taldir

Directory service to resolve wallet mailboxes by messenger addresses
Log | Files | Refs | Submodules | README | LICENSE
commit 7374d2bd3cd6611649aa60227d6bc4366d98d91f
parent dab08e105ccb7aee321c65cf6fceb9c94a1f3f6b
Author: Martin Schanzenbach <schanzen@gnunet.org>
Date:   Tue, 21 Jan 2025 22:52:17 +0100

Payment Address validation with regex

Diffstat:

Mpkg/rest/taldir.go | 24++++++++++++++++++++++--


1 file changed, 22 insertions(+), 2 deletions(-)

diff --git a/pkg/rest/taldir.go b/pkg/rest/taldir.go
@@ -85,6 +85,9 @@ type Taldir struct {
 	// The address salt
 	Salt string
 
+	// Valid Payment System Address
+	ValidPMSRegex string
+
 	// The timeframe for the validation requests
 	ValidationTimeframe time.Duration
 
@@ -312,12 +315,22 @@ const monthDurationUs = 2592000000000
 // 1 Month as Go duration
 const monthDuration = time.Duration(monthDurationUs * 1000)
 
+func (t *Taldir) isPMSValid(pms string) (err error) {
+	if t.ValidPMSRegex != "" {
+		matched, _ := regexp.MatchString(t.ValidPMSRegex, pms)
+		if !matched {
+			return errors.New(fmt.Sprintf("Payment System Address `%s' invalid", pms)) // TODO i18n
+		}
+	}
+	return
+}
+
 func (v *Validator) isAliasValid(alias string) (err error) {
 	log.Println(v.ValidAliasRegex)
 	if v.ValidAliasRegex != "" {
 		matched, _ := regexp.MatchString(v.ValidAliasRegex, alias)
 		if !matched {
-			return errors.New(fmt.Sprintf("Alias '%s' invalid", alias)) // TODO i18n
+			return errors.New(fmt.Sprintf("Alias `%s' invalid", alias)) // TODO i18n
 		}
 	}
 	return
@@ -458,6 +471,12 @@ func (t *Taldir) registerRequest(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	err = t.isPMSValid(req.TargetUri)
+	if nil != err {
+		http.Redirect(w, r, fmt.Sprintf("/?error=%s", err), http.StatusSeeOther)
+		return
+	}
+
 	// Setup validation object. Retrieve object from DB if it already
 	// exists.
 	h := sha512.New()
@@ -711,7 +730,7 @@ func (t *Taldir) methodLookupResultPage(w http.ResponseWriter, r *http.Request) 
 	alias := r.URL.Query().Get("address")
 	err := val.isAliasValid(alias)
 	if nil != err {
-		http.Redirect(w, r, fmt.Sprintf("?error=%s", err), http.StatusSeeOther)
+		http.Redirect(w, r, fmt.Sprintf("/?error=%s", err), http.StatusSeeOther)
 		return
 	}
 	hAddressBin := sha512.Sum512([]byte(r.URL.Query().Get("address")))
@@ -851,6 +870,7 @@ func (t *Taldir) Initialize(cfgfile string, version string) {
 	t.SolutionAttemptsMax = t.Cfg.Section("taldir").Key("solution_attempt_max").MustInt(3)
 
 	validationTTLStr := t.Cfg.Section("taldir").Key("validation_timeframe").MustString("5m")
+	t.ValidPMSRegex = t.Cfg.Section("taldir").Key("valid_payment_system_address_regex").MustString("[A-Z]+")
 	t.ValidationTimeframe, err = time.ParseDuration(validationTTLStr)
 	if err != nil {
 		log.Fatal(err)