highperfocused/lnbits
1
0
Fork 0
mirror of https://github.com/lnbits/lnbits.git synced 2025-06-29 10:10:00 +02:00
Code Issues Packages Projects Releases Wiki Activity

Wrong key int being returned

Browse Source
This commit is contained in:
Ben Arc
2022-03-08 22:15:45 +00:00
parent c708cb1e2b
commit e4dd0972a5
2 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lnbits/core/views/api.py
View File

@ -23,6 +23,7 @@ from lnbits.decorators import (
WalletInvoiceKeyChecker, WalletInvoiceKeyChecker,
WalletTypeInfo, WalletTypeInfo,
get_key_type, get_key_type,
require_admin_key
) )
from lnbits.helpers import url_for, urlsafe_short_hash from lnbits.helpers import url_for, urlsafe_short_hash
from lnbits.requestvars import g from lnbits.requestvars import g
@ -230,7 +231,7 @@ async def api_payments_pay_invoice(bolt11: str, wallet: Wallet):
status_code=HTTPStatus.CREATED, status_code=HTTPStatus.CREATED,
) )
async def api_payments_create( async def api_payments_create(
wallet: WalletTypeInfo = Depends(get_key_type), wallet: WalletTypeInfo = Depends(require_admin_key),
invoiceData: CreateInvoiceData = Body(...), invoiceData: CreateInvoiceData = Body(...),
): ):
if wallet.wallet_type < 0 or wallet.wallet_type > 2: if wallet.wallet_type < 0 or wallet.wallet_type > 2:

3
lnbits/decorators.py
View File

@ -147,7 +147,7 @@ async def get_key_type(
try: try:
checker = WalletInvoiceKeyChecker(api_key=token) checker = WalletInvoiceKeyChecker(api_key=token)
await checker.__call__(r) await checker.__call__(r)
wallet = WalletTypeInfo(0, checker.wallet) wallet = WalletTypeInfo(1, checker.wallet)
if (LNBITS_ADMIN_USERS and wallet.wallet.user not in LNBITS_ADMIN_USERS) and (LNBITS_ADMIN_EXTENSIONS and pathname in LNBITS_ADMIN_EXTENSIONS): if (LNBITS_ADMIN_USERS and wallet.wallet.user not in LNBITS_ADMIN_USERS) and (LNBITS_ADMIN_EXTENSIONS and pathname in LNBITS_ADMIN_EXTENSIONS):
raise HTTPException(status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized.") raise HTTPException(status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized.")
return wallet return wallet
@ -168,6 +168,7 @@ async def require_admin_key(
token = api_key_header if api_key_header else api_key_query token = api_key_header if api_key_header else api_key_query
wallet = await get_key_type(r, token) wallet = await get_key_type(r, token)
print(wallet.__dict__)
if wallet.wallet_type != 0: if wallet.wallet_type != 0:
# If wallet type is not admin then return the unauthorized status # If wallet type is not admin then return the unauthorized status