30 lines
986 B
TypeScript
30 lines
986 B
TypeScript
import { Router, Request, Response } from "express";
|
|
import { nip98Auth } from "../middleware/nip98.js";
|
|
import { signJwt, verifyJwt } from "../auth/jwt.js";
|
|
|
|
const router = Router();
|
|
|
|
/** Sign in with NIP-98 once; returns a JWT for subsequent requests. */
|
|
router.post("/login", nip98Auth, (req: Request, res: Response) => {
|
|
const pubkey = req.nostr!.pubkey;
|
|
const token = signJwt(pubkey);
|
|
res.json({ token, pubkey });
|
|
});
|
|
|
|
/** Return current user from JWT (Bearer only). Used to restore session. */
|
|
router.get("/me", (req: Request, res: Response) => {
|
|
const auth = req.headers.authorization;
|
|
if (!auth?.startsWith("Bearer ")) {
|
|
res.status(401).json({ code: "unauthorized", message: "Bearer token required." });
|
|
return;
|
|
}
|
|
const payload = verifyJwt(auth.slice(7).trim());
|
|
if (!payload) {
|
|
res.status(401).json({ code: "invalid_token", message: "Invalid or expired token." });
|
|
return;
|
|
}
|
|
res.json({ pubkey: payload.pubkey });
|
|
});
|
|
|
|
export default router;
|