From d6e3eb58377c4c54ea82f5db725f2c8022f3be2f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?dni=20=E2=9A=A1?= Date: Mon, 12 Sep 2022 14:38:37 +0200 Subject: [PATCH 1/5] Fix donate link on start page --- lnbits/core/templates/core/index.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lnbits/core/templates/core/index.html b/lnbits/core/templates/core/index.html index f363a841e..f769b44f6 100644 --- a/lnbits/core/templates/core/index.html +++ b/lnbits/core/templates/core/index.html @@ -66,7 +66,7 @@ outline color="grey" type="a" - href="https://github.com/lnbits/lnbits" + href="https://github.com/lnbits/lnbits-legend" target="_blank" rel="noopener" >View project in GitHubDonate Date: Mon, 12 Sep 2022 18:39:53 +0300 Subject: [PATCH 2/5] API key check: assert that wallet exists (#961) * check if wallet exists * check wallet existence in key check --- lnbits/core/views/api.py | 4 --- lnbits/decorators.py | 64 +++++++++++++++++----------------------- 2 files changed, 27 insertions(+), 41 deletions(-) diff --git a/lnbits/core/views/api.py b/lnbits/core/views/api.py index 830cc16a8..af453f038 100644 --- a/lnbits/core/views/api.py +++ b/lnbits/core/views/api.py @@ -402,10 +402,6 @@ async def subscribe(request: Request, wallet: Wallet): async def api_payments_sse( request: Request, wallet: WalletTypeInfo = Depends(get_key_type) ): - if wallet is None or wallet.wallet is None: - raise HTTPException( - status_code=HTTPStatus.NOT_FOUND, detail="Wallet does not exist." - ) return EventSourceResponse( subscribe(request, wallet.wallet), ping=20, media_type="text/event-stream" ) diff --git a/lnbits/decorators.py b/lnbits/decorators.py index 69b26fe71..8b8ebd55b 100644 --- a/lnbits/decorators.py +++ b/lnbits/decorators.py @@ -138,44 +138,34 @@ async def get_key_type( detail="Invoice (or Admin) key required.", ) - try: - admin_checker = WalletAdminKeyChecker(api_key=token) - await admin_checker.__call__(r) - wallet = WalletTypeInfo(0, admin_checker.wallet) # type: ignore - if (LNBITS_ADMIN_USERS and wallet.wallet.user not in LNBITS_ADMIN_USERS) and ( - LNBITS_ADMIN_EXTENSIONS and pathname in LNBITS_ADMIN_EXTENSIONS - ): - raise HTTPException( - status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized." - ) - return wallet - except HTTPException as e: - if e.status_code == HTTPStatus.BAD_REQUEST: + for typenr, WalletChecker in zip( + [0, 1], [WalletAdminKeyChecker, WalletInvoiceKeyChecker] + ): + try: + checker = WalletChecker(api_key=token) + await checker.__call__(r) + wallet = WalletTypeInfo(typenr, checker.wallet) # type: ignore + if wallet is None or wallet.wallet is None: + raise HTTPException( + status_code=HTTPStatus.NOT_FOUND, detail="Wallet does not exist." + ) + if ( + LNBITS_ADMIN_USERS and wallet.wallet.user not in LNBITS_ADMIN_USERS + ) and (LNBITS_ADMIN_EXTENSIONS and pathname in LNBITS_ADMIN_EXTENSIONS): + raise HTTPException( + status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized." + ) + return wallet + except HTTPException as e: + if e.status_code == HTTPStatus.BAD_REQUEST: + raise + if e.status_code == HTTPStatus.UNAUTHORIZED: + pass + except: raise - if e.status_code == HTTPStatus.UNAUTHORIZED: - pass - except: - raise - - try: - invoice_checker = WalletInvoiceKeyChecker(api_key=token) - await invoice_checker.