mirror/ditto
mirror/ditto
1
0
Fork 0
mirror of https://gitlab.com/soapbox-pub/ditto.git synced 2025-12-06 11:29:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'main' into mint-cashu

Browse source 
Conflicts:
	packages/ditto/controllers/api/cashu.ts
This commit is contained in:
P. Reis 2025-02-15 21:59:12 -03:00
commit 8cba937962
47 changed files with 896 additions and 584 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
deno.json
View file

@ -1,5 +1,7 @@
{
"workspace": [
"./packages/api",
"./packages/conf",
"./packages/ditto"
],
"tasks": {

7
packages/api/deno.json Normal file
View file

@ -0,0 +1,7 @@
{
"name": "@ditto/api",
"version": "1.1.0",
"exports": {
"./middleware": "./middleware/mod.ts"
}
}

19
packages/api/middleware/confMw.test.ts Normal file
View file

@ -0,0 +1,19 @@
import { Hono } from '@hono/hono';
import { assertEquals } from '@std/assert';
import { confMw } from './confMw.ts';
Deno.test('confMw', async () => {
const env = new Map([
['DITTO_NSEC', 'nsec19shyxpuzd0cq2p5078fwnws7tyykypud6z205fzhlmlrs2vpz6hs83zwkw'],
]);
const app = new Hono();
app.get('/', confMw(env), (c) => c.text(c.var.conf.pubkey));
const response = await app.request('/');
const body = await response.text();
assertEquals(body, '1ba0c5ed1bbbf3b7eb0d7843ba16836a0201ea68a76bafcba507358c45911ff6');
});

15
packages/api/middleware/confMw.ts Normal file
View file

@ -0,0 +1,15 @@
import { DittoConf } from '@ditto/conf';
import type { MiddlewareHandler } from '@hono/hono';
/** Set Ditto config. */
export function confMw(
env: { get(key: string): string | undefined },
): MiddlewareHandler<{ Variables: { conf: DittoConf } }> {
const conf = new DittoConf(env);
return async (c, next) => {
c.set('conf', conf);
await next();
};
}

22
packages/api/middleware/confRequiredMw.test.ts Normal file
View file

@ -0,0 +1,22 @@
import { Hono } from '@hono/hono';
import { assertEquals } from '@std/assert';
import { confMw } from './confMw.ts';
import { confRequiredMw } from './confRequiredMw.ts';
Deno.test('confRequiredMw', async (t) => {
const app = new Hono();
app.get('/without', confRequiredMw, (c) => c.text('ok'));
app.get('/with', confMw(new Map()), confRequiredMw, (c) => c.text('ok'));
await t.step('without conf returns 500', async () => {
const response = await app.request('/without');
assertEquals(response.status, 500);
});
await t.step('with conf returns 200', async () => {
const response = await app.request('/with');
assertEquals(response.status, 200);
});
});

15
packages/api/middleware/confRequiredMw.ts Normal file
View file

@ -0,0 +1,15 @@
import { HTTPException } from '@hono/hono/http-exception';
import type { DittoConf } from '@ditto/conf';
import type { MiddlewareHandler } from '@hono/hono';
/** Throws an error if conf isn't set. */
export const confRequiredMw: MiddlewareHandler<{ Variables: { conf: DittoConf } }> = async (c, next) => {
const { conf } = c.var;
if (!conf) {
throw new HTTPException(500, { message: 'Ditto config not set in request.' });
}
await next();
};

2
packages/api/middleware/mod.ts Normal file
View file

@ -0,0 +1,2 @@
export { confMw } from './confMw.ts';
export { confRequiredMw } from './confRequiredMw.ts';

32
packages/conf/DittoConf.test.ts Normal file
View file

@ -0,0 +1,32 @@
import { assertEquals, assertThrows } from '@std/assert';
import { DittoConf } from './DittoConf.ts';
Deno.test('DittoConfig', async (t) => {
const env = new Map<string, string>([
['DITTO_NSEC', 'nsec19shyxpuzd0cq2p5078fwnws7tyykypud6z205fzhlmlrs2vpz6hs83zwkw'],
]);
const config = new DittoConf(env);
await t.step('nsec', () => {
assertEquals(config.nsec, 'nsec19shyxpuzd0cq2p5078fwnws7tyykypud6z205fzhlmlrs2vpz6hs83zwkw');
});
await t.step('pubkey', () => {
assertEquals(config.pubkey, '1ba0c5ed1bbbf3b7eb0d7843ba16836a0201ea68a76bafcba507358c45911ff6');
});
});
Deno.test('DittoConfig defaults', async (t) => {
const env = new Map<string, string>();
const config = new DittoConf(env);
await t.step('nsec throws', () => {
assertThrows(() => config.nsec);
});
await t.step('port', () => {
assertEquals(config.port, 4036);
});
});

464
packages/conf/DittoConf.ts Normal file
View file

@ -0,0 +1,464 @@
import os from 'node:os';
import ISO6391, { type LanguageCode } from 'iso-639-1';
import { getPublicKey, nip19 } from 'nostr-tools';
import { decodeBase64 } from '@std/encoding/base64';
import { encodeBase64Url } from '@std/encoding/base64url';
import { getEcdsaPublicKey } from './utils/crypto.ts';
import { optionalBooleanSchema, optionalNumberSchema } from './utils/schema.ts';
import { mergeURLPath } from './utils/url.ts';
/** Ditto application-wide configuration. */
export class DittoConf {
constructor(private env: { get(key: string): string | undefined }) {}
/** Cached parsed admin pubkey value. */
private _pubkey: string | undefined;
/** Cached parsed VAPID public key value. */
private _vapidPublicKey: Promise<string | undefined> | undefined;
/** Ditto admin secret key in nip19 format. This is the way it's configured by an admin. */
get nsec(): `nsec1${string}` {
const value = this.env.get('DITTO_NSEC');
if (!value) {
throw new Error('Missing DITTO_NSEC');
}
if (!value.startsWith('nsec1')) {
throw new Error('Invalid DITTO_NSEC');
}
return value as `nsec1${string}`;
}
/** Ditto admin secret key in hex format. */
get seckey(): Uint8Array {
return nip19.decode(this.nsec).data;
}
/** Ditto admin public key in hex format. */
get pubkey(): string {
if (!this._pubkey) {
this._pubkey = getPublicKey(this.seckey);
}
return this._pubkey;
}
/** Port to use when serving the HTTP server. */
get port(): number {
return parseInt(this.env.get('PORT') || '4036');
}
/** IP addresses not affected by rate limiting. */
get ipWhitelist(): string[] {
return this.env.get('IP_WHITELIST')?.split(',') || [];
}
/** Relay URL to the Ditto server's relay. */
get relay(): `wss://${string}` | `ws://${string}` {
const { protocol, host } = this.url;
return `${protocol === 'https:' ? 'wss:' : 'ws:'}//${host}/relay`;
}
/** Relay to use for NIP-50 `search` queries. */
get searchRelay(): string | undefined {
return this.env.get('SEARCH_RELAY');
}
/** Origin of the Ditto server, including the protocol and port. */
get localDomain(): string {
return this.env.get('LOCAL_DOMAIN') || `http://localhost:${this.port}`;
}
/** Link to an external nostr viewer. */
get externalDomain(): string {
return this.env.get('NOSTR_EXTERNAL') || 'https://njump.me';
}
/** Get a link to a nip19-encoded entity in the configured external viewer. */
external(path: string): string {
return new URL(path, this.externalDomain).toString();
}
/**
* Heroku-style database URL. This is used in production to connect to the
* database.
*
* Follows the format:
*
* ```txt
* protocol://username:password@host:port/database_name
* ```
*/
get databaseUrl(): string {
return this.env.get('DATABASE_URL') ?? 'file://data/pgdata';
}
/** PGlite debug level. 0 disables logging. */
get pgliteDebug(): 0 | 1 | 2 | 3 | 4 | 5 {
return Number(this.env.get('PGLITE_DEBUG') || 0) as 0 | 1 | 2 | 3 | 4 | 5;
}
get vapidPublicKey(): Promise<string | undefined> {
if (!this._vapidPublicKey) {
this._vapidPublicKey = (async () => {
const keys = await this.vapidKeys;
if (keys) {
const { publicKey } = keys;
const bytes = await crypto.subtle.exportKey('raw', publicKey);
return encodeBase64Url(bytes);
}
})();
}
return this._vapidPublicKey;
}
get vapidKeys(): Promise<CryptoKeyPair | undefined> {
return (async () => {
const encoded = this.env.get('VAPID_PRIVATE_KEY');
if (!encoded) {
return;
}
const keyData = decodeBase64(encoded);
const privateKey = await crypto.subtle.importKey(
'pkcs8',
keyData,
{ name: 'ECDSA', namedCurve: 'P-256' },
true,
['sign'],
);
const publicKey = await getEcdsaPublicKey(privateKey, true);
return { privateKey, publicKey };
})();
}
get db(): { timeouts: { default: number; relay: number; timelines: number } } {
const env = this.env;
return {
/** Database query timeout configurations. */
timeouts: {
/** Default query timeout when another setting isn't more specific. */
get default(): number {
return Number(env.get('DB_TIMEOUT_DEFAULT') || 5_000);
},
/** Timeout used for queries made through the Nostr relay. */
get relay(): number {
return Number(env.get('DB_TIMEOUT_RELAY') || 1_000);
},
/** Timeout used for timelines such as home, notifications, hashtag, etc. */
get timelines(): number {
return Number(env.get('DB_TIMEOUT_TIMELINES') || 15_000);
},
},
};
}
/** Time-to-live for captchas in milliseconds. */
get captchaTTL(): number {
return Number(this.env.get('CAPTCHA_TTL') || 5 * 60 * 1000);
}
/** Character limit to enforce for posts made through Mastodon API. */
get postCharLimit(): number {
return Number(this.env.get('POST_CHAR_LIMIT') || 5000);
}
/** S3 media storage configuration. */
get s3(): {
endPoint?: string;
region?: string;
accessKey?: string;
secretKey?: string;
bucket?: string;
pathStyle?: boolean;
port?: number;
sessionToken?: string;
useSSL?: boolean;
} {
const env = this.env;
return {
get endPoint(): string | undefined {
return env.get('S3_ENDPOINT');
},
get region(): string | undefined {
return env.get('S3_REGION');
},
get accessKey(): string | undefined {
return env.get('S3_ACCESS_KEY');
},
get secretKey(): string | undefined {
return env.get('S3_SECRET_KEY');
},
get bucket(): string | undefined {
return env.get('S3_BUCKET');
},
get pathStyle(): boolean | undefined {
return optionalBooleanSchema.parse(env.get('S3_PATH_STYLE'));
},
get port(): number | undefined {
return optionalNumberSchema.parse(env.get('S3_PORT'));
},
get sessionToken(): string | undefined {
return env.get('S3_SESSION_TOKEN');
},
get useSSL(): boolean | undefined {
return optionalBooleanSchema.parse(env.get('S3_USE_SSL'));
},
};
}
/** IPFS uploader configuration. */
get ipfs(): { apiUrl: string } {
const env = this.env;
return {
/** Base URL for private IPFS API calls. */
get apiUrl(): string {
return env.get('IPFS_API_URL') || 'http://localhost:5001';
},
};
}
/** nostr.build API endpoint when the `nostrbuild` uploader is used. */
get nostrbuildEndpoint(): string {
return this.env.get('NOSTRBUILD_ENDPOINT') || 'https://nostr.build/api/v2/upload/files';
}
/** Default Blossom servers to use when the `blossom` uploader is set. */
get blossomServers(): string[] {
return this.env.get('BLOSSOM_SERVERS')?.split(',') || ['https://blossom.primal.net/'];
}
/** Module to upload files with. */
get uploader(): string | undefined {
return this.env.get('DITTO_UPLOADER');
}
/** Location to use for local uploads. */
get uploadsDir(): string {
return this.env.get('UPLOADS_DIR') || 'data/uploads';
}
/** Media base URL for uploads. */
get mediaDomain(): string {
const value = this.env.get('MEDIA_DOMAIN');
if (!value) {
const url = this.url;
url.host = `media.${url.host}`;
return url.toString();
}
return value;
}
/**
* Whether to analyze media metadata with [blurhash](https://www.npmjs.com/package/blurhash) and [sharp](https://www.npmjs.com/package/sharp).
* This is prone to security vulnerabilities, which is why it's not enabled by default.
*/
get mediaAnalyze(): boolean {
return optionalBooleanSchema.parse(this.env.get('MEDIA_ANALYZE')) ?? false;
}
/** Max upload size for files in number of bytes. Default 100MiB. */
get maxUploadSize(): number {
return Number(this.env.get('MAX_UPLOAD_SIZE') || 100 * 1024 * 1024);
}
/** Usernames that regular users cannot sign up with. */
get forbiddenUsernames(): string[] {
return this.env.get('FORBIDDEN_USERNAMES')?.split(',') || [
'_',
'admin',
'administrator',
'root',
'sysadmin',
'system',
];
}
/** Domain of the Ditto server as a `URL` object, for easily grabbing the `hostname`, etc. */
get url(): URL {
return new URL(this.localDomain);
}
/** Merges the path with the localDomain. */
local(path: string): string {
return mergeURLPath(this.localDomain, path);
}
/** URL to send Sentry errors to. */
get sentryDsn(): string | undefined {
return this.env.get('SENTRY_DSN');
}
/** Postgres settings. */
get pg(): { poolSize: number } {
const env = this.env;
return {
/** Number of connections to use in the pool. */
get poolSize(): number {
return Number(env.get('PG_POOL_SIZE') ?? 20);
},
};
}
/** Whether to enable requesting events from known relays. */
get firehoseEnabled(): boolean {
return optionalBooleanSchema.parse(this.env.get('FIREHOSE_ENABLED')) ?? true;
}
/** Number of events the firehose is allowed to process at one time before they have to wait in a queue. */
get firehoseConcurrency(): number {
return Math.ceil(Number(this.env.get('FIREHOSE_CONCURRENCY') ?? 1));
}
/** Nostr event kinds of events to listen for on the firehose. */
get firehoseKinds(): number[] {
return (this.env.get('FIREHOSE_KINDS') ?? '0, 1, 3, 5, 6, 7, 20, 9735, 10002')
.split(/[, ]+/g)
.map(Number);
}
/**
* Whether Ditto should subscribe to Nostr events from the Postgres database itself.
* This would make Nostr events inserted directly into Postgres available to the streaming API and relay.
*/
get notifyEnabled(): boolean {
return optionalBooleanSchema.parse(this.env.get('NOTIFY_ENABLED')) ?? true;
}
/** Whether to enable Ditto cron jobs. */
get cronEnabled(): boolean {
return optionalBooleanSchema.parse(this.env.get('CRON_ENABLED')) ?? true;
}
/** User-Agent to use when fetching link previews. Pretend to be Facebook by default. */
get fetchUserAgent(): string {
return this.env.get('DITTO_FETCH_USER_AGENT') ?? 'facebookexternalhit';
}
/** Path to the custom policy module. Must be an absolute path, https:, npm:, or jsr: URI. */
get policy(): string {
return this.env.get('DITTO_POLICY') || new URL('../data/policy.ts', import.meta.url).pathname;
}
/** Absolute path to the data directory used by Ditto. */
get dataDir(): string {
return this.env.get('DITTO_DATA_DIR') || new URL('../data', import.meta.url).pathname;
}
/** Absolute path of the Deno directory. */
get denoDir(): string {
return this.env.get('DENO_DIR') || `${os.userInfo().homedir}/.cache/deno`;
}
/** Whether zap splits should be enabled. */
get zapSplitsEnabled(): boolean {
return optionalBooleanSchema.parse(this.env.get('ZAP_SPLITS_ENABLED')) ?? false;
}
/** Languages this server wishes to highlight. Used when querying trends.*/
get preferredLanguages(): LanguageCode[] | undefined {
return this.env.get('DITTO_LANGUAGES')?.split(',')?.filter(ISO6391.validate);
}
/** Mints to be displayed in the UI when the user decides to create a wallet.*/
get cashuMints(): string[] {
return this.env.get('CASHU_MINTS')?.split(',') ?? [];
}
/** Translation provider used to translate posts. */
get translationProvider(): string | undefined {
return this.env.get('TRANSLATION_PROVIDER');
}
/** DeepL URL endpoint. */
get deeplBaseUrl(): string | undefined {
return this.env.get('DEEPL_BASE_URL');
}
/** DeepL API KEY. */
get deeplApiKey(): string | undefined {
return this.env.get('DEEPL_API_KEY');
}
/** LibreTranslate URL endpoint. */
get libretranslateBaseUrl(): string | undefined {
return this.env.get('LIBRETRANSLATE_BASE_URL');
}
/** LibreTranslate API KEY. */
get libretranslateApiKey(): string | undefined {
return this.env.get('LIBRETRANSLATE_API_KEY');
}
/** Cache settings. */
get caches(): {
nip05: { max: number; ttl: number };
favicon: { max: number; ttl: number };
linkPreview: { max: number; ttl: number };
translation: { max: number; ttl: number };
} {
const env = this.env;
return {
/** NIP-05 cache settings. */
get nip05(): { max: number; ttl: number } {
return {
max: Number(env.get('DITTO_CACHE_NIP05_MAX') || 3000),
ttl: Number(env.get('DITTO_CACHE_NIP05_TTL') || 1 * 60 * 60 * 1000),
};
},
/** Favicon cache settings. */
get favicon(): { max: number; ttl: number } {
return {
max: Number(env.get('DITTO_CACHE_FAVICON_MAX') || 500),
ttl: Number(env.get('DITTO_CACHE_FAVICON_TTL') || 1 * 60 * 60 * 1000),
};
},
/** Link preview cache settings. */
get linkPreview(): { max: number; ttl: number } {
return {
max: Number(env.get('DITTO_CACHE_LINK_PREVIEW_MAX') || 3000),
ttl: Number(env.get('DITTO_CACHE_LINK_PREVIEW_TTL') || 12 * 60 * 60 * 1000),
};
},
/** Translation cache settings. */
get translation(): { max: number; ttl: number } {
return {
max: Number(env.get('DITTO_CACHE_TRANSLATION_MAX') || 1000),
ttl: Number(env.get('DITTO_CACHE_TRANSLATION_TTL') || 6 * 60 * 60 * 1000),
};
},
};
}
/** Custom profile fields configuration. */
get profileFields(): { maxFields: number; nameLength: number; valueLength: number } {
const env = this.env;
return {
get maxFields(): number {
return Number(env.get('PROFILE_FIELDS_MAX_FIELDS') || 10);
},
get nameLength(): number {
return Number(env.get('PROFILE_FIELDS_NAME_LENGTH') || 255);
},
get valueLength(): number {
return Number(env.get('PROFILE_FIELDS_VALUE_LENGTH') || 2047);
},
};
}
/** Maximum time between events before a streak is broken, *in seconds*. */
get streakWindow(): number {
return Number(this.env.get('STREAK_WINDOW') || 129600);
}
}

