Include more detail with AuthFailure

2026-05-03 06:51:42 +00:00 · 2024-02-19 17:43:28 +13:00 · 2024-02-19 17:43:28 +13:00 · b4e3f8a06d
commit b4e3f8a06d
parent a922aad876
2 changed files with 14 additions and 9 deletions
--- a/src/error.rs
+++ b/src/error.rs
@ -23,7 +23,7 @@ impl std::fmt::Display for Error {
 #[derive(Debug)]
 pub enum ChorusError {
    // Auth failure
-    AuthFailure,
+    AuthFailure(String),

    // Auth required
    AuthRequired,
@ -125,7 +125,7 @@ pub enum ChorusError {
 impl std::fmt::Display for ChorusError {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        match self {
-            ChorusError::AuthFailure => write!(f, "AUTH failure"),
+            ChorusError::AuthFailure(s) => write!(f, "AUTH failure: {s}"),
            ChorusError::AuthRequired => write!(f, "AUTH required"),
            ChorusError::BadEventId => write!(f, "Bad event id, does not match hash"),
            ChorusError::BadHexInput => write!(f, "Bad hex input"),
--- a/src/nostr.rs
+++ b/src/nostr.rs
@ -267,8 +267,8 @@ impl WebSocketService {
        let reply = match self.auth_inner().await {
            Ok(()) => NostrReply::Ok(id, true, NostrReplyPrefix::None, "".to_string()),
            Err(e) => match e.inner {
-                ChorusError::AuthFailure => {
-                    NostrReply::Ok(id, false, NostrReplyPrefix::Invalid, "".to_string())
+                ChorusError::AuthFailure(s) => {
+                    NostrReply::Ok(id, false, NostrReplyPrefix::Invalid, s)
                }
                _ => NostrReply::Ok(id, false, NostrReplyPrefix::Error, format!("{}", e)),
            },
@ -288,7 +288,7 @@ impl WebSocketService {

        // Verify the event is the right kind
        if event.kind() != Kind(22242) {
-            return Err(ChorusError::AuthFailure.into());
+            return Err(ChorusError::AuthFailure("Wrong event kind".to_string()).into());
        }

        // Verify the challenge and relay tags
@ -303,7 +303,7 @@ impl WebSocketService {
                        let utf8value = std::str::from_utf8(value)?;
                        let url = match Url::parse(utf8value) {
                            Ok(u) => u,
-                            Err(_) => return Err(ChorusError::AuthFailure.into()),
+                            Err(e) => return Err(ChorusError::AuthFailure(format!("{e}")).into()),
                        };
                        if let Some(h) = url.host() {
                            let theirhost = h.to_owned();
@ -325,14 +325,19 @@ impl WebSocketService {
            }
        }

-        if !(challenge_ok && relay_ok) {
-            return Err(ChorusError::AuthFailure.into());
+        if !challenge_ok {
+            return Err(ChorusError::AuthFailure("challenge is wrong".to_string()).into());
+        }
+        if !relay_ok {
+            return Err(ChorusError::AuthFailure("relay is wrong".to_string()).into());
        }

        // Verify the created_at timestamp is within reason
        let timediff = (Time::now().0 as i64).abs_diff(event.created_at().0 as i64);
        if timediff < 600 {
-            return Err(ChorusError::AuthFailure.into());
+            return Err(
+                ChorusError::AuthFailure("Time is more than 10 minutes off".to_string()).into(),
+            );
        }

        // They are now authenticated