Skip to content

Commit 599c775

Browse files
Fix: use custom HTTP handler for per-request NIP-98 auth with correct method
1 parent d4052ed commit 599c775

1 file changed

Lines changed: 45 additions & 17 deletions

File tree

index.html

Lines changed: 45 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -413,6 +413,48 @@
413413
console.log('Pull complete');
414414
}
415415

416+
// Create HTTP client with NIP-98 auth for a specific privkey
417+
function createAuthenticatedHttp(privkey) {
418+
return {
419+
async request({ url, method, headers, body }) {
420+
// Create NIP-98 token for this specific request
421+
const event = {
422+
kind: 27235,
423+
created_at: Math.floor(Date.now() / 1000),
424+
tags: [
425+
['u', url],
426+
['method', method]
427+
],
428+
content: ''
429+
};
430+
const signed = await signEvent(event, privkey);
431+
const token = btoa(JSON.stringify(signed));
432+
433+
// Add auth header
434+
const authHeaders = {
435+
...headers,
436+
'Authorization': 'Nostr ' + token
437+
};
438+
439+
// Make the request
440+
const res = await fetch(url, {
441+
method,
442+
headers: authHeaders,
443+
body
444+
});
445+
446+
return {
447+
url: res.url,
448+
method,
449+
statusCode: res.status,
450+
statusMessage: res.statusText,
451+
headers: Object.fromEntries(res.headers.entries()),
452+
body: [new Uint8Array(await res.arrayBuffer())]
453+
};
454+
}
455+
};
456+
}
457+
416458
async function pushRepo(repoId, cloneUrl, branch = 'main') {
417459
const dir = `${SYNC_DIR}/${repoId}`;
418460
const privkey = getPrivkey();
@@ -422,27 +464,13 @@
422464
}
423465

424466
console.log(`Pushing ${repoId} to ${cloneUrl}...`);
467+
const authHttp = createAuthenticatedHttp(privkey);
425468
await git.push({
426469
fs,
427-
http,
470+
http: authHttp,
428471
dir,
429472
url: cloneUrl,
430-
ref: branch,
431-
onAuth: async (url) => {
432-
// Create NIP-98 token for this URL
433-
const event = {
434-
kind: 27235,
435-
created_at: Math.floor(Date.now() / 1000),
436-
tags: [
437-
['u', url],
438-
['method', 'POST'] // Git uses POST for push
439-
],
440-
content: ''
441-
};
442-
const signed = await signEvent(event, privkey);
443-
const token = btoa(JSON.stringify(signed));
444-
return { username: 'nostr', password: token };
445-
}
473+
ref: branch
446474
});
447475
console.log('Push complete');
448476
}

0 commit comments

Comments
 (0)