From ede038976f92bfe57e1abeb6826ddd36fb0628fb Mon Sep 17 00:00:00 2001
From: Tiago vasconcelos <talvasconcelos@gmail.com>
Date: Wed, 25 Aug 2021 15:44:18 +0100
Subject: [PATCH] refactor http status responses

---
 lnbits/extensions/withdraw/views.py     | 45 ++++++++------
 lnbits/extensions/withdraw/views_api.py | 82 +++++++++++--------------
 2 files changed, 61 insertions(+), 66 deletions(-)

diff --git a/lnbits/extensions/withdraw/views.py b/lnbits/extensions/withdraw/views.py
index 0f23d7336..dc1b6e31d 100644
--- a/lnbits/extensions/withdraw/views.py
+++ b/lnbits/extensions/withdraw/views.py
@@ -6,31 +6,34 @@ from lnbits.decorators import check_user_exists, validate_uuids
 
 from . import withdraw_ext
 from .crud import get_withdraw_link, chunks
-from fastapi import FastAPI, Request
+from fastapi import FastAPI, Request, Response
+
 from fastapi.templating import Jinja2Templates
 
 templates = Jinja2Templates(directory="templates")
 
-@withdraw_ext.get("/")
+@withdraw_ext.get("/", status_code=HTTPStatus.OK)
 @validate_uuids(["usr"], required=True)
 @check_user_exists()
 async def index(request: Request):
     return await templates.TemplateResponse("withdraw/index.html", {"request":request,"user":g.user})
 
 
-@withdraw_ext.get("/<link_id>")
-async def display(request: Request, link_id):
-    link = await get_withdraw_link(link_id, 0) or abort(
-        HTTPStatus.NOT_FOUND, "Withdraw link does not exist."
-    )
+@withdraw_ext.get("/{link_id}", status_code=HTTPStatus.OK)
+async def display(request: Request, link_id, response: Response):
+    link = await get_withdraw_link(link_id, 0)
+    if not link:
+        response.status_code = HTTPStatus.NOT_FOUND
+        return "Withdraw link does not exist." #probably here is where we should return the 404??
     return await templates.TemplateResponse("withdraw/display.html", {"request":request,"link":link, "unique":True})
 
 
-@withdraw_ext.get("/img/<link_id>")
-async def img(request: Request, link_id):
-    link = await get_withdraw_link(link_id, 0) or abort(
-        HTTPStatus.NOT_FOUND, "Withdraw link does not exist."
-    )
+@withdraw_ext.get("/img/{link_id}", status_code=HTTPStatus.OK)
+async def img(request: Request, link_id, response: Response):
+    link = await get_withdraw_link(link_id, 0)
+    if not link:
+        response.status_code = HTTPStatus.NOT_FOUND
+        return "Withdraw link does not exist."
     qr = pyqrcode.create(link.lnurl)
     stream = BytesIO()
     qr.svg(stream, scale=3)
@@ -46,19 +49,21 @@ async def img(request: Request, link_id):
     )
 
 
-@withdraw_ext.get("/print/<link_id>")
-async def print_qr(request: Request, link_id):
-    link = await get_withdraw_link(link_id) or abort(
-        HTTPStatus.NOT_FOUND, "Withdraw link does not exist."
-    )
+@withdraw_ext.get("/print/{link_id}", status_code=HTTPStatus.OK)
+async def print_qr(request: Request, link_id, response: Response):
+    link = await get_withdraw_link(link_id)
+    if not link:
+        response.status_code = HTTPStatus.NOT_FOUND
+        return "Withdraw link does not exist."
     if link.uses == 0:
         return await templates.TemplateResponse("withdraw/print_qr.html", {"request":request,link:link, unique:False})
     links = []
     count = 0
     for x in link.usescsv.split(","):
-        linkk = await get_withdraw_link(link_id, count) or abort(
-            HTTPStatus.NOT_FOUND, "Withdraw link does not exist."
-        )
+        linkk = await get_withdraw_link(link_id, count)
+        if not linkk:
+            response.status_code = HTTPStatus.NOT_FOUND
+            return "Withdraw link does not exist."
         links.append(str(linkk.lnurl))
         count = count + 1
     page_link = list(chunks(links, 2))
diff --git a/lnbits/extensions/withdraw/views_api.py b/lnbits/extensions/withdraw/views_api.py
index b34b9fbbc..d0ad0656b 100644
--- a/lnbits/extensions/withdraw/views_api.py
+++ b/lnbits/extensions/withdraw/views_api.py
@@ -5,7 +5,7 @@ from lnurl.exceptions import InvalidUrl as LnurlInvalidUrl  # type: ignore
 from lnbits.core.crud import get_user
 from lnbits.decorators import api_check_wallet_key, api_validate_post_request
 from pydantic import BaseModel
-from fastapi import FastAPI, Query
+from fastapi import FastAPI, Query, Response
 
 from . import withdraw_ext
 from .crud import (
@@ -19,47 +19,41 @@ from .crud import (
 )
 
