Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add opt.validate functions peerIn, peerOut #1333

Open
wants to merge 2 commits into
base: master
Choose a base branch
from

Conversation

jamesgibson14
Copy link

@jamesgibson14 jamesgibson14 commented Jun 11, 2023

I am adding some validate functions to the base gun code. This will give users custom ability to validate incoming / outgoing traffic, and in the case of validate.dataIn, control whether or not data is stored in the local graph.

@jamesgibson14
Copy link
Author

jamesgibson14 commented Jun 11, 2023

To use just add a validate object to the gun option and any or all of the 2 validate functions and return truthy values to allow or falsy to deny.

//for a nodejs server:
const validate = {
	peerIn( raw, peer, gunRoot ){
		const peerIsRelay = !!peer.url
		console.log( `PEER_IN: peerIsRelay ${ peerIsRelay }, ${ peer.wire._socket.remoteAddress }, ${JSON.stringify( peer.id )} - ${raw}\n\r` )
		//must return a truthy for gun to accept a message
		return true
	},
	peerOut( raw, peer, wireMessage ){
		const peerIsRelay = !peer.wire._socket || !!peer.wire._url
		console.log( `PEER_OUT: peerIsRelay ${ peerIsRelay }, ${JSON.stringify( peer.wire?.headers?.host || peer.wire?._url )} - ${raw} \n\r` )	
		//must return a truthy for gun to send message
		return true
	},
}
const gunConfig = {
	axe: false, 
	web: config.server.listen(config.port), 
	peers: process.env?.PEERS?.split(',') || [],
	validate,
}
var gun = Gun( gunConfig );

@jamesgibson14
Copy link
Author

peer.wire._socket.remoteAddress could be used to whitelist messages by IP address, or the raw messages could be check for certain gun paths or public keys to allow or deny.

@jamesgibson14
Copy link
Author

jamesgibson14 commented Jun 11, 2023

@amark it was hard to pick the exact spots to add these validation function, I tried to add them at the lowest level possible so messages could be dropped before much processing has been done. Any feedback to improve it would be great.

@jamesgibson14 jamesgibson14 changed the title add opt.validate functions peerIn, peerOut and dataIn add opt.validate functions peerIn, peerOut Jun 15, 2023
@jamesgibson14
Copy link
Author

I removed validate.dataIn, since on.in and on.put events work just as well.

@amark
Copy link
Owner

amark commented Jul 19, 2023

Oh sorry, GitHub's email notification system has been broken for me for a while.

Thanks for contributing :)

I disagree with how tho:

  1. for instance, ws already has an earlier place to do this: the upgrade header from the HTTP to WebSocket handshake, or even verifyClient callback: https://github.com/websockets/ws/blob/master/doc/ws.md

  2. if this were to be in GUN, not HTTP/ws, then it should be wrapped as an adapter (especially anything that is non-uniform between browser/NodeJS) like this contributor did https://github.com/amark/gun/blob/master/lib/verify.js very similarly to you, tho note, it reuses (1), tho in my opinion API-wise would be more consistent with the actual ws API so there is less "magic" going on. I'm guessing this may have been something you'd have wanted, but couldn't find it because its poorly documented as a contributor adapter?

Is there something about the above 2 comments that would not solve what you are needing to do?

Thank you for jumping in and helping tho! Want to contribute more in other ways too?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants