Skip to content

This is an example Nostr rust project to enable '402 Payment Required' responses for requests to paid content.

License

Notifications You must be signed in to change notification settings

blakejakopovic/nostr_paywall_example

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Nostr Paywall Example

This is an example Nostr rust project to enable 402 Payment Required responses for requests to paid content. To prove payment, a NIP 98 - HTTP Auth Nostr event should be included, which will unlock access the content post-payment - ideally on on refresh on successful payment.

This project doesn't handle money, and is a reference project to help you get started. If there is enough interest, it could become a rust create (library) project.

Unsupported Today (however, ideally on the roadmap)

  1. Generating invoices for 402 Payment Required responses to enable payment (embedding the pubkey and content_id metadata in an invoice)
  2. Database schema
  3. Database access check logic / query (with access to pubkey and content_id)
  4. Actual Content delivery
  5. Split payments and similar

Customisation

  1. check_pubkey_access() in db.rs - You can customise the Postgres DB query used to check access. Currently the check returns true for all valid NIP 98 header.
  2. content in routes.rs - You can write your own content delivery logic here; for URL redirection, Images, proxied content, or anything else.

Getting Started

git clone https://github.com/blakejakopovic/nostr_paywall_example
cd nostr_paywall_example

cp .env.example .env
nano .env
# Ensure you update AUTH_EVENT_HOST to match your expected server hostname, or the NIP-98 auth will fail

RUST_LOG=info cargo run --release

Usage / Testing

  1. Create a NIP 98 HTTP Auth event. You can use this tool with a test pubkey https://nostrtool.com. Just keep in mind by default you only have 60 seconds before the event's created_at value becomes too old (and you will get a Bad Request response).
{
  "id": "cddeb723c58a2ff78cd5f0f315d855306ce7eada1714a26572ac0f0d2e619925",
  "pubkey": "970e0ebe27a552be8982047974f60302caab0fcb9aa86855f81102e67e084e45",
  "created_at": 1682772206,
  "kind": 27235,
  "tags": [
    [
      "u",
      "http://localhost:8080/m/test_content_id"
    ],
    [
      "method",
      "GET"
    ]
  ],
  "content": "",
  "sig": "2ef81b6b7d494d57dc06ac261aeb1e9c7dfeeb3868b2c4daee604ccdf4cb9cda8f3df08c50f93c99e327ad8fb40175907d47f7dfc100633af3fe38f085d6c888"
}
  1. Base64 encode the event. Easily done here https://www.base64encode.org.
ewogICJpZCI6ICJjZGRlYjcyM2M1OGEyZmY3OGNkNWYwZjMxNWQ4NTUzMDZjZTdlYWRhMTcxNGEyNjU3MmFjMGYwZDJlNjE5OTI1IiwKICAicHVia2V5IjogIjk3MGUwZWJlMjdhNTUyYmU4OTgyMDQ3OTc0ZjYwMzAyY2FhYjBmY2I5YWE4Njg1NWY4MTEwMmU2N2UwODRlNDUiLAogICJjcmVhdGVkX2F0IjogMTY4Mjc3MjIwNiwKICAia2luZCI6IDI3MjM1LAogICJ0YWdzIjogWwogICAgWwogICAgICAidSIsCiAgICAgICJodHRwOi8vbG9jYWxob3N0OjgwODAvbS90ZXN0X2NvbnRlbnRfaWQiCiAgICBdLAogICAgWwogICAgICAibWV0aG9kIiwKICAgICAgIkdFVCIKICAgIF0KICBdLAogICJjb250ZW50IjogIiIsCiAgInNpZyI6ICIyZWY4MWI2YjdkNDk0ZDU3ZGMwNmFjMjYxYWViMWU5YzdkZmVlYjM4NjhiMmM0ZGFlZTYwNGNjZGY0Y2I5Y2RhOGYzZGYwOGM1MGY5M2M5OWUzMjdhZDhmYjQwMTc1OTA3ZDQ3ZjdkZmMxMDA2MzNhZjNmZTM4ZjA4NWQ2Yzg4OCIKfQ==
  1. Run the following command with your matching event u tag and base64 event output.
curl -H "AUTHORIZATION: nostr REPLACE_WITH_BASE64_ENCODED_EVENT" localhost:8080/m/test_content_id

About

This is an example Nostr rust project to enable '402 Payment Required' responses for requests to paid content.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Languages