@xtr-dev/rondevu-server 0.5.12 → 0.5.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +9 -21
- package/dist/index.js +8 -1
- package/dist/index.js.map +2 -2
- package/migrations/0009_public_key_auth.sql +74 -0
- package/migrations/fresh_schema.sql +20 -21
- package/package.json +2 -1
- package/src/config.ts +1 -47
- package/src/crypto.ts +70 -304
- package/src/index.ts +2 -3
- package/src/rpc.ts +90 -272
- package/src/storage/d1.ts +72 -235
- package/src/storage/factory.ts +4 -17
- package/src/storage/memory.ts +46 -151
- package/src/storage/mysql.ts +66 -187
- package/src/storage/postgres.ts +66 -186
- package/src/storage/sqlite.ts +65 -194
- package/src/storage/types.ts +30 -88
- package/src/worker.ts +4 -9
package/README.md
CHANGED
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
|
|
5
5
|
**WebRTC signaling server with tags-based discovery**
|
|
6
6
|
|
|
7
|
-
HTTP signaling server with
|
|
7
|
+
HTTP signaling server with stateless Ed25519 authentication, tag-based offer discovery, and JSON-RPC interface. Multiple storage backends supported.
|
|
8
8
|
|
|
9
9
|
## Quick Start
|
|
10
10
|
|
|
@@ -57,21 +57,10 @@ npm install pg # for PostgreSQL
|
|
|
57
57
|
|
|
58
58
|
All API calls go to `POST /rpc` with JSON-RPC format. Requests must be arrays.
|
|
59
59
|
|
|
60
|
-
### Generate Credentials
|
|
61
|
-
|
|
62
|
-
```json
|
|
63
|
-
[{ "method": "generateCredentials", "params": { "name": "alice" } }]
|
|
64
|
-
```
|
|
65
|
-
|
|
66
|
-
Response:
|
|
67
|
-
```json
|
|
68
|
-
[{ "success": true, "result": { "name": "alice", "secret": "5a7f3e..." } }]
|
|
69
|
-
```
|
|
70
|
-
|
|
71
60
|
### Publish Offer (authenticated)
|
|
72
61
|
|
|
73
62
|
```
|
|
74
|
-
Headers: X-
|
|
63
|
+
Headers: X-PublicKey, X-Timestamp, X-Nonce, X-Signature
|
|
75
64
|
```
|
|
76
65
|
|
|
77
66
|
```json
|
|
@@ -81,7 +70,7 @@ Headers: X-Name, X-Timestamp, X-Nonce, X-Signature
|
|
|
81
70
|
}]
|
|
82
71
|
```
|
|
83
72
|
|
|
84
|
-
### Discover Offers
|
|
73
|
+
### Discover Offers (unauthenticated)
|
|
85
74
|
|
|
86
75
|
```json
|
|
87
76
|
[{ "method": "discover", "params": { "tags": ["chat"], "limit": 10 } }]
|
|
@@ -97,18 +86,20 @@ Headers: X-Name, X-Timestamp, X-Nonce, X-Signature
|
|
|
97
86
|
|
|
98
87
|
- `addIceCandidates` - Add ICE candidates
|
|
99
88
|
- `getIceCandidates` - Get ICE candidates
|
|
100
|
-
- `poll` - Poll for answers
|
|
89
|
+
- `poll` - Poll for answers and ICE candidates
|
|
101
90
|
- `deleteOffer` - Delete an offer
|
|
102
91
|
|
|
103
92
|
## Authentication
|
|
104
93
|
|
|
105
|
-
|
|
94
|
+
**Stateless Ed25519**: No registration required. Generate a keypair locally and sign requests.
|
|
106
95
|
|
|
107
96
|
```
|
|
108
|
-
Message: timestamp:nonce:method:
|
|
109
|
-
Headers: X-
|
|
97
|
+
Message: timestamp:nonce:method:canonicalJSON(params)
|
|
98
|
+
Headers: X-PublicKey, X-Timestamp, X-Nonce, X-Signature (base64 Ed25519)
|
|
110
99
|
```
|
|
111
100
|
|
|
101
|
+
The server verifies signatures directly using the public key from the header - no identity table, no registration step. Your public key IS your identity.
|
|
102
|
+
|
|
112
103
|
## Configuration
|
|
113
104
|
|
|
114
105
|
| Variable | Default | Description |
|
|
@@ -119,12 +110,9 @@ Headers: X-Name, X-Timestamp, X-Nonce, X-Signature (base64 HMAC)
|
|
|
119
110
|
| `DATABASE_URL` | - | Connection string (for `mysql`/`postgres`) |
|
|
120
111
|
| `DB_POOL_SIZE` | `10` | Connection pool size (for `mysql`/`postgres`) |
|
|
121
112
|
| `CORS_ORIGINS` | `*` | Allowed origins |
|
|
122
|
-
| `MASTER_ENCRYPTION_KEY` | - | 64-char hex for secret encryption |
|
|
123
113
|
| `OFFER_DEFAULT_TTL` | `60000` | Default offer TTL (ms) |
|
|
124
114
|
| `OFFER_MAX_TTL` | `86400000` | Max offer TTL (24h) |
|
|
125
115
|
|
|
126
|
-
Generate encryption key: `openssl rand -hex 32`
|
|
127
|
-
|
|
128
116
|
## Tag Validation
|
|
129
117
|
|
|
130
118
|
Tags: 1-64 chars, lowercase alphanumeric with dots/dashes.
|
package/dist/index.js
CHANGED
|
@@ -2624,6 +2624,13 @@ var handlers = {
|
|
|
2624
2624
|
if (offer.answererUsername) {
|
|
2625
2625
|
throw new RpcError(ErrorCodes.OFFER_ALREADY_ANSWERED, "Offer already answered");
|
|
2626
2626
|
}
|
|
2627
|
+
if (matchedTags && matchedTags.length > 0) {
|
|
2628
|
+
const offerTagSet = new Set(offer.tags);
|
|
2629
|
+
const invalidTags = matchedTags.filter((tag) => !offerTagSet.has(tag));
|
|
2630
|
+
if (invalidTags.length > 0) {
|
|
2631
|
+
throw new RpcError(ErrorCodes.INVALID_PARAMS, `matchedTags contains tags not on offer: ${invalidTags.join(", ")}`);
|
|
2632
|
+
}
|
|
2633
|
+
}
|
|
2627
2634
|
await storage.answerOffer(offerId, name, sdp, matchedTags);
|
|
2628
2635
|
return { success: true, offerId };
|
|
2629
2636
|
},
|
|
@@ -3031,7 +3038,7 @@ function createApp(storage, config) {
|
|
|
3031
3038
|
}
|
|
3032
3039
|
|
|
3033
3040
|
// src/config.ts
|
|
3034
|
-
var BUILD_VERSION = true ? "0.5.
|
|
3041
|
+
var BUILD_VERSION = true ? "0.5.12" : "unknown";
|
|
3035
3042
|
function loadConfig() {
|
|
3036
3043
|
let masterEncryptionKey = process.env.MASTER_ENCRYPTION_KEY;
|
|
3037
3044
|
if (!masterEncryptionKey) {
|