radrootsd

JSON-RPC bridge for Radroots event publishing
git clone https://radroots.dev/git/radrootsd.git
Log | Files | Refs | README | LICENSE

session.rs (1282B)

      1 use crate::core::nip46::session::{Nip46Session, sign_event_allowed};
      2 use crate::transport::jsonrpc::{RpcContext, RpcError};
      3 
      4 pub async fn get_session(ctx: &RpcContext, session_id: &str) -> Result<Nip46Session, RpcError> {
      5     ctx.state
      6         .nip46_sessions
      7         .get(session_id)
      8         .await
      9         .ok_or_else(|| RpcError::InvalidParams("unknown session".to_string()))
     10 }
     11 
     12 pub fn require_permission(session: &Nip46Session, perm: &str) -> Result<(), RpcError> {
     13     if session.auth_required && !session.authorized {
     14         return Err(auth_required_error(session));
     15     }
     16     if session.perms.iter().any(|entry| entry == perm) {
     17         Ok(())
     18     } else {
     19         Err(RpcError::Other(format!("unauthorized {perm}")))
     20     }
     21 }
     22 
     23 pub fn require_sign_event_permission(session: &Nip46Session, kind: u32) -> Result<(), RpcError> {
     24     if session.auth_required && !session.authorized {
     25         return Err(auth_required_error(session));
     26     }
     27     if sign_event_allowed(&session.perms, kind) {
     28         Ok(())
     29     } else {
     30         Err(RpcError::Other(format!("unauthorized sign_event:{kind}")))
     31     }
     32 }
     33 
     34 fn auth_required_error(session: &Nip46Session) -> RpcError {
     35     let url = session.auth_url.as_deref().unwrap_or("auth required");
     36     RpcError::Other(format!("auth_url:{url}"))
     37 }