mleku/next.orly.dev
1
0
Fork 1
Code Issues 5 Pull Requests Actions Packages Projects Releases Wiki Activity

Add debugging for NIP-98 auth in cashu mint

Browse Source
This commit is contained in:
woikos
2025-12-29 14:17:50 +01:00
parent 48c6739d25
commit 8424f0ca44
4 changed files with 31 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
app/handle-cashu.go
View File

@@ -6,7 +6,6 @@ import (
"net/http" "net/http"
"time" "time"
"lol.mleku.dev/chk"
"lol.mleku.dev/log" "lol.mleku.dev/log"
"git.mleku.dev/mleku/nostr/httpauth" "git.mleku.dev/mleku/nostr/httpauth"
@@ -35,13 +34,24 @@ type CashuMintResponse struct {
func (s *Server) handleCashuMint(w http.ResponseWriter, r *http.Request) { func (s *Server) handleCashuMint(w http.ResponseWriter, r *http.Request) {
// Check if Cashu is enabled // Check if Cashu is enabled
if s.CashuIssuer == nil { if s.CashuIssuer == nil {
log.W.F("Cashu mint request but issuer not initialized")
http.Error(w, "Cashu tokens not enabled", http.StatusNotImplemented) http.Error(w, "Cashu tokens not enabled", http.StatusNotImplemented)
return return
} }
// Require NIP-98 authentication // Require NIP-98 authentication
valid, pubkey, err := httpauth.CheckAuth(r) valid, pubkey, err := httpauth.CheckAuth(r)
if chk.E(err) || !valid { if err != nil {
authHeader := r.Header.Get("Authorization")
if len(authHeader) > 100 {
authHeader = authHeader[:100] + "..."
}
log.W.F("Cashu mint NIP-98 auth error: %v (valid=%v, authHeader=%q)", err, valid, authHeader)
http.Error(w, "NIP-98 authentication required", http.StatusUnauthorized)
return
}
if !valid {
log.W.F("Cashu mint NIP-98 auth invalid signature")
http.Error(w, "NIP-98 authentication required", http.StatusUnauthorized) http.Error(w, "NIP-98 authentication required", http.StatusUnauthorized)
return return
} }

2
app/web/dist/bundle.js vendored
View File

File diff suppressed because one or more lines are too long

2
app/web/dist/bundle.js.map vendored
View File

File diff suppressed because one or more lines are too long

21
app/web/src/api.js
View File

@@ -12,7 +12,7 @@
*/ */
export async function createNIP98Auth(signer, pubkey, method, url) { export async function createNIP98Auth(signer, pubkey, method, url) {
if (!signer || !pubkey) { if (!signer || !pubkey) {
console.log("No signer or pubkey available"); console.log("createNIP98Auth: No signer or pubkey available", { hasSigner: !!signer, hasPubkey: !!pubkey });
return null; return null;
} }
@@ -23,17 +23,30 @@ export async function createNIP98Auth(signer, pubkey, method, url) {
created_at: Math.floor(Date.now() / 1000), created_at: Math.floor(Date.now() / 1000),
tags: [ tags: [
["u", url], ["u", url],
["method", method], ["method", method.toUpperCase()],
], ],
content: "", content: "",
}; };
console.log("createNIP98Auth: Signing event for", method, url);
// Sign using the signer // Sign using the signer
const signedEvent = await signer.signEvent(authEvent); const signedEvent = await signer.signEvent(authEvent);
console.log("createNIP98Auth: Signed event:", {
id: signedEvent.id,
pubkey: signedEvent.pubkey,
kind: signedEvent.kind,
created_at: signedEvent.created_at,
tags: signedEvent.tags,
hasSig: !!signedEvent.sig
});
// Use URL-safe base64 encoding (replace + with -, / with _) // Use URL-safe base64 encoding (replace + with -, / with _)
return btoa(JSON.stringify(signedEvent)).replace(/\+/g, '-').replace(/\//g, '_'); const json = JSON.stringify(signedEvent);
const base64 = btoa(json).replace(/\+/g, '-').replace(/\//g, '_');
return base64;
} catch (error) { } catch (error) {
console.error("Error creating NIP-98 auth:", error); console.error("createNIP98Auth: Error:", error);
return null; return null;
} }
} }