7
packages/conf/deno.json Normal file
View file

@ -0,0 +1,7 @@
{
"name": "@ditto/conf",
"version": "1.1.0",
"exports": {
".": "./mod.ts"
}
}

1
packages/conf/mod.ts Normal file
View file

@ -0,0 +1 @@
export { DittoConf } from './DittoConf.ts';

2
packages/ditto/utils/crypto.test.ts → packages/conf/utils/crypto.test.ts
View file

@ -1,6 +1,6 @@
import { assertEquals } from '@std/assert';
import { getEcdsaPublicKey } from '@/utils/crypto.ts';
import { getEcdsaPublicKey } from './crypto.ts';
Deno.test('getEcdsaPublicKey', async () => {
const { publicKey, privateKey } = await crypto.subtle.generateKey(

0
packages/ditto/utils/crypto.ts → packages/conf/utils/crypto.ts
View file

17
packages/conf/utils/schema.test.ts Normal file
View file

@ -0,0 +1,17 @@
import { assertEquals, assertThrows } from '@std/assert';
import { optionalBooleanSchema, optionalNumberSchema } from './schema.ts';
Deno.test('optionalBooleanSchema', () => {
assertEquals(optionalBooleanSchema.parse('true'), true);
assertEquals(optionalBooleanSchema.parse('false'), false);
assertEquals(optionalBooleanSchema.parse(undefined), undefined);
assertThrows(() => optionalBooleanSchema.parse('invalid'));
});
Deno.test('optionalNumberSchema', () => {
assertEquals(optionalNumberSchema.parse('123'), 123);
assertEquals(optionalNumberSchema.parse('invalid'), NaN); // maybe this should throw?
assertEquals(optionalNumberSchema.parse(undefined), undefined);
});

11
packages/conf/utils/schema.ts Normal file
View file

@ -0,0 +1,11 @@
import { z } from 'zod';
export const optionalBooleanSchema = z
.enum(['true', 'false'])
.optional()
.transform((value) => value !== undefined ? value === 'true' : undefined);
export const optionalNumberSchema = z
.string()
.optional()
.transform((value) => value !== undefined ? Number(value) : undefined);

9
packages/conf/utils/url.test.ts Normal file
View file

@ -0,0 +1,9 @@
import { assertEquals } from '@std/assert';
import { mergeURLPath } from './url.ts';
Deno.test('mergeURLPath', () => {
assertEquals(mergeURLPath('https://mario.com', '/path'), 'https://mario.com/path');
assertEquals(mergeURLPath('https://mario.com', 'https://luigi.com/path'), 'https://mario.com/path');
assertEquals(mergeURLPath('https://mario.com', 'https://luigi.com/path?q=1'), 'https://mario.com/path?q=1');
});

23
packages/conf/utils/url.ts Normal file
View file

@ -0,0 +1,23 @@
/**
* Produce a URL whose origin is guaranteed to be the same as the base URL.
* The path is either an absolute path (starting with `/`), or a full URL. In either case, only its path is used.
*/
export function mergeURLPath(
/** Base URL. Result is guaranteed to use this URL's origin. */
base: string,
/** Either an absolute path (starting with `/`), or a full URL. If a full URL, its path */
path: string,
): string {
const url = new URL(
path.startsWith('/') ? path : new URL(path).pathname,
base,
);
if (!path.startsWith('/')) {
// Copy query parameters from the original URL to the new URL
const originalUrl = new URL(path);
url.search = originalUrl.search;
}
return url.toString();
}

6
packages/ditto/app.ts
View file

@ -1,3 +1,5 @@
import { confMw } from '@ditto/api/middleware';
import { type DittoConf } from '@ditto/conf';
import { type Context, Env as HonoEnv, Handler, Hono, Input as HonoInput, MiddlewareHandler } from '@hono/hono';
import { every } from '@hono/hono/combine';
import { cors } from '@hono/hono/cors';
@ -149,6 +151,7 @@ import { logiMiddleware } from '@/middleware/logiMiddleware.ts';
export interface AppEnv extends HonoEnv {
Variables: {
conf: DittoConf;
/** Signer to get the logged-in user's pubkey, relays, and to sign events, or `undefined` if the user isn't logged in. */
signer?: NostrSigner;
/** Uploader for the user to upload files. */
@ -180,7 +183,7 @@ const publicFiles = serveStatic({ root: './public/' });
/** Static files provided by the Ditto repo, checked into git. */
const staticFiles = serveStatic({ root: new URL('./static/', import.meta.url).pathname });
app.use('*', cacheControlMiddleware({ noStore: true }));
app.use(confMw(Deno.env), cacheControlMiddleware({ noStore: true }));
const ratelimit = every(
rateLimitMiddleware(30, Time.seconds(5), false),
@ -196,7 +199,6 @@ app.get('/api/v1/streaming', metricsMiddleware, ratelimit, streamingController);
app.get('/relay', metricsMiddleware, ratelimit, relayController);
app.use(
'*',
cspMiddleware(),
cors({ origin: '*', exposeHeaders: ['link'] }),
signerMiddleware,

