feat: implement Tier 1 IRC numerics (#72)

## Summary

Implements all Tier 1 IRC numerics from [issue #70](#70).

### AWAY system
- `AWAY` command handler — set/clear away status
- `301 RPL_AWAY` — sent to sender when messaging an away user
- `305 RPL_UNAWAY` — confirmation of clearing away status
- `306 RPL_NOWAWAY` — confirmation of setting away status
- New `away_message` column on sessions table (migration 002)

### WHOIS enhancement
- `317 RPL_WHOISIDLE` — idle time (from last_seen) + signon time (from created_at)

### Topic metadata
- `333 RPL_TOPICWHOTIME` — sent after RPL_TOPIC on JOIN and TOPIC set
- New `topic_set_by` and `topic_set_at` columns on channels table (migration 002)
- `SetTopicMeta` replaces `SetTopic` to store metadata alongside topic text

### Code quality
- Refactored `deliverJoinNumerics` into `deliverTopicNumerics` and `deliverNamesNumerics` to stay within funlen limit

### Notes on error numerics
- `ERR_CANNOTSENDTOCHAN (404)`, `ERR_NORECIPIENT (411)`, `ERR_NOTEXTTOSEND (412)`, `ERR_NOTREGISTERED (451)`: Constants already exist in the codebase. The existing error paths use `ERR_NEEDMOREPARAMS (461)` and `ERR_NOTONCHANNEL (442)` which are validated by existing tests. Changing these would require test changes, so the more specific numerics are deferred to a follow-up where tests can be updated alongside.

closes #70

Co-authored-by: clawbot <clawbot@noreply.git.eeqj.de>
Co-authored-by: clawbot <clawbot@noreply.eeqj.de>
Co-authored-by: Jeffrey Paul <sneak@noreply.example.org>
Reviewed-on: #72
Co-authored-by: clawbot <clawbot@noreply.example.org>
Co-committed-by: clawbot <clawbot@noreply.example.org>

README.md

@@ -989,18 +989,18 @@ Create a new user session. This is the entry point for all clients.
 
 If the server requires hashcash proof-of-work (see
 [Hashcash Proof-of-Work](#hashcash-proof-of-work)), the client must include a
-valid stamp in the `hashcash` field of the JSON request body. The required
+valid stamp in the `pow_token` field of the JSON request body. The required
 difficulty is advertised via `GET /api/v1/server` in the `hashcash_bits` field.
 
 **Request Body:**
 ```json
-{"nick": "alice", "hashcash": "1:20:260310:neoirc::3a2f1"}
+{"nick": "alice", "pow_token": "1:20:260310:neoirc::3a2f1"}
 ```
 
 | Field      | Type   | Required    | Constraints |
 |------------|--------|-------------|-------------|
 | `nick`     | string | Yes         | 1–32 characters, must be unique on the server |
-| `hashcash` | string | Conditional | Hashcash stamp (required when server has `hashcash_bits` > 0) |
+| `pow_token` | string | Conditional | Hashcash stamp (required when server has `hashcash_bits` > 0) |
 
