stacker.news/components/nostr-auth.js

import { useEffect, useState } from 'react'
import { gql, useMutation } from '@apollo/client'
import { signIn } from 'next-auth/react'
import Container from 'react-bootstrap/Container'
import Col from 'react-bootstrap/Col'
import Row from 'react-bootstrap/Row'
import { useRouter } from 'next/router'
import AccordianItem from './accordian-item'
import BackIcon from '@/svgs/arrow-left-line.svg'
import styles from './lightning-auth.module.css'
import { callWithTimeout } from '@/lib/time'

function ExtensionError ({ message, details }) {
  return (
    <>
      <h4 className='fw-bold text-danger pb-1'>error: {message}</h4>
      <div className='text-muted pb-4'>{details}</div>
    </>
  )
}

function NostrExplainer ({ text }) {
  return (
    <>
      <ExtensionError message='nostr extension not found' details='Nostr extensions are the safest way to use your nostr identity on Stacker News.' />
      <Row className='w-100 text-muted'>
        <AccordianItem
          header={`Which extensions can I use to ${(text || 'Login').toLowerCase()} with Nostr?`}
          show
          body={
            <>
              <Row>
                <Col>
                  <ul>
                    <li>
                      <a href='https://getalby.com'>Alby</a><br />
                      available for: chrome, firefox, and safari
                    </li>
                    <li>
                      <a href='https://www.getflamingo.org/'>Flamingo</a><br />
                      available for: chrome
                    </li>
                    <li>
                      <a href='https://github.com/fiatjaf/nos2x'>nos2x</a><br />
                      available for: chrome
                    </li>
                    <li>
                      <a href='https://diegogurpegui.com/nos2x-fox/'>nos2x-fox</a><br />
                      available for: firefox
                    </li>
                    <li>
                      <a href='https://github.com/fiatjaf/horse'>horse</a><br />
                      available for: chrome<br />
                      supports hardware signing
                    </li>
                  </ul>
                </Col>
              </Row>
            </>
          }
        />
      </Row>
    </>
  )
}

export function NostrAuth ({ text, callbackUrl, multiAuth }) {
  const [createAuth, { data, error }] = useMutation(gql`
    mutation createAuth {
      createAuth {
        k1
      }
    }`, {
    // don't cache this mutation
    fetchPolicy: 'no-cache'
  })
  const [hasExtension, setHasExtension] = useState(undefined)
  const [extensionError, setExtensionError] = useState(null)

  useEffect(() => {
    createAuth()
    setHasExtension(!!window.nostr)
  }, [])

  const k1 = data?.createAuth.k1

  useEffect(() => {
    if (!k1 || !hasExtension) return

    console.info('nostr extension detected')

    let mounted = true;
    (async function () {
      try {
        // have them sign a message with the challenge
        let event
        try {
          event = await callWithTimeout(() => window.nostr.signEvent({
            kind: 22242,
            created_at: Math.floor(Date.now() / 1000),
            tags: [['challenge', k1]],
            content: 'Stacker News Authentication'
          }), 5000)
          if (!event) throw new Error('extension returned empty event')
        } catch (e) {
          if (e.message === 'window.nostr call already executing' || !mounted) return
          setExtensionError({ message: 'nostr extension failed to sign event', details: e.message })
          return
        }

        // sign them in
        try {
          await signIn('nostr', {
            event: JSON.stringify(event),
            callbackUrl,
            multiAuth
          })
        } catch (e) {
          throw new Error('authorization failed', e)
        }
      } catch (e) {
        if (!mounted) return
        console.log('nostr auth error', e)
        setExtensionError({ message: `${text} failed`, details: e.message })
      }
    })()
    return () => { mounted = false }
  }, [k1, hasExtension])

  if (error) return <div>error</div>

  return (
    <>
      {hasExtension === false && <NostrExplainer text={text} />}
      {extensionError && <ExtensionError {...extensionError} />}
      {hasExtension && !extensionError &&
        <>
          <h4 className='fw-bold text-success pb-1'>nostr extension found</h4>
          <h6 className='text-muted pb-4'>authorize event signature in extension</h6>
        </>}
    </>
  )
}