397
packages/ditto/config.ts
View file

@ -1,395 +1,4 @@
import os from 'node:os';
import ISO6391, { LanguageCode } from 'iso-639-1';
import { getPublicKey, nip19 } from 'nostr-tools';
import { z } from 'zod';
import { decodeBase64 } from '@std/encoding/base64';
import { encodeBase64Url } from '@std/encoding/base64url';
import { DittoConf } from '@ditto/conf';
import { getEcdsaPublicKey } from '@/utils/crypto.ts';
/** Application-wide configuration. */
class Conf {
private static _pubkey: string | undefined;
/** Ditto admin secret key in nip19 format. This is the way it's configured by an admin. */
static get nsec(): `nsec1${string}` {
const value = Deno.env.get('DITTO_NSEC');
if (!value) {
throw new Error('Missing DITTO_NSEC');
}
if (!value.startsWith('nsec1')) {
throw new Error('Invalid DITTO_NSEC');
}
return value as `nsec1${string}`;
}
/** Ditto admin secret key in hex format. */
static get seckey(): Uint8Array {
return nip19.decode(Conf.nsec).data;
}
/** Ditto admin public key in hex format. */
static get pubkey(): string {
if (!this._pubkey) {
this._pubkey = getPublicKey(Conf.seckey);
}
return this._pubkey;
}
/** Port to use when serving the HTTP server. */
static get port(): number {
return parseInt(Deno.env.get('PORT') || '4036');
}
/** IP addresses not affected by rate limiting. */
static get ipWhitelist(): string[] {
return Deno.env.get('IP_WHITELIST')?.split(',') || [];
}
/** Relay URL to the Ditto server's relay. */
static get relay(): `wss://${string}` | `ws://${string}` {
const { protocol, host } = Conf.url;
return `${protocol === 'https:' ? 'wss:' : 'ws:'}//${host}/relay`;
}
/** Relay to use for NIP-50 `search` queries. */
static get searchRelay(): string | undefined {
return Deno.env.get('SEARCH_RELAY');
}
/** Origin of the Ditto server, including the protocol and port. */
static get localDomain(): string {
return Deno.env.get('LOCAL_DOMAIN') || `http://localhost:${Conf.port}`;
}
/** Link to an external nostr viewer. */
static get externalDomain(): string {
return Deno.env.get('NOSTR_EXTERNAL') || 'https://njump.me';
}
/** Get a link to a nip19-encoded entity in the configured external viewer. */
static external(path: string) {
return new URL(path, Conf.externalDomain).toString();
}
/**
* Heroku-style database URL. This is used in production to connect to the
* database.
*
* Follows the format:
*
* ```txt
* protocol://username:password@host:port/database_name
* ```
*/
static get databaseUrl(): string {
return Deno.env.get('DATABASE_URL') ?? 'file://data/pgdata';
}
/** PGlite debug level. 0 disables logging. */
static get pgliteDebug(): 0 | 1 | 2 | 3 | 4 | 5 {
return Number(Deno.env.get('PGLITE_DEBUG') || 0) as 0 | 1 | 2 | 3 | 4 | 5;
}
private static _vapidPublicKey: Promise<string | undefined> | undefined;
static get vapidPublicKey(): Promise<string | undefined> {
if (!this._vapidPublicKey) {
this._vapidPublicKey = (async () => {
const keys = await Conf.vapidKeys;
if (keys) {
const { publicKey } = keys;
const bytes = await crypto.subtle.exportKey('raw', publicKey);
return encodeBase64Url(bytes);
}
})();
}
return this._vapidPublicKey;
}
static get vapidKeys(): Promise<CryptoKeyPair | undefined> {
return (async () => {
const encoded = Deno.env.get('VAPID_PRIVATE_KEY');
if (!encoded) {
return;
}
const keyData = decodeBase64(encoded);
const privateKey = await crypto.subtle.importKey(
'pkcs8',
keyData,
{ name: 'ECDSA', namedCurve: 'P-256' },
true,
['sign'],
);
const publicKey = await getEcdsaPublicKey(privateKey, true);
return { privateKey, publicKey };
})();
}
static db = {
/** Database query timeout configurations. */
timeouts: {
/** Default query timeout when another setting isn't more specific. */
get default(): number {
return Number(Deno.env.get('DB_TIMEOUT_DEFAULT') || 5_000);
},
/** Timeout used for queries made through the Nostr relay. */
get relay(): number {
return Number(Deno.env.get('DB_TIMEOUT_RELAY') || 1_000);
},
/** Timeout used for timelines such as home, notifications, hashtag, etc. */
get timelines(): number {
return Number(Deno.env.get('DB_TIMEOUT_TIMELINES') || 15_000);
},
},
};
/** Time-to-live for captchas in milliseconds. */
static get captchaTTL(): number {
return Number(Deno.env.get('CAPTCHA_TTL') || 5 * 60 * 1000);
}
/** Character limit to enforce for posts made through Mastodon API. */
static get postCharLimit(): number {
return Number(Deno.env.get('POST_CHAR_LIMIT') || 5000);
}
/** S3 media storage configuration. */
static s3 = {
get endPoint(): string | undefined {
return Deno.env.get('S3_ENDPOINT');
},
get region(): string | undefined {
return Deno.env.get('S3_REGION');
},
get accessKey(): string | undefined {
return Deno.env.get('S3_ACCESS_KEY');
},
get secretKey(): string | undefined {
return Deno.env.get('S3_SECRET_KEY');
},
get bucket(): string | undefined {
return Deno.env.get('S3_BUCKET');
},
get pathStyle(): boolean | undefined {
return optionalBooleanSchema.parse(Deno.env.get('S3_PATH_STYLE'));
},
get port(): number | undefined {
return optionalNumberSchema.parse(Deno.env.get('S3_PORT'));
},
get sessionToken(): string | undefined {
return Deno.env.get('S3_SESSION_TOKEN');
},
get useSSL(): boolean | undefined {
return optionalBooleanSchema.parse(Deno.env.get('S3_USE_SSL'));
},
};
/** IPFS uploader configuration. */
static ipfs = {
/** Base URL for private IPFS API calls. */
get apiUrl(): string {
return Deno.env.get('IPFS_API_URL') || 'http://localhost:5001';
},
};
/** nostr.build API endpoint when the `nostrbuild` uploader is used. */
static get nostrbuildEndpoint(): string {
return Deno.env.get('NOSTRBUILD_ENDPOINT') || 'https://nostr.build/api/v2/upload/files';
}
/** Default Blossom servers to use when the `blossom` uploader is set. */
static get blossomServers(): string[] {
return Deno.env.get('BLOSSOM_SERVERS')?.split(',') || ['https://blossom.primal.net/'];
}
/** Module to upload files with. */
static get uploader(): string | undefined {
return Deno.env.get('DITTO_UPLOADER');
}
/** Location to use for local uploads. */
static get uploadsDir(): string {
return Deno.env.get('UPLOADS_DIR') || 'data/uploads';
}
/** Media base URL for uploads. */
static get mediaDomain(): string {
const value = Deno.env.get('MEDIA_DOMAIN');
if (!value) {
const url = Conf.url;
url.host = `media.${url.host}`;
return url.toString();
}
return value;
}
/**
* Whether to analyze media metadata with [blurhash](https://www.npmjs.com/package/blurhash) and [sharp](https://www.npmjs.com/package/sharp).
* This is prone to security vulnerabilities, which is why it's not enabled by default.
*/
static get mediaAnalyze(): boolean {
return optionalBooleanSchema.parse(Deno.env.get('MEDIA_ANALYZE')) ?? false;
}
/** Max upload size for files in number of bytes. Default 100MiB. */
static get maxUploadSize(): number {
return Number(Deno.env.get('MAX_UPLOAD_SIZE') || 100 * 1024 * 1024);
}
/** Usernames that regular users cannot sign up with. */
static get forbiddenUsernames(): string[] {
return Deno.env.get('FORBIDDEN_USERNAMES')?.split(',') || [
'_',
'admin',
'administrator',
'root',
'sysadmin',
'system',
];
}
/** Domain of the Ditto server as a `URL` object, for easily grabbing the `hostname`, etc. */
static get url(): URL {
return new URL(Conf.localDomain);
}
/** Merges the path with the localDomain. */
static local(path: string): string {
return mergePaths(Conf.localDomain, path);
}
/** URL to send Sentry errors to. */
static get sentryDsn(): string | undefined {
return Deno.env.get('SENTRY_DSN');
}
/** Postgres settings. */
static pg = {
/** Number of connections to use in the pool. */
get poolSize(): number {
return Number(Deno.env.get('PG_POOL_SIZE') ?? 20);
},
};
/** Whether to enable requesting events from known relays. */
static get firehoseEnabled(): boolean {
return optionalBooleanSchema.parse(Deno.env.get('FIREHOSE_ENABLED')) ?? true;
}
/** Number of events the firehose is allowed to process at one time before they have to wait in a queue. */
static get firehoseConcurrency(): number {
return Math.ceil(Number(Deno.env.get('FIREHOSE_CONCURRENCY') ?? 1));
}
/** Nostr event kinds of events to listen for on the firehose. */
static get firehoseKinds(): number[] {
return (Deno.env.get('FIREHOSE_KINDS') ?? '0, 1, 3, 5, 6, 7, 20, 9735, 10002')
.split(/[, ]+/g)
.map(Number);
}
/**
* Whether Ditto should subscribe to Nostr events from the Postgres database itself.
* This would make Nostr events inserted directly into Postgres available to the streaming API and relay.
*/
static get notifyEnabled(): boolean {
return optionalBooleanSchema.parse(Deno.env.get('NOTIFY_ENABLED')) ?? true;
}
/** Whether to enable Ditto cron jobs. */
static get cronEnabled(): boolean {
return optionalBooleanSchema.parse(Deno.env.get('CRON_ENABLED')) ?? true;
}
/** User-Agent to use when fetching link previews. Pretend to be Facebook by default. */
static get fetchUserAgent(): string {
return Deno.env.get('DITTO_FETCH_USER_AGENT') ?? 'facebookexternalhit';
}
/** Path to the custom policy module. Must be an absolute path, https:, npm:, or jsr: URI. */
static get policy(): string {
return Deno.env.get('DITTO_POLICY') || new URL('../data/policy.ts', import.meta.url).pathname;
}
/** Absolute path to the data directory used by Ditto. */
static get dataDir(): string {
return Deno.env.get('DITTO_DATA_DIR') || new URL('../data', import.meta.url).pathname;
}
/** Absolute path of the Deno directory. */
static get denoDir(): string {
return Deno.env.get('DENO_DIR') || `${os.userInfo().homedir}/.cache/deno`;
}
/** Whether zap splits should be enabled. */
static get zapSplitsEnabled(): boolean {
return optionalBooleanSchema.parse(Deno.env.get('ZAP_SPLITS_ENABLED')) ?? false;
}
/** Languages this server wishes to highlight. Used when querying trends.*/
static get preferredLanguages(): LanguageCode[] | undefined {
return Deno.env.get('DITTO_LANGUAGES')?.split(',')?.filter(ISO6391.validate);
}
/** Mints to be displayed in the UI when the user decides to create a wallet.*/
static get cashuMints(): string[] {
return Deno.env.get('CASHU_MINTS')?.split(',') ?? [];
}
/** Translation provider used to translate posts. */
static get translationProvider(): string | undefined {
return Deno.env.get('TRANSLATION_PROVIDER');
}
/** DeepL URL endpoint. */
static get deeplBaseUrl(): string | undefined {
return Deno.env.get('DEEPL_BASE_URL');
}
/** DeepL API KEY. */
static get deeplApiKey(): string | undefined {
return Deno.env.get('DEEPL_API_KEY');
}
/** LibreTranslate URL endpoint. */
static get libretranslateBaseUrl(): string | undefined {
return Deno.env.get('LIBRETRANSLATE_BASE_URL');
}
/** LibreTranslate API KEY. */
static get libretranslateApiKey(): string | undefined {
return Deno.env.get('LIBRETRANSLATE_API_KEY');
}
/** Cache settings. */
static caches = {
/** NIP-05 cache settings. */
get nip05(): { max: number; ttl: number } {
return {
max: Number(Deno.env.get('DITTO_CACHE_NIP05_MAX') || 3000),
ttl: Number(Deno.env.get('DITTO_CACHE_NIP05_TTL') || 1 * 60 * 60 * 1000),
};
},
/** Favicon cache settings. */
get favicon(): { max: number; ttl: number } {
return {
max: Number(Deno.env.get('DITTO_CACHE_FAVICON_MAX') || 500),
ttl: Number(Deno.env.get('DITTO_CACHE_FAVICON_TTL') || 1 * 60 * 60 * 1000),
};
},
/** Link preview cache settings. */
get linkPreview(): { max: number; ttl: number } {
return {
max: Number(Deno.env.get('DITTO_CACHE_LINK_PREVIEW_MAX') || 3000),
ttl: Number(Deno.env.get('DITTO_CACHE_LINK_PREVIEW_TTL') || 12 * 60 * 60 * 1000),
};
},
/** Translation cache settings. */
get translation(): { max: number; ttl: number } {
return {
max: Number(Deno.env.get('DITTO_CACHE_TRANSLATION_MAX') || 1000),
ttl: Number(Deno.env.get('DITTO_CACHE_TRANSLATION_TTL') || 6 * 60 * 60 * 1000),
};
},
};
static profileFields = {
get maxFields(): number {
return Number(Deno.env.get('PROFILE_FIELDS_MAX_FIELDS') || 10);
},
get nameLength(): number {
return Number(Deno.env.get('PROFILE_FIELDS_NAME_LENGTH') || 255);
},
get valueLength(): number {
return Number(Deno.env.get('PROFILE_FIELDS_VALUE_LENGTH') || 2047);
},
};
/** Maximum time between events before a streak is broken, *in seconds*. */
static get streakWindow(): number {
return Number(Deno.env.get('STREAK_WINDOW') || 129600);
}
}
const optionalBooleanSchema = z
.enum(['true', 'false'])
.optional()
.transform((value) => value !== undefined ? value === 'true' : undefined);
const optionalNumberSchema = z
.string()
.optional()
.transform((value) => value !== undefined ? Number(value) : undefined);
function mergePaths(base: string, path: string) {
const url = new URL(
path.startsWith('/') ? path : new URL(path).pathname,
base,
);
if (!path.startsWith('/')) {
// Copy query parameters from the original URL to the new URL
const originalUrl = new URL(path);
url.search = originalUrl.search;
}
return url.toString();
}
export { Conf };
/** @deprecated Use middleware to set/get the config instead. */
export const Conf = new DittoConf(Deno.env);

19
packages/ditto/controllers/api/accounts.ts
View file

@ -3,7 +3,6 @@ import { nip19 } from 'nostr-tools';
import { z } from 'zod';
import { type AppController } from '@/app.ts';
import { Conf } from '@/config.ts';
import { getAuthor, getFollowedPubkeys } from '@/queries.ts';
import { booleanParamSchema, fileSchema } from '@/schema.ts';
import { Storages } from '@/storages.ts';
@ -22,13 +21,8 @@ import { addTag, deleteTag, findReplyTag, getTagSet } from '@/utils/tags.ts';
import { getPubkeysBySearch } from '@/utils/search.ts';
import { MastodonAccount } from '@/entities/MastodonAccount.ts';
const usernameSchema = z
.string().min(1).max(30)
.regex(/^[a-z0-9_]+$/i)
.refine((username) => !Conf.forbiddenUsernames.includes(username), 'Username is reserved.');
const createAccountSchema = z.object({
username: usernameSchema,
username: z.string().min(1).max(30).regex(/^[a-z0-9_]+$/i),
});
const createAccountController: AppController = async (c) => {
@ -39,6 +33,10 @@ const createAccountController: AppController = async (c) => {
return c.json({ error: 'Bad request', schema: result.error }, 400);
}
if (c.var.conf.forbiddenUsernames.includes(result.data.username)) {
return c.json({ error: 'Username is reserved.' }, 422);
}
return c.json({
access_token: nip19.npubEncode(pubkey),
token_type: 'Bearer',
@ -204,7 +202,8 @@ const accountStatusesQuerySchema = z.object({
const accountStatusesController: AppController = async (c) => {
const pubkey = c.req.param('pubkey');
const { since, until } = c.get('pagination');
const { conf } = c.var;
const { since, until } = c.var.pagination;
const { pinned, limit, exclude_replies, tagged, only_media } = accountStatusesQuerySchema.parse(c.req.query());
const { signal } = c.req.raw;
@ -212,7 +211,7 @@ const accountStatusesController: AppController = async (c) => {
const [[author], [user]] = await Promise.all([
store.query([{ kinds: [0], authors: [pubkey], limit: 1 }], { signal }),
store.query([{ kinds: [30382], authors: [Conf.pubkey], '#d': [pubkey], limit: 1 }], { signal }),
store.query([{ kinds: [30382], authors: [conf.pubkey], '#d': [pubkey], limit: 1 }], { signal }),
]);
if (author) {
@ -261,7 +260,7 @@ const accountStatusesController: AppController = async (c) => {
filter.search = search.join(' ');
}
const opts = { signal, limit, timeout: Conf.db.timeouts.timelines };
const opts = { signal, limit, timeout: conf.db.timeouts.timelines };
const events = await store.query([filter], opts)
.then((events) => hydrateEvents({ events, store, signal }))

