highperfocused/lnbits
1
0
Fork 0
mirror of https://github.com/lnbits/lnbits.git synced 2025-09-27 04:16:18 +02:00
Code Issues Packages Projects Releases Wiki Activity

Revert "Revert "API key check: assert that wallet exists (#961)" (#962)" (#963)

Browse Source 
This reverts commit 57fffa0c7f.
This commit is contained in:
calle
2022-09-12 18:49:57 +03:00
committed by GitHub
parent 57fffa0c7f
commit 1660b9dcf1
2 changed files with 27 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lnbits/core/views/api.py
View File

@@ -402,10 +402,6 @@ async def subscribe(request: Request, wallet: Wallet):
async def api_payments_sse( async def api_payments_sse(
request: Request, wallet: WalletTypeInfo = Depends(get_key_type) request: Request, wallet: WalletTypeInfo = Depends(get_key_type)
): ):
if wallet is None or wallet.wallet is None:
raise HTTPException(
status_code=HTTPStatus.NOT_FOUND, detail="Wallet does not exist."
)
return EventSourceResponse( return EventSourceResponse(
subscribe(request, wallet.wallet), ping=20, media_type="text/event-stream" subscribe(request, wallet.wallet), ping=20, media_type="text/event-stream"
) )

64
lnbits/decorators.py
View File

@@ -138,44 +138,34 @@ async def get_key_type(
detail="Invoice (or Admin) key required.", detail="Invoice (or Admin) key required.",
) )
try: for typenr, WalletChecker in zip(
admin_checker = WalletAdminKeyChecker(api_key=token) [0, 1], [WalletAdminKeyChecker, WalletInvoiceKeyChecker]
await admin_checker.__call__(r) ):
wallet = WalletTypeInfo(0, admin_checker.wallet) # type: ignore try:
if (LNBITS_ADMIN_USERS and wallet.wallet.user not in LNBITS_ADMIN_USERS) and ( checker = WalletChecker(api_key=token)
LNBITS_ADMIN_EXTENSIONS and pathname in LNBITS_ADMIN_EXTENSIONS await checker.__call__(r)
): wallet = WalletTypeInfo(typenr, checker.wallet) # type: ignore
raise HTTPException( if wallet is None or wallet.wallet is None:
status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized." raise HTTPException(
) status_code=HTTPStatus.NOT_FOUND, detail="Wallet does not exist."
return wallet )
except HTTPException as e: if (
if e.status_code == HTTPStatus.BAD_REQUEST: LNBITS_ADMIN_USERS and wallet.wallet.user not in LNBITS_ADMIN_USERS
) and (LNBITS_ADMIN_EXTENSIONS and pathname in LNBITS_ADMIN_EXTENSIONS):
raise HTTPException(
status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized."
)
return wallet
except HTTPException as e:
if e.status_code == HTTPStatus.BAD_REQUEST:
raise
if e.status_code == HTTPStatus.UNAUTHORIZED:
pass
except:
raise raise
if e.status_code == HTTPStatus.UNAUTHORIZED: raise HTTPException(
pass status_code=HTTPStatus.NOT_FOUND, detail="Wallet does not exist."
except: )
raise
try:
invoice_checker = WalletInvoiceKeyChecker(api_key=token)
await invoice_checker.__call__(r)
wallet = WalletTypeInfo(1, invoice_checker.wallet) # type: ignore
if (LNBITS_ADMIN_USERS and wallet.wallet.user not in LNBITS_ADMIN_USERS) and (
LNBITS_ADMIN_EXTENSIONS and pathname in LNBITS_ADMIN_EXTENSIONS
):
raise HTTPException(
status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized."
)
return wallet
except HTTPException as e:
if e.status_code == HTTPStatus.BAD_REQUEST:
raise
if e.status_code == HTTPStatus.UNAUTHORIZED:
return WalletTypeInfo(2, None) # type: ignore
except:
raise
return wallet
async def require_admin_key( async def require_admin_key(