export function NostrAuthWithExplainer ({ text, callbackUrl, multiAuth }) {
  const router = useRouter()
  return (
    <Container>
      <div className={styles.login}>
        <div className='w-100 mb-3 text-muted pointer' onClick={() => router.back()}><BackIcon /></div>
        <h3 className='w-100 pb-2'>{text || 'Login'} with Nostr</h3>
        <NostrAuth text={text} callbackUrl={callbackUrl} multiAuth={multiAuth} />
      </div>
    </Container>
  )
}
Add nostr login (#367) Co-authored-by: keyan <keyan.kousha+huumn@gmail.com> 2023-08-08 00:50:01 +00:00			`import { useEffect, useState } from 'react'`
			`import { gql, useMutation } from '@apollo/client'`
			`import { signIn } from 'next-auth/react'`
			`import Container from 'react-bootstrap/Container'`
			`import Col from 'react-bootstrap/Col'`
			`import Row from 'react-bootstrap/Row'`
			`import { useRouter } from 'next/router'`
			`import AccordianItem from './accordian-item'`
Use module path aliases (#938) * Use module path aliases * fix broken refactor * path mapping for svgs, style, and remaining places (bonus: lose babel dep) --------- Co-authored-by: keyan <keyan.kousha+huumn@gmail.com> 2024-03-20 00:37:31 +00:00			`import BackIcon from '@/svgs/arrow-left-line.svg'`
Add nostr login (#367) Co-authored-by: keyan <keyan.kousha+huumn@gmail.com> 2023-08-08 00:50:01 +00:00			`import styles from './lightning-auth.module.css'`
Use custom relay API (#1302) * Use custom relay API Relay from nostr-tools was cumbersome to use. This custom abstraction over window.WebSocket makes interacting with nostr relays easier. * Use variables for nostr message parts * Fix NWC save * Use try/finally * Refactor crossposting code * use custom replay API * simplify callWithTimeout * Use isomorphic-ws for nip57 zap receipts * Use async map * Reject with timeout error * Move time functions into lib/time * Remove outdated comment regarding relay.close() 2024-08-18 22:28:39 +00:00			`import { callWithTimeout } from '@/lib/time'`
Add nostr login (#367) Co-authored-by: keyan <keyan.kousha+huumn@gmail.com> 2023-08-08 00:50:01 +00:00
			`function ExtensionError ({ message, details }) {`
			`return (`
			`<>`
			`<h4 className='fw-bold text-danger pb-1'>error: {message}</h4>`
			`<div className='text-muted pb-4'>{details}</div>`
			`</>`
			`)`
			`}`

			`function NostrExplainer ({ text }) {`
			`return (`
			`<>`
			`<ExtensionError message='nostr extension not found' details='Nostr extensions are the safest way to use your nostr identity on Stacker News.' />`
			`<Row className='w-100 text-muted'>`
			`<AccordianItem`
			header={`Which extensions can I use to ${(text \|\| 'Login').toLowerCase()} with Nostr?`}
			`show`
			`body={`
			`<>`
			`<Row>`
			`<Col>`
			`<ul>`
			`<li>`
			`<a href='https://getalby.com'>Alby</a><br />`
			`available for: chrome, firefox, and safari`
			`</li>`
			`<li>`
			`<a href='https://www.getflamingo.org/'>Flamingo</a><br />`
			`available for: chrome`
			`</li>`
			`<li>`
			`<a href='https://github.com/fiatjaf/nos2x'>nos2x</a><br />`
			`available for: chrome`
			`</li>`
			`<li>`
			`<a href='https://diegogurpegui.com/nos2x-fox/'>nos2x-fox</a><br />`
			`available for: firefox`
			`</li>`
			`<li>`
			`<a href='https://github.com/fiatjaf/horse'>horse</a><br />`
			`available for: chrome<br />`
			`supports hardware signing`
			`</li>`
			`</ul>`
			`</Col>`
			`</Row>`
			`</>`
			`}`
			`/>`
			`</Row>`
			`</>`
			`)`
			`}`