14
packages/ditto/controllers/api/admin.ts
View file

@ -3,7 +3,6 @@ import { logi } from '@soapbox/logi';
import { z } from 'zod';
import { type AppController } from '@/app.ts';
import { Conf } from '@/config.ts';
import { booleanParamSchema } from '@/schema.ts';
import { Storages } from '@/storages.ts';
import { hydrateEvents } from '@/storages/hydrate.ts';
@ -30,6 +29,7 @@ const adminAccountQuerySchema = z.object({
});
const adminAccountsController: AppController = async (c) => {
const { conf } = c.var;
const store = await Storages.db();
const params = c.get('pagination');
const { signal } = c.req.raw;
@ -49,7 +49,7 @@ const adminAccountsController: AppController = async (c) => {
}
const orig = await store.query(
[{ kinds: [30383], authors: [Conf.pubkey], '#k': ['3036'], '#n': ['pending'], ...params }],
[{ kinds: [30383], authors: [conf.pubkey], '#k': ['3036'], '#n': ['pending'], ...params }],
{ signal },
);
@ -86,7 +86,7 @@ const adminAccountsController: AppController = async (c) => {
n.push('moderator');
}
const events = await store.query([{ kinds: [30382], authors: [Conf.pubkey], '#n': n, ...params }], { signal });
const events = await store.query([{ kinds: [30382], authors: [conf.pubkey], '#n': n, ...params }], { signal });
const pubkeys = new Set<string>(
events
@ -110,7 +110,7 @@ const adminAccountsController: AppController = async (c) => {
const filter: NostrFilter = { kinds: [0], ...params };
if (local) {
filter.search = `domain:${Conf.url.host}`;
filter.search = `domain:${conf.url.host}`;
}
const events = await store.query([filter], { signal })
@ -125,6 +125,7 @@ const adminAccountActionSchema = z.object({
});
const adminActionController: AppController = async (c) => {
const { conf } = c.var;
const body = await parseBody(c.req.raw);
const store = await Storages.db();
const result = adminAccountActionSchema.safeParse(body);
@ -156,7 +157,7 @@ const adminActionController: AppController = async (c) => {
}
if (data.type === 'revoke_name') {
n.revoke_name = true;
store.remove([{ kinds: [30360], authors: [Conf.pubkey], '#p': [authorId] }]).catch((e: unknown) => {
store.remove([{ kinds: [30360], authors: [conf.pubkey], '#p': [authorId] }]).catch((e: unknown) => {
logi({ level: 'error', ns: 'ditto.api.admin.account.action', type: data.type, error: errorJson(e) });
});
}
@ -167,6 +168,7 @@ const adminActionController: AppController = async (c) => {
};
const adminApproveController: AppController = async (c) => {
const { conf } = c.var;
const eventId = c.req.param('id');
const store = await Storages.db();
@ -183,7 +185,7 @@ const adminApproveController: AppController = async (c) => {
return c.json({ error: 'Invalid NIP-05' }, 400);
}
const [existing] = await store.query([{ kinds: [30360], authors: [Conf.pubkey], '#d': [r], limit: 1 }]);
const [existing] = await store.query([{ kinds: [30360], authors: [conf.pubkey], '#d': [r], limit: 1 }]);
if (existing) {
return c.json({ error: 'NIP-05 already granted to another user' }, 400);
}

5
packages/ditto/controllers/api/captcha.ts
View file

@ -3,7 +3,6 @@ import TTLCache from '@isaacs/ttlcache';
import { z } from 'zod';
import { AppController } from '@/app.ts';
import { Conf } from '@/config.ts';
import { updateUser } from '@/utils/api.ts';
interface Point {
@ -24,6 +23,8 @@ const PUZZLE_SIZE = { w: 65, h: 65 };
/** Puzzle captcha controller. */
export const captchaController: AppController = async (c) => {
const { conf } = c.var;
const { bg, puzzle, solution } = generateCaptcha(
await imagesAsync,
BG_SIZE,
@ -32,7 +33,7 @@ export const captchaController: AppController = async (c) => {
const id = crypto.randomUUID();
const now = new Date();
const ttl = Conf.captchaTTL;
const ttl = conf.captchaTTL;
captchas.set(id, solution, { ttl });

26
packages/ditto/controllers/api/cashu.test.ts
View file

@ -1,3 +1,4 @@
import { confMw } from '@ditto/api/middleware';
import { Env as HonoEnv, Hono } from '@hono/hono';
import { NostrSigner, NSecSigner, NStore } from '@nostrify/nostrify';
import { generateSecretKey, getPublicKey } from 'nostr-tools';
@ -40,7 +41,10 @@ Deno.test('PUT /wallet must be successful', {
c.set('store', store);
await next();
},
).route('/', cashuApp);
);
app.use(confMw(new Map()));
app.route('/', cashuApp);
const response = await app.request('/wallet', {
method: 'PUT',
@ -116,7 +120,10 @@ Deno.test('PUT /wallet must NOT be successful: wrong request body/schema', async
c.set('store', store);
await next();
},
).route('/', cashuApp);
);
app.use(confMw(new Map()));
app.route('/', cashuApp);
const response = await app.request('/wallet', {
method: 'PUT',
@ -149,7 +156,10 @@ Deno.test('PUT /wallet must NOT be successful: wallet already exists', async ()
c.set('store', store);
await next();
},
).route('/', cashuApp);
);
app.use(confMw(new Map()));
app.route('/', cashuApp);
await db.store.event(genEvent({ kind: 17375 }, sk));
@ -187,7 +197,10 @@ Deno.test('GET /wallet must be successful', async () => {
c.set('store', store);
await next();
},
).route('/', cashuApp);
);
app.use(confMw(new Map()));
app.route('/', cashuApp);
// Wallet
await db.store.event(genEvent({
@ -290,7 +303,10 @@ Deno.test('GET /mints must be successful', async () => {
c.set('store', store);
await next();
},
).route('/', cashuApp);
);
app.use(confMw(new Map()));
app.route('/', cashuApp);
const response = await app.request('/mints', {
method: 'GET',

18
packages/ditto/controllers/api/cashu.ts
View file

@ -1,10 +1,10 @@
import { CashuMint, CashuWallet, Proof } from '@cashu/cashu-ts';
import { confRequiredMw } from '@ditto/api/middleware';
import { Hono } from '@hono/hono';
import { generateSecretKey, getPublicKey } from 'nostr-tools';
import { bytesToString, stringToBytes } from '@scure/base';
import { z } from 'zod';
import { Conf } from '@/config.ts';
import { createEvent, parseBody } from '@/utils/api.ts';
import { requireNip44Signer } from '@/middleware/requireSigner.ts';
import { requireStore } from '@/middleware/storeMiddleware.ts';
@ -16,7 +16,7 @@ import { errorJson } from '@/utils/log.ts';
type Wallet = z.infer<typeof walletSchema>;
const app = new Hono().use('*', requireStore);
const app = new Hono().use('*', confRequiredMw, requireStore);
// app.delete('/wallet') -> 204
@ -103,7 +103,7 @@ const createCashuWalletAndNutzapInfoSchema = z.object({
* https://github.com/nostr-protocol/nips/blob/master/61.md#nutzap-informational-event
*/
app.put('/wallet', requireNip44Signer, async (c) => {
const signer = c.var.signer;
const { conf, signer } = c.var;
const store = c.get('store');
const pubkey = await signer.getPublicKey();
const body = await parseBody(c.req.raw);
@ -146,7 +146,7 @@ app.put('/wallet', requireNip44Signer, async (c) => {
kind: 10019,
tags: [
...mints.map((mint) => ['mint', mint, 'sat']),
['relay', Conf.relay], // TODO: add more relays once things get more stable
['relay', conf.relay], // TODO: add more relays once things get more stable
['pubkey', p2pk],
],
}, c);
@ -155,7 +155,7 @@ app.put('/wallet', requireNip44Signer, async (c) => {
const walletEntity: Wallet = {
pubkey_p2pk: p2pk,
mints,
relays: [Conf.relay],
relays: [conf.relay],
balance: 0, // Newly created wallet, balance is zero.
};
@ -164,7 +164,7 @@ app.put('/wallet', requireNip44Signer, async (c) => {
/** Gets a wallet, if it exists. */
app.get('/wallet', requireNip44Signer, swapNutzapsMiddleware, async (c) => {
const signer = c.get('signer');
const { conf, signer } = c.var;
const store = c.get('store');
const pubkey = await signer.getPublicKey();
const { signal } = c.req.raw;
@ -209,7 +209,7 @@ app.get('/wallet', requireNip44Signer, swapNutzapsMiddleware, async (c) => {
const walletEntity: Wallet = {
pubkey_p2pk: p2pk,
mints,
relays: [Conf.relay],
relays: [conf.relay],
balance,
};
@ -218,8 +218,10 @@ app.get('/wallet', requireNip44Signer, swapNutzapsMiddleware, async (c) => {
/** Get mints set by the CASHU_MINTS environment variable. */
app.get('/mints', (c) => {
const { conf } = c.var;
// TODO: Return full Mint information: https://github.com/cashubtc/nuts/blob/main/06.md
const mints = Conf.cashuMints;
const mints = conf.cashuMints;
return c.json({ mints }, 200);
});

26
packages/ditto/controllers/api/ditto.ts
View file

@ -2,7 +2,6 @@ import { NostrEvent, NostrFilter, NSchema as n } from '@nostrify/nostrify';
import { z } from 'zod';
import { AppController } from '@/app.ts';
import { Conf } from '@/config.ts';
import { DittoEvent } from '@/interfaces/DittoEvent.ts';
import { getAuthor } from '@/queries.ts';
import { addTag } from '@/utils/tags.ts';
@ -30,10 +29,11 @@ const relaySchema = z.object({
type RelayEntity = z.infer<typeof relaySchema>;
export const adminRelaysController: AppController = async (c) => {
const { conf } = c.var;
const store = await Storages.db();
const [event] = await store.query([
{ kinds: [10002], authors: [Conf.pubkey], limit: 1 },
{ kinds: [10002], authors: [conf.pubkey], limit: 1 },
]);
if (!event) {
@ -82,6 +82,7 @@ export const nameRequestController: AppController = async (c) => {
const store = await Storages.db();
const signer = c.get('signer')!;
const pubkey = await signer.getPublicKey();
const { conf } = c.var;
const { name, reason } = nameRequestSchema.parse(await c.req.json());
@ -97,7 +98,7 @@ export const nameRequestController: AppController = async (c) => {
['r', name],
['L', 'nip05.domain'],
['l', name.split('@')[1], 'nip05.domain'],
['p', Conf.pubkey],
['p', conf.pubkey],
],
}, c);
@ -113,6 +114,7 @@ const nameRequestsSchema = z.object({
});
export const nameRequestsController: AppController = async (c) => {
const { conf } = c.var;
const store = await Storages.db();
const signer = c.get('signer')!;
const pubkey = await signer.getPublicKey();
@ -122,7 +124,7 @@ export const nameRequestsController: AppController = async (c) => {
const filter: NostrFilter = {
kinds: [30383],
authors: [Conf.pubkey],
authors: [conf.pubkey],
'#k': ['3036'],
'#p': [pubkey],
...params,
@ -168,6 +170,7 @@ const zapSplitSchema = z.record(
);
export const updateZapSplitsController: AppController = async (c) => {
const { conf } = c.var;
const body = await parseBody(c.req.raw);
const result = zapSplitSchema.safeParse(body);
const store = c.get('store');
@ -176,7 +179,7 @@ export const updateZapSplitsController: AppController = async (c) => {
return c.json({ error: result.error }, 400);
}
const dittoZapSplit = await getZapSplits(store, Conf.pubkey);
const dittoZapSplit = await getZapSplits(store, conf.pubkey);
if (!dittoZapSplit) {
return c.json({ error: 'Zap split not activated, restart the server.' }, 404);
}
@ -189,7 +192,7 @@ export const updateZapSplitsController: AppController = async (c) => {
}
await updateListAdminEvent(
{ kinds: [30078], authors: [Conf.pubkey], '#d': ['pub.ditto.zapSplits'], limit: 1 },
{ kinds: [30078], authors: [conf.pubkey], '#d': ['pub.ditto.zapSplits'], limit: 1 },
(tags) =>
pubkeys.reduce((accumulator, pubkey) => {
return addTag(accumulator, ['p', pubkey, data[pubkey].weight.toString(), data[pubkey].message]);
@ -203,6 +206,7 @@ export const updateZapSplitsController: AppController = async (c) => {
const deleteZapSplitSchema = z.array(n.id()).min(1);
export const deleteZapSplitsController: AppController = async (c) => {
const { conf } = c.var;
const body = await parseBody(c.req.raw);
const result = deleteZapSplitSchema.safeParse(body);
const store = c.get('store');
@ -211,7 +215,7 @@ export const deleteZapSplitsController: AppController = async (c) => {
return c.json({ error: result.error }, 400);
}
const dittoZapSplit = await getZapSplits(store, Conf.pubkey);
const dittoZapSplit = await getZapSplits(store, conf.pubkey);
if (!dittoZapSplit) {
return c.json({ error: 'Zap split not activated, restart the server.' }, 404);
}
@ -219,7 +223,7 @@ export const deleteZapSplitsController: AppController = async (c) => {
const { data } = result;
await updateListAdminEvent(
{ kinds: [30078], authors: [Conf.pubkey], '#d': ['pub.ditto.zapSplits'], limit: 1 },
{ kinds: [30078], authors: [conf.pubkey], '#d': ['pub.ditto.zapSplits'], limit: 1 },
(tags) =>
data.reduce((accumulator, currentValue) => {
return deleteTag(accumulator, ['p', currentValue]);
@ -231,9 +235,10 @@ export const deleteZapSplitsController: AppController = async (c) => {
};
export const getZapSplitsController: AppController = async (c) => {
const { conf } = c.var;
const store = c.get('store');
const dittoZapSplit: DittoZapSplits | undefined = await getZapSplits(store, Conf.pubkey) ?? {};
const dittoZapSplit: DittoZapSplits | undefined = await getZapSplits(store, conf.pubkey) ?? {};
if (!dittoZapSplit) {
return c.json({ error: 'Zap split not activated, restart the server.' }, 404);
}
@ -303,9 +308,10 @@ const updateInstanceSchema = z.object({
});
export const updateInstanceController: AppController = async (c) => {
const { conf } = c.var;
const body = await parseBody(c.req.raw);
const result = updateInstanceSchema.safeParse(body);
const pubkey = Conf.pubkey;
const pubkey = conf.pubkey;
if (!result.success) {
return c.json(result.error, 422);

