Refactor everything, add invite codes

Author: Jon Staab

.env.template

@@ -2,10 +2,12 @@ PORT=3334
 RELAY_URL=
 RELAY_NAME=
 RELAY_ICON=
-RELAY_PUBKEY=
+RELAY_ADMIN=
+RELAY_SECRET=
 RELAY_DESCRIPTION=
 RELAY_CLAIMS=
 AUTH_BACKEND=
 AUTH_WHITELIST=
 AUTH_RESTRICT_USER=true
 AUTH_RESTRICT_AUTHOR=false
+GENERATE_CLAIMS=false

.fdignore

@@ -0,0 +1 @@
+data

Dockerfile

@@ -7,6 +7,7 @@ COPY go.mod go.sum ./
 RUN go mod download
 
 COPY *.go ./
+COPY common common
 
 RUN CGO_ENABLED=0 GOOS=linux go build -o /frith
 

acl.go

@@ -0,0 +1,42 @@
+package main
+
+import (
+	"fmt"
+	"log"
+
+  "frith/common"
+	"github.com/dgraph-io/badger/v4"
+	_ "github.com/joho/godotenv/autoload"
+)
+
+func main() {
+	common.SetupEnvironment()
+	common.SetupDatabase()
+
+	defer common.Db.Close()
+
+	err := common.Db.View(func(txn *badger.Txn) error {
+		opts := badger.DefaultIteratorOptions
+		it := txn.NewIterator(opts)
+		defer it.Close()
+
+		for it.Rewind(); it.Valid(); it.Next() {
+			item := it.Item()
+			key := item.Key()
+
+			err := item.Value(func(val []byte) error {
+				fmt.Printf("%s\t%s\n", key, string(val))
+				return nil
+			})
+
+			if err != nil {
+				return err
+			}
+		}
+		return nil
+	})
+
+	if err != nil {
+		log.Fatal("Error reading database:", err)
+	}
+}

cmd/dump/main.go

@@ -0,0 +1,61 @@
+package common
+
+import (
+	"fmt"
+	"net/http"
+	"slices"
+	"sync"
+	"time"
+)
+
+func HasAccess(pubkey string) bool {
+	return HasAccessUsingWhitelist(pubkey) || HasAccessUsingClaim(pubkey) || HasAccessUsingBackend(pubkey)
+}
+
+func HasAccessUsingWhitelist(pubkey string) bool {
+	return slices.Contains(AUTH_WHITELIST, pubkey)
+}
+
+func HasAccessUsingClaim(pubkey string) bool {
+	return len(getUserClaims(pubkey)) > 0
+}
+
+type BackendAccess struct {
+	granted bool
+	expires time.Time
+}
+
+var backend_acl = make(map[string]BackendAccess)
+var backend_acl_mu sync.Mutex
+
+func HasAccessUsingBackend(pubkey string) bool {
+	backend_acl_mu.Lock()
+	defer backend_acl_mu.Unlock()
+
+	// If we don't have a backend, we're done
+	if AUTH_BACKEND == "" {
+		return false
+	}
+
+	// If we have an un-expired entry, use it
+	if access, ok := backend_acl[pubkey]; ok && access.expires.After(time.Now()) {
+		return access.granted
+	}
+
+	// Fetch the url
+	res, err := http.Get(fmt.Sprintf("%s%s", AUTH_BACKEND, pubkey))
+
+	// If we get a 200, consider it good
+	if err == nil {
+		expire_after, _ := time.ParseDuration("1m")
+
+		backend_acl[pubkey] = BackendAccess{
+			granted: res.StatusCode == 200,
+			expires: time.Now().Add(expire_after),
+		}
+	} else {
+		fmt.Println(err)
+	}
+
+	return backend_acl[pubkey].granted
+}

common/acl.go

@@ -0,0 +1,24 @@
+package common
+
+import (
+	"slices"
+	"strings"
+)
+
+func isValidClaim(claim string) bool {
+	return slices.Contains(RELAY_CLAIMS, claim)
+}
+
+func getUserClaims(pubkey string) []string {
+  return split(GetItem("claim", pubkey), ",")
+}
+
+func addUserClaim(pubkey string, claim string) {
+	claims := getUserClaims(pubkey)
+
+	if !slices.Contains(claims, claim) {
+		claims = append(claims, claim)
+
+		PutItem("claim", pubkey, strings.Join(claims, ","))
+	}
+}