Account Switching (#644) * WIP: Account switching * Fix empty USER query ANON_USER_ID was undefined and thus the query for @anon had no variables. * Apply multiAuthMiddleware in /api/graphql * Fix 'you must be logged in' query error on switch to anon * Add smart 'switch account' button "smart" means that it only shows if there are accounts to which one can switch * Fix multiAuth not set in backend * Comment fixes, minor changes * Use fw-bold instead of 'selected' * Close dropdown and offcanvas Inside a dropdown, we can rely on autoClose but need to wrap the buttons with <Dropdown.Item> for that to work. For the offcanvas, we need to pass down handleClose. * Use button to add account * Some pages require hard reload on account switch * Reinit settings form on account switch * Also don't refetch WalletHistory * Formatting * Use width: fit-content for standalone SignUpButton * Remove unused className * Use fw-bold and text-underline on selected * Fix inconsistent padding of login buttons * Fix duplicate redirect from /settings on anon switch * Never throw during refetch * Throw errors which extend GraphQLError * Only use meAnonSats if logged out * Use reactive variable for meAnonSats The previous commit broke the UI update after anon zaps because we actually updated item.meSats in the cache and not item.meAnonSats. Updating item.meAnonSats was not possible because it's a local field. For that, one needs to use reactive variables. We do this now and thus also don't need the useEffect hack in item-info.js anymore. * Switch to new user * Fix missing cleanup during logout If we logged in but never switched to any other account, the 'multi_auth.user-id' cookie was not set. This meant that during logout, the other 'multi_auth.' cookies were not deleted. This broke the account switch modal. This is fixed by setting the 'multi_auth.user-id' cookie on login. Additionally, we now cleanup if cookie pointer OR session is set (instead of only if both are set). Fix comments in middleware * Remove unnecessary effect dependencies setState is stable and thus only noise in effect dependencies * Show but disable unavailable auth methods * make signup button consistent with others * Always reload page on switch * refine account switch styling * logout barrier --------- Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com> Co-authored-by: k00b <k00b@stacker.news> 2024-09-12 18:05:11 +00:00			`export function NostrAuth ({ text, callbackUrl, multiAuth }) {`
Add nostr login (#367) Co-authored-by: keyan <keyan.kousha+huumn@gmail.com> 2023-08-08 00:50:01 +00:00			const [createAuth, { data, error }] = useMutation(gql`
			`mutation createAuth {`
			`createAuth {`
			`k1`
			`}`
fix nostr auth (#621) 2023-11-12 17:59:18 +00:00			}`, {
			`// don't cache this mutation`
			`fetchPolicy: 'no-cache'`
			`})`
Add nostr login (#367) Co-authored-by: keyan <keyan.kousha+huumn@gmail.com> 2023-08-08 00:50:01 +00:00			`const [hasExtension, setHasExtension] = useState(undefined)`
			`const [extensionError, setExtensionError] = useState(null)`

			`useEffect(() => {`
			`createAuth()`
fix nostr auth (#621) 2023-11-12 17:59:18 +00:00			`setHasExtension(!!window.nostr)`
Add nostr login (#367) Co-authored-by: keyan <keyan.kousha+huumn@gmail.com> 2023-08-08 00:50:01 +00:00			`}, [])`

			`const k1 = data?.createAuth.k1`

			`useEffect(() => {`
fix nostr auth (#621) 2023-11-12 17:59:18 +00:00			`if (!k1 \|\| !hasExtension) return`

Add nostr login (#367) Co-authored-by: keyan <keyan.kousha+huumn@gmail.com> 2023-08-08 00:50:01 +00:00			`console.info('nostr extension detected')`
fix nostr auth (#621) 2023-11-12 17:59:18 +00:00
Add nostr login (#367) Co-authored-by: keyan <keyan.kousha+huumn@gmail.com> 2023-08-08 00:50:01 +00:00			`let mounted = true;`
			`(async function () {`
			`try {`
			`// have them sign a message with the challenge`
			`let event`
			`try {`
add timeouts for nostr extension calls 2023-12-19 22:01:48 +00:00			`event = await callWithTimeout(() => window.nostr.signEvent({`
Add nostr login (#367) Co-authored-by: keyan <keyan.kousha+huumn@gmail.com> 2023-08-08 00:50:01 +00:00			`kind: 22242,`
			`created_at: Math.floor(Date.now() / 1000),`
			`tags: [['challenge', k1]],`
			`content: 'Stacker News Authentication'`
add timeouts for nostr extension calls 2023-12-19 22:01:48 +00:00			`}), 5000)`
Add nostr login (#367) Co-authored-by: keyan <keyan.kousha+huumn@gmail.com> 2023-08-08 00:50:01 +00:00			`if (!event) throw new Error('extension returned empty event')`
			`} catch (e) {`
fix nostr auth (#621) 2023-11-12 17:59:18 +00:00			`if (e.message === 'window.nostr call already executing' \|\| !mounted) return`
Add nostr login (#367) Co-authored-by: keyan <keyan.kousha+huumn@gmail.com> 2023-08-08 00:50:01 +00:00			`setExtensionError({ message: 'nostr extension failed to sign event', details: e.message })`
			`return`
			`}`