__call__(r) - wallet = WalletTypeInfo(1, invoice_checker.wallet) # type: ignore - if (LNBITS_ADMIN_USERS and wallet.wallet.user not in LNBITS_ADMIN_USERS) and ( - LNBITS_ADMIN_EXTENSIONS and pathname in LNBITS_ADMIN_EXTENSIONS - ): - raise HTTPException( - status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized." - ) - return wallet - except HTTPException as e: - if e.status_code == HTTPStatus.BAD_REQUEST: - raise - if e.status_code == HTTPStatus.UNAUTHORIZED: - return WalletTypeInfo(2, None) # type: ignore - except: - raise - return wallet + raise HTTPException( + status_code=HTTPStatus.NOT_FOUND, detail="Wallet does not exist." + ) async def require_admin_key( From 57fffa0c7f569ea05a814d47ef3d66aace3297d3 Mon Sep 17 00:00:00 2001 From: calle <93376500+callebtc@users.noreply.github.com> Date: Mon, 12 Sep 2022 18:41:27 +0300 Subject: [PATCH 3/5] Revert "API key check: assert that wallet exists (#961)" (#962) This reverts commit 0930fca7ec03382c19d63b8e6da4fd02791fcf8e. --- lnbits/core/views/api.py | 4 +++ lnbits/decorators.py | 64 +++++++++++++++++++++++----------------- 2 files changed, 41 insertions(+), 27 deletions(-) diff --git a/lnbits/core/views/api.py b/lnbits/core/views/api.py index af453f038..830cc16a8 100644 --- a/lnbits/core/views/api.py +++ b/lnbits/core/views/api.py @@ -402,6 +402,10 @@ async def subscribe(request: Request, wallet: Wallet): async def api_payments_sse( request: Request, wallet: WalletTypeInfo = Depends(get_key_type) ): + if wallet is None or wallet.wallet is None: + raise HTTPException( + status_code=HTTPStatus.NOT_FOUND, detail="Wallet does not exist." + ) return EventSourceResponse( subscribe(request, wallet.wallet), ping=20, media_type="text/event-stream" ) diff --git a/lnbits/decorators.py b/lnbits/decorators.py index 8b8ebd55b..69b26fe71 100644 --- a/lnbits/decorators.py +++ b/lnbits/decorators.py @@ -138,34 +138,44 @@ async def get_key_type( detail="Invoice (or Admin) key required.", ) - for typenr, WalletChecker in zip( - [0, 1], [WalletAdminKeyChecker, WalletInvoiceKeyChecker] - ): - try: - checker = WalletChecker(api_key=token) - await checker.__call__(r) - wallet = WalletTypeInfo(typenr, checker.wallet) # type: ignore - if wallet is None or wallet.wallet is None: - raise HTTPException( - status_code=HTTPStatus.NOT_FOUND, detail="Wallet does not exist." - ) - if ( - LNBITS_ADMIN_USERS and wallet.wallet.user not in LNBITS_ADMIN_USERS - ) and (LNBITS_ADMIN_EXTENSIONS and pathname in LNBITS_ADMIN_EXTENSIONS): - raise HTTPException( - status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized." - ) - return wallet - except HTTPException as e: - if e.status_code == HTTPStatus.BAD_REQUEST: - raise - if e.status_code == HTTPStatus.UNAUTHORIZED: - pass - except: + try: + admin_checker = WalletAdminKeyChecker(api_key=token) + await admin_checker.__call__(r) + wallet = WalletTypeInfo(0, admin_checker.wallet) # type: ignore + if (LNBITS_ADMIN_USERS and wallet.wallet.user not in LNBITS_ADMIN_USERS) and ( + LNBITS_ADMIN_EXTENSIONS and pathname in LNBITS_ADMIN_EXTENSIONS + ): + raise HTTPException( + status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized." + ) + return wallet + except HTTPException as e: + if e.status_code == HTTPStatus.BAD_REQUEST: raise - raise HTTPException( - status_code=HTTPStatus.NOT_FOUND, detail="Wallet does not exist." - ) + if e.status_code == HTTPStatus.UNAUTHORIZED: + pass + except: + raise + + try: + invoice_checker = WalletInvoiceKeyChecker(api_key=token) + await invoice_checker.