33
packages/ditto/controllers/api/instance.ts
View file

@ -1,7 +1,6 @@
import denoJson from 'deno.json' with { type: 'json' };
import { AppController } from '@/app.ts';
import { Conf } from '@/config.ts';
import { Storages } from '@/storages.ts';
import { getInstanceMetadata } from '@/utils/instance.ts';
@ -17,7 +16,8 @@ const features = [
];
const instanceV1Controller: AppController = async (c) => {
const { host, protocol } = Conf.url;
const { conf } = c.var;
const { host, protocol } = conf.url;
const meta = await getInstanceMetadata(await Storages.db(), c.req.raw.signal);
/** Protocol to use for WebSocket URLs, depending on the protocol of the `LOCAL_DOMAIN`. */
@ -29,7 +29,7 @@ const instanceV1Controller: AppController = async (c) => {
description: meta.about,
short_description: meta.tagline,
registrations: true,
max_toot_chars: Conf.postCharLimit,
max_toot_chars: conf.postCharLimit,
configuration: {
media_attachments: {
image_size_limit: 100000000,
@ -42,7 +42,7 @@ const instanceV1Controller: AppController = async (c) => {
min_expiration: 0,
},
statuses: {
max_characters: Conf.postCharLimit,
max_characters: conf.postCharLimit,
max_media_attachments: 20,
},
},
@ -50,9 +50,9 @@ const instanceV1Controller: AppController = async (c) => {
metadata: {
features,
fields_limits: {
max_fields: Conf.profileFields.maxFields,
name_length: Conf.profileFields.nameLength,
value_length: Conf.profileFields.valueLength,
max_fields: conf.profileFields.maxFields,
name_length: conf.profileFields.nameLength,
value_length: conf.profileFields.valueLength,
},
},
},
@ -68,7 +68,7 @@ const instanceV1Controller: AppController = async (c) => {
version,
email: meta.email,
nostr: {
pubkey: Conf.pubkey,
pubkey: conf.pubkey,
relay: `${wsProtocol}//${host}/relay`,
},
rules: [],
@ -76,7 +76,8 @@ const instanceV1Controller: AppController = async (c) => {
};
const instanceV2Controller: AppController = async (c) => {
const { host, protocol } = Conf.url;
const { conf } = c.var;
const { host, protocol } = conf.url;
const meta = await getInstanceMetadata(await Storages.db(), c.req.raw.signal);
/** Protocol to use for WebSocket URLs, depending on the protocol of the `LOCAL_DOMAIN`. */
@ -111,14 +112,14 @@ const instanceV2Controller: AppController = async (c) => {
streaming: `${wsProtocol}//${host}`,
},
vapid: {
public_key: await Conf.vapidPublicKey,
public_key: await conf.vapidPublicKey,
},
accounts: {
max_featured_tags: 10,
max_pinned_statuses: 5,
},
statuses: {
max_characters: Conf.postCharLimit,
max_characters: conf.postCharLimit,
max_media_attachments: 20,
characters_reserved_per_url: 23,
},
@ -136,20 +137,20 @@ const instanceV2Controller: AppController = async (c) => {
max_expiration: 2629746,
},
translation: {
enabled: Boolean(Conf.translationProvider),
enabled: Boolean(conf.translationProvider),
},
},
nostr: {
pubkey: Conf.pubkey,
pubkey: conf.pubkey,
relay: `${wsProtocol}//${host}/relay`,
},
pleroma: {
metadata: {
features,
fields_limits: {
max_fields: Conf.profileFields.maxFields,
name_length: Conf.profileFields.nameLength,
value_length: Conf.profileFields.valueLength,
max_fields: conf.profileFields.maxFields,
name_length: conf.profileFields.nameLength,
value_length: conf.profileFields.valueLength,
},
},
},

7
packages/ditto/controllers/api/notifications.ts
View file

@ -2,7 +2,6 @@ import { NostrFilter, NSchema as n } from '@nostrify/nostrify';
import { z } from 'zod';
import { AppContext, AppController } from '@/app.ts';
import { Conf } from '@/config.ts';
import { DittoPagination } from '@/interfaces/DittoPagination.ts';
import { hydrateEvents } from '@/storages/hydrate.ts';
import { paginated } from '@/utils/api.ts';
@ -31,6 +30,7 @@ const notificationsSchema = z.object({
});
const notificationsController: AppController = async (c) => {
const { conf } = c.var;
const pubkey = await c.get('signer')?.getPublicKey()!;
const params = c.get('pagination');
@ -68,7 +68,7 @@ const notificationsController: AppController = async (c) => {
}
if (types.has('ditto:name_grant') && !account_id) {
filters.push({ kinds: [30360], authors: [Conf.pubkey], '#p': [pubkey], ...params });
filters.push({ kinds: [30360], authors: [conf.pubkey], '#p': [pubkey], ...params });
}
return renderNotifications(filters, types, params, c);
@ -105,10 +105,11 @@ async function renderNotifications(
params: DittoPagination,
c: AppContext,
) {
const { conf } = c.var;
const store = c.get('store');
const pubkey = await c.get('signer')?.getPublicKey()!;
const { signal } = c.req.raw;
const opts = { signal, limit: params.limit, timeout: Conf.db.timeouts.timelines };
const opts = { signal, limit: params.limit, timeout: conf.db.timeouts.timelines };
const events = await store
.query(filters, opts)

14
packages/ditto/controllers/api/oauth.ts
View file

@ -4,7 +4,6 @@ import { generateSecretKey } from 'nostr-tools';
import { z } from 'zod';
import { AppController } from '@/app.ts';
import { Conf } from '@/config.ts';
import { Storages } from '@/storages.ts';
import { nostrNow } from '@/utils.ts';
import { parseBody } from '@/utils/api.ts';
@ -40,6 +39,7 @@ const createTokenSchema = z.discriminatedUnion('grant_type', [
]);
const createTokenController: AppController = async (c) => {
const { conf } = c.var;
const body = await parseBody(c.req.raw);
const result = createTokenSchema.safeParse(body);
@ -50,7 +50,7 @@ const createTokenController: AppController = async (c) => {
switch (result.data.grant_type) {
case 'nostr_bunker':
return c.json({
access_token: await getToken(result.data),
access_token: await getToken(result.data, conf.seckey),
token_type: 'Bearer',
scope: 'read write follow push',
created_at: nostrNow(),
@ -112,6 +112,7 @@ const revokeTokenController: AppController = async (c) => {
async function getToken(
{ pubkey: bunkerPubkey, secret, relays = [] }: { pubkey: string; secret?: string; relays?: string[] },
dittoSeckey: Uint8Array,
): Promise<`token1${string}`> {
const kysely = await Storages.kysely();
const { token, hash } = await generateToken();
@ -133,7 +134,7 @@ async function getToken(
token_hash: hash,
pubkey: userPubkey,
bunker_pubkey: bunkerPubkey,
nip46_sk_enc: await aesEncrypt(Conf.seckey, nip46Seckey),
nip46_sk_enc: await aesEncrypt(dittoSeckey, nip46Seckey),
nip46_relays: relays,
created_at: new Date(),
}).execute();
@ -143,6 +144,7 @@ async function getToken(
/** Display the OAuth form. */
const oauthController: AppController = (c) => {
const { conf } = c.var;
const encodedUri = c.req.query('redirect_uri');
if (!encodedUri) {
return c.text('Missing `redirect_uri` query param.', 422);
@ -192,7 +194,7 @@ const oauthController: AppController = (c) => {
<input type="hidden" name="state" value="${escape(state ?? '')}">
<button type="submit">Authorize</button>
</form>
<p>Sign in with a Nostr bunker app. Please configure the app to use this relay: ${Conf.relay}</p>
<p>Sign in with a Nostr bunker app. Please configure the app to use this relay: ${conf.relay}</p>
</body>
</html>
`);
@ -220,6 +222,8 @@ const oauthAuthorizeSchema = z.object({
/** Controller the OAuth form is POSTed to. */
const oauthAuthorizeController: AppController = async (c) => {
const { conf } = c.var;
/** FormData results in JSON. */
const result = oauthAuthorizeSchema.safeParse(await parseBody(c.req.raw));
@ -236,7 +240,7 @@ const oauthAuthorizeController: AppController = async (c) => {
pubkey: bunker.hostname,
secret: bunker.searchParams.get('secret') || undefined,
relays: bunker.searchParams.getAll('relay'),
});
}, conf.seckey);
if (redirectUri === 'urn:ietf:wg:oauth:2.0:oob') {
return c.text(token);

10
packages/ditto/controllers/api/pleroma.ts
View file

@ -1,7 +1,6 @@
import { z } from 'zod';
import { type AppController } from '@/app.ts';
import { Conf } from '@/config.ts';
import { configSchema, elixirTupleSchema } from '@/schemas/pleroma-api.ts';
import { AdminSigner } from '@/signers/AdminSigner.ts';
import { Storages } from '@/storages.ts';
@ -34,7 +33,8 @@ const configController: AppController = async (c) => {
/** Pleroma admin config controller. */
const updateConfigController: AppController = async (c) => {
const { pubkey } = Conf;
const { conf } = c.var;
const { pubkey } = conf;
const store = await Storages.db();
const configs = await getPleromaConfigs(store, c.req.raw.signal);
@ -69,6 +69,7 @@ const pleromaAdminTagSchema = z.object({
});
const pleromaAdminTagController: AppController = async (c) => {
const { conf } = c.var;
const params = pleromaAdminTagSchema.parse(await c.req.json());
for (const nickname of params.nicknames) {
@ -76,7 +77,7 @@ const pleromaAdminTagController: AppController = async (c) => {
if (!pubkey) continue;
await updateAdminEvent(
{ kinds: [30382], authors: [Conf.pubkey], '#d': [pubkey], limit: 1 },
{ kinds: [30382], authors: [conf.pubkey], '#d': [pubkey], limit: 1 },
(prev) => {
const tags = prev?.tags ?? [['d', pubkey]];
@ -101,6 +102,7 @@ const pleromaAdminTagController: AppController = async (c) => {
};
const pleromaAdminUntagController: AppController = async (c) => {
const { conf } = c.var;
const params = pleromaAdminTagSchema.parse(await c.req.json());
for (const nickname of params.nicknames) {
@ -108,7 +110,7 @@ const pleromaAdminUntagController: AppController = async (c) => {
if (!pubkey) continue;
await updateAdminEvent(
{ kinds: [30382], authors: [Conf.pubkey], '#d': [pubkey], limit: 1 },
{ kinds: [30382], authors: [conf.pubkey], '#d': [pubkey], limit: 1 },
(prev) => ({
kind: 30382,
content: prev?.content ?? '',

7
packages/ditto/controllers/api/push.ts
View file

@ -3,7 +3,6 @@ import { nip19 } from 'nostr-tools';
import { z } from 'zod';
import { AppController } from '@/app.ts';
import { Conf } from '@/config.ts';
import { Storages } from '@/storages.ts';
import { parseBody } from '@/utils/api.ts';
import { getTokenHash } from '@/utils/auth.ts';
@ -43,7 +42,8 @@ const pushSubscribeSchema = z.object({
});
export const pushSubscribeController: AppController = async (c) => {
const vapidPublicKey = await Conf.vapidPublicKey;
const { conf } = c.var;
const vapidPublicKey = await conf.vapidPublicKey;
if (!vapidPublicKey) {
return c.json({ error: 'The administrator of this server has not enabled Web Push notifications.' }, 404);
@ -97,7 +97,8 @@ export const pushSubscribeController: AppController = async (c) => {
};
export const getSubscriptionController: AppController = async (c) => {
const vapidPublicKey = await Conf.vapidPublicKey;
const { conf } = c.var;
const vapidPublicKey = await conf.vapidPublicKey;
if (!vapidPublicKey) {
return c.json({ error: 'The administrator of this server has not enabled Web Push notifications.' }, 404);

