mleku/next.orly.dev
1
0
Fork 1
Code Issues 5 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fdc44967685e2aea11cf32f00eba36dbd7d9f6a8
next.orly.dev/pkg/event/validation/protected.go
mleku 24383ef1f4
Some checks failed
Go / build-and-release (push) Has been cancelled
Details
Decompose handle-event.go into DDD domain services (v0.36.15) 
Major refactoring of event handling into clean, testable domain services:

- Add pkg/event/validation: JSON hex validation, signature verification,
  timestamp bounds, NIP-70 protected tag validation
- Add pkg/event/authorization: Policy and ACL authorization decisions,
  auth challenge handling, access level determination
- Add pkg/event/routing: Event router registry with ephemeral and delete
  handlers, kind-based dispatch
- Add pkg/event/processing: Event persistence, delivery to subscribers,
  and post-save hooks (ACL reconfig, sync, relay groups)
- Reduce handle-event.go from 783 to 296 lines (62% reduction)
- Add comprehensive unit tests for all new domain services
- Refactor database tests to use shared TestMain setup
- Fix blossom URL test expectations (missing "/" separator)
- Add go-memory-optimization skill and analysis documentation
- Update DDD_ANALYSIS.md to reflect completed decomposition

Files modified:
- app/handle-event.go: Slim orchestrator using domain services
- app/server.go: Service initialization and interface wrappers
- app/handle-event-types.go: Shared types (OkHelper, result types)
- pkg/event/validation/*: New validation service package
- pkg/event/authorization/*: New authorization service package
- pkg/event/routing/*: New routing service package
- pkg/event/processing/*: New processing service package
- pkg/database/*_test.go: Refactored to shared TestMain
- pkg/blossom/http_test.go: Fixed URL format expectations

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-25 05:30:07 +01:00

30 lines
898 B
Go
Raw Blame History

package validation
import (
"git.mleku.dev/mleku/nostr/encoders/event"
"next.orly.dev/pkg/utils"
)
// ValidateProtectedTagMatch checks NIP-70 protected tag requirements.
// Events with the "-" tag can only be published by users authenticated
// with the same pubkey as the event author.
func ValidateProtectedTagMatch(ev *event.E, authedPubkey []byte) Result {
// Check for protected tag (NIP-70)
protectedTag := ev.Tags.GetFirst([]byte("-"))
if protectedTag == nil {
return OK() // No protected tag, validation passes
}
// Event has protected tag - verify pubkey matches
if !utils.FastEqual(authedPubkey, ev.Pubkey) {
return Blocked("protected tag may only be published by user authed to the same pubkey")
}
return OK()
}
// HasProtectedTag checks if an event has the NIP-70 protected tag.
func HasProtectedTag(ev *event.E) bool {
return ev.Tags.GetFirst([]byte("-")) != nil
}
Reference in New Issue View Git Blame Copy Permalink