__call__(r) + wallet = WalletTypeInfo(1, invoice_checker.wallet) # type: ignore + if (LNBITS_ADMIN_USERS and wallet.wallet.user not in LNBITS_ADMIN_USERS) and ( + LNBITS_ADMIN_EXTENSIONS and pathname in LNBITS_ADMIN_EXTENSIONS + ): + raise HTTPException( + status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized." + ) + return wallet + except HTTPException as e: + if e.status_code == HTTPStatus.BAD_REQUEST: + raise + if e.status_code == HTTPStatus.UNAUTHORIZED: + return WalletTypeInfo(2, None) # type: ignore + except: + raise + return wallet async def require_admin_key( From 1660b9dcf1f3c17af1b7d7a894f6ce06359ca578 Mon Sep 17 00:00:00 2001 From: calle <93376500+callebtc@users.noreply.github.com> Date: Mon, 12 Sep 2022 18:49:57 +0300 Subject: [PATCH 4/5] Revert "Revert "API key check: assert that wallet exists (#961)" (#962)" (#963) This reverts commit 57fffa0c7f569ea05a814d47ef3d66aace3297d3. --- lnbits/core/views/api.py | 4 --- lnbits/decorators.py | 64 +++++++++++++++++----------------------- 2 files changed, 27 insertions(+), 41 deletions(-) diff --git a/lnbits/core/views/api.py b/lnbits/core/views/api.py index 830cc16a8..af453f038 100644 --- a/lnbits/core/views/api.py +++ b/lnbits/core/views/api.py @@ -402,10 +402,6 @@ async def subscribe(request: Request, wallet: Wallet): async def api_payments_sse( request: Request, wallet: WalletTypeInfo = Depends(get_key_type) ): - if wallet is None or wallet.wallet is None: - raise HTTPException( - status_code=HTTPStatus.NOT_FOUND, detail="Wallet does not exist." - ) return EventSourceResponse( subscribe(request, wallet.wallet), ping=20, media_type="text/event-stream" ) diff --git a/lnbits/decorators.py b/lnbits/decorators.py index 69b26fe71..8b8ebd55b 100644 --- a/lnbits/decorators.py +++ b/lnbits/decorators.py @@ -138,44 +138,34 @@ async def get_key_type( detail="Invoice (or Admin) key required.", ) - try: - admin_checker = WalletAdminKeyChecker(api_key=token) - await admin_checker.__call__(r) - wallet = WalletTypeInfo(0, admin_checker.wallet) # type: ignore - if (LNBITS_ADMIN_USERS and wallet.wallet.user not in LNBITS_ADMIN_USERS) and ( - LNBITS_ADMIN_EXTENSIONS and pathname in LNBITS_ADMIN_EXTENSIONS - ): - raise HTTPException( - status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized." - ) - return wallet - except HTTPException as e: - if e.status_code == HTTPStatus.BAD_REQUEST: + for typenr, WalletChecker in zip( + [0, 1], [WalletAdminKeyChecker, WalletInvoiceKeyChecker] + ): + try: + checker = WalletChecker(api_key=token) + await checker.__call__(r) + wallet = WalletTypeInfo(typenr, checker.wallet) # type: ignore + if wallet is None or wallet.wallet is None: + raise HTTPException( + status_code=HTTPStatus.NOT_FOUND, detail="Wallet does not exist." + ) + if ( + LNBITS_ADMIN_USERS and wallet.wallet.user not in LNBITS_ADMIN_USERS + ) and (LNBITS_ADMIN_EXTENSIONS and pathname in LNBITS_ADMIN_EXTENSIONS): + raise HTTPException( + status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized." + ) + return wallet + except HTTPException as e: + if e.status_code == HTTPStatus.BAD_REQUEST: + raise + if e.status_code == HTTPStatus.UNAUTHORIZED: + pass + except: raise - if e.status_code == HTTPStatus.UNAUTHORIZED: - pass - except: - raise - - try: - invoice_checker = WalletInvoiceKeyChecker(api_key=token) - await invoice_checker.