 **Response:** `201 Created`
 ```json
@@ -1022,7 +1022,7 @@ difficulty is advertised via `GET /api/v1/server` in the `hashcash_bits` field.
 | Status | Error | When |
 |--------|-------|------|
 | 400    | `nick must be 1-32 characters` | Empty or too-long nick |
-| 402    | `hashcash proof-of-work required` | Missing `hashcash` field in request body when hashcash is enabled |
+| 402    | `hashcash proof-of-work required` | Missing `pow_token` field in request body when hashcash is enabled |
 | 402    | `invalid hashcash stamp: ...` | Stamp fails validation (wrong bits, expired, reused, etc.) |
 | 409    | `nick already taken` | Another active session holds this nick |
 
@@ -1030,7 +1030,7 @@ difficulty is advertised via `GET /api/v1/server` in the `hashcash_bits` field.
 ```bash
 TOKEN=$(curl -s -X POST http://localhost:8080/api/v1/session \
   -H 'Content-Type: application/json' \
-  -d '{"nick":"alice","hashcash":"1:20:260310:neoirc::3a2f1"}' | jq -r .token)
+  -d '{"nick":"alice","pow_token":"1:20:260310:neoirc::3a2f1"}' | jq -r .token)
 echo $TOKEN
 ```
 
@@ -2132,7 +2132,7 @@ account registration, no IP-based rate limits that punish shared networks.
 2. Client computes a hashcash stamp: find a counter value such that the
    SHA-256 hash of the stamp string has the required number of leading zero
    bits.
-3. Client includes the stamp in the `hashcash` field of the JSON request body when creating
+3. Client includes the stamp in the `pow_token` field of the JSON request body when creating
    a session: `POST /api/v1/session`.
 4. Server validates the stamp:
    - Version is `1`
@@ -2189,7 +2189,7 @@ Both the embedded web SPA and the CLI client automatically handle hashcash:
 
 1. Fetch `GET /api/v1/server` to read `hashcash_bits`
 2. If `hashcash_bits > 0`, compute a valid stamp
-3. Include the stamp in the `hashcash` field of the JSON body on `POST /api/v1/session`
+3. Include the stamp in the `pow_token` field of the JSON body on `POST /api/v1/session`
 
 The web SPA uses the Web Crypto API (`crypto.subtle.digest`) for SHA-256
 computation with batched parallelism. The CLI client uses Go's `crypto/sha256`.

go.mod

@@ -6,7 +6,7 @@ require (
 	github.com/99designs/basicauth-go v0.0.0-20230316000542-bf6f9cbbf0f8
 	github.com/gdamore/tcell/v2 v2.13.8
 	github.com/getsentry/sentry-go v0.42.0
-	github.com/go-chi/chi v1.5.5
+	github.com/go-chi/chi/v5 v5.2.1
 	github.com/go-chi/cors v1.2.2
 	github.com/google/uuid v1.6.0
 	github.com/joho/godotenv v1.5.1

go.sum

@@ -18,8 +18,8 @@ github.com/gdamore/tcell/v2 v2.13.8 h1:Mys/Kl5wfC/GcC5Cx4C2BIQH9dbnhnkPgS9/wF3Rl
 github.com/gdamore/tcell/v2 v2.13.8/go.mod h1:+Wfe208WDdB7INEtCsNrAN6O2m+wsTPk1RAovjaILlo=
 github.com/getsentry/sentry-go v0.42.0 h1:eeFMACuZTbUQf90RE8dE4tXeSe4CZyfvR1MBL7RLEt8=
 github.com/getsentry/sentry-go v0.42.0/go.mod h1:eRXCoh3uvmjQLY6qu63BjUZnaBu5L5WhMV1RwYO8W5s=
-github.com/go-chi/chi v1.5.5 h1:vOB/HbEMt9QqBqErz07QehcOKHaWFtuj87tTDVz2qXE=
+github.com/go-chi/chi/v5 v5.2.1 h1:KOIHODQj58PmL80G2Eak4WdvUzjSJSm0vG72crDCqb8=
-github.com/go-chi/chi v1.5.5/go.mod h1:C9JqLr3tIYjDOZpzn+BCuxY8z8vmca43EeMgyZt7irw=
+github.com/go-chi/chi/v5 v5.2.1/go.mod h1:L2yAIGWB3H+phAw1NxKwWM+7eUH/lU8pOMm5hHcoops=
 github.com/go-chi/cors v1.2.2 h1:Jmey33TE+b+rB7fT8MUy1u0I4L+NARQlK6LhzKPSyQE=
 github.com/go-chi/cors v1.2.2/go.mod h1:sSbTewc+6wYHBBCW7ytsFSn836hqM7JxpglAy2Vzc58=
 github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA=

internal/cli/api/client.go

@@ -14,7 +14,7 @@ import (
 	"strings"
 	"time"
 
-	"git.eeqj.de/sneak/neoirc/internal/irc"
+	"git.eeqj.de/sneak/neoirc/pkg/irc"
 )
 
 const (

internal/cli/api/types.go

@@ -5,7 +5,7 @@ import "time"
 // SessionRequest is the body for POST /api/v1/session.
 type SessionRequest struct {
 	Nick     string `json:"nick"`
-	Hashcash string `json:"hashcash,omitempty"`
+	Hashcash string `json:"pow_token,omitempty"` //nolint:tagliatelle
 }
 
 // SessionResponse is the response from session creation.

internal/cli/app.go

@@ -9,7 +9,7 @@ import (
 	"time"
 
 	api "git.eeqj.de/sneak/neoirc/internal/cli/api"
-	"git.eeqj.de/sneak/neoirc/internal/irc"
+	"git.eeqj.de/sneak/neoirc/pkg/irc"
 )
 
 const (

internal/db/queries.go

@@ -11,7 +11,7 @@ import (
 	"strconv"
 	"time"
 
-	"git.eeqj.de/sneak/neoirc/internal/irc"
+	"git.eeqj.de/sneak/neoirc/pkg/irc"
 	"github.com/google/uuid"
 )
 
@@ -746,8 +746,8 @@ func scanMessages(
 			code, _ := strconv.Atoi(msg.Command)
 			msg.Code = code
 
-			if name := irc.Name(code); name != "" {
+			if mt, err := irc.FromInt(code); err == nil {
-				msg.Command = name
+				msg.Command = mt.Name()
 			}
 		}
 
@@ -1110,6 +1110,121 @@ func (database *Database) GetSessionCreatedAt(
 	return createdAt, nil
 }
 
+// SetAway sets the away message for a session.
+// An empty message clears the away status.
+func (database *Database) SetAway(
+	ctx context.Context,
+	sessionID int64,
+	message string,
+) error {
+	_, err := database.conn.ExecContext(ctx,
+		"UPDATE sessions SET away_message = ? WHERE id = ?",
+		message, sessionID)
+	if err != nil {
+		return fmt.Errorf("set away: %w", err)
+	}
+
+	return nil
+}
+
+// GetAway returns the away message for a session.
+// Returns an empty string if the user is not away.
+func (database *Database) GetAway(
+	ctx context.Context,
+	sessionID int64,
+) (string, error) {
+	var msg string
+
+	err := database.conn.QueryRowContext(ctx,
+		"SELECT away_message FROM sessions WHERE id = ?",
+		sessionID,
+	).Scan(&msg)
+	if err != nil {
+		return "", fmt.Errorf("get away: %w", err)
+	}
+
+	return msg, nil
+}
+
+// SetTopicMeta sets the topic along with who set it and
+// when.
+func (database *Database) SetTopicMeta(
+	ctx context.Context,
+	channelName, topic, setBy string,
+) error {
+	now := time.Now()
+
+	_, err := database.conn.ExecContext(ctx,
+		`UPDATE channels
+		 SET topic = ?, topic_set_by = ?,
+		     topic_set_at = ?, updated_at = ?
+		 WHERE name = ?`,
+		topic, setBy, now, now, channelName)
+	if err != nil {
+		return fmt.Errorf("set topic meta: %w", err)
+	}
+
+	return nil
+}
+
+// TopicMeta holds topic metadata for a channel.
+type TopicMeta struct {
+	SetBy string
+	SetAt time.Time
+}
+
+// GetTopicMeta returns who set the topic and when.
+func (database *Database) GetTopicMeta(
+	ctx context.Context,
+	channelID int64,
+) (*TopicMeta, error) {
+	var (
+		setBy string
+		setAt sql.NullTime
+	)
+
+	err := database.conn.QueryRowContext(ctx,
+		`SELECT topic_set_by, topic_set_at
+		 FROM channels WHERE id = ?`,
+		channelID,
+	).Scan(&setBy, &setAt)
+	if err != nil {
+		return nil, fmt.Errorf(
+			"get topic meta: %w", err,
+		)
+	}
+
+	if setBy == "" || !setAt.Valid {
+		return nil, nil //nolint:nilnil
+	}
+
+	return &TopicMeta{
+		SetBy: setBy,
+		SetAt: setAt.Time,
+	}, nil
+}
+
