einundzwanzig/einundzwanzig-verein
1
0
Fork 0
mirror of https://github.com/HolgerHatGarKeineNode/einundzwanzig-nostr.git synced 2026-05-24 14:25:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
348 Commits 2 Branches 0 Tags
6bb7d93d1dc7b87f95367522c25c6f2452ab3bec
Commit Graph

5 Commits

Author SHA1 Message Date
HolgerHatGarKeineNode 6bb7d93d1d feat(auth): require signed NIP-42 event for Nostr login 
Closes a security flaw where the server trusted any pubkey the client
sent. The frontend now signs a per-session, time-bound challenge
(kind-22242 event) that the backend verifies with swentel/nostr-php
before establishing the session.

- NostrAuth: issueChallenge() + loginWithSignedEvent() with full
  schnorr/id verification, TTL window, and idempotent re-entry for
  concurrent Livewire listeners.
- auth-button: mounts a fresh challenge, exposes it via data-attribute
  + requestNostrChallenge() fallback, renders a full-viewport AAA-style
  loading overlay while the wallet signs.
- NostrSessionGuard: override logout() to drop the cookie-jar dep so
  programmatic logout works in any context.
 2026-05-20 01:09:20 +02:00
HolgerHatGarKeineNode 3b855e9517 🚀 Refactor: Centralize isBoardMember logic in EinundzwanzigPleb model and replace redundant checks 2026-05-18 22:04:45 +02:00
HolgerHatGarKeineNode 7a992cec3f - Refactor edit.blade.php to handle admin-specific fields (accepted and sats_paid) through conditional logic. 
- 📦 Upgrade Laravel framework, Livewire, and dependencies to ensure compatibility with version `13.1.1`.
 2026-03-23 17:50:17 +00:00
HolgerHatGarKeineNode b090336c4f 🛠️ Refactor migrations, models, configs, and Blade files to apply consistent formatting, remove unnecessary lines, and improve readability. 2026-01-18 19:50:04 +01:00
user 9c1cea5868 🔒 Add Nostr authentication support with custom guard and user provider 
🛠️ Integrate Nostr auth across relevant components and views
📦 Update config, routes, and service provider for Nostr auth
 2025-11-20 23:10:20 +01:00