			`// sign them in`
			`try {`
fix nostr auth (#621) 2023-11-12 17:59:18 +00:00			`await signIn('nostr', {`
Add nostr login (#367) Co-authored-by: keyan <keyan.kousha+huumn@gmail.com> 2023-08-08 00:50:01 +00:00			`event: JSON.stringify(event),`
Account Switching (#644) * WIP: Account switching * Fix empty USER query ANON_USER_ID was undefined and thus the query for @anon had no variables. * Apply multiAuthMiddleware in /api/graphql * Fix 'you must be logged in' query error on switch to anon * Add smart 'switch account' button "smart" means that it only shows if there are accounts to which one can switch * Fix multiAuth not set in backend * Comment fixes, minor changes * Use fw-bold instead of 'selected' * Close dropdown and offcanvas Inside a dropdown, we can rely on autoClose but need to wrap the buttons with <Dropdown.Item> for that to work. For the offcanvas, we need to pass down handleClose. * Use button to add account * Some pages require hard reload on account switch * Reinit settings form on account switch * Also don't refetch WalletHistory * Formatting * Use width: fit-content for standalone SignUpButton * Remove unused className * Use fw-bold and text-underline on selected * Fix inconsistent padding of login buttons * Fix duplicate redirect from /settings on anon switch * Never throw during refetch * Throw errors which extend GraphQLError * Only use meAnonSats if logged out * Use reactive variable for meAnonSats The previous commit broke the UI update after anon zaps because we actually updated item.meSats in the cache and not item.meAnonSats. Updating item.meAnonSats was not possible because it's a local field. For that, one needs to use reactive variables. We do this now and thus also don't need the useEffect hack in item-info.js anymore. * Switch to new user * Fix missing cleanup during logout If we logged in but never switched to any other account, the 'multi_auth.user-id' cookie was not set. This meant that during logout, the other 'multi_auth.' cookies were not deleted. This broke the account switch modal. This is fixed by setting the 'multi_auth.user-id' cookie on login. Additionally, we now cleanup if cookie pointer OR session is set (instead of only if both are set). Fix comments in middleware * Remove unnecessary effect dependencies setState is stable and thus only noise in effect dependencies * Show but disable unavailable auth methods * make signup button consistent with others * Always reload page on switch * refine account switch styling * logout barrier --------- Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com> Co-authored-by: k00b <k00b@stacker.news> 2024-09-12 18:05:11 +00:00			`callbackUrl,`
			`multiAuth`
Add nostr login (#367) Co-authored-by: keyan <keyan.kousha+huumn@gmail.com> 2023-08-08 00:50:01 +00:00			`})`
			`} catch (e) {`
			`throw new Error('authorization failed', e)`
			`}`
			`} catch (e) {`
			`if (!mounted) return`
fix nostr auth (#621) 2023-11-12 17:59:18 +00:00			`console.log('nostr auth error', e)`
Add nostr login (#367) Co-authored-by: keyan <keyan.kousha+huumn@gmail.com> 2023-08-08 00:50:01 +00:00			setExtensionError({ message: `${text} failed`, details: e.message })
			`}`
			`})()`
			`return () => { mounted = false }`
			`}, [k1, hasExtension])`

			`if (error) return <div>error</div>`

			`return (`
			`<>`
			`{hasExtension === false && <NostrExplainer text={text} />}`
			`{extensionError && <ExtensionError {...extensionError} />}`
			`{hasExtension && !extensionError &&`
			`<>`
			`<h4 className='fw-bold text-success pb-1'>nostr extension found</h4>`
			`<h6 className='text-muted pb-4'>authorize event signature in extension</h6>`
			`</>}`
			`</>`
			`)`
			`}`

