From 1271e36f7e3bb21e7749d38b621df34efc8c1d27 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sun, 7 May 2023 15:43:38 -0500
Subject: [PATCH] Throw a user-friendly error when a private key isn't provided

---
 src/sign.ts | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/sign.ts b/src/sign.ts
index 2027148e..4b339e83 100644
--- a/src/sign.ts
+++ b/src/sign.ts
@@ -1,12 +1,20 @@
 import { type AppContext } from '@/app.ts';
-import { getEventHash, getPublicKey, getSignature } from '@/deps.ts';
+import { getEventHash, getPublicKey, getSignature, HTTPException } from '@/deps.ts';
 
 import type { Event, EventTemplate, SignedEvent } from '@/event.ts';
 
 /** Sign Nostr event using the app context. */
 // deno-lint-ignore require-await
 async function signEvent<K extends number = number>(event: EventTemplate<K>, c: AppContext): Promise<SignedEvent<K>> {
-  const seckey = c.get('seckey')!;
+  const seckey = c.get('seckey');
+
+  // Ditto only supports publishing events with a private key (for now).
+  // TODO: Let the client sign events through a websocket.
+  if (!seckey) {
+    throw new HTTPException(400, {
+      res: c.json({ id: 'ditto.private_key', error: 'No private key' }, 400),
+    });
+  }
 
   (event as Event<K>).pubkey = getPublicKey(seckey);
   (event as Event<K>).id = getEventHash(event as Event<K>);