7
packages/ditto/controllers/api/reports.ts
View file

@ -2,7 +2,6 @@ import { NostrFilter, NSchema as n } from '@nostrify/nostrify';
import { z } from 'zod';
import { type AppController } from '@/app.ts';
import { Conf } from '@/config.ts';
import { createEvent, paginated, parseBody, updateEventInfo } from '@/utils/api.ts';
import { hydrateEvents } from '@/storages/hydrate.ts';
import { renderAdminReport } from '@/views/mastodon/reports.ts';
@ -19,6 +18,7 @@ const reportSchema = z.object({
/** https://docs.joinmastodon.org/methods/reports/#post */
const reportController: AppController = async (c) => {
const { conf } = c.var;
const store = c.get('store');
const body = await parseBody(c.req.raw);
const result = reportSchema.safeParse(body);
@ -36,7 +36,7 @@ const reportController: AppController = async (c) => {
const tags = [
['p', account_id, category],
['P', Conf.pubkey],
['P', conf.pubkey],
];
for (const status of status_ids) {
@ -61,6 +61,7 @@ const adminReportsSchema = z.object({
/** https://docs.joinmastodon.org/methods/admin/reports/#get */
const adminReportsController: AppController = async (c) => {
const { conf } = c.var;
const store = c.get('store');
const viewerPubkey = await c.get('signer')?.getPublicKey();
@ -69,7 +70,7 @@ const adminReportsController: AppController = async (c) => {
const filter: NostrFilter = {
kinds: [30383],
authors: [Conf.pubkey],
authors: [conf.pubkey],
'#k': ['1984'],
...params,
};

65
packages/ditto/controllers/api/statuses.ts
View file

@ -6,7 +6,6 @@ import { nip19 } from 'nostr-tools';
import { z } from 'zod';
import { type AppController } from '@/app.ts';
import { Conf } from '@/config.ts';
import { DittoUpload, dittoUploads } from '@/DittoUploads.ts';
import { DittoEvent } from '@/interfaces/DittoEvent.ts';
import { getAncestors, getAuthor, getDescendants, getEvent } from '@/queries.ts';
@ -66,6 +65,7 @@ const statusController: AppController = async (c) => {
};
const createStatusController: AppController = async (c) => {
const { conf } = c.var;
const body = await parseBody(c.req.raw);
const result = createStatusSchema.safeParse(body);
const store = c.get('store');
@ -97,12 +97,12 @@ const createStatusController: AppController = async (c) => {
const root = rootId === ancestor.id ? ancestor : await store.query([{ ids: [rootId] }]).then(([event]) => event);
if (root) {
tags.push(['e', root.id, Conf.relay, 'root', root.pubkey]);
tags.push(['e', root.id, conf.relay, 'root', root.pubkey]);
} else {
tags.push(['e', rootId, Conf.relay, 'root']);
tags.push(['e', rootId, conf.relay, 'root']);
}
tags.push(['e', ancestor.id, Conf.relay, 'reply', ancestor.pubkey]);
tags.push(['e', ancestor.id, conf.relay, 'reply', ancestor.pubkey]);
}
let quoted: DittoEvent | undefined;
@ -114,7 +114,7 @@ const createStatusController: AppController = async (c) => {
return c.json({ error: 'Quoted post not found.' }, 404);
}
tags.push(['q', quoted.id, Conf.relay, quoted.pubkey]);
tags.push(['q', quoted.id, conf.relay, quoted.pubkey]);
}
if (data.sensitive && data.spoiler_text) {
@ -162,7 +162,7 @@ const createStatusController: AppController = async (c) => {
}
try {
return `nostr:${nip19.nprofileEncode({ pubkey, relays: [Conf.relay] })}`;
return `nostr:${nip19.nprofileEncode({ pubkey, relays: [conf.relay] })}`;
} catch {
return match;
}
@ -178,7 +178,7 @@ const createStatusController: AppController = async (c) => {
}
for (const pubkey of pubkeys) {
tags.push(['p', pubkey, Conf.relay]);
tags.push(['p', pubkey, conf.relay]);
}
for (const link of linkify.find(data.status ?? '')) {
@ -193,10 +193,10 @@ const createStatusController: AppController = async (c) => {
const pubkey = await c.get('signer')?.getPublicKey()!;
const author = pubkey ? await getAuthor(pubkey) : undefined;
if (Conf.zapSplitsEnabled) {
if (conf.zapSplitsEnabled) {
const meta = n.json().pipe(n.metadata()).catch({}).parse(author?.content);
const lnurl = getLnurl(meta);
const dittoZapSplit = await getZapSplits(store, Conf.pubkey);
const dittoZapSplit = await getZapSplits(store, conf.pubkey);
if (lnurl && dittoZapSplit) {
const totalSplit = Object.values(dittoZapSplit).reduce((total, { weight }) => total + weight, 0);
for (const zapPubkey in dittoZapSplit) {
@ -204,7 +204,7 @@ const createStatusController: AppController = async (c) => {
tags.push([
'zap',
zapPubkey,
Conf.relay,
conf.relay,
(Math.max(0, 100 - totalSplit) + dittoZapSplit[zapPubkey].weight).toString(),
]);
continue;
@ -212,13 +212,13 @@ const createStatusController: AppController = async (c) => {
tags.push([
'zap',
zapPubkey,
Conf.relay,
conf.relay,
dittoZapSplit[zapPubkey].weight.toString(),
dittoZapSplit[zapPubkey].message,
]);
}
if (totalSplit && !dittoZapSplit[pubkey]) {
tags.push(['zap', pubkey, Conf.relay, Math.max(0, 100 - totalSplit).toString()]);
tags.push(['zap', pubkey, conf.relay, Math.max(0, 100 - totalSplit).toString()]);
}
}
}
@ -235,7 +235,7 @@ const createStatusController: AppController = async (c) => {
id: quoted.id,
kind: quoted.kind,
author: quoted.pubkey,
relays: [Conf.relay],
relays: [conf.relay],
});
content += `nostr:${nevent}`;
}
@ -265,6 +265,7 @@ const createStatusController: AppController = async (c) => {
};
const deleteStatusController: AppController = async (c) => {
const { conf } = c.var;
const id = c.req.param('id');
const pubkey = await c.get('signer')?.getPublicKey();
@ -274,7 +275,7 @@ const deleteStatusController: AppController = async (c) => {
if (event.pubkey === pubkey) {
await createEvent({
kind: 5,
tags: [['e', id, Conf.relay, '', pubkey]],
tags: [['e', id, conf.relay, '', pubkey]],
}, c);
const author = await getAuthor(event.pubkey);
@ -324,6 +325,7 @@ const contextController: AppController = async (c) => {
};
const favouriteController: AppController = async (c) => {
const { conf } = c.var;
const id = c.req.param('id');
const store = await Storages.db();
const [target] = await store.query([{ ids: [id], kinds: [1, 20] }]);
@ -333,8 +335,8 @@ const favouriteController: AppController = async (c) => {
kind: 7,
content: '+',
tags: [
['e', target.id, Conf.relay, '', target.pubkey],
['p', target.pubkey, Conf.relay],
['e', target.id, conf.relay, '', target.pubkey],
['p', target.pubkey, conf.relay],
],
}, c);
@ -364,6 +366,7 @@ const favouritedByController: AppController = (c) => {
/** https://docs.joinmastodon.org/methods/statuses/#boost */
const reblogStatusController: AppController = async (c) => {
const { conf } = c.var;
const eventId = c.req.param('id');
const { signal } = c.req.raw;
@ -378,8 +381,8 @@ const reblogStatusController: AppController = async (c) => {
const reblogEvent = await createEvent({
kind: 6,
tags: [
['e', event.id, Conf.relay, '', event.pubkey],
['p', event.pubkey, Conf.relay],
['e', event.id, conf.relay, '', event.pubkey],
['p', event.pubkey, conf.relay],
],
}, c);
@ -396,6 +399,7 @@ const reblogStatusController: AppController = async (c) => {
/** https://docs.joinmastodon.org/methods/statuses/#unreblog */
const unreblogStatusController: AppController = async (c) => {
const { conf } = c.var;
const eventId = c.req.param('id');
const pubkey = await c.get('signer')?.getPublicKey()!;
const store = await Storages.db();
@ -415,7 +419,7 @@ const unreblogStatusController: AppController = async (c) => {
await createEvent({
kind: 5,
tags: [['e', repostEvent.id, Conf.relay, '', repostEvent.pubkey]],
tags: [['e', repostEvent.id, conf.relay, '', repostEvent.pubkey]],
}, c);
return c.json(await renderStatus(event, { viewerPubkey: pubkey }));
@ -456,6 +460,7 @@ const quotesController: AppController = async (c) => {
/** https://docs.joinmastodon.org/methods/statuses/#bookmark */
const bookmarkController: AppController = async (c) => {
const { conf } = c.var;
const pubkey = await c.get('signer')?.getPublicKey()!;
const eventId = c.req.param('id');
@ -467,7 +472,7 @@ const bookmarkController: AppController = async (c) => {
if (event) {
await updateListEvent(
{ kinds: [10003], authors: [pubkey], limit: 1 },
(tags) => addTag(tags, ['e', event.id, Conf.relay, '', event.pubkey]),
(tags) => addTag(tags, ['e', event.id, conf.relay, '', event.pubkey]),
c,
);
@ -483,6 +488,7 @@ const bookmarkController: AppController = async (c) => {
/** https://docs.joinmastodon.org/methods/statuses/#unbookmark */
const unbookmarkController: AppController = async (c) => {
const { conf } = c.var;
const pubkey = await c.get('signer')?.getPublicKey()!;
const eventId = c.req.param('id');
@ -494,7 +500,7 @@ const unbookmarkController: AppController = async (c) => {
if (event) {
await updateListEvent(
{ kinds: [10003], authors: [pubkey], limit: 1 },
(tags) => deleteTag(tags, ['e', event.id, Conf.relay, '', event.pubkey]),
(tags) => deleteTag(tags, ['e', event.id, conf.relay, '', event.pubkey]),
c,
);
@ -510,6 +516,7 @@ const unbookmarkController: AppController = async (c) => {
/** https://docs.joinmastodon.org/methods/statuses/#pin */
const pinController: AppController = async (c) => {
const { conf } = c.var;
const pubkey = await c.get('signer')?.getPublicKey()!;
const eventId = c.req.param('id');
@ -521,7 +528,7 @@ const pinController: AppController = async (c) => {
if (event) {
await updateListEvent(
{ kinds: [10001], authors: [pubkey], limit: 1 },
(tags) => addTag(tags, ['e', event.id, Conf.relay, '', event.pubkey]),
(tags) => addTag(tags, ['e', event.id, conf.relay, '', event.pubkey]),
c,
);
@ -537,6 +544,7 @@ const pinController: AppController = async (c) => {
/** https://docs.joinmastodon.org/methods/statuses/#unpin */
const unpinController: AppController = async (c) => {
const { conf } = c.var;
const pubkey = await c.get('signer')?.getPublicKey()!;
const eventId = c.req.param('id');
const { signal } = c.req.raw;
@ -550,7 +558,7 @@ const unpinController: AppController = async (c) => {
if (event) {
await updateListEvent(
{ kinds: [10001], authors: [pubkey], limit: 1 },
(tags) => deleteTag(tags, ['e', event.id, Conf.relay, '', event.pubkey]),
(tags) => deleteTag(tags, ['e', event.id, conf.relay, '', event.pubkey]),
c,
);
@ -572,6 +580,7 @@ const zapSchema = z.object({
});
const zapController: AppController = async (c) => {
const { conf } = c.var;
const body = await parseBody(c.req.raw);
const result = zapSchema.safeParse(body);
const { signal } = c.req.raw;
@ -594,10 +603,10 @@ const zapController: AppController = async (c) => {
lnurl = getLnurl(meta);
if (target && lnurl) {
tags.push(
['e', target.id, Conf.relay],
['p', target.pubkey, Conf.relay],
['e', target.id, conf.relay],
['p', target.pubkey, conf.relay],
['amount', amount.toString()],
['relays', Conf.relay],
['relays', conf.relay],
['lnurl', lnurl],
);
}
@ -607,9 +616,9 @@ const zapController: AppController = async (c) => {
lnurl = getLnurl(meta);
if (target && lnurl) {
tags.push(
['p', target.pubkey, Conf.relay],
['p', target.pubkey, conf.relay],
['amount', amount.toString()],
['relays', Conf.relay],
['relays', conf.relay],
['lnurl', lnurl],
);
}

7
packages/ditto/controllers/api/streaming.ts
View file

@ -4,7 +4,6 @@ import { logi } from '@soapbox/logi';
import { z } from 'zod';
import { type AppController } from '@/app.ts';
import { Conf } from '@/config.ts';
import {
streamingClientMessagesCounter,
streamingConnectionsGauge,
@ -69,6 +68,7 @@ const limiter = new TTLCache<string, number>();
const connections = new Set<WebSocket>();
const streamingController: AppController = async (c) => {
const { conf } = c.var;
const upgrade = c.req.header('upgrade');
const token = c.req.header('sec-websocket-protocol');
const stream = streamSchema.optional().catch(undefined).parse(c.req.query('stream'));
@ -137,7 +137,7 @@ const streamingController: AppController = async (c) => {
streamingConnectionsGauge.set(connections.size);
if (!stream) return;
const topicFilter = await topicToFilter(stream, c.req.query(), pubkey);
const topicFilter = await topicToFilter(stream, c.req.query(), pubkey, conf.url.host);
if (topicFilter) {
sub([topicFilter], async (event) => {
@ -208,9 +208,8 @@ async function topicToFilter(
topic: Stream,
query: Record<string, string>,
pubkey: string | undefined,
host: string,
): Promise<NostrFilter | undefined> {
const { host } = Conf.url;
switch (topic) {
case 'public':
return { kinds: [1, 6, 20] };

