Log out user if extension's pubkey and auth's pubkey are different #295

Merged
b merged 6 commits from 290-user-ext-log-missmatch into staging 2025-01-02 09:44:28 +00:00
Showing only changes of commit 8153ef03fb - Show all commits

View File

@ -3,7 +3,10 @@ import { EventEmitter } from 'tseep'
import store from '../store/store'
import { SignedEvent } from '../types'
import { LoginMethodContext } from '../services/LoginMethodStrategy/loginMethodContext'
import { unixNow } from '../utils'
import { clear, unixNow } from '../utils'
import { LoginMethod } from '../store/auth/types'
import { logout as nostrLogout } from 'nostr-login'
import { userLogOutAction } from '../store/actions'
export class NostrController extends EventEmitter {
private static instance: NostrController
@ -65,7 +68,22 @@ export class NostrController extends EventEmitter {
const loginMethod = store.getState().auth.loginMethod
const context = new LoginMethodContext(loginMethod)
return await context.signEvent(event)
const authkey = store.getState().auth.usersPubkey
const signedEvent = await context.signEvent(event)
const pubkey = signedEvent.pubkey
// Forcefully log out the user if we detect missmatch between pubkeys
// Allow undefined authkey, intial log in
if (authkey && authkey !== pubkey) {
if (loginMethod === LoginMethod.nostrLogin) {
nostrLogout()
}
store.dispatch(userLogOutAction())
clear()
throw new Error('User missmatch.\n\nPlease log in again.')
}
return signedEvent
}
nip04Encrypt = async (receiver: string, content: string): Promise<string> => {