Fix validation for key logins and some other small things

2024-09-18 19:23:40 +00:00 · 2023-03-15 10:22:23 -05:00 · 2023-03-15 10:22:23 -05:00 · 14eaec1dde
commit 14eaec1dde
parent ffa32fc0c4
7 changed files with 33 additions and 15 deletions
--- a/ROADMAP.md
+++ b/ROADMAP.md
@ -2,7 +2,7 @@

 - [ ] Show loading/success on zap invoice screen
 - [ ] Fix iOS/safari/firefox
- [ ] Update https://nostr.com/clients/coracle
+- [ ] Add quotes to notifications

 # Coracle website

--- a/src/agent/keys.ts
+++ b/src/agent/keys.ts
@ -1,4 +1,4 @@
-import {nip04, getPublicKey, getEventHash, signEvent} from "nostr-tools"
+import {nip19, nip04, getPublicKey, getEventHash, signEvent} from "nostr-tools"
 import {get} from "svelte/store"
 import {error} from "src/util/logger"
 import {synced} from "src/util/misc"
@ -9,6 +9,10 @@ const privkey = synced("agent/keys/privkey")
 const getExtension = () => (window as {nostr?: any}).nostr
 const canSign = () => ["privkey", "extension"].includes(get(method))

+// Validate the key before setting it to state by encoding it using bech32.
+// This will error if invalid (this works whether it's a public or a private key)
+const validate = key => nip19.npubEncode(key)
+
 const login = ($method, key) => {
  method.set($method)

@ -89,6 +93,7 @@ export default {
  pubkey,
  privkey,
  canSign,
+  validate,
  login,
  clear,
  sign,
--- a/src/agent/pool.ts
+++ b/src/agent/pool.ts
@ -4,7 +4,7 @@ import {relayInit} from "nostr-tools"
 import {pluck, is} from "ramda"
 import {ensurePlural} from "hurdak/lib/hurdak"
 import {warn, log, error} from "src/util/logger"
-import {union, difference} from "src/util/misc"
+import {union, now, difference} from "src/util/misc"
 import {isRelay, normalizeRelayUrl} from "src/util/nostr"

 // Connection management
@ -41,14 +41,12 @@ class Connection {
    connections[url] = this
  }
  hasRecentError() {
-    return (
-      this.status === CONNECTION_STATUS.ERROR && Date.now() - this.lastConnectionAttempt < 10_000
-    )
+    return this.status === CONNECTION_STATUS.ERROR && now() - this.lastConnectionAttempt < 10
  }
  async connect() {
    const shouldConnect =
      this.status === CONNECTION_STATUS.NEW ||
-      (this.status === CONNECTION_STATUS.ERROR && Date.now() - this.lastConnectionAttempt > 10_000)
+      (this.status === CONNECTION_STATUS.ERROR && now() - this.lastConnectionAttempt > 10)

    if (shouldConnect) {
      this.status = CONNECTION_STATUS.PENDING
@ -67,7 +65,7 @@ class Connection {
      })
    }

-    this.lastConnectionAttempt = Date.now()
+    this.lastConnectionAttempt = now()

    try {
      await this.promise
--- a/src/agent/sync.ts
+++ b/src/agent/sync.ts
@ -26,7 +26,7 @@ const addHandler = (kind, f) => {

 const processEvents = async events => {
  const userPubkey = user.getPubkey()
-  const chunks = chunk(100, ensurePlural(events))
+  const chunks = chunk(100, ensurePlural(events).filter(identity))

  for (let i = 0; i < chunks.length; i++) {
    for (const event of chunks[i]) {
--- a/src/views/login/PrivKeyLogin.svelte
+++ b/src/views/login/PrivKeyLogin.svelte
@ -4,6 +4,7 @@
  import Anchor from "src/partials/Anchor.svelte"
  import Content from "src/partials/Content.svelte"
  import Heading from "src/partials/Heading.svelte"
+  import keys from "src/agent/keys"
  import {toast} from "src/app/ui"
  import {login} from "src/app"

@ -13,11 +14,15 @@
  const logIn = () => {
    const privkey = nsec.startsWith("nsec") ? toHex(nsec) : nsec

-    if (!privkey?.match(/[a-z0-9]{64}/)) {
+    try {
+      keys.validate(privkey)
+    } catch (e) {
      toast.show("error", "Sorry, but that's an invalid private key.")
-    } else {
-      login("privkey", privkey)
+
+      return
    }
+
+    login("privkey", privkey)
  }
 </script>

--- a/src/views/login/PubKeyLogin.svelte
+++ b/src/views/login/PubKeyLogin.svelte
@ -4,6 +4,7 @@
  import Anchor from "src/partials/Anchor.svelte"
  import Content from "src/partials/Content.svelte"
  import Heading from "src/partials/Heading.svelte"
+  import keys from "src/agent/keys"
  import {toast} from "src/app/ui"
  import {login} from "src/app"

@ -12,11 +13,15 @@
  const logIn = () => {
    const pubkey = npub.startsWith("npub") ? toHex(npub) : npub

-    if (!pubkey?.match(/[a-z0-9]{64}/)) {
+    try {
+      keys.validate(pubkey)
+    } catch (e) {
      toast.show("error", "Sorry, but that's an invalid public key.")
-    } else {
-      login("pubkey", pubkey)
+
+      return
    }
+
+    login("pubkey", pubkey)
  }
 </script>

--- a/src/views/notes/Note.svelte
+++ b/src/views/notes/Note.svelte
@ -254,6 +254,11 @@
    const event = encodeURI(JSON.stringify(await keys.sign(publishable.event)))
    const res = await fetchJson(`${zapper.callback}?amount=${amount}&nostr=${event}&lnurl=${lnurl}`)

+    // If they closed the dialog before fetch resolved, we're done
+    if (!zap) {
+      return
+    }
+
    zap.invoice = res.pr
    zap.loading = false