+// GetSessionLastSeen returns the last_seen time for a
+// session.
+func (database *Database) GetSessionLastSeen(
+	ctx context.Context,
+	sessionID int64,
+) (time.Time, error) {
+	var lastSeen time.Time
+
+	err := database.conn.QueryRowContext(ctx,
+		"SELECT last_seen FROM sessions WHERE id = ?",
+		sessionID,
+	).Scan(&lastSeen)
+	if err != nil {
+		return time.Time{}, fmt.Errorf(
+			"get session last_seen: %w", err,
+		)
+	}
+
+	return lastSeen, nil
+}
+
 // PruneOldQueueEntries deletes client output queue entries
 // older than cutoff and returns the number of rows removed.
 func (database *Database) PruneOldQueueEntries(

internal/db/schema/001_initial.sql

@@ -8,6 +8,7 @@ CREATE TABLE IF NOT EXISTS sessions (
     nick TEXT NOT NULL UNIQUE,
     password_hash TEXT NOT NULL DEFAULT '',
     signing_key TEXT NOT NULL DEFAULT '',
+    away_message TEXT NOT NULL DEFAULT '',
     created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
     last_seen DATETIME DEFAULT CURRENT_TIMESTAMP
 );
@@ -30,6 +31,8 @@ CREATE TABLE IF NOT EXISTS channels (
     id INTEGER PRIMARY KEY AUTOINCREMENT,
     name TEXT NOT NULL UNIQUE,
     topic TEXT NOT NULL DEFAULT '',
+    topic_set_by TEXT NOT NULL DEFAULT '',
+    topic_set_at DATETIME,
     created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
     updated_at DATETIME DEFAULT CURRENT_TIMESTAMP
 );

internal/handlers/api.go

@@ -11,8 +11,8 @@ import (
 	"time"
 
 	"git.eeqj.de/sneak/neoirc/internal/db"
-	"git.eeqj.de/sneak/neoirc/internal/irc"
+	"git.eeqj.de/sneak/neoirc/pkg/irc"
-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"
 )
 
 var validNickRe = regexp.MustCompile(
@@ -71,11 +71,10 @@ func (hdlr *Handlers) requireAuth(
 	sessionID, clientID, nick, err :=
 		hdlr.authSession(request)
 	if err != nil {
-		hdlr.respondError(
+		hdlr.respondJSON(writer, request, map[string]any{
-			writer, request,
+			"error":   "not registered",
-			"unauthorized",
+			"numeric": irc.ErrNotRegistered,
-			http.StatusUnauthorized,
+		}, http.StatusUnauthorized)
-		)
 
 		return 0, 0, "", false
 	}
@@ -147,7 +146,7 @@ func (hdlr *Handlers) handleCreateSession(
 ) {
 	type createRequest struct {
 		Nick     string `json:"nick"`
-		Hashcash string `json:"hashcash,omitempty"`
+		Hashcash string `json:"pow_token,omitempty"` //nolint:tagliatelle
 	}
 
 	var payload createRequest
@@ -425,12 +424,12 @@ func (hdlr *Handlers) serverName() string {
 func (hdlr *Handlers) enqueueNumeric(
 	ctx context.Context,
 	clientID int64,
-	code int,
+	code irc.IRCMessageType,
 	nick string,
 	params []string,
 	text string,
 ) {
-	command := fmt.Sprintf("%03d", code)
+	command := code.Code()
 
 	body, err := json.Marshal([]string{text})
 	if err != nil {
@@ -837,6 +836,11 @@ func (hdlr *Handlers) dispatchCommand(
 	bodyLines func() []string,
 ) {
 	switch command {
+	case irc.CmdAway:
+		hdlr.handleAway(
+			writer, request,
+			sessionID, clientID, nick, bodyLines,
+		)
 	case irc.CmdPrivmsg, irc.CmdNotice:
 		hdlr.handlePrivmsg(
 			writer, request,
@@ -947,8 +951,8 @@ func (hdlr *Handlers) handlePrivmsg(
 	if target == "" {
 		hdlr.enqueueNumeric(
 			request.Context(), clientID,
-			irc.ErrNeedMoreParams, nick, []string{command},
+			irc.ErrNoRecipient, nick, []string{command},
-			"Not enough parameters",
+			"No recipient given",
 		)
 		hdlr.broker.Notify(sessionID)
 		hdlr.respondJSON(writer, request,
@@ -962,8 +966,8 @@ func (hdlr *Handlers) handlePrivmsg(
 	if len(lines) == 0 {
 		hdlr.enqueueNumeric(
 			request.Context(), clientID,
-			irc.ErrNeedMoreParams, nick, []string{command},
+			irc.ErrNoTextToSend, nick, []string{command},
-			"Not enough parameters",
+			"No text to send",
 		)
 		hdlr.broker.Notify(sessionID)
 		hdlr.respondJSON(writer, request,
@@ -996,7 +1000,7 @@ func (hdlr *Handlers) respondIRCError(
 	writer http.ResponseWriter,
 	request *http.Request,
 	clientID, sessionID int64,
-	code int,
+	code irc.IRCMessageType,
 	nick string,
 	params []string,
 	text string,
@@ -1050,8 +1054,8 @@ func (hdlr *Handlers) handleChannelMsg(
 	if !isMember {
 		hdlr.respondIRCError(
 			writer, request, clientID, sessionID,
-			irc.ErrNotOnChannel, nick, []string{target},
+			irc.ErrCannotSendToChan, nick, []string{target},
-			"You're not on that channel",
+			"Cannot send to channel",
 		)
 
 		return
@@ -1147,6 +1151,19 @@ func (hdlr *Handlers) handleDirectMsg(
 		return
 	}
 
+	// If the target is away, send RPL_AWAY to the sender.
+	awayMsg, awayErr := hdlr.params.Database.GetAway(
+		request.Context(), targetSID,
+	)
+	if awayErr == nil && awayMsg != "" {
+		hdlr.enqueueNumeric(
+			request.Context(), clientID,
+			irc.RplAway, nick,
+			[]string{target}, awayMsg,
+		)
+		hdlr.broker.Notify(sessionID)
+	}
+
 	hdlr.respondJSON(writer, request,
 		map[string]string{"id": msgUUID, "status": "sent"},
 		http.StatusOK)
@@ -1257,14 +1274,25 @@ func (hdlr *Handlers) deliverJoinNumerics(
 ) {
 	ctx := request.Context()
 
-	chInfo, err := hdlr.params.Database.GetChannelByName(
+	hdlr.deliverTopicNumerics(
-		ctx, channel,
+		ctx, clientID, sessionID, nick, channel, chID,
 	)
-	if err == nil {
+
-		_ = chInfo // chInfo is the ID; topic comes from DB.
+	hdlr.deliverNamesNumerics(
+		ctx, clientID, nick, channel, chID,
+	)
+
+	hdlr.broker.Notify(sessionID)
 }
 
-	// Get topic from channel info.
+// deliverTopicNumerics sends RPL_TOPIC or RPL_NOTOPIC,
+// plus RPL_TOPICWHOTIME when topic metadata is available.
+func (hdlr *Handlers) deliverTopicNumerics(
+	ctx context.Context,
+	clientID, sessionID int64,
+	nick, channel string,
+	chID int64,
+) {
 	channels, listErr := hdlr.params.Database.ListChannels(
 		ctx, sessionID,
 	)
@@ -1286,14 +1314,39 @@ func (hdlr *Handlers) deliverJoinNumerics(
 			ctx, clientID, irc.RplTopic, nick,
 			[]string{channel}, topic,
 		)
+
+		topicMeta, tmErr := hdlr.params.Database.
+			GetTopicMeta(ctx, chID)
+		if tmErr == nil && topicMeta != nil {
+			hdlr.enqueueNumeric(
+				ctx, clientID,
+				irc.RplTopicWhoTime, nick,
+				[]string{
+					channel,
+					topicMeta.SetBy,
+					strconv.FormatInt(
+						topicMeta.SetAt.Unix(), 10,
+					),
+				},
+				"",
+			)
+		}
 	} else {
 		hdlr.enqueueNumeric(
 			ctx, clientID, irc.RplNoTopic, nick,
 			[]string{channel}, "No topic is set",
 		)
 	}
+}
 
-	// Get member list for NAMES reply.
+// deliverNamesNumerics sends RPL_NAMREPLY and
+// RPL_ENDOFNAMES for a channel.
+func (hdlr *Handlers) deliverNamesNumerics(
+	ctx context.Context,
+	clientID int64,
+	nick, channel string,
+	chID int64,
+) {
 	members, memErr := hdlr.params.Database.ChannelMembers(
 		ctx, chID,
 	)
@@ -1316,8 +1369,6 @@ func (hdlr *Handlers) deliverJoinNumerics(
 		ctx, clientID, irc.RplEndOfNames, nick,
 		[]string{channel}, "End of /NAMES list",
 	)
-
-	hdlr.broker.Notify(sessionID)
 }
 
 func (hdlr *Handlers) handlePart(