21
packages/ditto/controllers/api/suggestions.ts
View file

@ -2,7 +2,6 @@ import { NostrFilter } from '@nostrify/nostrify';
import { matchFilter } from 'nostr-tools';
import { AppContext, AppController } from '@/app.ts';
import { Conf } from '@/config.ts';
import { hydrateEvents } from '@/storages/hydrate.ts';
import { paginated, paginatedList } from '@/utils/api.ts';
import { getTagSet } from '@/utils/tags.ts';
@ -24,6 +23,7 @@ export const suggestionsV2Controller: AppController = async (c) => {
};
async function renderV2Suggestions(c: AppContext, params: { offset: number; limit: number }, signal?: AbortSignal) {
const { conf } = c.var;
const { offset, limit } = params;
const store = c.get('store');
@ -31,8 +31,8 @@ async function renderV2Suggestions(c: AppContext, params: { offset: number; limi
const pubkey = await signer?.getPublicKey();
const filters: NostrFilter[] = [
{ kinds: [30382], authors: [Conf.pubkey], '#n': ['suggested'], limit },
{ kinds: [1985], '#L': ['pub.ditto.trends'], '#l': [`#p`], authors: [Conf.pubkey], limit: 1 },
{ kinds: [30382], authors: [conf.pubkey], '#n': ['suggested'], limit },
{ kinds: [1985], '#L': ['pub.ditto.trends'], '#l': [`#p`], authors: [conf.pubkey], limit: 1 },
];
if (pubkey) {
@ -43,11 +43,11 @@ async function renderV2Suggestions(c: AppContext, params: { offset: number; limi
const events = await store.query(filters, { signal });
const [userEvents, followsEvent, mutesEvent, trendingEvent] = [
events.filter((event) => matchFilter({ kinds: [30382], authors: [Conf.pubkey], '#n': ['suggested'] }, event)),
events.filter((event) => matchFilter({ kinds: [30382], authors: [conf.pubkey], '#n': ['suggested'] }, event)),
pubkey ? events.find((event) => matchFilter({ kinds: [3], authors: [pubkey] }, event)) : undefined,
pubkey ? events.find((event) => matchFilter({ kinds: [10000], authors: [pubkey] }, event)) : undefined,
events.find((event) =>
matchFilter({ kinds: [1985], '#L': ['pub.ditto.trends'], '#l': [`#p`], authors: [Conf.pubkey], limit: 1 }, event)
matchFilter({ kinds: [1985], '#L': ['pub.ditto.trends'], '#l': [`#p`], authors: [conf.pubkey], limit: 1 }, event)
),
];
@ -89,12 +89,13 @@ async function renderV2Suggestions(c: AppContext, params: { offset: number; limi
}
export const localSuggestionsController: AppController = async (c) => {
const { conf } = c.var;
const signal = c.req.raw.signal;
const params = c.get('pagination');
const store = c.get('store');
const grants = await store.query(
[{ kinds: [30360], authors: [Conf.pubkey], ...params }],
[{ kinds: [30360], authors: [conf.pubkey], ...params }],
{ signal },
);
@ -108,20 +109,20 @@ export const localSuggestionsController: AppController = async (c) => {
}
const profiles = await store.query(
[{ kinds: [0], authors: [...pubkeys], search: `domain:${Conf.url.host}`, ...params }],
[{ kinds: [0], authors: [...pubkeys], search: `domain:${conf.url.host}`, ...params }],
{ signal },
)
.then((events) => hydrateEvents({ store, events, signal }));
const suggestions = (await Promise.all([...pubkeys].map(async (pubkey) => {
const suggestions = [...pubkeys].map((pubkey) => {
const profile = profiles.find((event) => event.pubkey === pubkey);
if (!profile) return;
return {
source: 'global',
account: await renderAccount(profile),
account: renderAccount(profile),
};
}))).filter(Boolean);
}).filter(Boolean);
return paginated(c, grants, suggestions);
};

10
packages/ditto/controllers/api/timelines.ts
View file

@ -2,7 +2,6 @@ import { NostrFilter } from '@nostrify/nostrify';
import { z } from 'zod';
import { type AppContext, type AppController } from '@/app.ts';
import { Conf } from '@/config.ts';
import { getFeedPubkeys } from '@/queries.ts';
import { booleanParamSchema, languageSchema } from '@/schema.ts';
import { hydrateEvents } from '@/storages/hydrate.ts';
@ -53,6 +52,7 @@ const publicQuerySchema = z.object({
});
const publicTimelineController: AppController = (c) => {
const { conf } = c.var;
const params = c.get('pagination');
const result = publicQuerySchema.safeParse(c.req.query());
@ -67,7 +67,7 @@ const publicTimelineController: AppController = (c) => {
const search: `${string}:${string}`[] = [];
if (local) {
search.push(`domain:${Conf.url.host}`);
search.push(`domain:${conf.url.host}`);
} else if (instance) {
search.push(`domain:${instance}`);
}
@ -90,11 +90,12 @@ const hashtagTimelineController: AppController = (c) => {
};
const suggestedTimelineController: AppController = async (c) => {
const { conf } = c.var;
const store = c.get('store');
const params = c.get('pagination');
const [follows] = await store.query(
[{ kinds: [3], authors: [Conf.pubkey], limit: 1 }],
[{ kinds: [3], authors: [conf.pubkey], limit: 1 }],
);
const authors = [...getTagSet(follows?.tags ?? [], 'p')];
@ -104,9 +105,10 @@ const suggestedTimelineController: AppController = async (c) => {
/** Render statuses for timelines. */
async function renderStatuses(c: AppContext, filters: NostrFilter[]) {
const { conf } = c.var;
const { signal } = c.req.raw;
const store = c.get('store');
const opts = { signal, timeout: Conf.db.timeouts.timelines };
const opts = { signal, timeout: conf.db.timeouts.timelines };
const events = await store
.query(filters, opts)

28
packages/ditto/controllers/api/trends.ts
View file

@ -1,3 +1,4 @@
import { type DittoConf } from '@ditto/conf';
import { NostrEvent, NostrFilter, NStore } from '@nostrify/nostrify';
import { logi } from '@soapbox/logi';
import { z } from 'zod';
@ -13,7 +14,7 @@ import { paginated } from '@/utils/api.ts';
import { errorJson } from '@/utils/log.ts';
import { renderStatus } from '@/views/mastodon/statuses.ts';
let trendingHashtagsCache = getTrendingHashtags().catch((e: unknown) => {
let trendingHashtagsCache = getTrendingHashtags(Conf).catch((e: unknown) => {
logi({
level: 'error',
ns: 'ditto.trends.api',
@ -26,7 +27,7 @@ let trendingHashtagsCache = getTrendingHashtags().catch((e: unknown) => {
Deno.cron('update trending hashtags cache', '35 * * * *', async () => {
try {
const trends = await getTrendingHashtags();
const trends = await getTrendingHashtags(Conf);
trendingHashtagsCache = Promise.resolve(trends);
} catch (e) {
logi({
@ -50,9 +51,9 @@ const trendingTagsController: AppController = async (c) => {
return c.json(trends.slice(offset, offset + limit));
};
async function getTrendingHashtags() {
async function getTrendingHashtags(conf: DittoConf) {
const store = await Storages.db();
const trends = await getTrendingTags(store, 't');
const trends = await getTrendingTags(store, 't', conf.pubkey);
return trends.map((trend) => {
const hashtag = trend.value;
@ -65,13 +66,13 @@ async function getTrendingHashtags() {
return {
name: hashtag,
url: Conf.local(`/tags/${hashtag}`),
url: conf.local(`/tags/${hashtag}`),
history,
};
});
}
let trendingLinksCache = getTrendingLinks().catch((e: unknown) => {
let trendingLinksCache = getTrendingLinks(Conf).catch((e: unknown) => {
logi({
level: 'error',
ns: 'ditto.trends.api',
@ -84,7 +85,7 @@ let trendingLinksCache = getTrendingLinks().catch((e: unknown) => {
Deno.cron('update trending links cache', '50 * * * *', async () => {
try {
const trends = await getTrendingLinks();
const trends = await getTrendingLinks(Conf);
trendingLinksCache = Promise.resolve(trends);
} catch (e) {
logi({
@ -103,9 +104,9 @@ const trendingLinksController: AppController = async (c) => {
return c.json(trends.slice(offset, offset + limit));
};
async function getTrendingLinks() {
async function getTrendingLinks(conf: DittoConf) {
const store = await Storages.db();
const trends = await getTrendingTags(store, 'r');
const trends = await getTrendingTags(store, 'r', conf.pubkey);
return Promise.all(trends.map(async (trend) => {
const link = trend.value;
@ -139,6 +140,7 @@ async function getTrendingLinks() {
}
const trendingStatusesController: AppController = async (c) => {
const { conf } = c.var;
const store = await Storages.db();
const { limit, offset, until } = paginationSchema.parse(c.req.query());
@ -146,7 +148,7 @@ const trendingStatusesController: AppController = async (c) => {
kinds: [1985],
'#L': ['pub.ditto.trends'],
'#l': ['#e'],
authors: [Conf.pubkey],
authors: [conf.pubkey],
until,
limit: 1,
}]);
@ -185,12 +187,12 @@ interface TrendingTag {
}[];
}
export async function getTrendingTags(store: NStore, tagName: string): Promise<TrendingTag[]> {
export async function getTrendingTags(store: NStore, tagName: string, pubkey: string): Promise<TrendingTag[]> {
const [label] = await store.query([{
kinds: [1985],
'#L': ['pub.ditto.trends'],
'#l': [`#${tagName}`],
authors: [Conf.pubkey],
authors: [pubkey],
limit: 1,
}]);
@ -213,7 +215,7 @@ export async function getTrendingTags(store: NStore, tagName: string): Promise<T
'#L': ['pub.ditto.trends'],
'#l': [`#${tagName}`],
[`#${tagName}`]: [value],
authors: [Conf.pubkey],
authors: [pubkey],
since: Math.floor(date.getTime() / 1000),
until: Math.floor((date.getTime() + Time.days(1)) / 1000),
limit: 1,

4
packages/ditto/controllers/nostr/relay-info.ts
View file

@ -1,11 +1,11 @@
import denoJson from 'deno.json' with { type: 'json' };
import { AppController } from '@/app.ts';
import { Conf } from '@/config.ts';
import { Storages } from '@/storages.ts';
import { getInstanceMetadata } from '@/utils/instance.ts';
const relayInfoController: AppController = async (c) => {
const { conf } = c.var;
const store = await Storages.db();
const meta = await getInstanceMetadata(store, c.req.raw.signal);
@ -14,7 +14,7 @@ const relayInfoController: AppController = async (c) => {
return c.json({
name: meta.name,
description: meta.about,
pubkey: Conf.pubkey,
pubkey: conf.pubkey,
contact: meta.email,
supported_nips: [1, 5, 9, 11, 16, 45, 50, 46, 98],
software: 'Ditto',

13
packages/ditto/controllers/nostr/relay.ts
View file

@ -1,3 +1,4 @@
import { type DittoConf } from '@ditto/conf';
import { logi } from '@soapbox/logi';
import { JsonValue } from '@std/json';
import {
@ -12,7 +13,6 @@ import {
} from '@nostrify/nostrify';
import { AppController } from '@/app.ts';
import { Conf } from '@/config.ts';
import { relayInfoController } from '@/controllers/nostr/relay-info.ts';
import { relayConnectionsGauge, relayEventsCounter, relayMessagesCounter } from '@/metrics.ts';
import * as pipeline from '@/pipeline.ts';
@ -47,7 +47,7 @@ const limiters = {
const connections = new Set<WebSocket>();
/** Set up the Websocket connection. */
function connectStream(socket: WebSocket, ip: string | undefined) {
function connectStream(socket: WebSocket, ip: string | undefined, conf: DittoConf) {
const controllers = new Map<string, AbortController>();
socket.onopen = () => {
@ -126,7 +126,7 @@ function connectStream(socket: WebSocket, ip: string | undefined) {
const pubsub = await Storages.pubsub();
try {
for (const event of await store.query(filters, { limit: FILTER_LIMIT, timeout: Conf.db.timeouts.relay })) {
for (const event of await store.query(filters, { limit: FILTER_LIMIT, timeout: conf.db.timeouts.relay })) {
send(['EVENT', subId, purifyEvent(event)]);
}
} catch (e) {
@ -188,7 +188,7 @@ function connectStream(socket: WebSocket, ip: string | undefined) {
async function handleCount([_, subId, ...filters]: NostrClientCOUNT): Promise<void> {
if (rateLimited(limiters.req)) return;
const store = await Storages.db();
const { count } = await store.count(filters, { timeout: Conf.db.timeouts.relay });
const { count } = await store.count(filters, { timeout: conf.db.timeouts.relay });
send(['COUNT', subId, { count, approximate: false }]);
}
@ -201,6 +201,7 @@ function connectStream(socket: WebSocket, ip: string | undefined) {
}
const relayController: AppController = (c, next) => {
const { conf } = c.var;
const upgrade = c.req.header('upgrade');
// NIP-11: https://github.com/nostr-protocol/nips/blob/master/11.md
@ -214,7 +215,7 @@ const relayController: AppController = (c, next) => {
let ip = c.req.header('x-real-ip');
if (ip && Conf.ipWhitelist.includes(ip)) {
if (ip && conf.ipWhitelist.includes(ip)) {
ip = undefined;
}
@ -229,7 +230,7 @@ const relayController: AppController = (c, next) => {
}
const { socket, response } = Deno.upgradeWebSocket(c.req.raw, { idleTimeout: 30 });
connectStream(socket, ip);
connectStream(socket, ip, conf);
return response;
};

