allow publishing events from allowed pubkeys without auth, if env variable is set

src/main.ts

@@ -16,23 +16,26 @@ type Nip42ProxySocketData = {
   remoteWs: WebSocket;
 };
 
-async function validateAuthEvent(event: Event, challenge: string): boolean {
+async function validateAuthEvent(event: Event, challenge: string): Promise<boolean> {
   if (event.kind !== 22242) return false;
   const last30Seconds = Math.floor(Date.now() / 1000) - 30;
   if (event.created_at < last30Seconds) return false;
   const challengeTag = event.tags.find(tag => tag[0] === 'challenge')?.[1];
   if (challengeTag !== challenge) return false;
+  return await isPubkeyAllowed(event);
+}
+
+async function isPubkeyAllowed(event: Event): Promise<boolean> {
   const file = Bun.file("./allowed-pubkeys.json");
   if (!await file.exists()) return true;
   const allowedPubkeys = JSON.parse(await file.text());
-  if (!allowedPubkeys.includes(event.pubkey)) return false;
-  return true;
+  return allowedPubkeys.includes(event.pubkey);
 }
 
 const sendMessage = (ws: ServerWebSocket<Nip42ProxySocketData>, message: any[]) => ws.send(JSON.stringify(message), true);
 const sendAuth = (ws: ServerWebSocket<Nip42ProxySocketData>) => sendMessage(ws, ["AUTH", ws.data.authToken, "This is an authenticated relay."]);
 
-export function main(mainRelayUrl: string) {
+export function main(mainRelayUrl: string, allowUnauthedPublish: boolean) {
   const server = Bun.serve<Nip42ProxySocketData, {}>({
     fetch(req, server) {
       const upgrade = server.upgrade(req, {
@@ -54,6 +57,10 @@ export function main(mainRelayUrl: string) {
           }
           if (command === "EVENT") {
             const [event] = data;
+            if (allowUnauthedPublish && await isPubkeyAllowed(event)) {
+              ws.data.remoteWs.send(msg);
+              return;
+            }
             sendMessage(ws, ["OK", event.id, false, 'auth-required: you must authenticate first']);
           }
           if (command === "AUTH") {