einundzwanzig/einundzwanzig-verein
1
0
Fork 0
mirror of https://github.com/HolgerHatGarKeineNode/einundzwanzig-nostr.git synced 2025-12-13 05:26:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

🔒 Add Nostr authentication support with custom guard and user provider

Browse Source 
🛠️ Integrate Nostr auth across relevant components and views
📦 Update config, routes, and service provider for Nostr auth
This commit is contained in:
user
2025-11-20 23:10:20 +01:00
parent aff3f32c9b
commit 9c1cea5868
19 changed files with 419 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
app/Auth/NostrSessionGuard.php Normal file
View File

@@ -0,0 +1,41 @@
<?php
namespace App\Auth;
use Illuminate\Auth\SessionGuard;
use Illuminate\Contracts\Auth\Authenticatable;
class NostrSessionGuard extends SessionGuard
{
public function loginByPubkey(string $pubkey): void
{
$user = new NostrUser($pubkey);
$this->updateSession($user->getAuthIdentifier());
$this->setUser($user);
$this->fireLoginEvent($user, false);
}
protected function updateSession($id): void
{
$this->session->put($this->getName(), $id);
$this->session->migrate(true);
}
public function user(): ?Authenticatable
{
if ($this->user !== null) {
return $this->user;
}
$id = $this->session->get($this->getName());
if ($id !== null) {
$this->user = $this->provider->retrieveById($id);
}
return $this->user;
}
}

64
app/Auth/NostrUser.php Normal file
View File

@@ -0,0 +1,64 @@
<?php
namespace App\Auth;
use Illuminate\Contracts\Auth\Authenticatable;
class NostrUser implements Authenticatable
{
protected string $pubkey;
protected ?object $pleb;
public function __construct(string $pubkey)
{
$this->pubkey = $pubkey;
$this->pleb = \App\Models\EinundzwanzigPleb::query()
->where('pubkey', $pubkey)
->first();
}
public function getAuthIdentifierName(): string
{
return 'pubkey';
}
public function getAuthIdentifier(): string
{
return $this->pubkey;
}
public function getAuthPassword(): string
{
return '';
}
public function getRememberToken(): ?string
{
return null;
}
public function setRememberToken($value): void
{
//
}
public function getRememberTokenName(): ?string
{
return null;
}
public function getAuthPasswordName(): string
{
return 'password';
}
public function getPubkey(): string
{
return $this->pubkey;
}
public function getPleb(): ?object
{
return $this->pleb;
}
}

43
app/Auth/NostrUserProvider.php Normal file
View File

@@ -0,0 +1,43 @@
<?php
namespace App\Auth;
use Illuminate\Contracts\Auth\Authenticatable;
use Illuminate\Contracts\Auth\UserProvider;
class NostrUserProvider implements UserProvider
{
public function retrieveById($identifier): ?Authenticatable
{
return new NostrUser($identifier);
}
public function retrieveByToken($identifier, $token): ?Authenticatable
{
return null;
}
public function updateRememberToken(Authenticatable $user, $token): void
{
//
}
public function retrieveByCredentials(array $credentials): ?Authenticatable
{
if (isset($credentials['pubkey'])) {
return new NostrUser($credentials['pubkey']);
}
return null;
}
public function validateCredentials(Authenticatable $user, array $credentials): bool
{
return $user instanceof NostrUser && $user->getPubkey() === ($credentials['pubkey'] ?? null);
}
public function rehashPasswordIfRequired(Authenticatable $user, array $credentials, bool $force = false): void
{
//
}
}

