commit 00baf9cee93198366d8225bc2c4b00efaccd47b3 · gmstn.systems/shard

+4 -1

src/lib/handlers/handshake.ts

···

       182
       182
        
       

     

       183
       183
        
           // yipee, it's a valid request :3

     

       184
       184
        
       

     

       185
       185
       -
           const sessionInfo = issueNewHandshakeToken(allowedChannels);

     

       185
       185
       +
           const sessionInfo = issueNewHandshakeToken({

     

       186
       186
       +
               allowedChannels,

     

       187
       187
       +
               latticeDid: verifyJwtResult.value.issuer,

     

       188
       188
       +
           });

     

       186
       189
        
       

     

       187
       190
        
           return newSuccessResponse({ sessionInfo });

     

       188
       191
        
       };

+28 -7

src/lib/sessions.ts

···

       3
       3
        
       import { SESSIONS_SECRET } from "@/lib/utils/crypto";

     

       4
       4
        
       import { z } from "zod";

     

       5
       5
        
       import type { Result } from "@/lib/utils/result";

     

       6
       6
       -
       import type { AtUri } from "@/lib/types/atproto";

     

       7
       7
       -
       import { atUriSchema } from "@/lib/types/atproto";

     

       6
       6
       +
       import type { AtUri, Did } from "@/lib/types/atproto";

     

       7
       7
       +
       import { atUriSchema, didSchema } from "@/lib/types/atproto";

     

       8
       8
       +
       import { SERVICE_DID } from "@/lib/env";

     

       8
       9
        
       

     

       9
       10
        
       export const sessionInfoSchema = z.object({

     

       10
       11
        
           id: z.string(),

     

       11
       12
        
           token: z.string(),

     

       12
       13
        
           fingerprint: z.string(),

     

       13
       14
        
           allowedChannels: z.array(atUriSchema),

     

       15
       15
       +
           shardDid: didSchema,

     

       16
       16
       +
           latticeDid: didSchema,

     

       14
       17
        
       });

     

       15
       18
        
       export type SessionInfo = z.infer<typeof sessionInfoSchema>;

     

       16
       19
        
       

     
···

       21
       24
        
       export const generateSessionInfo = (

     

       22
       25
        
           sessionId: string,

     

       23
       26
        
           allowedChannels: Array<AtUri>,

     

       27
       27
       +
           latticeDid: Did,

     

       24
       28
        
       ): SessionInfo => {

     

       25
       29
        
           const token = crypto.randomBytes(32).toString("base64url");

     

       26
       30
        
       

     
···

       28
       32
        
           hmac.update(`${token}:${sessionId}`);

     

       29
       33
        
           const fingerprint = hmac.digest("hex");

     

       30
       34
        
       

     

       31
       31
       -
           return { id: sessionId, token, fingerprint, allowedChannels };

     

       35
       35
       +
           const shardDid = SERVICE_DID;

     

       36
       36
       +
       

     

       37
       37
       +
           return {

     

       38
       38
       +
               id: sessionId,

     

       39
       39
       +
               token,

     

       40
       40
       +
               fingerprint,

     

       41
       41
       +
               allowedChannels,

     

       42
       42
       +
               latticeDid,

     

       43
       43
       +
               shardDid,

     

       44
       44
       +
           };

     

       32
       45
        
       };

     

       33
       46
        
       

     

       34
       47
        
       export const verifyHandshakeToken = ({

     
···

       52
       65
        
       

     

       53
       66
        
       export const issuedHandshakes = new Map<string, SessionInfo>();

     

       54
       67
        
       

     

       55
       55
       -
       export const issueNewHandshakeToken = (

     

       56
       56
       -
           allowedChannels: Array<AtUri | undefined>,

     

       57
       57
       -
       ) => {

     

       68
       68
       +
       export const issueNewHandshakeToken = ({

     

       69
       69
       +
           allowedChannels,

     

       70
       70
       +
           latticeDid,

     

       71
       71
       +
       }: {

     

       72
       72
       +
           allowedChannels: Array<AtUri | undefined>;

     

       73
       73
       +
           latticeDid: Did;

     

       74
       74
       +
       }) => {

     

       58
       75
        
           const filteredChannels = allowedChannels.filter(

     

       59
       76
        
               (channels) => channels !== undefined,

     

       60
       77
        
           );

     

       61
       78
        
           const sessionId = generateSessionId();

     

       62
       62
       -
           const sessionInfo = generateSessionInfo(sessionId, filteredChannels);

     

       79
       79
       +
           const sessionInfo = generateSessionInfo(

     

       80
       80
       +
               sessionId,

     

       81
       81
       +
               filteredChannels,

     

       82
       82
       +
               latticeDid,

     

       83
       83
       +
           );

     

       63
       84
        
           issuedHandshakes.set(sessionInfo.token, sessionInfo);

     

       64
       85
        
           return sessionInfo;

     

       65
       86
        
       };