Add bunker login

2025-12-10 19:07:06 +00:00 · 2024-10-29 14:40:37 -07:00
parent 16c942c917
commit 12fab67961
10 changed files with 108 additions and 46 deletions
--- a/src/app/commands.ts
+++ b/src/app/commands.ts
@@ -23,7 +23,8 @@ import {
 import type {TrustedEvent, EventTemplate, List} from "@welshman/util"
 import type {SubscribeRequestWithHandlers} from "@welshman/net"
 import {PublishStatus, AuthStatus, ConnectionStatus} from "@welshman/net"
-import {Nip59, stamp} from "@welshman/signer"
+import {Nip59, makeSecret, stamp, Nip46Broker} from "@welshman/signer"
+import type {Nip46Handler} from "@welshman/signer"
 import {
  pubkey,
  signer,
@@ -44,6 +45,8 @@ import {
  userInboxRelaySelections,
  nip44EncryptToSelf,
  loadRelay,
+  addSession,
+  nip46Perms,
 } from "@welshman/app"
 import {
  COMMENT,
@@ -86,6 +89,24 @@ export const makeIMeta = (url: string, data: Record<string, string>) => [
  ...Object.entries(data).map(([k, v]) => [k, v].join(" ")),
 ]

+// Log in
+
+export const loginWithNip46 = async (token: string, handler: Nip46Handler) => {
+  const secret = makeSecret()
+  const broker = Nip46Broker.get({secret, handler})
+  const result = await broker.connect(token, nip46Perms)
+
+  if (!result) return false
+
+  const pubkey = await broker.getPublicKey()
+
+  if (!pubkey) return false
+
+  addSession({method: "nip46", pubkey, secret, handler})
+
+  return true
+}
+
 // Loaders

 export const loadUserData = (
--- a/src/app/components/InfoBunker.svelte
+++ b/src/app/components/InfoBunker.svelte
@@ -0,0 +1,32 @@
+<script lang="ts">
+  import Link from "@lib/components/Link.svelte"
+  import Button from "@lib/components/Button.svelte"
+  import ModalHeader from "@lib/components/ModalHeader.svelte"
+  import {PLATFORM_NAME} from "@app/state"
+</script>
+
+<div class="column gap-4">
+  <ModalHeader>
+    <div slot="title">What is a bunker link?</div>
+  </ModalHeader>
+  <p>
+    <Link external class="link" href="https://nostr.com/">Nostr</Link> uses "keys" instead of
+    passwords to identify users. This allows users to own their social identity instead of
+    renting it from a tech company, and can bring it with them from app to app.
+  </p>
+  <p>
+    A good way to manage your keys is to use a remote signing application. These apps can hold
+    your keys and log you in remotely to as many applications as you like, without increasing
+    the risk of your keys being stolen.
+  </p>
+  <p>
+    One way to log in with a remote signer is using a "bunker link" which is more secure and
+    decentralized than other solutions. Check your signer for a link beginning with "bunker://",
+    copy it into {PLATFORM_NAME}, and you should be good to go!
+  </p>
+  <p>
+    If you don't have a signer yet, <Link external class="link" href="https://nsec.app/">nsec.app</Link>
+    is an easy way to get started.
+  </p>
+  <Button class="btn btn-primary" on:click={() => history.back()}>Got it</Button>
+</div>
--- a/src/app/components/Landing.svelte
+++ b/src/app/components/Landing.svelte
@@ -17,7 +17,7 @@
  <div class="column gap-4">
    <div class="py-2">
      <h1 class="heading">Welcome to {PLATFORM_NAME}!</h1>
-      <p class="text-center">The chat app built for sovereign communities.</p>
+      <p class="text-center">The chat app built for self-hosted communities.</p>
    </div>
    <Button on:click={logIn}>
      <CardButton>
--- a/src/app/components/LogIn.svelte
+++ b/src/app/components/LogIn.svelte
@@ -10,7 +10,7 @@
  import SignUp from "@app/components/SignUp.svelte"
  import InfoNostr from "@app/components/InfoNostr.svelte"
  import LogInInfoRemoteSigner from "@app/components/LogInInfoRemoteSigner.svelte"
-  import LogInKey from "@app/components/LogInKey.svelte"
+  import LogInBunker from "@app/components/LogInBunker.svelte"
  import {pushModal, clearModals} from "@app/modal"
  import {PLATFORM_NAME} from "@app/state"
  import {pushToast} from "@app/toast"
@@ -103,7 +103,7 @@
    }
  }

