rondevu-server

xtr.dev/rondevu-server

Fork 0

mirror of https://github.com/xtr-dev/rondevu-server.git synced 2025-12-14 04:43:24 +00:00

Commit Graph

Author	SHA1	Message	Date
Bas van den Aakster	51fe405440	Unified Ed25519 authentication - remove peer_id/credentials system BREAKING CHANGE: Remove dual authentication system - Remove POST /register endpoint - no longer needed - Remove peer_id/secret credential-based auth - All authentication now uses username + Ed25519 signatures - Anonymous users can generate random usernames (anon-{timestamp}-{hex}) Database schema: - Rename peer_id → username in offers table - Rename answerer_peer_id → answerer_username in offers table - Rename peer_id → username in ice_candidates table - Remove secret column from offers table - Add FK constraints for username columns Storage layer: - Update D1 and SQLite implementations - All methods use username instead of peerId - Remove secret-related code Auth middleware: - Replace validateCredentials() with Ed25519 signature verification - Extract auth from request body (POST) or query params (GET) - Verify signature against username's public key - Validate message format and timestamp Crypto utilities: - Remove generatePeerId(), encryptPeerId(), decryptPeerId(), validateCredentials() - Add generateAnonymousUsername() - creates anon-{timestamp}-{random} - Add validateAuthMessage() - validates auth message format Config: - Remove authSecret from Config interface (no longer needed) All server endpoints updated to use getAuthenticatedUsername()	2025-12-10 22:06:45 +01:00
Bas van den Aakster	52cf734858	Remove legacy V1 code and clean up unused remnants - Delete unused bloom.ts module (leftover from topic-based discovery) - Remove maxTopicsPerOffer configuration (no longer used) - Remove unused info field from Offer types - Simplify generateOfferHash() to only hash SDP (remove topics param) - Update outdated comments referencing deprecated features - Remove backward compatibility topics field from answer responses This completes the migration to V2 service-based architecture by removing all remnants of the V1 topic-based system. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2025-12-06 12:06:02 +01:00
Bas van den Aakster	fe912e6a94	feat: Implement content-based offer IDs with SHA-256 hashing - Added hash-id.ts utility for SHA-256 content hashing - Offer IDs now generated from hash of {sdp, topics} (sorted) - Removed peerId from hash (inferred from authentication) - Server generates deterministic IDs for idempotent offer creation - Updated SQLite and D1 storage implementations - Removed optional id field from CreateOfferRequest - Same offer content always produces same ID 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-11-16 16:34:28 +01:00

Author

SHA1

Message

Date

Bas van den Aakster

51fe405440

Unified Ed25519 authentication - remove peer_id/credentials system

BREAKING CHANGE: Remove dual authentication system

- Remove POST /register endpoint - no longer needed
- Remove peer_id/secret credential-based auth
- All authentication now uses username + Ed25519 signatures
- Anonymous users can generate random usernames (anon-{timestamp}-{hex})

Database schema:
- Rename peer_id → username in offers table
- Rename answerer_peer_id → answerer_username in offers table
- Rename peer_id → username in ice_candidates table
- Remove secret column from offers table
- Add FK constraints for username columns

Storage layer:
- Update D1 and SQLite implementations
- All methods use username instead of peerId
- Remove secret-related code

Auth middleware:
- Replace validateCredentials() with Ed25519 signature verification
- Extract auth from request body (POST) or query params (GET)
- Verify signature against username's public key
- Validate message format and timestamp

Crypto utilities:
- Remove generatePeerId(), encryptPeerId(), decryptPeerId(), validateCredentials()
- Add generateAnonymousUsername() - creates anon-{timestamp}-{random}
- Add validateAuthMessage() - validates auth message format

Config:
- Remove authSecret from Config interface (no longer needed)

All server endpoints updated to use getAuthenticatedUsername()

2025-12-10 22:06:45 +01:00

Bas van den Aakster

52cf734858

Remove legacy V1 code and clean up unused remnants

- Delete unused bloom.ts module (leftover from topic-based discovery)
- Remove maxTopicsPerOffer configuration (no longer used)
- Remove unused info field from Offer types
- Simplify generateOfferHash() to only hash SDP (remove topics param)
- Update outdated comments referencing deprecated features
- Remove backward compatibility topics field from answer responses

This completes the migration to V2 service-based architecture by
removing all remnants of the V1 topic-based system.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

2025-12-06 12:06:02 +01:00

Bas van den Aakster

fe912e6a94

feat: Implement content-based offer IDs with SHA-256 hashing

- Added hash-id.ts utility for SHA-256 content hashing
- Offer IDs now generated from hash of {sdp, topics} (sorted)
- Removed peerId from hash (inferred from authentication)
- Server generates deterministic IDs for idempotent offer creation
- Updated SQLite and D1 storage implementations
- Removed optional id field from CreateOfferRequest
- Same offer content always produces same ID

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

2025-11-16 16:34:28 +01:00

3 Commits