8
packages/ditto/controllers/well-known/nodeinfo.ts
View file

@ -1,17 +1,17 @@
import { Conf } from '@/config.ts';
import type { AppController } from '@/app.ts';
const nodeInfoController: AppController = (c) => {
const { conf } = c.var;
return c.json({
links: [
{
rel: 'http://nodeinfo.diaspora.software/ns/schema/2.0',
href: Conf.local('/nodeinfo/2.0'),
href: conf.local('/nodeinfo/2.0'),
},
{
rel: 'http://nodeinfo.diaspora.software/ns/schema/2.1',
href: Conf.local('/nodeinfo/2.1'),
href: conf.local('/nodeinfo/2.1'),
},
],
});

6
packages/ditto/middleware/auth98Middleware.ts
View file

@ -11,7 +11,6 @@ import {
type ParseAuthRequestOpts,
validateAuthEvent,
} from '@/utils/nip98.ts';
import { Conf } from '@/config.ts';
/**
* NIP-98 auth.
@ -35,12 +34,13 @@ type UserRole = 'user' | 'admin';
/** Require the user to prove their role before invoking the controller. */
function requireRole(role: UserRole, opts?: ParseAuthRequestOpts): AppMiddleware {
return withProof(async (_c, proof, next) => {
return withProof(async (c, proof, next) => {
const { conf } = c.var;
const store = await Storages.db();
const [user] = await store.query([{
kinds: [30382],
authors: [Conf.pubkey],
authors: [conf.pubkey],
'#d': [proof.pubkey],
limit: 1,
}]);

4
packages/ditto/middleware/cspMiddleware.ts
View file

@ -1,5 +1,4 @@
import { AppMiddleware } from '@/app.ts';
import { Conf } from '@/config.ts';
import { PleromaConfigDB } from '@/utils/PleromaConfigDB.ts';
import { Storages } from '@/storages.ts';
import { getPleromaConfigs } from '@/utils/pleroma.ts';
@ -8,13 +7,14 @@ let configDBCache: Promise<PleromaConfigDB> | undefined;
export const cspMiddleware = (): AppMiddleware => {
return async (c, next) => {
const { conf } = c.var;
const store = await Storages.db();
if (!configDBCache) {
configDBCache = getPleromaConfigs(store);
}
const { host, protocol, origin } = Conf.url;
const { host, protocol, origin } = conf.url;
const wsProtocol = protocol === 'http:' ? 'ws:' : 'wss:';
const configDB = await configDBCache;
const sentryDsn = configDB.getIn(':pleroma', ':frontend_configurations', ':soapbox_fe', 'sentryDsn');

8
packages/ditto/middleware/rateLimitMiddleware.ts
View file

@ -1,14 +1,13 @@
import { type DittoConf } from '@ditto/conf';
import { MiddlewareHandler } from '@hono/hono';
import { rateLimiter } from 'hono-rate-limiter';
import { Conf } from '@/config.ts';
/**
* Rate limit middleware for Hono, based on [`hono-rate-limiter`](https://github.com/rhinobase/hono-rate-limiter).
*/
export function rateLimitMiddleware(limit: number, windowMs: number, includeHeaders?: boolean): MiddlewareHandler {
// @ts-ignore Mismatched hono versions.
return rateLimiter({
return rateLimiter<{ Variables: { conf: DittoConf } }>({
limit,
windowMs,
standardHeaders: includeHeaders,
@ -17,8 +16,9 @@ export function rateLimitMiddleware(limit: number, windowMs: number, includeHead
return c.text('Too many requests, please try again later.', 429);
},
skip: (c) => {
const { conf } = c.var;
const ip = c.req.header('x-real-ip');
return !ip || Conf.ipWhitelist.includes(ip);
return !ip || conf.ipWhitelist.includes(ip);
},
keyGenerator: (c) => c.req.header('x-real-ip')!,
});

10
packages/ditto/middleware/signerMiddleware.ts
View file

@ -1,9 +1,9 @@
import { type DittoConf } from '@ditto/conf';
import { MiddlewareHandler } from '@hono/hono';
import { HTTPException } from '@hono/hono/http-exception';
import { NostrSigner, NSecSigner } from '@nostrify/nostrify';
import { nip19 } from 'nostr-tools';
import { Conf } from '@/config.ts';
import { ConnectSigner } from '@/signers/ConnectSigner.ts';
import { ReadOnlySigner } from '@/signers/ReadOnlySigner.ts';
import { Storages } from '@/storages.ts';
@ -14,7 +14,11 @@ import { getTokenHash } from '@/utils/auth.ts';
const BEARER_REGEX = new RegExp(`^Bearer (${nip19.BECH32_REGEX.source})$`);
/** Make a `signer` object available to all controllers, or unset if the user isn't logged in. */
export const signerMiddleware: MiddlewareHandler<{ Variables: { signer: NostrSigner } }> = async (c, next) => {
export const signerMiddleware: MiddlewareHandler<{ Variables: { signer: NostrSigner; conf: DittoConf } }> = async (
c,
next,
) => {
const { conf } = c.var;
const header = c.req.header('authorization');
const match = header?.match(BEARER_REGEX);
@ -32,7 +36,7 @@ export const signerMiddleware: MiddlewareHandler<{ Variables: { signer: NostrSig
.where('token_hash', '=', tokenHash)
.executeTakeFirstOrThrow();
const nep46Seckey = await aesDecrypt(Conf.seckey, nip46_sk_enc);
const nep46Seckey = await aesDecrypt(conf.seckey, nip46_sk_enc);
c.set(
'signer',

9
packages/ditto/middleware/swapNutzapsMiddleware.ts
View file

@ -1,4 +1,5 @@
import { CashuMint, CashuWallet, getEncodedToken, type Proof } from '@cashu/cashu-ts';
import { type DittoConf } from '@ditto/conf';
import { MiddlewareHandler } from '@hono/hono';
import { HTTPException } from '@hono/hono/http-exception';
import { getPublicKey } from 'nostr-tools';
@ -9,7 +10,6 @@ import { logi } from '@soapbox/logi';
import { isNostrId } from '@/utils.ts';
import { errorJson } from '@/utils/log.ts';
import { Conf } from '@/config.ts';
import { createEvent } from '@/utils/api.ts';
import { z } from 'zod';
@ -18,8 +18,9 @@ import { z } from 'zod';
* Errors are only thrown if 'signer' and 'store' middlewares are not set.
*/
export const swapNutzapsMiddleware: MiddlewareHandler<
{ Variables: { signer: SetRequired<NostrSigner, 'nip44'>; store: NStore } }
{ Variables: { signer: SetRequired<NostrSigner, 'nip44'>; store: NStore; conf: DittoConf } }
> = async (c, next) => {
const { conf } = c.var;
const signer = c.get('signer');
const store = c.get('store');
@ -133,7 +134,7 @@ export const swapNutzapsMiddleware: MiddlewareHandler<
[
'e', // nutzap event that has been redeemed
event.id,
Conf.relay,
conf.relay,
'redeemed',
],
['p', event.pubkey], // pubkey of the author of the 9321 event (nutzap sender)
@ -173,7 +174,7 @@ export const swapNutzapsMiddleware: MiddlewareHandler<
JSON.stringify([
['direction', 'in'],
['amount', amount],
['e', unspentProofs.id, Conf.relay, 'created'],
['e', unspentProofs.id, conf.relay, 'created'],
]),
),
tags: mintsToProofs[mint].redeemed,

9
packages/ditto/middleware/translatorMiddleware.ts
View file

@ -1,15 +1,16 @@
import { safeFetch } from '@soapbox/safe-fetch';
import { AppMiddleware } from '@/app.ts';
import { Conf } from '@/config.ts';
import { DeepLTranslator } from '@/translators/DeepLTranslator.ts';
import { LibreTranslateTranslator } from '@/translators/LibreTranslateTranslator.ts';
/** Set the translator used for translating posts. */
export const translatorMiddleware: AppMiddleware = async (c, next) => {
switch (Conf.translationProvider) {
const { conf } = c.var;
switch (conf.translationProvider) {
case 'deepl': {
const { deeplApiKey: apiKey, deeplBaseUrl: baseUrl } = Conf;
const { deeplApiKey: apiKey, deeplBaseUrl: baseUrl } = conf;
if (apiKey) {
c.set('translator', new DeepLTranslator({ baseUrl, apiKey, fetch: safeFetch }));
}
@ -17,7 +18,7 @@ export const translatorMiddleware: AppMiddleware = async (c, next) => {
}
case 'libretranslate': {
const { libretranslateApiKey: apiKey, libretranslateBaseUrl: baseUrl } = Conf;
const { libretranslateApiKey: apiKey, libretranslateBaseUrl: baseUrl } = conf;
if (apiKey) {
c.set('translator', new LibreTranslateTranslator({ baseUrl, apiKey, fetch: safeFetch }));
}

32
packages/ditto/middleware/uploaderMiddleware.ts
View file

@ -2,44 +2,44 @@ import { BlossomUploader, NostrBuildUploader } from '@nostrify/nostrify/uploader
import { safeFetch } from '@soapbox/safe-fetch';
import { AppMiddleware } from '@/app.ts';
import { Conf } from '@/config.ts';
import { DenoUploader } from '@/uploaders/DenoUploader.ts';
import { IPFSUploader } from '@/uploaders/IPFSUploader.ts';
import { S3Uploader } from '@/uploaders/S3Uploader.ts';
/** Set an uploader for the user. */
export const uploaderMiddleware: AppMiddleware = async (c, next) => {
const signer = c.get('signer');
const { signer, conf } = c.var;
switch (Conf.uploader) {
switch (conf.uploader) {
case 's3':
c.set(
'uploader',
new S3Uploader({
accessKey: Conf.s3.accessKey,
bucket: Conf.s3.bucket,
endPoint: Conf.s3.endPoint!,
pathStyle: Conf.s3.pathStyle,
port: Conf.s3.port,
region: Conf.s3.region!,
secretKey: Conf.s3.secretKey,
sessionToken: Conf.s3.sessionToken,
useSSL: Conf.s3.useSSL,
accessKey: conf.s3.accessKey,
bucket: conf.s3.bucket,
endPoint: conf.s3.endPoint!,
pathStyle: conf.s3.pathStyle,
port: conf.s3.port,
region: conf.s3.region!,
secretKey: conf.s3.secretKey,
sessionToken: conf.s3.sessionToken,
useSSL: conf.s3.useSSL,
baseUrl: conf.mediaDomain,
}),
);
break;
case 'ipfs':
c.set('uploader', new IPFSUploader({ baseUrl: Conf.mediaDomain, apiUrl: Conf.ipfs.apiUrl, fetch: safeFetch }));
c.set('uploader', new IPFSUploader({ baseUrl: conf.mediaDomain, apiUrl: conf.ipfs.apiUrl, fetch: safeFetch }));
break;
case 'local':
c.set('uploader', new DenoUploader({ baseUrl: Conf.mediaDomain, dir: Conf.uploadsDir }));
c.set('uploader', new DenoUploader({ baseUrl: conf.mediaDomain, dir: conf.uploadsDir }));
break;
case 'nostrbuild':
c.set('uploader', new NostrBuildUploader({ endpoint: Conf.nostrbuildEndpoint, signer, fetch: safeFetch }));
c.set('uploader', new NostrBuildUploader({ endpoint: conf.nostrbuildEndpoint, signer, fetch: safeFetch }));
break;
case 'blossom':
if (signer) {
c.set('uploader', new BlossomUploader({ servers: Conf.blossomServers, signer, fetch: safeFetch }));
c.set('uploader', new BlossomUploader({ servers: conf.blossomServers, signer, fetch: safeFetch }));
}
break;
}

9
packages/ditto/uploaders/S3Uploader.ts
View file

@ -6,8 +6,6 @@ import { crypto } from '@std/crypto';
import { encodeHex } from '@std/encoding/hex';
import { extensionsByType } from '@std/media-types';
import { Conf } from '@/config.ts';
export interface S3UploaderOpts {
endPoint: string;
region: string;
@ -18,13 +16,14 @@ export interface S3UploaderOpts {
port?: number;
sessionToken?: string;
useSSL?: boolean;
baseUrl?: string;
}
/** S3-compatible uploader for AWS, Wasabi, DigitalOcean Spaces, and more. */
export class S3Uploader implements NUploader {
private client: S3Client;
constructor(opts: S3UploaderOpts) {
constructor(private opts: S3UploaderOpts) {
this.client = new S3Client(opts);
}
@ -40,10 +39,10 @@ export class S3Uploader implements NUploader {
},
});
const { pathStyle, bucket } = Conf.s3;
const { pathStyle, bucket, baseUrl } = this.opts;
const path = (pathStyle && bucket) ? join(bucket, filename) : filename;
const url = new URL(path, Conf.mediaDomain).toString();
const url = new URL(path, baseUrl).toString();
return [
['url', url],