 
-@withdraw_ext.get("/api/v1/links")
+@withdraw_ext.get("/api/v1/links", status_code=200)
 @api_check_wallet_key("invoice")
-async def api_links():
+async def api_links(response: Response):
     wallet_ids = [g.wallet.id]
 
     if "all_wallets" in request.args:
         wallet_ids = (await get_user(g.wallet.user)).wallet_ids
     try:
-        return (
-                [
+        return [
                     {
                         **link._asdict(),
                         **{"lnurl": link.lnurl},
                     }
                     for link in await get_withdraw_links(wallet_ids)
-                ],
-            HTTPStatus.OK,
-        )
+                ]
+        
     except LnurlInvalidUrl:
-        return (
-                {
-                    "message": "LNURLs need to be delivered over a publically accessible `https` domain or Tor."
-                },
-            HTTPStatus.UPGRADE_REQUIRED,
-        )
+        response.status_code = HTTPStatus.UPGRADE_REQUIRED
+        return { "message": "LNURLs need to be delivered over a publically accessible `https` domain or Tor." }
 
 
-@withdraw_ext.get("/api/v1/links/{link_id}")
+@withdraw_ext.get("/api/v1/links/{link_id}", status_code=200)
 @api_check_wallet_key("invoice")
-async def api_link_retrieve(link_id):
+async def api_link_retrieve(link_id, response: Response):
     link = await get_withdraw_link(link_id, 0)
 
     if not link:
-        return ({"message": "Withdraw link does not exist."},
-            HTTPStatus.NOT_FOUND,
-        )
+        response.status_code = HTTPStatus.NOT_FOUND
+        return {"message": "Withdraw link does not exist."}
 
     if link.wallet != g.wallet.id:
-        return {"message": "Not your withdraw link."}, HTTPStatus.FORBIDDEN
+        response.status_code = HTTPStatus.FORBIDDEN
+        return {"message": "Not your withdraw link."}
 
-    return {**link, **{"lnurl": link.lnurl}}, HTTPStatus.OK
+    return {**link, **{"lnurl": link.lnurl}}
 
 class CreateData(BaseModel):
     title:  str = Query(...)
@@ -69,17 +63,15 @@ class CreateData(BaseModel):
     wait_time:  int = Query(..., ge=1)
     is_unique:  bool
 
-@withdraw_ext.post("/api/v1/links")
+@withdraw_ext.post("/api/v1/links", status_code=HTTPStatus.CREATED)
 @withdraw_ext.put("/api/v1/links/{link_id}")
 @api_check_wallet_key("admin")
-async def api_link_create_or_update(data: CreateData, link_id: str = None):
+async def api_link_create_or_update(data: CreateData, link_id: str = None, response: Response):
     if data.max_withdrawable < data.min_withdrawable:
-        return (
-                {
+        response.status_code = HTTPStatus.BAD_REQUEST
+        return {
                     "message": "`max_withdrawable` needs to be at least `min_withdrawable`."
-                },
-            HTTPStatus.BAD_REQUEST,
-        )
+                }
 
     usescsv = ""
     for i in range(data.uses):
@@ -92,43 +84,41 @@ async def api_link_create_or_update(data: CreateData, link_id: str = None):
     if link_id:
         link = await get_withdraw_link(link_id, 0)
         if not link:
-            return (
-                jsonify({"message": "Withdraw link does not exist."}),
-                HTTPStatus.NOT_FOUND,
-            )
+            response.status_code = HTTPStatus.NOT_FOUND
+            return {"message": "Withdraw link does not exist."}
         if link.wallet != g.wallet.id:
-            return {"message": "Not your withdraw link."}, HTTPStatus.FORBIDDEN
+            response.status_code = HTTPStatus.FORBIDDEN
+            return {"message": "Not your withdraw link."}
         link = await update_withdraw_link(link_id, **data, usescsv=usescsv, used=0)
     else:
         link = await create_withdraw_link(
             wallet_id=g.wallet.id, **data, usescsv=usescsv
         )
-
-    return ({**link, **{"lnurl": link.lnurl}},
-        HTTPStatus.OK if link_id else HTTPStatus.CREATED,
-    )
+    if link_id:
+        response.status_code = HTTPStatus.OK
+    return {**link, **{"lnurl": link.lnurl}}
 
 
-@withdraw_ext.delete("/api/v1/links/{link_id}")
+@withdraw_ext.delete("/api/v1/links/{link_id}", status_code=HTTPStatus.NO_CONTENT)
 @api_check_wallet_key("admin")
-async def api_link_delete(link_id):
+async def api_link_delete(link_id, response: Response):
     link = await get_withdraw_link(link_id)
 
     if not link:
-        return ({"message": "Withdraw link does not exist."},
-            HTTPStatus.NOT_FOUND,
-        )
+            response.status_code = HTTPStatus.NOT_FOUND
+            return {"message": "Withdraw link does not exist."}
 
     if link.wallet != g.wallet.id:
-        return {"message": "Not your withdraw link."}, HTTPStatus.FORBIDDEN
+        response.status_code = HTTPStatus.FORBIDDEN
+        return {"message": "Not your withdraw link."}
 
     await delete_withdraw_link(link_id)
 
-    return "", HTTPStatus.NO_CONTENT
+    return ""
 
 
-@withdraw_ext.get("/api/v1/links/{the_hash}/{lnurl_id}")
+@withdraw_ext.get("/api/v1/links/{the_hash}/{lnurl_id}", status_code=HTTPStatus.OK)
 @api_check_wallet_key("invoice")
 async def api_hash_retrieve(the_hash, lnurl_id):
     hashCheck = await get_hash_check(the_hash, lnurl_id)
-    return hashCheck, HTTPStatus.OK
+    return hashCheck