55
app/Livewire/Traits/WithNostrAuth.php Normal file
View File

@@ -0,0 +1,55 @@
<?php
namespace App\Livewire\Traits;
use App\Support\NostrAuth;
use Livewire\Attributes\On;
trait WithNostrAuth
{
public ?string $currentPubkey = null;
public ?object $currentPleb = null;
public bool $isAllowed = false;
public bool $canEdit = false;
#[On('nostrLoggedIn')]
public function handleNostrLogin(string $pubkey): void
{
NostrAuth::login($pubkey);
$this->currentPubkey = $pubkey;
$this->currentPleb = \App\Models\EinundzwanzigPleb::query()
->where('pubkey', $pubkey)
->first();
if ($this->currentPleb && in_array($this->currentPleb->npub, config('einundzwanzig.config.current_board'), true)) {
$this->canEdit = true;
}
$this->isAllowed = true;
}
#[On('nostrLoggedOut')]
public function handleNostrLogout(): void
{
NostrAuth::logout();
$this->isAllowed = false;
$this->currentPubkey = null;
$this->currentPleb = null;
$this->canEdit = false;
}
public function mountNostrAuth(): void
{
if ($user = NostrAuth::user()) {
$this->currentPubkey = $user->getPubkey();
$this->currentPleb = $user->getPleb();
$this->isAllowed = true;
if ($this->currentPleb && in_array($this->currentPleb->npub, config('einundzwanzig.config.current_board'), true)) {
$this->canEdit = true;
}
}
}
}

30
app/Providers/NostrAuthServiceProvider.php Normal file
View File

@@ -0,0 +1,30 @@
<?php
namespace App\Providers;
use App\Auth\NostrSessionGuard;
use App\Auth\NostrUserProvider;
use Illuminate\Foundation\Application;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\ServiceProvider;
class NostrAuthServiceProvider extends ServiceProvider
{
public function boot(): void
{
Auth::provider('nostr', function (Application $app, array $config) {
return new NostrUserProvider();
});
Auth::extend('nostr-session', function (Application $app, string $name, array $config) {
$provider = Auth::createUserProvider($config['provider']);
return new NostrSessionGuard(
$name,
$provider,
$app['session.store'],
$app['request']
);
});
}
}

61
app/Support/NostrAuth.php Normal file
View File

@@ -0,0 +1,61 @@
<?php
namespace App\Support;
use App\Auth\NostrUser;
use Illuminate\Support\Facades\Session;
use Illuminate\Support\Facades\Auth;
class NostrAuth
{
/**
* Login a user by their Nostr pubkey
*/
public static function login(string $pubkey): void
{
Auth::guard('nostr')->loginByPubkey($pubkey);
Session::regenerate();
}
/**
* Logout the current Nostr user
*/
public static function logout(): void
{
if (Auth::guard('nostr')->check()) {
Session::flush();
}
}
/**
* Get the currently authenticated Nostr user
*/
public static function user(): ?NostrUser
{
return Auth::guard('nostr')->user();
}
/**
* Check if a Nostr user is authenticated
*/
public static function check(): bool
{
return Auth::guard('nostr')->check();
}
/**
* Get the current pubkey (convenience method)
*/
public static function pubkey(): ?string
{
return self::user()?->getPubkey();
}
/**
* Get the current pleb (convenience method)
*/
public static function pleb(): ?object
{
return self::user()?->getPleb();
}
}

1
bootstrap/providers.php
View File

@@ -3,5 +3,6 @@
return [
App\Providers\AppServiceProvider::class,
App\Providers\FolioServiceProvider::class,
App\Providers\NostrAuthServiceProvider::class,
App\Providers\VoltServiceProvider::class,
];

7
config/auth.php
View File

@@ -40,6 +40,10 @@ return [
'driver' => 'session',
'provider' => 'users',
],
'nostr' => [
'driver' => 'nostr-session',
'provider' => 'nostr',
],
],
/*
@@ -64,6 +68,9 @@ return [
'driver' => 'eloquent',
'model' => env('AUTH_MODEL', App\Models\User::class),
],
'nostr' => [
'driver' => 'nostr',
],
// 'users' => [
// 'driver' => 'database',

12
resources/views/components/layouts/app.blade.php
View File

@@ -69,8 +69,16 @@
{{--@include('components.layouts.partials.notification-buttons')--}}
<x-button label="Mit Nostr verbinden" @click="openNostrLogin"
x-show="!$store.nostr.user"/>
@if(\App\Support\NostrAuth::check())
<form method="post" action="{{ route('logout') }}"
@submit="$dispatch('nostrLoggedOut')">
@csrf
<x-button secondary label="Logout" type="submit"/>
</form>
@else
<x-button wire:key="loginBtn" label="Mit Nostr verbinden" @click="openNostrLogin"
x-show="!$store.nostr.user"/>
@endif
<!-- Info button -->
<div class="relative inline-flex" x-data="{ open: false }">