-  const loginWithKey = () => pushModal(LogInKey)
+  const loginWithBunker = () => pushModal(LogInBunker)

  let username = ""
  let domain = "nsec.app"
@@ -164,9 +164,9 @@
      Log in with {app.name}
    </Button>
  {/each}
-  <Button disabled={loading} on:click={loginWithKey} class="btn btn-neutral">
-    <Icon icon="key" />
-    Log in with Key
+  <Button disabled={loading} on:click={loginWithBunker} class="btn btn-neutral">
+    <Icon icon="cpu" />
+    Log in with Bunker Link
  </Button>
  <div class="text-sm">
    Need an account?
--- a/src/app/components/LogInBunker.svelte
+++ b/src/app/components/LogInBunker.svelte
@@ -1,6 +1,5 @@
 <script lang="ts">
-  import {nip19} from "nostr-tools"
-  import {getPubkey} from "@welshman/signer"
+  import {Nip46Broker} from "@welshman/signer"
  import {addSession} from "@welshman/app"
  import Spinner from "@lib/components/Spinner.svelte"
  import Button from "@lib/components/Button.svelte"
@@ -8,68 +7,60 @@
  import Icon from "@lib/components/Icon.svelte"
  import ModalHeader from "@lib/components/ModalHeader.svelte"
  import ModalFooter from "@lib/components/ModalFooter.svelte"
-  import InfoNostr from "@app/components/InfoNostr.svelte"
-  import {loadUserData} from "@app/commands"
+  import InfoBunker from "@app/components/InfoBunker.svelte"
+  import {loginWithNip46, loadUserData} from "@app/commands"
  import {pushModal, clearModals} from "@app/modal"
  import {pushToast} from "@app/toast"
+  import {PLATFORM_NAME} from "@app/state"

  const back = () => history.back()

  const onSubmit = async () => {
-    let secret = key
+    const {pubkey, token, relays} = Nip46Broker.parseBunkerLink(bunker)

-    if (secret.startsWith("nsec")) {
-      secret = nip19.decode(secret).data as string
-    }
-
-    if (!isKeyValid(secret)) {
+    if (!pubkey || relays.length === 0) {
      return pushToast({
        theme: "error",
-        message: "Sorry, it looks like that's an invalid private key.",
+        message: "Sorry, it looks like that's an invalid bunker link.",
      })
    }

-    const pubkey = getPubkey(secret)
-
-    addSession({method: "nip01", pubkey, secret})
-
    loading = true

-    await loadUserData(pubkey)
+    try {
+      if (!await loginWithNip46(token, {pubkey, relays})) {
+        return pushToast({
+          theme: "error",
+          message: "Something went wrong, please try again!",
+        })
+      }
+
+      await loadUserData(pubkey)
+    } finally {
+      loading = false
+    }

    clearModals()
  }

-  const isKeyValid = (key: string) => {
-    // Validate the key before setting it to state by encoding it using bech32.
-    // This will error if invalid (this works whether it's a public or a private key)
-    try {
-      getPubkey(key)
-    } catch (e) {
-      return false
-    }
-
-    return true
-  }
-
-  let key = ""
+  let bunker = ""
  let loading = false
 </script>

