mirror of
https://github.com/0ceanSlim/grain.git
synced 2024-10-29 17:16:31 +00:00
seperate kind and key whitelists
This commit is contained in:
parent
9e04328436
commit
2ef15d6e17
@ -4,11 +4,14 @@ mongodb:
|
||||
|
||||
server:
|
||||
port: ":8080" # Port for the server to listen on
|
||||
whitelist:
|
||||
pubkey_whitelist:
|
||||
enabled: false
|
||||
pubkeys: #["3fe0ab6cbdb7ee27148202249e3fb3b89423c6f6cda6ef43ea5057c3d93088e4",
|
||||
#"cac0e43235806da094f0787a5b04e29ad04cb1a3c7ea5cf61edc1c338734082b"]
|
||||
npubs: #["npub18ls2km9aklhzw9yzqgjfu0anhz2z83hkeknw7sl22ptu8kfs3rjq54am44"]
|
||||
kind_whitelist:
|
||||
enabled: false
|
||||
kinds: #[0, 1]
|
||||
rate_limit:
|
||||
ws_limit: 100 # Global rate limit for WebSocket messages (50 messages per second)
|
||||
ws_burst: 200 # Global burst limit for WebSocket messages (allows a burst of 100 messages)
|
||||
|
@ -8,6 +8,7 @@ type ServerConfig struct {
|
||||
Server struct {
|
||||
Port string `yaml:"port"`
|
||||
} `yaml:"server"`
|
||||
RateLimit RateLimitConfig `yaml:"rate_limit"`
|
||||
Whitelist WhitelistConfig `yaml:"whitelist"`
|
||||
RateLimit RateLimitConfig `yaml:"rate_limit"`
|
||||
PubkeyWhitelist PubkeyWhitelistConfig `yaml:"pubkey_whitelist"`
|
||||
KindWhitelist KindWhitelistConfig `yaml:"kind_whitelist"`
|
||||
}
|
||||
|
6
config/types/whitelistKindConfig.go
Normal file
6
config/types/whitelistKindConfig.go
Normal file
@ -0,0 +1,6 @@
|
||||
package config
|
||||
|
||||
type KindWhitelistConfig struct {
|
||||
Enabled bool `yaml:"enabled"`
|
||||
Kinds []string `yaml:"kinds"`
|
||||
}
|
@ -1,6 +1,6 @@
|
||||
package config
|
||||
|
||||
type WhitelistConfig struct {
|
||||
type PubkeyWhitelistConfig struct {
|
||||
Enabled bool `yaml:"enabled"`
|
||||
Pubkeys []string `yaml:"pubkeys"`
|
||||
Npubs []string `yaml:"npubs"`
|
@ -9,6 +9,7 @@ import (
|
||||
"grain/server/handlers/kinds"
|
||||
"grain/server/handlers/response"
|
||||
"grain/server/utils"
|
||||
"strconv"
|
||||
|
||||
relay "grain/server/types"
|
||||
|
||||
@ -59,9 +60,15 @@ func HandleKind(ctx context.Context, evt relay.Event, ws *websocket.Conn, eventS
|
||||
rateLimiter := config.GetRateLimiter()
|
||||
sizeLimiter := config.GetSizeLimiter()
|
||||
|
||||
// Check whitelist
|
||||
if !isWhitelisted(evt.PubKey) {
|
||||
response.SendOK(ws, evt.ID, false, "not allowed: pubkey is not whitelisted")
|
||||
// Check if the kind is whitelisted
|
||||
if config.GetConfig().KindWhitelist.Enabled && !isKindWhitelisted(evt.Kind) {
|
||||
response.SendOK(ws, evt.ID, false, "not allowed: event kind is not whitelisted")
|
||||
return
|
||||
}
|
||||
|
||||
// Check pubkey/npub whitelist only if the kind is not whitelisted
|
||||
if config.GetConfig().PubkeyWhitelist.Enabled && !isPubKeyWhitelisted(evt.PubKey) {
|
||||
response.SendOK(ws, evt.ID, false, "not allowed: pubkey or npub is not whitelisted")
|
||||
return
|
||||
}
|
||||
|
||||
@ -129,21 +136,21 @@ func determineCategory(kind int) string {
|
||||
}
|
||||
|
||||
// Helper function to check if a pubkey or npub is whitelisted
|
||||
func isWhitelisted(pubKey string) bool {
|
||||
func isPubKeyWhitelisted(pubKey string) bool {
|
||||
cfg := config.GetConfig()
|
||||
if !cfg.Whitelist.Enabled {
|
||||
if !cfg.PubkeyWhitelist.Enabled {
|
||||
return true
|
||||
}
|
||||
|
||||
// Check pubkeys
|
||||
for _, whitelistedKey := range cfg.Whitelist.Pubkeys {
|
||||
for _, whitelistedKey := range cfg.PubkeyWhitelist.Pubkeys {
|
||||
if pubKey == whitelistedKey {
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
||||
// Check npubs
|
||||
for _, npub := range cfg.Whitelist.Npubs {
|
||||
for _, npub := range cfg.PubkeyWhitelist.Npubs {
|
||||
decodedPubKey, err := utils.DecodeNpub(npub)
|
||||
if err != nil {
|
||||
fmt.Println("Error decoding npub:", err)
|
||||
@ -156,3 +163,24 @@ func isWhitelisted(pubKey string) bool {
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
func isKindWhitelisted(kind int) bool {
|
||||
cfg := config.GetConfig()
|
||||
if !cfg.KindWhitelist.Enabled {
|
||||
return true
|
||||
}
|
||||
|
||||
// Check event kinds
|
||||
for _, whitelistedKindStr := range cfg.KindWhitelist.Kinds {
|
||||
whitelistedKind, err := strconv.Atoi(whitelistedKindStr)
|
||||
if err != nil {
|
||||
fmt.Println("Error converting whitelisted kind to int:", err)
|
||||
continue
|
||||
}
|
||||
if kind == whitelistedKind {
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
||||
return false
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user