heierbtc/lnbits
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Revert "API key check: assert that wallet exists (#961)" (#962)

Browse Source 
This reverts commit 0930fca7ec.
This commit is contained in:
calle 2022-09-12 18:41:27 +03:00 committed by GitHub
parent 0930fca7ec
commit 57fffa0c7f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 41 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lnbits/core/views/api.py
View File

@ -402,6 +402,10 @@ async def subscribe(request: Request, wallet: Wallet):
async def api_payments_sse( async def api_payments_sse(
request: Request, wallet: WalletTypeInfo = Depends(get_key_type) request: Request, wallet: WalletTypeInfo = Depends(get_key_type)
): ):
if wallet is None or wallet.wallet is None:
raise HTTPException(
status_code=HTTPStatus.NOT_FOUND, detail="Wallet does not exist."
)
return EventSourceResponse( return EventSourceResponse(
subscribe(request, wallet.wallet), ping=20, media_type="text/event-stream" subscribe(request, wallet.wallet), ping=20, media_type="text/event-stream"
) )

38
lnbits/decorators.py
View File

@ -138,20 +138,13 @@ async def get_key_type(
detail="Invoice (or Admin) key required.", detail="Invoice (or Admin) key required.",
) )
for typenr, WalletChecker in zip(
[0, 1], [WalletAdminKeyChecker, WalletInvoiceKeyChecker]
):
try: try:
checker = WalletChecker(api_key=token) admin_checker = WalletAdminKeyChecker(api_key=token)
await checker.__call__(r) await admin_checker.__call__(r)
wallet = WalletTypeInfo(typenr, checker.wallet) # type: ignore wallet = WalletTypeInfo(0, admin_checker.wallet) # type: ignore
if wallet is None or wallet.wallet is None: if (LNBITS_ADMIN_USERS and wallet.wallet.user not in LNBITS_ADMIN_USERS) and (
raise HTTPException( LNBITS_ADMIN_EXTENSIONS and pathname in LNBITS_ADMIN_EXTENSIONS
status_code=HTTPStatus.NOT_FOUND, detail="Wallet does not exist." ):
)
if (
LNBITS_ADMIN_USERS and wallet.wallet.user not in LNBITS_ADMIN_USERS
) and (LNBITS_ADMIN_EXTENSIONS and pathname in LNBITS_ADMIN_EXTENSIONS):
raise HTTPException( raise HTTPException(
status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized." status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized."
) )
@ -163,9 +156,26 @@ async def get_key_type(
pass pass
except: except:
raise raise
try:
invoice_checker = WalletInvoiceKeyChecker(api_key=token)
await invoice_checker.__call__(r)
wallet = WalletTypeInfo(1, invoice_checker.wallet) # type: ignore
if (LNBITS_ADMIN_USERS and wallet.wallet.user not in LNBITS_ADMIN_USERS) and (
LNBITS_ADMIN_EXTENSIONS and pathname in LNBITS_ADMIN_EXTENSIONS
):
raise HTTPException( raise HTTPException(
status_code=HTTPStatus.NOT_FOUND, detail="Wallet does not exist." status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized."
) )
return wallet
except HTTPException as e:
if e.status_code == HTTPStatus.BAD_REQUEST:
raise
if e.status_code == HTTPStatus.UNAUTHORIZED:
return WalletTypeInfo(2, None) # type: ignore
except:
raise
return wallet
async def require_admin_key( async def require_admin_key(