 <form class="column gap-4" on:submit|preventDefault={onSubmit}>
  <ModalHeader>
    <div slot="title">Log In</div>
-    <div slot="info">Already have a nostr key?</div>
+    <div slot="info">Connect your signer app with {PLATFORM_NAME} using a bunker link.</div>
  </ModalHeader>
  <Field>
-    <p slot="label">Private Key*</p>
+    <p slot="label">Bunker Link*</p>
    <label class="input input-bordered flex w-full items-center gap-2" slot="input">
-      <Icon icon="key" />
-      <input bind:value={key} class="grow" type="password" />
+      <Icon icon="cpu" />
+      <input bind:value={bunker} class="grow" placeholder="bunker://" />
    </label>
    <p slot="info">
-      A nostr nsec or private key. Note that this log in method is not recommended.
-      <Button class="link" on:click={() => pushModal(InfoNostr)}>What is nostr?</Button>
+      A login link provided by a nostr signing app.
+      <Button class="link" on:click={() => pushModal(InfoBunker)}>What is a bunker link?</Button>
    </p>
  </Field>
  <ModalFooter>
@@ -79,7 +70,7 @@
    </Button>
    <Button type="submit" class="btn btn-primary" disabled={loading}>
      <Spinner {loading}>Next</Spinner>
-      <Icon icon="alt-arrow-right" class="!bg-base-300" />
+      <Icon icon="alt-arrow-right" />
    </Button>
  </ModalFooter>
 </form>
--- a/src/app/components/SignUpKey.svelte
+++ b/src/app/components/SignUpKey.svelte
@@ -55,7 +55,7 @@
    </Button>
    <Button type="submit" class="btn btn-primary">
      Next
-      <Icon icon="alt-arrow-right" class="!bg-base-300" />
+      <Icon icon="alt-arrow-right" />
    </Button>
  </ModalFooter>
 </form>
--- a/src/app/components/SpaceCreate.svelte
+++ b/src/app/components/SpaceCreate.svelte
@@ -51,7 +51,7 @@
    </Button>
    <Button type="submit" class="btn btn-primary">
      Next
-      <Icon icon="alt-arrow-right" class="!bg-base-300" />
+      <Icon icon="alt-arrow-right" />
    </Button>
  </ModalFooter>
 </form>
--- a/src/app/components/SpaceCreateExternal.svelte
+++ b/src/app/components/SpaceCreateExternal.svelte
@@ -37,7 +37,7 @@
    </Button>
    <Button type="submit" class="btn btn-primary">
      Let's go
-      <Icon icon="alt-arrow-right" class="!bg-base-300" />
+      <Icon icon="alt-arrow-right" />
    </Button>
  </ModalFooter>
 </form>
--- a/src/assets/icons/CPU.svg
+++ b/src/assets/icons/CPU.svg
@@ -0,0 +1,16 @@
+<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M7 10C7 8.58579 7 7.87868 7.43934 7.43934C7.87868 7 8.58579 7 10 7H14C15.4142 7 16.1213 7 16.5607 7.43934C17 7.87868 17 8.58579 17 10V14C17 15.4142 17 16.1213 16.5607 16.5607C16.1213 17 15.4142 17 14 17H10C8.58579 17 7.87868 17 7.43934 16.5607C7 16.1213 7 15.4142 7 14V10Z" stroke="#1C274C" stroke-width="1.5"/>
+<path d="M4 12C4 8.22876 4 6.34315 5.17157 5.17157C6.34315 4 8.22876 4 12 4C15.7712 4 17.6569 4 18.8284 5.17157C20 6.34315 20 8.22876 20 12C20 15.7712 20 17.6569 18.8284 18.8284C17.6569 20 15.7712 20 12 20C8.22876 20 6.34315 20 5.17157 18.8284C4 17.6569 4 15.7712 4 12Z" stroke="#1C274C" stroke-width="1.5"/>
+<path d="M4 12H2" stroke="#1C274C" stroke-width="1.5" stroke-linecap="round"/>
+<path d="M22 12H20" stroke="#1C274C" stroke-width="1.5" stroke-linecap="round"/>
+<path d="M4 9H2" stroke="#1C274C" stroke-width="1.5" stroke-linecap="round"/>
+<path d="M22 9H20" stroke="#1C274C" stroke-width="1.5" stroke-linecap="round"/>
+<path d="M4 15H2" stroke="#1C274C" stroke-width="1.5" stroke-linecap="round"/>
+<path d="M22 15H20" stroke="#1C274C" stroke-width="1.5" stroke-linecap="round"/>
+<path d="M12 20L12 22" stroke="#1C274C" stroke-width="1.5" stroke-linecap="round"/>
+<path d="M12 2L12 4" stroke="#1C274C" stroke-width="1.5" stroke-linecap="round"/>
+<path d="M9 20L9 22" stroke="#1C274C" stroke-width="1.5" stroke-linecap="round"/>
+<path d="M9 2L9 4" stroke="#1C274C" stroke-width="1.5" stroke-linecap="round"/>
+<path d="M15 20L15 22" stroke="#1C274C" stroke-width="1.5" stroke-linecap="round"/>
+<path d="M15 2L15 4" stroke="#1C274C" stroke-width="1.5" stroke-linecap="round"/>
+</svg>
--- a/src/lib/components/Icon.svelte
+++ b/src/lib/components/Icon.svelte
@@ -34,6 +34,7 @@
  import Copy from "@assets/icons/Copy.svg?dataurl"
  import Compass from "@assets/icons/Compass.svg?dataurl"
  import CompassBig from "@assets/icons/Compass Big.svg?dataurl"
+  import CPU from "@assets/icons/CPU.svg?dataurl"
  import Danger from "@assets/icons/Danger.svg?dataurl"
  import Exit from "@assets/icons/Exit.svg?dataurl"
  import File from "@assets/icons/File.svg?dataurl"
@@ -111,6 +112,7 @@
    copy: Copy,
    compass: Compass,
    "compass-big": CompassBig,
+    cpu: CPU,
    danger: Danger,
    exit: Exit,
    file: File,