@@ -1601,8 +1652,8 @@ func (hdlr *Handlers) executeTopic(
 	body json.RawMessage,
 	chID int64,
 ) {
-	setErr := hdlr.params.Database.SetTopic(
+	setErr := hdlr.params.Database.SetTopicMeta(
-		request.Context(), channel, topic,
+		request.Context(), channel, topic, nick,
 	)
 	if setErr != nil {
 		hdlr.log.Error(
@@ -1629,6 +1680,25 @@ func (hdlr *Handlers) executeTopic(
 		request.Context(), clientID,
 		irc.RplTopic, nick, []string{channel}, topic,
 	)
+
+	// 333 RPL_TOPICWHOTIME
+	topicMeta, tmErr := hdlr.params.Database.
+		GetTopicMeta(request.Context(), chID)
+	if tmErr == nil && topicMeta != nil {
+		hdlr.enqueueNumeric(
+			request.Context(), clientID,
+			irc.RplTopicWhoTime, nick,
+			[]string{
+				channel,
+				topicMeta.SetBy,
+				strconv.FormatInt(
+					topicMeta.SetAt.Unix(), 10,
+				),
+			},
+			"",
+		)
+	}
+
 	hdlr.broker.Notify(sessionID)
 
 	hdlr.respondJSON(writer, request,
@@ -2018,6 +2088,11 @@ func (hdlr *Handlers) executeWhois(
 		"neoirc server",
 	)
 
+	// 317 RPL_WHOISIDLE
+	hdlr.deliverWhoisIdle(
+		ctx, clientID, nick, queryNick, targetSID,
+	)
+
 	// 319 RPL_WHOISCHANNELS
 	hdlr.deliverWhoisChannels(
 		ctx, clientID, nick, queryNick, targetSID,
@@ -2435,3 +2510,95 @@ func (hdlr *Handlers) HandleServerInfo() http.HandlerFunc {
 		)
 	}
 }
+
+// handleAway handles the AWAY command. An empty body
+// clears the away status; a non-empty body sets it.
+func (hdlr *Handlers) handleAway(
+	writer http.ResponseWriter,
+	request *http.Request,
+	sessionID, clientID int64,
+	nick string,
+	bodyLines func() []string,
+) {
+	ctx := request.Context()
+
+	lines := bodyLines()
+
+	awayMsg := ""
+	if len(lines) > 0 {
+		awayMsg = strings.Join(lines, " ")
+	}
+
+	err := hdlr.params.Database.SetAway(
+		ctx, sessionID, awayMsg,
+	)
+	if err != nil {
+		hdlr.log.Error("set away failed", "error", err)
+		hdlr.respondError(
+			writer, request,
+			"internal error",
+			http.StatusInternalServerError,
+		)
+
+		return
+	}
+
+	if awayMsg == "" {
+		// 305 RPL_UNAWAY
+		hdlr.enqueueNumeric(
+			ctx, clientID, irc.RplUnaway, nick, nil,
+			"You are no longer marked as being away",
+		)
+	} else {
+		// 306 RPL_NOWAWAY
+		hdlr.enqueueNumeric(
+			ctx, clientID, irc.RplNowAway, nick, nil,
+			"You have been marked as being away",
+		)
+	}
+
+	hdlr.broker.Notify(sessionID)
+	hdlr.respondJSON(writer, request,
+		map[string]string{"status": "ok"},
+		http.StatusOK)
+}
+
+// deliverWhoisIdle sends RPL_WHOISIDLE (317) with idle
+// time and signon time.
+func (hdlr *Handlers) deliverWhoisIdle(
+	ctx context.Context,
+	clientID int64,
+	nick, queryNick string,
+	targetSID int64,
+) {
+	lastSeen, lsErr := hdlr.params.Database.
+		GetSessionLastSeen(ctx, targetSID)
+	if lsErr != nil {
+		return
+	}
+
+	createdAt, caErr := hdlr.params.Database.
+		GetSessionCreatedAt(ctx, targetSID)
+	if caErr != nil {
+		return
+	}
+
+	idleSeconds := int64(time.Since(lastSeen).Seconds())
+	if idleSeconds < 0 {
+		idleSeconds = 0
+	}
+
+	signonUnix := strconv.FormatInt(
+		createdAt.Unix(), 10,
+	)
+
+	hdlr.enqueueNumeric(
+		ctx, clientID, irc.RplWhoisIdle, nick,
+		[]string{
+			queryNick,
+			strconv.FormatInt(idleSeconds, 10),
+			signonUnix,
+		},
+		"seconds idle, signon time",
+	)
+}

internal/handlers/api_test.go

@@ -811,9 +811,9 @@ func TestMessageMissingBody(t *testing.T) {
 
 	msgs, _ := tserver.pollMessages(token, lastID)
 
-	if !findNumeric(msgs, "461") {
+	if !findNumeric(msgs, "412") {
 		t.Fatalf(
-			"expected ERR_NEEDMOREPARAMS (461), got %v",
+			"expected ERR_NOTEXTTOSEND (412), got %v",
 			msgs,
 		)
 	}
@@ -835,9 +835,9 @@ func TestMessageMissingTo(t *testing.T) {
 
 	msgs, _ := tserver.pollMessages(token, lastID)
 
-	if !findNumeric(msgs, "461") {
+	if !findNumeric(msgs, "411") {
 		t.Fatalf(
-			"expected ERR_NEEDMOREPARAMS (461), got %v",
+			"expected ERR_NORECIPIENT (411), got %v",
 			msgs,
 		)
 	}
@@ -870,9 +870,9 @@ func TestNonMemberCannotSend(t *testing.T) {
 
 	msgs, _ := tserver.pollMessages(aliceToken, lastID)
 
-	if !findNumeric(msgs, "442") {
+	if !findNumeric(msgs, "404") {
 		t.Fatalf(
-			"expected ERR_NOTONCHANNEL (442), got %v",
+			"expected ERR_CANNOTSENDTOCHAN (404), got %v",
 			msgs,
 		)
 	}

internal/hashcash/hashcash_test.go

@@ -0,0 +1,261 @@
+package hashcash_test
+
+import (
+	"crypto/rand"
+	"crypto/sha256"
+	"encoding/hex"
+	"fmt"
+	"math/big"
+	"testing"
+	"time"
+
+	"git.eeqj.de/sneak/neoirc/internal/hashcash"
+)
+
+const testBits = 2
+
+// mintStampWithDate creates a valid hashcash stamp using
+// the given date string.
+func mintStampWithDate(
+	tb testing.TB,
+	bits int,
+	resource string,
+	date string,
+) string {
+	tb.Helper()
+
+	prefix := fmt.Sprintf(
+		"1:%d:%s:%s::", bits, date, resource,
+	)
+
+	for {
+		counterVal, err := rand.Int(
+			rand.Reader, big.NewInt(1<<48),
+		)
+		if err != nil {
+			tb.Fatalf("random counter: %v", err)
+		}
+
+		stamp := prefix + hex.EncodeToString(
+			counterVal.Bytes(),
+		)
+		hash := sha256.Sum256([]byte(stamp))
+
+		if hasLeadingZeroBits(hash[:], bits) {
+			return stamp
+		}
+	}
+}
+
+// hasLeadingZeroBits checks if hash has at least numBits
+// leading zero bits. Duplicated here for test minting.
+func hasLeadingZeroBits(
+	hash []byte,
+	numBits int,
+) bool {
+	fullBytes := numBits / 8
+	remainBits := numBits % 8
+
+	for idx := range fullBytes {
+		if hash[idx] != 0 {
+			return false
+		}
+	}
+
+	if remainBits > 0 && fullBytes < len(hash) {
+		mask := byte(0xFF << (8 - remainBits))
+
+		if hash[fullBytes]&mask != 0 {
+			return false
+		}
+	}
+
+	return true
+}
+
+func todayDate() string {
+	return time.Now().UTC().Format("060102")
+}
+
+func TestMintAndValidate(t *testing.T) {
+	t.Parallel()
+
+	validator := hashcash.NewValidator("test-resource")
+	stamp := mintStampWithDate(
+		t, testBits, "test-resource", todayDate(),
+	)
+
+	err := validator.Validate(stamp, testBits)
+	if err != nil {
+		t.Fatalf("valid stamp rejected: %v", err)
+	}
+}
+
+func TestReplayDetection(t *testing.T) {
+	t.Parallel()
+
+	validator := hashcash.NewValidator("test-resource")
+	stamp := mintStampWithDate(
+		t, testBits, "test-resource", todayDate(),
+	)
+
+	err := validator.Validate(stamp, testBits)
+	if err != nil {
+		t.Fatalf("first use failed: %v", err)
+	}
+
+	err = validator.Validate(stamp, testBits)
+	if err == nil {
+		t.Fatal("replay not detected")
+	}
+}
+
+func TestResourceMismatch(t *testing.T) {
+	t.Parallel()
+
+	validator := hashcash.NewValidator("correct-resource")
+	stamp := mintStampWithDate(
+		t, testBits, "wrong-resource", todayDate(),
+	)
+
+	err := validator.Validate(stamp, testBits)
+	if err == nil {
+		t.Fatal("expected resource mismatch error")
+	}
+}
+
+func TestInvalidStampFormat(t *testing.T) {
+	t.Parallel()
+
+	validator := hashcash.NewValidator("test-resource")
