From e78d86febab43093fea3fbd790c01cbe59dddfb2 Mon Sep 17 00:00:00 2001
From: koalasat <koalasat@satstralia.com>
Date: Sun, 27 Apr 2025 18:43:51 +0200
Subject: [PATCH] nostr pubkey for Robot

---
 api/views.py                                       |  1 +
 frontend/src/models/Robot.model.ts                 |  7 ++++---
 frontend/src/models/Slot.model.ts                  |  8 --------
 frontend/src/services/api/ApiNativeClient/index.ts |  4 ++--
 frontend/src/services/api/ApiWebClient/index.ts    |  4 ++--
 frontend/src/services/api/index.ts                 |  1 +
 robosats/middleware.py                             | 12 ++++++++++++
 tests/utils/trade.py                               |  3 ++-
 8 files changed, 24 insertions(+), 16 deletions(-)

diff --git a/api/views.py b/api/views.py
index e6d17971..91f4fbab 100644
--- a/api/views.py
+++ b/api/views.py
@@ -693,6 +693,7 @@ class RobotView(APIView):
         context["encrypted_private_key"] = user.robot.encrypted_private_key
         context["earned_rewards"] = user.robot.earned_rewards
         context["wants_stealth"] = user.robot.wants_stealth
+        context["nostr_pubkey"] = user.robot.nostr_pubkey
         context["last_login"] = user.last_login
 
         # Adds/generate telegram token and whether it is enabled
diff --git a/frontend/src/models/Robot.model.ts b/frontend/src/models/Robot.model.ts
index e196d128..5970f64c 100644
--- a/frontend/src/models/Robot.model.ts
+++ b/frontend/src/models/Robot.model.ts
@@ -1,6 +1,5 @@
-import { apiClient } from '../services/api';
+import { apiClient, type Auth } from '../services/api';
 import type Federation from './Federation.model';
-import { type AuthHeaders } from './Slot.model';
 
 class Robot {
   constructor(attributes?: Record<any, any>) {
@@ -31,13 +30,15 @@ class Robot {
     Object.assign(this, attributes);
   };
 
-  getAuthHeaders = (): AuthHeaders | null => {
+  getAuthHeaders = (): Auth | null => {
     const tokenSHA256 = this.tokenSHA256 ?? '';
     const encPrivKey = this.encPrivKey ?? '';
     const pubKey = this.pubKey ?? '';
+    const nostrPubkey = this.nostrPubKey ?? '';
 
     return {
       tokenSHA256,
+      nostrPubkey,
       keys: {
         pubKey: pubKey.split('\n').join('\\'),
         encPrivKey: encPrivKey.split('\n').join('\\'),
diff --git a/frontend/src/models/Slot.model.ts b/frontend/src/models/Slot.model.ts
index 4ab07790..e44d75db 100644
--- a/frontend/src/models/Slot.model.ts
+++ b/frontend/src/models/Slot.model.ts
@@ -5,14 +5,6 @@ import { roboidentitiesClient } from '../services/Roboidentities/Web';
 import { hexToBase91, validateTokenEntropy } from '../utils';
 import { getPublicKey } from 'nostr-tools';
 
-export interface AuthHeaders {
-  tokenSHA256: string;
-  keys: {
-    pubKey: string;
-    encPrivKey: string;
-  };
-}
-
 class Slot {
   constructor(
     token: string,
diff --git a/frontend/src/services/api/ApiNativeClient/index.ts b/frontend/src/services/api/ApiNativeClient/index.ts
index 3cbbb369..677e2a40 100644
--- a/frontend/src/services/api/ApiNativeClient/index.ts
+++ b/frontend/src/services/api/ApiNativeClient/index.ts
@@ -19,11 +19,11 @@ class ApiNativeClient implements ApiClient {
           Authorization: `Token ${auth.tokenSHA256}`,
         },
       };
-    } else if (auth?.keys != null) {
+    } else if (auth?.keys != null && auth.nostrPubkey != null) {
       headers = {
         ...headers,
         ...{
-          Authorization: `Token ${auth.tokenSHA256} | Public ${auth.keys.pubKey} | Private ${auth.keys.encPrivKey}`,
+          Authorization: `Token ${auth.tokenSHA256} | Public ${auth.keys.pubKey} | Private ${auth.keys.encPrivKey} | Nostr ${auth.nostrPubkey}`,
         },
       };
     }
diff --git a/frontend/src/services/api/ApiWebClient/index.ts b/frontend/src/services/api/ApiWebClient/index.ts
index b28edf27..65c84469 100644
--- a/frontend/src/services/api/ApiWebClient/index.ts
+++ b/frontend/src/services/api/ApiWebClient/index.ts
@@ -15,11 +15,11 @@ class ApiWebClient implements ApiClient {
           Authorization: `Token ${auth.tokenSHA256}`,
         },
       };
-    } else if (auth?.keys != null) {
+    } else if (auth?.keys != null && auth.nostrPubkey != null) {
       headers = {
         ...headers,
         ...{
-          Authorization: `Token ${auth.tokenSHA256} | Public ${auth.keys.pubKey} | Private ${auth.keys.encPrivKey}`,
+          Authorization: `Token ${auth.tokenSHA256} | Public ${auth.keys.pubKey} | Private ${auth.keys.encPrivKey} | Nostr ${auth.nostrPubkey}`,
         },
       };
     }
diff --git a/frontend/src/services/api/index.ts b/frontend/src/services/api/index.ts
index 21b8effd..a6fcc421 100644
--- a/frontend/src/services/api/index.ts
+++ b/frontend/src/services/api/index.ts
@@ -3,6 +3,7 @@ import ApiNativeClient from './ApiNativeClient';
 