Account Switching (#644) * WIP: Account switching * Fix empty USER query ANON_USER_ID was undefined and thus the query for @anon had no variables. * Apply multiAuthMiddleware in /api/graphql * Fix 'you must be logged in' query error on switch to anon * Add smart 'switch account' button "smart" means that it only shows if there are accounts to which one can switch * Fix multiAuth not set in backend * Comment fixes, minor changes * Use fw-bold instead of 'selected' * Close dropdown and offcanvas Inside a dropdown, we can rely on autoClose but need to wrap the buttons with <Dropdown.Item> for that to work. For the offcanvas, we need to pass down handleClose. * Use button to add account * Some pages require hard reload on account switch * Reinit settings form on account switch * Also don't refetch WalletHistory * Formatting * Use width: fit-content for standalone SignUpButton * Remove unused className * Use fw-bold and text-underline on selected * Fix inconsistent padding of login buttons * Fix duplicate redirect from /settings on anon switch * Never throw during refetch * Throw errors which extend GraphQLError * Only use meAnonSats if logged out * Use reactive variable for meAnonSats The previous commit broke the UI update after anon zaps because we actually updated item.meSats in the cache and not item.meAnonSats. Updating item.meAnonSats was not possible because it's a local field. For that, one needs to use reactive variables. We do this now and thus also don't need the useEffect hack in item-info.js anymore. * Switch to new user * Fix missing cleanup during logout If we logged in but never switched to any other account, the 'multi_auth.user-id' cookie was not set. This meant that during logout, the other 'multi_auth.' cookies were not deleted. This broke the account switch modal. This is fixed by setting the 'multi_auth.user-id' cookie on login. Additionally, we now cleanup if cookie pointer OR session is set (instead of only if both are set). Fix comments in middleware * Remove unnecessary effect dependencies setState is stable and thus only noise in effect dependencies * Show but disable unavailable auth methods * make signup button consistent with others * Always reload page on switch * refine account switch styling * logout barrier --------- Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com> Co-authored-by: k00b <k00b@stacker.news> 2024-09-12 18:05:11 +00:00			`export function NostrAuthWithExplainer ({ text, callbackUrl, multiAuth }) {`
Add nostr login (#367) Co-authored-by: keyan <keyan.kousha+huumn@gmail.com> 2023-08-08 00:50:01 +00:00			`const router = useRouter()`
			`return (`
			`<Container>`
			`<div className={styles.login}>`
			`<div className='w-100 mb-3 text-muted pointer' onClick={() => router.back()}><BackIcon /></div>`
			`<h3 className='w-100 pb-2'>{text \|\| 'Login'} with Nostr</h3>`
Account Switching (#644) * WIP: Account switching * Fix empty USER query ANON_USER_ID was undefined and thus the query for @anon had no variables. * Apply multiAuthMiddleware in /api/graphql * Fix 'you must be logged in' query error on switch to anon * Add smart 'switch account' button "smart" means that it only shows if there are accounts to which one can switch * Fix multiAuth not set in backend * Comment fixes, minor changes * Use fw-bold instead of 'selected' * Close dropdown and offcanvas Inside a dropdown, we can rely on autoClose but need to wrap the buttons with <Dropdown.Item> for that to work. For the offcanvas, we need to pass down handleClose. * Use button to add account * Some pages require hard reload on account switch * Reinit settings form on account switch * Also don't refetch WalletHistory * Formatting * Use width: fit-content for standalone SignUpButton * Remove unused className * Use fw-bold and text-underline on selected * Fix inconsistent padding of login buttons * Fix duplicate redirect from /settings on anon switch * Never throw during refetch * Throw errors which extend GraphQLError * Only use meAnonSats if logged out * Use reactive variable for meAnonSats The previous commit broke the UI update after anon zaps because we actually updated item.meSats in the cache and not item.meAnonSats. Updating item.meAnonSats was not possible because it's a local field. For that, one needs to use reactive variables. We do this now and thus also don't need the useEffect hack in item-info.js anymore. * Switch to new user * Fix missing cleanup during logout If we logged in but never switched to any other account, the 'multi_auth.user-id' cookie was not set. This meant that during logout, the other 'multi_auth.' cookies were not deleted. This broke the account switch modal. This is fixed by setting the 'multi_auth.user-id' cookie on login. Additionally, we now cleanup if cookie pointer OR session is set (instead of only if both are set). Fix comments in middleware * Remove unnecessary effect dependencies setState is stable and thus only noise in effect dependencies * Show but disable unavailable auth methods * make signup button consistent with others * Always reload page on switch * refine account switch styling * logout barrier --------- Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com> Co-authored-by: k00b <k00b@stacker.news> 2024-09-12 18:05:11 +00:00			`<NostrAuth text={text} callbackUrl={callbackUrl} multiAuth={multiAuth} />`
Add nostr login (#367) Co-authored-by: keyan <keyan.kousha+huumn@gmail.com> 2023-08-08 00:50:01 +00:00			`</div>`
			`</Container>`
			`)`
			`}`