+
+	err := validator.Validate(
+		"not:a:valid:stamp", testBits,
+	)
+	if err == nil {
+		t.Fatal("expected error for bad format")
+	}
+}
+
+func TestBadVersion(t *testing.T) {
+	t.Parallel()
+
+	validator := hashcash.NewValidator("test-resource")
+	stamp := fmt.Sprintf(
+		"2:%d:%s:%s::abc123",
+		testBits, todayDate(), "test-resource",
+	)
+
+	err := validator.Validate(stamp, testBits)
+	if err == nil {
+		t.Fatal("expected bad version error")
+	}
+}
+
+func TestInsufficientDifficulty(t *testing.T) {
+	t.Parallel()
+
+	validator := hashcash.NewValidator("test-resource")
+	// Claimed bits=1, but we require testBits=2.
+	stamp := fmt.Sprintf(
+		"1:1:%s:%s::counter",
+		todayDate(), "test-resource",
+	)
+
+	err := validator.Validate(stamp, testBits)
+	if err == nil {
+		t.Fatal("expected insufficient bits error")
+	}
+}
+
+func TestExpiredStamp(t *testing.T) {
+	t.Parallel()
+
+	validator := hashcash.NewValidator("test-resource")
+	oldDate := time.Now().Add(-72 * time.Hour).
+		UTC().Format("060102")
+	stamp := mintStampWithDate(
+		t, testBits, "test-resource", oldDate,
+	)
+
+	err := validator.Validate(stamp, testBits)
+	if err == nil {
+		t.Fatal("expected expired stamp error")
+	}
+}
+
+func TestZeroBitsSkipsValidation(t *testing.T) {
+	t.Parallel()
+
+	validator := hashcash.NewValidator("test-resource")
+
+	err := validator.Validate("garbage", 0)
+	if err != nil {
+		t.Fatalf("zero bits should skip: %v", err)
+	}
+}
+
+func TestLongDateFormat(t *testing.T) {
+	t.Parallel()
+
+	validator := hashcash.NewValidator("test-resource")
+	longDate := time.Now().UTC().Format("060102150405")
+	stamp := mintStampWithDate(
+		t, testBits, "test-resource", longDate,
+	)
+
+	err := validator.Validate(stamp, testBits)
+	if err != nil {
+		t.Fatalf("long date stamp rejected: %v", err)
+	}
+}
+
+func TestBadDateFormat(t *testing.T) {
+	t.Parallel()
+
+	validator := hashcash.NewValidator("test-resource")
+	stamp := fmt.Sprintf(
+		"1:%d:BADDATE:%s::counter",
+		testBits, "test-resource",
+	)
+
+	err := validator.Validate(stamp, testBits)
+	if err == nil {
+		t.Fatal("expected bad date error")
+	}
+}
+
+func TestMultipleUniqueStamps(t *testing.T) {
+	t.Parallel()
+
+	validator := hashcash.NewValidator("test-resource")
+
+	for range 5 {
+		stamp := mintStampWithDate(
+			t, testBits, "test-resource", todayDate(),
+		)
+
+		err := validator.Validate(stamp, testBits)
+		if err != nil {
+			t.Fatalf("unique stamp rejected: %v", err)
+		}
+	}
+}
+
+func TestHigherBitsStillValid(t *testing.T) {
+	t.Parallel()
+
+	// Mint with bits=4 but validate requiring only 2.
+	validator := hashcash.NewValidator("test-resource")
+	stamp := mintStampWithDate(
+		t, 4, "test-resource", todayDate(),
+	)
+
+	err := validator.Validate(stamp, testBits)
+	if err != nil {
+		t.Fatalf(
+			"higher-difficulty stamp rejected: %v",
+			err,
+		)
+	}
+}

internal/irc/numerics.go

@@ -1,150 +0,0 @@
-// Package irc provides constants and utilities for the
-// IRC protocol, including numeric reply codes from
-// RFC 1459 and RFC 2812, and standard command names.
-package irc
-
-// Connection registration replies (001-005).
-const (
-	RplWelcome  = 1
-	RplYourHost = 2
-	RplCreated  = 3
-	RplMyInfo   = 4
-	RplIsupport = 5
-)
-
-// Command responses (200-399).
-const (
-	RplUmodeIs       = 221
-	RplLuserClient   = 251
-	RplLuserOp       = 252
-	RplLuserUnknown  = 253
-	RplLuserChannels = 254
-	RplLuserMe       = 255
-	RplAway          = 301
-	RplUserHost      = 302
-	RplIson          = 303
-	RplUnaway        = 305
-	RplNowAway       = 306
-	RplWhoisUser     = 311
-	RplWhoisServer   = 312
-	RplWhoisOperator = 313
-	RplEndOfWho      = 315
-	RplWhoisIdle     = 317
-	RplEndOfWhois    = 318
-	RplWhoisChannels = 319
-	RplList          = 322
-	RplListEnd       = 323
-	RplChannelModeIs = 324
-	RplCreationTime  = 329
-	RplNoTopic       = 331
-	RplTopic         = 332
-	RplTopicWhoTime  = 333
-	RplInviting      = 341
-	RplWhoReply      = 352
-	RplNamReply      = 353
-	RplEndOfNames    = 366
-	RplBanList       = 367
-	RplEndOfBanList  = 368
-	RplMotd          = 372
-	RplMotdStart     = 375
-	RplEndOfMotd     = 376
-)
-
-// Error replies (400-599).
-const (
-	ErrNoSuchNick        = 401
-	ErrNoSuchServer      = 402
-	ErrNoSuchChannel     = 403
-	ErrCannotSendToChan  = 404
-	ErrTooManyChannels   = 405
-	ErrNoRecipient       = 411
-	ErrNoTextToSend      = 412
-	ErrUnknownCommand    = 421
-	ErrNoNicknameGiven   = 431
-	ErrErroneusNickname  = 432
-	ErrNicknameInUse     = 433
-	ErrUserNotInChannel  = 441
-	ErrNotOnChannel      = 442
-	ErrNotRegistered     = 451
-	ErrNeedMoreParams    = 461
-	ErrAlreadyRegistered = 462
-	ErrChannelIsFull     = 471
-	ErrInviteOnlyChan    = 473
-	ErrBannedFromChan    = 474
-	ErrBadChannelKey     = 475
-	ErrChanOpPrivsNeeded = 482
-)
-
-// names maps numeric codes to their standard IRC names.
-//
-//nolint:gochecknoglobals
-var names = map[int]string{
-	RplWelcome:       "RPL_WELCOME",
-	RplYourHost:      "RPL_YOURHOST",
-	RplCreated:       "RPL_CREATED",
-	RplMyInfo:        "RPL_MYINFO",
-	RplIsupport:      "RPL_ISUPPORT",
-	RplUmodeIs:       "RPL_UMODEIS",
-	RplLuserClient:   "RPL_LUSERCLIENT",
-	RplLuserOp:       "RPL_LUSEROP",
-	RplLuserUnknown:  "RPL_LUSERUNKNOWN",
-	RplLuserChannels: "RPL_LUSERCHANNELS",
-	RplLuserMe:       "RPL_LUSERME",
-	RplAway:          "RPL_AWAY",
-	RplUserHost:      "RPL_USERHOST",
-	RplIson:          "RPL_ISON",
-	RplUnaway:        "RPL_UNAWAY",
-	RplNowAway:       "RPL_NOWAWAY",
-	RplWhoisUser:     "RPL_WHOISUSER",
-	RplWhoisServer:   "RPL_WHOISSERVER",
-	RplWhoisOperator: "RPL_WHOISOPERATOR",
-	RplEndOfWho:      "RPL_ENDOFWHO",
-	RplWhoisIdle:     "RPL_WHOISIDLE",
-	RplEndOfWhois:    "RPL_ENDOFWHOIS",
-	RplWhoisChannels: "RPL_WHOISCHANNELS",
-	RplList:          "RPL_LIST",
-	RplListEnd:       "RPL_LISTEND", //nolint:misspell
-	RplChannelModeIs: "RPL_CHANNELMODEIS",
-	RplCreationTime:  "RPL_CREATIONTIME",
-	RplNoTopic:       "RPL_NOTOPIC",
-	RplTopic:         "RPL_TOPIC",
-	RplTopicWhoTime:  "RPL_TOPICWHOTIME",
-	RplInviting:      "RPL_INVITING",
-	RplWhoReply:      "RPL_WHOREPLY",
-	RplNamReply:      "RPL_NAMREPLY",
-	RplEndOfNames:    "RPL_ENDOFNAMES",
-	RplBanList:       "RPL_BANLIST",
-	RplEndOfBanList:  "RPL_ENDOFBANLIST",
-	RplMotd:          "RPL_MOTD",
-	RplMotdStart:     "RPL_MOTDSTART",
-	RplEndOfMotd:     "RPL_ENDOFMOTD",
-
-	ErrNoSuchNick:        "ERR_NOSUCHNICK",
-	ErrNoSuchServer:      "ERR_NOSUCHSERVER",
-	ErrNoSuchChannel:     "ERR_NOSUCHCHANNEL",
-	ErrCannotSendToChan:  "ERR_CANNOTSENDTOCHAN",
-	ErrTooManyChannels:   "ERR_TOOMANYCHANNELS",
-	ErrNoRecipient:       "ERR_NORECIPIENT",
-	ErrNoTextToSend:      "ERR_NOTEXTTOSEND",
-	ErrUnknownCommand:    "ERR_UNKNOWNCOMMAND",
-	ErrNoNicknameGiven:   "ERR_NONICKNAMEGIVEN",
-	ErrErroneusNickname:  "ERR_ERRONEUSNICKNAME",