 export interface Auth {
   tokenSHA256: string;
+  nostrPubkey?: string;
   keys?: { pubKey: string; encPrivKey: string };
 }
 
diff --git a/robosats/middleware.py b/robosats/middleware.py
index 1e0d41e8..4550e306 100644
--- a/robosats/middleware.py
+++ b/robosats/middleware.py
@@ -42,9 +42,15 @@ class SplitAuthorizationHeaderMiddleware(MiddlewareMixin):
         split_auth = auth_header.split(" | ")
 
         if len(split_auth) == 3:
+            # Deprecated in favor of len 4
             request.META["HTTP_AUTHORIZATION"] = split_auth[0]
             request.META["PUBLIC_KEY"] = split_auth[1]
             request.META["ENCRYPTED_PRIVATE_KEY"] = split_auth[2]
+        elif len(split_auth) == 4:
+            request.META["HTTP_AUTHORIZATION"] = split_auth[0]
+            request.META["PUBLIC_KEY"] = split_auth[1]
+            request.META["ENCRYPTED_PRIVATE_KEY"] = split_auth[2]
+            request.META["NOSTR_PUBKEY"] = split_auth[3]
 
 
 class RobotTokenSHA256AuthenticationMiddleWare:
@@ -108,11 +114,13 @@ class RobotTokenSHA256AuthenticationMiddleWare:
             # Authorization header or in the Cookies.
             public_key = ""
             encrypted_private_key = ""
+            nostr_pubkey = ""
 
             public_key = request.META.get("PUBLIC_KEY", "").replace("Public ", "")
             encrypted_private_key = request.META.get(
                 "ENCRYPTED_PRIVATE_KEY", ""
             ).replace("Private ", "")
+            nostr_pubkey = request.META.get("NOSTR_PUBKEY", "").replace("Nostr ", "")
 
             # Some legacy (pre-federation) clients will still send keys as cookies
             if public_key == "" or encrypted_private_key == "":
@@ -158,6 +166,10 @@ class RobotTokenSHA256AuthenticationMiddleWare:
             if not user.robot.encrypted_private_key:
                 user.robot.encrypted_private_key = encrypted_private_key
 
+            # Add nostr key to the new user
+            if not user.robot.nostr_pubkey:
+                user.robot.nostr_pubkey = nostr_pubkey
+
             update_last_login(None, user)
             user.save()
 
diff --git a/tests/utils/trade.py b/tests/utils/trade.py
index 4901df41..3608a663 100644
--- a/tests/utils/trade.py
+++ b/tests/utils/trade.py
@@ -70,11 +70,12 @@ class Trade:
         b91_token = read_file(f"tests/robots/{robot_index}/b91_token")
         pub_key = read_file(f"tests/robots/{robot_index}/pub_key")
         enc_priv_key = read_file(f"tests/robots/{robot_index}/enc_priv_key")
+        nostr_pubkey = read_file(f"tests/robots/{robot_index}/nostr_pubkey")
 
         # First time a robot authenticated, it is registered by the backend, so pub_key and enc_priv_key is needed
         if first_encounter:
             headers = {
-                "HTTP_AUTHORIZATION": f"Token {b91_token} | Public {pub_key} | Private {enc_priv_key}"
+                "HTTP_AUTHORIZATION": f"Token {b91_token} | Public {pub_key} | Private {enc_priv_key} | Nostr {nostr_pubkey}"
             }
         else:
             headers = {"HTTP_AUTHORIZATION": f"Token {b91_token}"}