__call__(r) - wallet = WalletTypeInfo(1, invoice_checker.wallet) # type: ignore - if (LNBITS_ADMIN_USERS and wallet.wallet.user not in LNBITS_ADMIN_USERS) and ( - LNBITS_ADMIN_EXTENSIONS and pathname in LNBITS_ADMIN_EXTENSIONS - ): - raise HTTPException( - status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized." - ) - return wallet - except HTTPException as e: - if e.status_code == HTTPStatus.BAD_REQUEST: - raise - if e.status_code == HTTPStatus.UNAUTHORIZED: - return WalletTypeInfo(2, None) # type: ignore - except: - raise - return wallet + raise HTTPException( + status_code=HTTPStatus.NOT_FOUND, detail="Wallet does not exist." + ) async def require_admin_key( From d0ca0b18da5a62a9bd10a466a798f6a4b1c61cc2 Mon Sep 17 00:00:00 2001 From: calle <93376500+callebtc@users.noreply.github.com> Date: Mon, 12 Sep 2022 20:57:23 +0300 Subject: [PATCH 5/5] Fix/db reuse connection mark pending (#964) * check if wallet exists * check wallet existence in key check * reuse connection for stataus update * make format --- lnbits/core/models.py | 15 ++++++++++++--- lnbits/tasks.py | 2 +- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/lnbits/core/models.py b/lnbits/core/models.py index 4dc15bbc9..219380c83 100644 --- a/lnbits/core/models.py +++ b/lnbits/core/models.py @@ -9,6 +9,7 @@ from lnurl import encode as lnurl_encode # type: ignore from loguru import logger from pydantic import BaseModel +from lnbits.db import Connection from lnbits.helpers import url_for from lnbits.settings import WALLET from lnbits.wallets.base import PaymentStatus @@ -131,7 +132,11 @@ class Payment(BaseModel): def is_uncheckable(self) -> bool: return self.checking_id.startswith("internal_") - async def update_status(self, status: PaymentStatus) -> None: + async def update_status( + self, + status: PaymentStatus, + conn: Optional[Connection] = None, + ) -> None: from .crud import update_payment_details await update_payment_details( @@ -139,6 +144,7 @@ class Payment(BaseModel): pending=status.pending, fee=status.fee_msat, preimage=status.preimage, + conn=conn, ) async def set_pending(self, pending: bool) -> None: @@ -146,7 +152,10 @@ class Payment(BaseModel): await update_payment_status(self.checking_id, pending) - async def check_status(self) -> PaymentStatus: + async def check_status( + self, + conn: Optional[Connection] = None, + ) -> PaymentStatus: if self.is_uncheckable: return PaymentStatus(None) @@ -170,7 +179,7 @@ class Payment(BaseModel): logger.info( f"Marking '{'in' if self.is_in else 'out'}' {self.checking_id} as not pending anymore: {status}" ) - await self.update_status(status) + await self.update_status(status, conn=conn) return status async def delete(self) -> None: diff --git a/lnbits/tasks.py b/lnbits/tasks.py index 078edca1a..41287ff24 100644 --- a/lnbits/tasks.py +++ b/lnbits/tasks.py @@ -103,7 +103,7 @@ async def check_pending_payments(): conn=conn, ) for payment in pending_payments: - await payment.check_status() + await payment.check_status(conn=conn) logger.debug( f"Task: pending check finished for {len(pending_payments)} payments (took {time.time() - start_time:0.3f} s)"