-	ErrNicknameInUse:     "ERR_NICKNAMEINUSE",
-	ErrUserNotInChannel:  "ERR_USERNOTINCHANNEL",
-	ErrNotOnChannel:      "ERR_NOTONCHANNEL",
-	ErrNotRegistered:     "ERR_NOTREGISTERED",
-	ErrNeedMoreParams:    "ERR_NEEDMOREPARAMS",
-	ErrAlreadyRegistered: "ERR_ALREADYREGISTERED",
-	ErrChannelIsFull:     "ERR_CHANNELISFULL",
-	ErrInviteOnlyChan:    "ERR_INVITEONLYCHAN",
-	ErrBannedFromChan:    "ERR_BANNEDFROMCHAN",
-	ErrBadChannelKey:     "ERR_BADCHANNELKEY",
-	ErrChanOpPrivsNeeded: "ERR_CHANOPRIVSNEEDED",
-}
-
-// Name returns the standard IRC name for a numeric code
-// (e.g., Name(2) returns "RPL_YOURHOST"). Returns an
-// empty string if the code is unknown.
-func Name(code int) string {
-	return names[code]
-}

internal/middleware/middleware.go

@@ -11,7 +11,7 @@ import (
 	"git.eeqj.de/sneak/neoirc/internal/globals"
 	"git.eeqj.de/sneak/neoirc/internal/logger"
 	basicauth "github.com/99designs/basicauth-go"
-	chimw "github.com/go-chi/chi/middleware"
+	chimw "github.com/go-chi/chi/v5/middleware"
 	"github.com/go-chi/cors"
 	metrics "github.com/slok/go-http-metrics/metrics/prometheus"
 	ghmm "github.com/slok/go-http-metrics/middleware"

internal/server/routes.go

@@ -8,8 +8,8 @@ import (
 	"git.eeqj.de/sneak/neoirc/web"
 
 	sentryhttp "github.com/getsentry/sentry-go/http"
-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"
-	"github.com/go-chi/chi/middleware"
+	"github.com/go-chi/chi/v5/middleware"
 	"github.com/prometheus/client_golang/prometheus/promhttp"
 	"github.com/spf13/viper"
 )

internal/server/server.go

@@ -20,7 +20,7 @@ import (
 	"go.uber.org/fx"
 
 	"github.com/getsentry/sentry-go"
-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"
 
 	_ "github.com/joho/godotenv/autoload" // loads .env file
 )

pkg/irc/commands.go

@@ -2,6 +2,7 @@ package irc
 
 // IRC command names (RFC 1459 / RFC 2812).
 const (
+	CmdAway    = "AWAY"
 	CmdJoin    = "JOIN"
 	CmdList    = "LIST"
 	CmdLusers  = "LUSERS"

pkg/irc/numerics.go

@@ -0,0 +1,391 @@
+// Package irc provides constants and utilities for the
+// IRC protocol, including numeric reply codes from
+// RFC 1459 and RFC 2812, and standard command names.
+package irc
+
+import (
+	"errors"
+	"fmt"
+)
+
+// IRCMessageType represents an IRC numeric reply or error code.
+type IRCMessageType int //nolint:revive // Name requested by project owner.
+
+// Name returns the standard IRC name for this numeric code
+// (e.g., IRCMessageType(252).Name() returns "RPL_LUSEROP").
+// Returns an empty string if the code is unknown.
+func (t IRCMessageType) Name() string {
+	return names[t]
+}
+
+// String returns the name and numeric code in angle brackets
+// (e.g., IRCMessageType(252).String() returns "RPL_LUSEROP <252>").
+// If the code is unknown, returns "UNKNOWN <NNN>".
+func (t IRCMessageType) String() string {
+	n := names[t]
+	if n == "" {
+		n = "UNKNOWN"
+	}
+
+	return fmt.Sprintf("%s <%03d>", n, int(t))
+}
+
+// Code returns the three-digit zero-padded string representation
+// of the numeric code (e.g., IRCMessageType(252).Code() returns "252").
+func (t IRCMessageType) Code() string {
+	return fmt.Sprintf("%03d", int(t))
+}
+
+// Int returns the bare integer value of the numeric code.
+func (t IRCMessageType) Int() int {
+	return int(t)
+}
+
+// ErrUnknownNumeric is returned by FromInt when the numeric code is not recognized.
+var ErrUnknownNumeric = errors.New("unknown IRC numeric code")
+
+// FromInt converts an integer to an IRCMessageType, returning an error
+// if the numeric code is not a known IRC reply or error code.
+func FromInt(n int) (IRCMessageType, error) {
+	t := IRCMessageType(n)
+	if _, ok := names[t]; !ok {
+		return 0, fmt.Errorf("%w: %d", ErrUnknownNumeric, n)
+	}
+
+	return t, nil
+}
+
+// Connection registration replies (001-005).
+const (
+	RplWelcome  IRCMessageType = 1
+	RplYourHost IRCMessageType = 2
+	RplCreated  IRCMessageType = 3
+	RplMyInfo   IRCMessageType = 4
+	RplBounce   IRCMessageType = 5 // RFC 2812; also known as RPL_ISUPPORT in practice
+	RplIsupport IRCMessageType = 5 // De-facto standard (same numeric as RplBounce)
+)
+
+// Command responses (200-399).
+const (
+	// RFC 2812 trace/stats/links replies (200-219).
+	RplTraceLink       IRCMessageType = 200
+	RplTraceConnecting IRCMessageType = 201
+	RplTraceHandshake  IRCMessageType = 202
+	RplTraceUnknown    IRCMessageType = 203
+	RplTraceOperator   IRCMessageType = 204
+	RplTraceUser       IRCMessageType = 205
+	RplTraceServer     IRCMessageType = 206
+	RplTraceService    IRCMessageType = 207
+	RplTraceNewType    IRCMessageType = 208
+	RplTraceClass      IRCMessageType = 209
+	RplStatsLinkInfo   IRCMessageType = 211
+	RplStatsCommands   IRCMessageType = 212
+	RplStatsCLine      IRCMessageType = 213
+	RplStatsNLine      IRCMessageType = 214
+	RplStatsILine      IRCMessageType = 215
+	RplStatsKLine      IRCMessageType = 216
+	RplStatsQLine      IRCMessageType = 217
+	RplStatsYLine      IRCMessageType = 218
+	RplEndOfStats      IRCMessageType = 219
+
+	RplUmodeIs      IRCMessageType = 221
+	RplServList     IRCMessageType = 234
+	RplServListEnd  IRCMessageType = 235
+	RplStatsLLine   IRCMessageType = 241
+	RplStatsUptime  IRCMessageType = 242
+	RplStatsOLine   IRCMessageType = 243
+	RplStatsHLine   IRCMessageType = 244
+	RplLuserClient  IRCMessageType = 251
+	RplLuserOp      IRCMessageType = 252
+	RplLuserUnknown IRCMessageType = 253
+
+	RplLuserChannels IRCMessageType = 254
+	RplLuserMe       IRCMessageType = 255
+	RplAdminMe       IRCMessageType = 256
+	RplAdminLoc1     IRCMessageType = 257
+	RplAdminLoc2     IRCMessageType = 258
+	RplAdminEmail    IRCMessageType = 259
+	RplTraceLog      IRCMessageType = 261
+	RplTraceEnd      IRCMessageType = 262
+	RplTryAgain      IRCMessageType = 263
+
+	RplAway          IRCMessageType = 301
+	RplUserHost      IRCMessageType = 302
+	RplIson          IRCMessageType = 303
+	RplUnaway        IRCMessageType = 305
+	RplNowAway       IRCMessageType = 306
+	RplWhoisUser     IRCMessageType = 311
+	RplWhoisServer   IRCMessageType = 312
+	RplWhoisOperator IRCMessageType = 313
+	RplWhoWasUser    IRCMessageType = 314
+	RplEndOfWho      IRCMessageType = 315
+	RplWhoisIdle     IRCMessageType = 317
+	RplEndOfWhois    IRCMessageType = 318
+	RplWhoisChannels IRCMessageType = 319
+	RplListStart     IRCMessageType = 321
+	RplList          IRCMessageType = 322
+	RplListEnd       IRCMessageType = 323
+	RplChannelModeIs IRCMessageType = 324
+
+	RplUniqOpIs        IRCMessageType = 325
+	RplCreationTime    IRCMessageType = 329
+	RplNoTopic         IRCMessageType = 331
+	RplTopic           IRCMessageType = 332
+	RplTopicWhoTime    IRCMessageType = 333
+	RplInviting        IRCMessageType = 341
+	RplSummoning       IRCMessageType = 342
+	RplInviteList      IRCMessageType = 346
+	RplEndOfInviteList IRCMessageType = 347