4
resources/views/components/layouts/navigation/admin.blade.php
View File

@@ -6,7 +6,7 @@
<span class="lg:hidden lg:sidebar-expanded:block 2xl:block">Admin-Bereich</span>
</h3>
<ul class="mt-3">
<li class="{{ $currentRoute === 'association.elections' ? $isCurrentRouteClass : $isNotCurrentRouteClass }}">
{{--<li class="{{ $currentRoute === 'association.elections' ? $isCurrentRouteClass : $isNotCurrentRouteClass }}">
<a class="block text-gray-800 dark:text-gray-100 hover:text-gray-900 dark:hover:text-white truncate transition"
href="{{ route('association.elections') }}">
<div class="flex items-center">
@@ -15,7 +15,7 @@
class="text-sm font-medium ml-4 lg:opacity-0 lg:sidebar-expanded:opacity-100 2xl:opacity-100 duration-200">Einstellungen</span>
</div>
</a>
</li>
</li>--}}
<li class="{{ $currentRoute === 'association.members.admin' ? $isCurrentRouteClass : $isNotCurrentRouteClass }}">
<a class="block text-gray-800 dark:text-gray-100 hover:text-gray-900 dark:hover:text-white truncate transition"
href="{{ route('association.members.admin') }}">

10
resources/views/pages/association/election/index.blade.php
View File

@@ -21,6 +21,16 @@ mount(function () {
$this->elections = \App\Models\Election::query()
->get()
->toArray();
if (\App\Support\NostrAuth::check()) {
$this->currentPubkey = \App\Support\NostrAuth::pubkey();
$logPubkeys = [
'0adf67475ccc5ca456fd3022e46f5d526eb0af6284bf85494c0dd7847f3e5033',
'430169631f2f0682c60cebb4f902d68f0c71c498fd1711fd982f052cf1fd4279',
];
if (in_array($this->currentPubkey, $logPubkeys, true)) {
$this->isAllowed = true;
}
}
});
on([

18
resources/views/pages/association/members/admin.blade.php
View File

@@ -21,6 +21,24 @@ state(['isAllowed' => false]);
state(['currentPubkey' => null]);
state(['members' => []]);
mount(function () {
if (\App\Support\NostrAuth::check()) {
$this->currentPubkey = \App\Support\NostrAuth::pubkey();
$this->currentPleb = \App\Models\EinundzwanzigPleb::query()
->where('pubkey', $this->currentPubkey )->first();
$allowedPubkeys = [
'0adf67475ccc5ca456fd3022e46f5d526eb0af6284bf85494c0dd7847f3e5033',
'430169631f2f0682c60cebb4f902d68f0c71c498fd1711fd982f052cf1fd4279',
'7acf30cf60b85c62b8f654556cc21e4016df8f5604b3b6892794f88bb80d7a1d',
'f240be2b684f85cc81566f2081386af81d7427ea86250c8bde6b7a8500c761ba',
'19e358b8011f5f4fc653c565c6d4c2f33f32661f4f90982c9eedc292a8774ec3',
];
if (in_array($this->currentPubkey, $allowedPubkeys, true)) {
$this->isAllowed = true;
}
}
});
on([
'nostrLoggedOut' => function () {
$this->isAllowed = false;

11
resources/views/pages/association/news/index.blade.php
View File

@@ -31,6 +31,17 @@ state([
'currentPleb' => null,
]);
mount(function () {
if (\App\Support\NostrAuth::check()) {
$this->currentPubkey = \App\Support\NostrAuth::pubkey();
$this->currentPleb = \App\Models\EinundzwanzigPleb::query()->where('pubkey', $this->currentPubkey)->first();
if (in_array($this->currentPleb->npub, config('einundzwanzig.config.current_board'), true)) {
$this->canEdit = true;
}
$this->isAllowed = true;
}
});
on([
'nostrLoggedIn' => function ($pubkey) {
$this->currentPubkey = $pubkey;

