Support Bluesky's !no-unauthenticated self-label

Alex Gleasonrequested to merge
no-unauthenticated into main

Bluesky users can set a "logged-out visibility" setting that looks like this:

image

It sets a !no-unauthenticated self-label on the user's profile record in atproto, which we convert into a NIP-32 self-label tag on the kind 0 event in the Bluesky bridge:

["l", "!no-unauthenticated", "com.atproto.label.defs#selfLabel"]

Bluesky is not particularly careful about hiding these profiles from any of its APIs, just its clients. So I did not want to drop these profiles on the bridge nor require NIP-42 AUTH on the bridge relay itself, because that doesn't match what Bluesky is doing. Instead I think it makes sense for Nostr clients to handle it, so this implements support in Ditto.

On certain profile and statuses endpoints, if the user has this tag, Ditto will return a 401 error if the user is logged out. Soapbox already correctly handles this case and redirects to the login screen (although we might want to improve it by displaying a message instead).

EDIT: This MR originally used the plural #selfLabels, but I changed it to singular #selfLabel after discovering its existence in the ATP Lexicon: !602 (merged)

Edited by Alex Gleason

Merge request reports