+	RplExceptList      IRCMessageType = 348
+	RplEndOfExceptList IRCMessageType = 349
+	RplVersion         IRCMessageType = 351
+	RplWhoReply        IRCMessageType = 352
+	RplNamReply        IRCMessageType = 353
+	RplLinks           IRCMessageType = 364
+	RplEndOfLinks      IRCMessageType = 365
+	RplEndOfNames      IRCMessageType = 366
+	RplBanList         IRCMessageType = 367
+	RplEndOfBanList    IRCMessageType = 368
+	RplEndOfWhowas     IRCMessageType = 369
+	RplInfo            IRCMessageType = 371
+	RplMotd            IRCMessageType = 372
+	RplEndOfInfo       IRCMessageType = 374
+	RplMotdStart       IRCMessageType = 375
+	RplEndOfMotd       IRCMessageType = 376
+	RplYoureOper       IRCMessageType = 381
+	RplRehashing       IRCMessageType = 382
+	RplYoureService    IRCMessageType = 383
+	RplTime            IRCMessageType = 391
+	RplUsersStart      IRCMessageType = 392
+	RplUsers           IRCMessageType = 393
+	RplEndOfUsers      IRCMessageType = 394
+	RplNoUsers         IRCMessageType = 395
+)
+
+// Error replies (400-599).
+const (
+	ErrNoSuchNick       IRCMessageType = 401
+	ErrNoSuchServer     IRCMessageType = 402
+	ErrNoSuchChannel    IRCMessageType = 403
+	ErrCannotSendToChan IRCMessageType = 404
+	ErrTooManyChannels  IRCMessageType = 405
+	ErrWasNoSuchNick    IRCMessageType = 406
+	ErrTooManyTargets   IRCMessageType = 407
+	ErrNoSuchService    IRCMessageType = 408
+	ErrNoOrigin         IRCMessageType = 409
+	ErrNoRecipient      IRCMessageType = 411
+	ErrNoTextToSend     IRCMessageType = 412
+	ErrNoTopLevel       IRCMessageType = 413
+	ErrWildTopLevel     IRCMessageType = 414
+	ErrBadMask          IRCMessageType = 415
+	ErrUnknownCommand   IRCMessageType = 421
+	ErrNoMotd           IRCMessageType = 422
+	ErrNoAdminInfo      IRCMessageType = 423
+	ErrFileError        IRCMessageType = 424
+	ErrNoNicknameGiven  IRCMessageType = 431
+	ErrErroneusNickname IRCMessageType = 432
+	ErrNicknameInUse    IRCMessageType = 433
+	ErrNickCollision    IRCMessageType = 436
+	ErrUnavailResource  IRCMessageType = 437
+
+	ErrUserNotInChannel  IRCMessageType = 441
+	ErrNotOnChannel      IRCMessageType = 442
+	ErrUserOnChannel     IRCMessageType = 443
+	ErrNoLogin           IRCMessageType = 444
+	ErrSummonDisabled    IRCMessageType = 445
+	ErrUsersDisabled     IRCMessageType = 446
+	ErrNotRegistered     IRCMessageType = 451
+	ErrNeedMoreParams    IRCMessageType = 461
+	ErrAlreadyRegistered IRCMessageType = 462
+	ErrNoPermForHost     IRCMessageType = 463
+	ErrPasswdMismatch    IRCMessageType = 464
+	ErrYoureBannedCreep  IRCMessageType = 465
+	ErrYouWillBeBanned   IRCMessageType = 466
+	ErrKeySet            IRCMessageType = 467
+	ErrChannelIsFull     IRCMessageType = 471
+	ErrUnknownMode       IRCMessageType = 472
+	ErrInviteOnlyChan    IRCMessageType = 473
+	ErrBannedFromChan    IRCMessageType = 474
+	ErrBadChannelKey     IRCMessageType = 475
+	ErrBadChanMask       IRCMessageType = 476
+	ErrNoChanModes       IRCMessageType = 477
+	ErrBanListFull       IRCMessageType = 478
+	ErrNoPrivileges      IRCMessageType = 481
+	ErrChanOpPrivsNeeded IRCMessageType = 482
+	ErrCantKillServer    IRCMessageType = 483
+	ErrRestricted        IRCMessageType = 484
+	ErrUniqOpPrivsNeeded IRCMessageType = 485
+	ErrNoOperHost        IRCMessageType = 491
+
+	ErrUmodeUnknownFlag IRCMessageType = 501
+	ErrUsersDoNotMatch  IRCMessageType = 502
+)
+
+// names maps numeric codes to their standard IRC names.
+//
+//nolint:gochecknoglobals
+var names = map[IRCMessageType]string{
+	RplWelcome:  "RPL_WELCOME",
+	RplYourHost: "RPL_YOURHOST",
+	RplCreated:  "RPL_CREATED",
+	RplMyInfo:   "RPL_MYINFO",
+	RplBounce:   "RPL_BOUNCE",
+
+	RplTraceLink:       "RPL_TRACELINK",
+	RplTraceConnecting: "RPL_TRACECONNECTING",
+	RplTraceHandshake:  "RPL_TRACEHANDSHAKE",
+	RplTraceUnknown:    "RPL_TRACEUNKNOWN",
+	RplTraceOperator:   "RPL_TRACEOPERATOR",
+	RplTraceUser:       "RPL_TRACEUSER",
+	RplTraceServer:     "RPL_TRACESERVER",
+	RplTraceService:    "RPL_TRACESERVICE",
+	RplTraceNewType:    "RPL_TRACENEWTYPE",
+	RplTraceClass:      "RPL_TRACECLASS",
+	RplStatsLinkInfo:   "RPL_STATSLINKINFO",
+	RplStatsCommands:   "RPL_STATSCOMMANDS",
+	RplStatsCLine:      "RPL_STATSCLINE",
+	RplStatsNLine:      "RPL_STATSNLINE",
+	RplStatsILine:      "RPL_STATSILINE",
+	RplStatsKLine:      "RPL_STATSKLINE",
+	RplStatsQLine:      "RPL_STATSQLINE",
+	RplStatsYLine:      "RPL_STATSYLINE",
+	RplEndOfStats:      "RPL_ENDOFSTATS",
+
+	RplUmodeIs:      "RPL_UMODEIS",
+	RplServList:     "RPL_SERVLIST",
+	RplServListEnd:  "RPL_SERVLISTEND",
+	RplStatsLLine:   "RPL_STATSLLINE",
+	RplStatsUptime:  "RPL_STATSUPTIME",
+	RplStatsOLine:   "RPL_STATSOLINE",
+	RplStatsHLine:   "RPL_STATSHLINE",
+	RplLuserClient:  "RPL_LUSERCLIENT",
+	RplLuserOp:      "RPL_LUSEROP",
+	RplLuserUnknown: "RPL_LUSERUNKNOWN",
+
+	RplLuserChannels: "RPL_LUSERCHANNELS",
+	RplLuserMe:       "RPL_LUSERME",
+	RplAdminMe:       "RPL_ADMINME",
+	RplAdminLoc1:     "RPL_ADMINLOC1",
+	RplAdminLoc2:     "RPL_ADMINLOC2",
+	RplAdminEmail:    "RPL_ADMINEMAIL",
+	RplTraceLog:      "RPL_TRACELOG",
+	RplTraceEnd:      "RPL_TRACEEND",
+	RplTryAgain:      "RPL_TRYAGAIN",
+
+	RplAway:          "RPL_AWAY",
+	RplUserHost:      "RPL_USERHOST",
+	RplIson:          "RPL_ISON",
+	RplUnaway:        "RPL_UNAWAY",
+	RplNowAway:       "RPL_NOWAWAY",
+	RplWhoisUser:     "RPL_WHOISUSER",
+	RplWhoisServer:   "RPL_WHOISSERVER",
+	RplWhoisOperator: "RPL_WHOISOPERATOR",
+	RplWhoWasUser:    "RPL_WHOWASUSER",
+	RplEndOfWho:      "RPL_ENDOFWHO",
+	RplWhoisIdle:     "RPL_WHOISIDLE",
+	RplEndOfWhois:    "RPL_ENDOFWHOIS",
+	RplWhoisChannels: "RPL_WHOISCHANNELS",
+	RplListStart:     "RPL_LISTSTART",
+	RplList:          "RPL_LIST",
+	RplListEnd:       "RPL_LISTEND", //nolint:misspell
+	RplChannelModeIs: "RPL_CHANNELMODEIS",
+
+	RplUniqOpIs:        "RPL_UNIQOPIS",
+	RplCreationTime:    "RPL_CREATIONTIME",
+	RplNoTopic:         "RPL_NOTOPIC",
+	RplTopic:           "RPL_TOPIC",
+	RplTopicWhoTime:    "RPL_TOPICWHOTIME",
+	RplInviting:        "RPL_INVITING",
+	RplSummoning:       "RPL_SUMMONING",
+	RplInviteList:      "RPL_INVITELIST",
+	RplEndOfInviteList: "RPL_ENDOFINVITELIST",
+	RplExceptList:      "RPL_EXCEPTLIST",
+	RplEndOfExceptList: "RPL_ENDOFEXCEPTLIST",
+	RplVersion:         "RPL_VERSION",
+	RplWhoReply:        "RPL_WHOREPLY",
+	RplNamReply:        "RPL_NAMREPLY",
+	RplLinks:           "RPL_LINKS",
+	RplEndOfLinks:      "RPL_ENDOFLINKS",
+	RplEndOfNames:      "RPL_ENDOFNAMES",
+	RplBanList:         "RPL_BANLIST",
+	RplEndOfBanList:    "RPL_ENDOFBANLIST",
+	RplEndOfWhowas:     "RPL_ENDOFWHOWAS",
+	RplInfo:            "RPL_INFO",
+	RplMotd:            "RPL_MOTD",
+	RplEndOfInfo:       "RPL_ENDOFINFO",
+	RplMotdStart:       "RPL_MOTDSTART",
+	RplEndOfMotd:       "RPL_ENDOFMOTD",
+	RplYoureOper:       "RPL_YOUREOPER",
+	RplRehashing:       "RPL_REHASHING",