30
resources/views/pages/association/profile.blade.php
View File

@@ -35,8 +35,34 @@ state([
form(\App\Livewire\Forms\ApplicationForm::class);
mount(function () {
if (\App\Support\NostrAuth::check()) {
$this->currentPubkey = \App\Support\NostrAuth::pubkey();
$this->currentPleb = \App\Models\EinundzwanzigPleb::query()
->with([
'paymentEvents' => fn($query)
=> $query->where('year', date('Y')),
])
->where('pubkey', $this->currentPubkey)->first();
$this->email = $this->currentPleb->email;
$this->no = $this->currentPleb->no_email;
$this->showEmail = !$this->no;
if ($this->currentPleb->association_status === \App\Enums\AssociationStatus::ACTIVE) {
$this->amountToPay = config('app.env') === 'production' ? 21000 : 1;
}
if ($this->currentPleb->paymentEvents->count() < 1) {
$this->createPaymentEvent();
$this->currentPleb->load('paymentEvents');
}
$this->loadEvents();
$this->listenForPayment();
}
});
on([
'nostrLoggedIn' => function ($pubkey) {
\App\Support\NostrAuth::login($pubkey);
$this->currentPubkey = $pubkey;
$this->currentPleb = \App\Models\EinundzwanzigPleb::query()
->with([
@@ -58,6 +84,8 @@ on([
$this->listenForPayment();
},
'nostrLoggedOut' => function () {
\App\Support\NostrAuth::logout();
$this->currentPubkey = null;
$this->currentPleb = null;
$this->yearsPaid = [];
@@ -422,8 +450,6 @@ $loadEvents = function () {
</div>
<div class="flex flex-wrap space-y-2 sm:space-y-0 items-center justify-between">
<x-button label="Mit Nostr verbinden" @click="openNostrLogin"
x-show="!$store.nostr.user"/>
{{-- https://v.nostr.build/bomfuwLnOTIDrP4y.mp4 --}}
<template x-if="$store.nostr.user">
<div class="flex items">

7
resources/views/pages/association/project-support/[ProjectProposal:slug].blade.php
View File

@@ -28,6 +28,13 @@ state([
'otherVotes' => fn() => $this->getOtherVotes(),
]);
mount(function () {
if (\App\Support\NostrAuth::check()) {
$this->currentPubkey = \App\Support\NostrAuth::pubkey();
$this->handleNostrLoggedIn($this->currentPubkey);
}
});
on([
'nostrLoggedIn' => fn($pubkey) => $this->handleNostrLoggedIn($pubkey),
'nostrLoggedOut' => fn() => $this->handleNostrLoggedOut(),

8
resources/views/pages/association/project-support/form/[ProjectProposal:slug].blade.php
View File

@@ -31,6 +31,14 @@ mount(function ($projectProposal) {
usesFileUploads();
mount(function () {
if (\App\Support\NostrAuth::check()) {
$this->currentPubkey = \App\Support\NostrAuth::pubkey();
$this->currentPleb = \App\Models\EinundzwanzigPleb::query()->where('pubkey', $this->currentPubkey)->first();
$this->isAllowed = true;
}
});
on([
'nostrLoggedIn' => function ($pubkey) {
$this->currentPubkey = $pubkey;

8
resources/views/pages/association/project-support/form/create.blade.php
View File

@@ -25,6 +25,14 @@ state([
usesFileUploads();
mount(function () {
if (\App\Support\NostrAuth::check()) {
$this->currentPubkey = \App\Support\NostrAuth::pubkey();
$this->currentPleb = \App\Models\EinundzwanzigPleb::query()->where('pubkey', $this->currentPubkey)->first();
$this->isAllowed = true;
}
});
on([
'nostrLoggedIn' => function ($pubkey) {
$this->currentPubkey = $pubkey;

8
resources/views/pages/association/project-support/index.blade.php
View File

@@ -55,6 +55,14 @@ $projects = computed(function () {
return $this->projects;
});
mount(function () {
if (\App\Support\NostrAuth::check()) {
$this->currentPubkey = \App\Support\NostrAuth::pubkey();
$this->currentPleb = \App\Models\EinundzwanzigPleb::query()->where('pubkey', $this->currentPubkey)->first();
$this->isAllowed = true;
}
});
on([
'nostrLoggedIn' => function ($pubkey) {
$this->currentPubkey = $pubkey;

7
routes/web.php
View File

@@ -2,6 +2,7 @@
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;
use Illuminate\Support\Facades\Session;
use Spatie\MediaLibrary\MediaCollections\Models\Media;
Route::redirect('/', '/association/profile');
@@ -11,3 +12,9 @@ Route::get('dl/{media}', function (Media $media, Request $request) {
})
->name('dl')
->middleware('signed');
Route::post('logout', function () {
\App\Support\NostrAuth::logout();
Session::flush();
return redirect('/');
})->name('logout');