Revert "API key check: assert that wallet exists (#961)" (#962)

This reverts commit 0930fca7ec.
2022-09-12 18:41:27 +03:00 · 2022-09-12 18:41:27 +03:00 · 57fffa0c7f
commit 57fffa0c7f
parent 0930fca7ec
2 changed files with 41 additions and 27 deletions
--- a/lnbits/core/views/api.py
+++ b/lnbits/core/views/api.py
@ -402,6 +402,10 @@ async def subscribe(request: Request, wallet: Wallet):
 async def api_payments_sse(
    request: Request, wallet: WalletTypeInfo = Depends(get_key_type)
 ):
+    if wallet is None or wallet.wallet is None:
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_FOUND, detail="Wallet does not exist."
+        )
    return EventSourceResponse(
        subscribe(request, wallet.wallet), ping=20, media_type="text/event-stream"
    )
--- a/lnbits/decorators.py
+++ b/lnbits/decorators.py
@ -138,34 +138,44 @@ async def get_key_type(
            detail="Invoice (or Admin) key required.",
        )

-    for typenr, WalletChecker in zip(
-        [0, 1], [WalletAdminKeyChecker, WalletInvoiceKeyChecker]
-    ):
-        try:
-            checker = WalletChecker(api_key=token)
-            await checker.__call__(r)
-            wallet = WalletTypeInfo(typenr, checker.wallet)  # type: ignore
-            if wallet is None or wallet.wallet is None:
-                raise HTTPException(
-                    status_code=HTTPStatus.NOT_FOUND, detail="Wallet does not exist."
-                )
-            if (
-                LNBITS_ADMIN_USERS and wallet.wallet.user not in LNBITS_ADMIN_USERS
-            ) and (LNBITS_ADMIN_EXTENSIONS and pathname in LNBITS_ADMIN_EXTENSIONS):
-                raise HTTPException(
-                    status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized."
-                )
-            return wallet
-        except HTTPException as e:
-            if e.status_code == HTTPStatus.BAD_REQUEST:
-                raise
-            if e.status_code == HTTPStatus.UNAUTHORIZED:
-                pass
-        except:
+    try:
+        admin_checker = WalletAdminKeyChecker(api_key=token)
+        await admin_checker.__call__(r)
+        wallet = WalletTypeInfo(0, admin_checker.wallet)  # type: ignore
+        if (LNBITS_ADMIN_USERS and wallet.wallet.user not in LNBITS_ADMIN_USERS) and (
+            LNBITS_ADMIN_EXTENSIONS and pathname in LNBITS_ADMIN_EXTENSIONS
+        ):
+            raise HTTPException(
+                status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized."
+            )
+        return wallet
+    except HTTPException as e:
+        if e.status_code == HTTPStatus.BAD_REQUEST:
            raise
-    raise HTTPException(
-        status_code=HTTPStatus.NOT_FOUND, detail="Wallet does not exist."
-    )
+        if e.status_code == HTTPStatus.UNAUTHORIZED:
+            pass
+    except:
+        raise
+
+    try:
+        invoice_checker = WalletInvoiceKeyChecker(api_key=token)
+        await invoice_checker.__call__(r)
+        wallet = WalletTypeInfo(1, invoice_checker.wallet)  # type: ignore
+        if (LNBITS_ADMIN_USERS and wallet.wallet.user not in LNBITS_ADMIN_USERS) and (
+            LNBITS_ADMIN_EXTENSIONS and pathname in LNBITS_ADMIN_EXTENSIONS
+        ):
+            raise HTTPException(
+                status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized."
+            )
+        return wallet
+    except HTTPException as e:
+        if e.status_code == HTTPStatus.BAD_REQUEST:
+            raise
+        if e.status_code == HTTPStatus.UNAUTHORIZED:
+            return WalletTypeInfo(2, None)  # type: ignore
+    except:
+        raise
+    return wallet


 async def require_admin_key(