 500) {
       const json = await res.json();
       if (json.available) {
-        this.setState({newUserNameValid: true});
+        this.setState({ newUserNameValid: true });
       } else {
         this.setState({
           newUserNameValid: false,
@@ -158,10 +153,10 @@ export default class IrisAccount extends Component {
     } else {
       this.setState({
         newUserNameValid: false,
-        invalidUsernameMessage: 'Error checking username availability',
+        invalidUsernameMessage: "Error checking username availability",
       });
     }
-  }
+  };
 
   showChallenge(e: FormEvent<HTMLFormElement>) {
     e.preventDefault();
@@ -181,15 +176,15 @@ export default class IrisAccount extends Component {
   }
 
   async register(cfToken: any) {
-    console.log('register', cfToken);
+    console.log("register", cfToken);
     const login = LoginStore.snapshot();
-    const publisher = LoginStore.getPublisher(login.id)
+    const publisher = LoginStore.getPublisher(login.id);
     const event = await publisher?.note(`iris.to/${this.state.newUserName}`);
     // post signed event as request body to https://api.iris.to/user/confirm_user
-    const res = await fetch('https://api.iris.to/user/signup', {
-      method: 'POST',
+    const res = await fetch("https://api.iris.to/user/signup", {
+      method: "POST",
       headers: {
-        'Content-Type': 'application/json',
+        "Content-Type": "application/json",
       },
       body: JSON.stringify({ event, cfToken }),
     });
@@ -205,24 +200,24 @@ export default class IrisAccount extends Component {
     } else {
       res
         .json()
-        .then((json) => {
-          this.setState({ error: json.message || 'error' });
+        .then(json => {
+          this.setState({ error: json.message || "error" });
         })
         .catch(() => {
-          this.setState({ error: 'error' });
+          this.setState({ error: "error" });
         });
     }
   }
 
   async enableReserved() {
     const login = LoginStore.snapshot();
-    const publisher = LoginStore.getPublisher(login.id)
+    const publisher = LoginStore.getPublisher(login.id);
     const event = await publisher?.note(`iris.to/${this.state.newUserName}`);
     // post signed event as request body to https://api.iris.to/user/confirm_user
-    const res = await fetch('https://api.iris.to/user/confirm_user', {
-      method: 'POST',
+    const res = await fetch("https://api.iris.to/user/confirm_user", {
+      method: "POST",
       headers: {
-        'Content-Type': 'application/json',
+        "Content-Type": "application/json",
       },
       body: JSON.stringify(event),
     });
@@ -234,11 +229,11 @@ export default class IrisAccount extends Component {
     } else {
       res
         .json()
-        .then((json) => {
-          this.setState({ error: json.message || 'error' });
+        .then(json => {
+          this.setState({ error: json.message || "error" });
         })
         .catch(() => {
-          this.setState({ error: 'error' });
+          this.setState({ error: "error" });
         });
     }
   }
@@ -248,13 +243,13 @@ export default class IrisAccount extends Component {
       return;
     }
     const login = LoginStore.snapshot();
-    const publisher = LoginStore.getPublisher(login.id)
+    const publisher = LoginStore.getPublisher(login.id);
     const event = await publisher?.note(`decline iris.to/${this.state.newUserName}`);
     // post signed event as request body to https://api.iris.to/user/confirm_user
-    const res = await fetch('https://api.iris.to/user/decline_user', {
-      method: 'POST',
+    const res = await fetch("https://api.iris.to/user/decline_user", {
+      method: "POST",
       headers: {
-        'Content-Type': 'application/json',
+        "Content-Type": "application/json",
       },
       body: JSON.stringify(event),
     });
@@ -263,11 +258,11 @@ export default class IrisAccount extends Component {
     } else {
       res
         .json()
-        .then((json) => {
-          this.setState({ error: json.message || 'error' });
+        .then(json => {
+          this.setState({ error: json.message || "error" });
         })
         .catch(() => {
-          this.setState({ error: 'error' });
+          this.setState({ error: "error" });
         });
     }
   }
@@ -275,22 +270,14 @@ export default class IrisAccount extends Component {
   componentDidMount() {
     const session = LoginStore.snapshot();
     const myPub = session.publicKey;
-    /*
-    ProfileLoader.Cache.hook(h, myPub);
-    SocialNetwork.getProfile(
-      myPub,
-      (profile) => {
-        const irisToActive =
-          profile && profile.nip05 && profile.nip05valid && profile.nip05.endsWith('@iris.to');
-        this.setState({ profile, irisToActive });
-        if (profile && !irisToActive) {
-          this.checkExistingAccount(myPub);
-        }
-      },
-      true,
-    );
-
-     */
+    ProfileLoader.Cache.hook(() => {
+      const profile = ProfileLoader.Cache.getFromCache(myPub);
+      const irisToActive = profile && profile.nip05 && profile.nip05.endsWith("@iris.to");
+      this.setState({ profile, irisToActive });
+      if (profile && !irisToActive) {
+        this.checkExistingAccount(myPub);
+      }
+    }, myPub);
     this.checkExistingAccount(myPub);
   }
 
diff --git a/packages/app/src/Element/IrisAccount/ReservedAccount.tsx b/packages/app/src/Element/IrisAccount/ReservedAccount.tsx
index 68f23bd09..25b459cf2 100644
--- a/packages/app/src/Element/IrisAccount/ReservedAccount.tsx
+++ b/packages/app/src/Element/IrisAccount/ReservedAccount.tsx
@@ -1,6 +1,6 @@
-import AccountName from './AccountName';
+import AccountName from "./AccountName";
 
-export default function ReservedAccount({ name = '', enableReserved = () => {}, declineReserved = () => {} }) {
+export default function ReservedAccount({ name = "", enableReserved = () => {}, declineReserved = () => {} }) {
   return (
     <div>
       <p className="text-iris-green">
diff --git a/packages/app/src/lang.json b/packages/app/src/lang.json
index 7b59ae7b7..690be4c2d 100644
--- a/packages/app/src/lang.json
+++ b/packages/app/src/lang.json
@@ -662,6 +662,9 @@
   "OLEm6z": {
     "defaultMessage": "Unknown login error"
   },
+  "OQSOJF": {
+    "defaultMessage": "Get a free nostr address"
+  },
   "OQXnew": {
     "defaultMessage": "You subscription is still active, you can't renew yet"
   },
diff --git a/packages/app/src/translations/en.json b/packages/app/src/translations/en.json
index 6659d9e07..bf0658ddc 100644
--- a/packages/app/src/translations/en.json
+++ b/packages/app/src/translations/en.json
@@ -217,6 +217,7 @@
   "OEW7yJ": "Zaps",
   "OKhRC6": "Share",
   "OLEm6z": "Unknown login error",
+  "OQSOJF": "Get a free nostr address",
   "OQXnew": "You subscription is still active, you can't renew yet",
   "ORGv1Q": "Created",
   "P61BTu": "Copy Event JSON",