common/claim.go

@@ -0,0 +1,55 @@
+package common
+
+import (
+	"fmt"
+	"log"
+	"github.com/dgraph-io/badger/v4"
+)
+
+var Db *badger.DB
+
+func SetupDatabase() {
+	var err error
+	Db, err = badger.Open(badger.DefaultOptions(GetDataDir("frith")))
+	if err != nil {
+		log.Fatal("Failed to open badger db:", err)
+	}
+}
+
+func PutItem(tbl string, key string, value string) {
+	if err := Db.Update(func(txn *badger.Txn) error {
+		return txn.Set([]byte(tbl+":"+key), []byte(value))
+	}); err != nil {
+		fmt.Println(err)
+	}
+}
+
+func GetItem(tbl string, key string) string {
+	var result string
+	err := Db.View(func(txn *badger.Txn) error {
+		item, err := txn.Get([]byte(tbl + ":" + key))
+		if err != nil {
+			return err
+		}
+
+		return item.Value(func(val []byte) error {
+			result = string(val)
+			return nil
+		})
+	})
+
+	if err != nil && err != badger.ErrKeyNotFound {
+		fmt.Println(err)
+	}
+
+	return result
+}
+
+func DeleteItem(tbl string, key string) {
+	err := Db.Update(func(txn *badger.Txn) error {
+		return txn.Delete([]byte(tbl + ":" + key))
+	})
+	if err != nil {
+		fmt.Println(err)
+	}
+}

common/db.go

@@ -0,0 +1,64 @@
+package common
+
+import (
+	"fmt"
+	_ "github.com/joho/godotenv/autoload"
+	"github.com/nbd-wtf/go-nostr"
+	"os"
+	"strings"
+)
+
+var PORT string
+var RELAY_URL string
+var RELAY_NAME string
+var RELAY_ICON string
+var RELAY_ADMIN string
+var RELAY_SECRET string
+var RELAY_SELF string
+var RELAY_DESCRIPTION string
+var RELAY_CLAIMS []string
+var AUTH_BACKEND string
+var AUTH_WHITELIST []string
+var AUTH_RESTRICT_USER bool
+var AUTH_RESTRICT_AUTHOR bool
+var GENERATE_CLAIMS bool
+var DATA_DIR string
+
+func SetupEnvironment() {
+	var env = make(map[string]string)
+
+	for _, item := range os.Environ() {
+		parts := strings.SplitN(item, "=", 2)
+		env[parts[0]] = parts[1]
+	}
+
+	getEnv := func(k string, fallback ...string) (v string) {
+		v = env[k]
+
+		if v == "" && len(fallback) > 0 {
+			v = fallback[0]
+		}
+
+		return v
+	}
+
+	PORT = getEnv("PORT", "3334")
+	RELAY_URL = getEnv("RELAY_URL", "localhost:3334")
+	RELAY_NAME = getEnv("RELAY_NAME", "Frith")
+	RELAY_ICON = getEnv("RELAY_ICON", "https://hbr.coracle.social/fd73de98153b615f516d316d663b413205fd2e6e53d2c6064030ab57a7685bbd.jpg")
+	RELAY_ADMIN = getEnv("RELAY_ADMIN", "")
+	RELAY_SECRET = getEnv("RELAY_SECRET", nostr.GeneratePrivateKey())
+	RELAY_SELF, _ = nostr.GetPublicKey(RELAY_SECRET)
+	RELAY_DESCRIPTION = getEnv("RELAY_DESCRIPTION", "A nostr relay for hosting groups.")
+	RELAY_CLAIMS = split(getEnv("RELAY_CLAIMS", ""), ",")
+	AUTH_BACKEND = getEnv("AUTH_BACKEND", "")
+	AUTH_WHITELIST = split(getEnv("AUTH_WHITELIST", ""), ",")
+	AUTH_RESTRICT_USER = getEnv("AUTH_RESTRICT_USER", "true") == "true"
+	AUTH_RESTRICT_AUTHOR = getEnv("AUTH_RESTRICT_AUTHOR", "false") == "true"
+	GENERATE_CLAIMS = getEnv("GENERATE_CLAIMS", "false") == "true"
+	DATA_DIR = getEnv("DATA_DIR", "./data")
+}
+
+func GetDataDir(dir string) string {
+	return fmt.Sprintf("%s/%s", DATA_DIR, dir)
+}