Added wallet authentication to creat, get and delete tinyurls

lnbits/core/crud.py

@@ -628,34 +628,38 @@ async def create_admin_settings(super_user: str, new_settings: dict):
 # -------
 
 
-async def create_tinyurl(domain: str, endless: bool, conn: Optional[Connection] = None):
+async def create_tinyurl(domain: str, endless: bool, wallet: str):
     tinyurl_id = shortuuid.uuid()[:8]
-    await (conn or db).execute(
+    await db.execute(
-        f"INSERT INTO tiny_url (id, url, endless) VALUES (?, ?, ?)",
+        f"INSERT INTO tiny_url (id, url, endless, wallet) VALUES (?, ?, ?, ?)",
         (
             tinyurl_id,
             domain,
             endless,
+            wallet,
         ),
     )
     return await get_tinyurl(tinyurl_id)
 
 
-async def get_tinyurl(
+async def get_tinyurl(tinyurl_id: str) -> Optional[TinyURL]:
-    tinyurl_id: str, conn: Optional[Connection] = None
+    row = await db.fetchone(
-) -> Optional[TinyURL]:
-    row = await (conn or db).fetchone(
         f"SELECT * FROM tiny_url WHERE id = ?",
         (tinyurl_id,),
     )
     return TinyURL.from_row(row) if row else None
 
 
-async def get_tinyurl_by_url(
+async def get_tinyurl_by_url(url: str) -> List[TinyURL]:
-    url: str, conn: Optional[Connection] = None
+    rows = await db.fetchall(
-) -> Optional[TinyURL]:
-    row = await (conn or db).fetchone(
         f"SELECT * FROM tiny_url WHERE url = ?",
         (url,),
     )
-    return TinyURL.from_row(row) if row else None
+    return [TinyURL.from_row(row) for row in rows]
+
+
+async def delete_tinyurl(tinyurl_id: str):
+    row = await db.execute(
+        f"DELETE FROM tiny_url WHERE id = ?",
+        (tinyurl_id,),
+    )

lnbits/core/migrations.py

@@ -278,6 +278,7 @@ async def m009_create_tinyurl_table(db):
           id TEXT PRIMARY KEY,
           url TEXT,
           endless BOOL NOT NULL DEFAULT false,
+          wallet TEXT,
           time TIMESTAMP NOT NULL DEFAULT {db.timestamp_now}
         );
     """

lnbits/core/models.py

@@ -219,6 +219,7 @@ class TinyURL(BaseModel):
     id: str
     url: str
     endless: bool
+    wallet: str
     time: float
 
     @classmethod

lnbits/core/views/api.py

@@ -48,6 +48,7 @@ from lnbits.utils.exchange_rates import (
 from .. import core_app, db
 from ..crud import (
     create_tinyurl,
+    delete_tinyurl,
     get_payments,
     get_standalone_payment,
     get_tinyurl,
@@ -715,23 +716,67 @@ async def websocket_update_get(item_id: str, data: str):
 
 
 @core_app.post("/api/v1/tinyurl")
-async def api_create_tinyurl(url: str, endless: bool = False):
+async def api_create_tinyurl(
-    tinyurl = await get_tinyurl_by_url(url)
+    url: str, endless: bool = False, wallet: WalletTypeInfo = Depends(get_key_type)
+):
+    tinyurls = await get_tinyurl_by_url(url)
+    try:
+        for tinyurl in tinyurls:
             if tinyurl:
+                if tinyurl.wallet == wallet.wallet.inkey:
                     return tinyurl
-    return await create_tinyurl(url, endless)
+        return await create_tinyurl(url, endless, wallet.wallet.inkey)
+    except:
+        raise HTTPException(
+            status_code=HTTPStatus.BAD_REQUEST, detail="Unable to create tinyurl"
+        )
 
 
 @core_app.get("/api/v1/tinyurl/{tinyurl_id}")
-async def api_get_tinyurl(tinyurl_id: str):
+async def api_get_tinyurl(
-    return await get_tinyurl(tinyurl_id)
+    tinyurl_id: str, wallet: WalletTypeInfo = Depends(get_key_type)
+):
+    try:
+        tinyurl = await get_tinyurl(tinyurl_id)
+        if tinyurl.wallet == wallet.wallet.inkey:
+            return tinyurl
+        raise HTTPException(
+            status_code=HTTPStatus.FORBIDDEN, detail="Wrong key provided."
+        )
+    except:
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_FOUND, detail="Unable to fetch tinyurl"
+        )
+
+
+@core_app.delete("/api/v1/tinyurl/{tinyurl_id}")
+async def api_delete_tinyurl(
+    tinyurl_id: str, wallet: WalletTypeInfo = Depends(get_key_type)
+):
+    try:
+        tinyurl = await get_tinyurl(tinyurl_id)
+        if tinyurl.wallet == wallet.wallet.inkey:
+            await delete_tinyurl(tinyurl_id)
+            return {"deleted": True}
+        raise HTTPException(
+            status_code=HTTPStatus.FORBIDDEN, detail="Wrong key provided."
+        )
+    except:
+        raise HTTPException(
+            status_code=HTTPStatus.BAD_REQUEST, detail="Unable to delete"
+        )
 
 
 @core_app.get("/t/{tinyurl_id}")
 async def api_tinyurl(tinyurl_id: str):
+    try:
         tinyurl = await get_tinyurl(tinyurl_id)
         if tinyurl:
             response = RedirectResponse(url=tinyurl.url)
             return response
         else:
             return
+    except:
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_FOUND, detail="unable to find tinyurl"
+        )