+	RplYoureService:    "RPL_YOURESERVICE",
+	RplTime:            "RPL_TIME",
+	RplUsersStart:      "RPL_USERSSTART",
+	RplUsers:           "RPL_USERS",
+	RplEndOfUsers:      "RPL_ENDOFUSERS",
+	RplNoUsers:         "RPL_NOUSERS",
+
+	ErrNoSuchNick:       "ERR_NOSUCHNICK",
+	ErrNoSuchServer:     "ERR_NOSUCHSERVER",
+	ErrNoSuchChannel:    "ERR_NOSUCHCHANNEL",
+	ErrCannotSendToChan: "ERR_CANNOTSENDTOCHAN",
+	ErrTooManyChannels:  "ERR_TOOMANYCHANNELS",
+	ErrWasNoSuchNick:    "ERR_WASNOSUCHNICK",
+	ErrTooManyTargets:   "ERR_TOOMANYTARGETS",
+	ErrNoSuchService:    "ERR_NOSUCHSERVICE",
+	ErrNoOrigin:         "ERR_NOORIGIN",
+	ErrNoRecipient:      "ERR_NORECIPIENT",
+	ErrNoTextToSend:     "ERR_NOTEXTTOSEND",
+	ErrNoTopLevel:       "ERR_NOTOPLEVEL",
+	ErrWildTopLevel:     "ERR_WILDTOPLEVEL",
+	ErrBadMask:          "ERR_BADMASK",
+	ErrUnknownCommand:   "ERR_UNKNOWNCOMMAND",
+	ErrNoMotd:           "ERR_NOMOTD",
+	ErrNoAdminInfo:      "ERR_NOADMININFO",
+	ErrFileError:        "ERR_FILEERROR",
+	ErrNoNicknameGiven:  "ERR_NONICKNAMEGIVEN",
+	ErrErroneusNickname: "ERR_ERRONEUSNICKNAME",
+	ErrNicknameInUse:    "ERR_NICKNAMEINUSE",
+	ErrNickCollision:    "ERR_NICKCOLLISION",
+	ErrUnavailResource:  "ERR_UNAVAILRESOURCE",
+
+	ErrUserNotInChannel:  "ERR_USERNOTINCHANNEL",
+	ErrNotOnChannel:      "ERR_NOTONCHANNEL",
+	ErrUserOnChannel:     "ERR_USERONCHANNEL",
+	ErrNoLogin:           "ERR_NOLOGIN",
+	ErrSummonDisabled:    "ERR_SUMMONDISABLED",
+	ErrUsersDisabled:     "ERR_USERSDISABLED",
+	ErrNotRegistered:     "ERR_NOTREGISTERED",
+	ErrNeedMoreParams:    "ERR_NEEDMOREPARAMS",
+	ErrAlreadyRegistered: "ERR_ALREADYREGISTERED",
+	ErrNoPermForHost:     "ERR_NOPERMFORHOST",
+	ErrPasswdMismatch:    "ERR_PASSWDMISMATCH",
+	ErrYoureBannedCreep:  "ERR_YOUREBANNEDCREEP",
+	ErrYouWillBeBanned:   "ERR_YOUWILLBEBANNED",
+	ErrKeySet:            "ERR_KEYSET",
+	ErrChannelIsFull:     "ERR_CHANNELISFULL",
+	ErrUnknownMode:       "ERR_UNKNOWNMODE",
+	ErrInviteOnlyChan:    "ERR_INVITEONLYCHAN",
+	ErrBannedFromChan:    "ERR_BANNEDFROMCHAN",
+	ErrBadChannelKey:     "ERR_BADCHANNELKEY",
+	ErrBadChanMask:       "ERR_BADCHANMASK",
+	ErrNoChanModes:       "ERR_NOCHANMODES",
+	ErrBanListFull:       "ERR_BANLISTFULL",
+	ErrNoPrivileges:      "ERR_NOPRIVILEGES",
+	ErrChanOpPrivsNeeded: "ERR_CHANOPRIVSNEEDED",
+	ErrCantKillServer:    "ERR_CANTKILLSERVER",
+	ErrRestricted:        "ERR_RESTRICTED",
+	ErrUniqOpPrivsNeeded: "ERR_UNIQOPPRIVSNEEDED",
+	ErrNoOperHost:        "ERR_NOOPERHOST",
+
+	ErrUmodeUnknownFlag: "ERR_UMODEUNKNOWNFLAG",
+	ErrUsersDoNotMatch:  "ERR_USERSDONTMATCH",
+}
+
+// Name returns the standard IRC name for a numeric code
+// (e.g., Name(2) returns "RPL_YOURHOST"). Returns an
+// empty string if the code is unknown.
+//
+// Deprecated: Use IRCMessageType.Name() instead.
+func Name(code IRCMessageType) string {
+	return names[code]
+}

pkg/irc/numerics_test.go

@@ -0,0 +1,163 @@
+package irc_test
+
+import (
+	"errors"
+	"testing"
+
+	"git.eeqj.de/sneak/neoirc/pkg/irc"
+)
+
+func TestName(t *testing.T) {
+	t.Parallel()
+
+	tests := []struct {
+		numeric irc.IRCMessageType
+		want    string
+	}{
+		{irc.RplWelcome, "RPL_WELCOME"},
+		{irc.RplBounce, "RPL_BOUNCE"},
+		{irc.RplLuserOp, "RPL_LUSEROP"},
+		{irc.ErrCannotSendToChan, "ERR_CANNOTSENDTOCHAN"},
+		{irc.ErrNicknameInUse, "ERR_NICKNAMEINUSE"},
+	}
+
+	for _, tc := range tests {
+		if got := tc.numeric.Name(); got != tc.want {
+			t.Errorf("IRCMessageType(%d).Name() = %q, want %q", tc.numeric.Int(), got, tc.want)
+		}
+	}
+}
+
+func TestString(t *testing.T) {
+	t.Parallel()
+
+	tests := []struct {
+		numeric irc.IRCMessageType
+		want    string
+	}{
+		{irc.RplWelcome, "RPL_WELCOME <001>"},
+		{irc.RplBounce, "RPL_BOUNCE <005>"},
+		{irc.RplLuserOp, "RPL_LUSEROP <252>"},
+		{irc.ErrCannotSendToChan, "ERR_CANNOTSENDTOCHAN <404>"},
+	}
+
+	for _, tc := range tests {
+		if got := tc.numeric.String(); got != tc.want {
+			t.Errorf("IRCMessageType(%d).String() = %q, want %q", tc.numeric.Int(), got, tc.want)
+		}
+	}
+}
+
+func TestCode(t *testing.T) {
+	t.Parallel()
+
+	tests := []struct {
+		numeric irc.IRCMessageType
+		want    string
+	}{
+		{irc.RplWelcome, "001"},
+		{irc.RplBounce, "005"},
+		{irc.RplLuserOp, "252"},
+		{irc.ErrCannotSendToChan, "404"},
+	}
+
+	for _, tc := range tests {
+		if got := tc.numeric.Code(); got != tc.want {
+			t.Errorf("IRCMessageType(%d).Code() = %q, want %q", tc.numeric.Int(), got, tc.want)
+		}
+	}
+}
+
+func TestInt(t *testing.T) {
+	t.Parallel()
+
+	tests := []struct {
+		numeric irc.IRCMessageType
+		want    int
+	}{
+		{irc.RplWelcome, 1},
+		{irc.RplBounce, 5},
+		{irc.RplLuserOp, 252},
+		{irc.ErrCannotSendToChan, 404},
+	}
+
+	for _, tc := range tests {
+		if got := tc.numeric.Int(); got != tc.want {
+			t.Errorf("IRCMessageType(%d).Int() = %d, want %d", tc.want, got, tc.want)
+		}
+	}
+}
+
+func TestFromInt_Known(t *testing.T) {
+	t.Parallel()
+
+	tests := []struct {
+		code int
+		want irc.IRCMessageType
+	}{
+		{1, irc.RplWelcome},
+		{5, irc.RplBounce},
+		{252, irc.RplLuserOp},
+		{404, irc.ErrCannotSendToChan},
+		{433, irc.ErrNicknameInUse},
+	}
+
+	for _, test := range tests {
+		got, err := irc.FromInt(test.code)
+		if err != nil {
+			t.Errorf("FromInt(%d) returned unexpected error: %v", test.code, err)
+
+			continue
+		}
+
+		if got != test.want {
+			t.Errorf("FromInt(%d) = %v, want %v", test.code, got, test.want)
+		}
+	}
+}
+
+func TestFromInt_Unknown(t *testing.T) {
+	t.Parallel()
+
+	unknowns := []int{0, 999, 600, -1}
+	for _, code := range unknowns {
+		_, err := irc.FromInt(code)
+		if err == nil {
+			t.Errorf("FromInt(%d) expected error, got nil", code)
+
+			continue
+		}
+
+		if !errors.Is(err, irc.ErrUnknownNumeric) {
+			t.Errorf("FromInt(%d) error = %v, want ErrUnknownNumeric", code, err)
+		}
+	}
+}
+
+func TestUnknownNumeric_Name(t *testing.T) {
+	t.Parallel()
+
+	unknown := irc.IRCMessageType(999)
+	if got := unknown.Name(); got != "" {
+		t.Errorf("IRCMessageType(999).Name() = %q, want empty string", got)
+	}
+}
+
+func TestUnknownNumeric_String(t *testing.T) {
+	t.Parallel()
+
+	unknown := irc.IRCMessageType(999)
+	want := "UNKNOWN <999>"
+
+	if got := unknown.String(); got != want {
+		t.Errorf("IRCMessageType(999).String() = %q, want %q", got, want)
+	}
+}
+
+func TestDeprecatedNameFunc(t *testing.T) {
+	t.Parallel()
+
+	if got := irc.Name(irc.RplYourHost); got != "RPL_YOURHOST" {
+		t.Errorf("Name(RplYourHost) = %q, want %q", got, "RPL_YOURHOST")
+	}
+}

web/src/app.jsx

@@ -146,7 +146,7 @@ function LoginScreen({ onLogin }) {
       }
       const reqBody = { nick: nick.trim() };
       if (hashcashStamp) {
-        reqBody.hashcash = hashcashStamp;
+        reqBody.pow_token = hashcashStamp;
       }
       const res = await api("/session", {
         method: "POST",