feat: allow limiting the use of LNbits to some user uuids

The `LNBITS_ALLOWED_USERS` env var can be used to limit access to the application to some uuids only. "all" gives open access. UUIDs should be comma separated.
2020-05-09 22:30:33 +02:00 · 2020-05-09 22:30:33 +02:00 · 8add56a24c
commit 8add56a24c
parent e768e4b075
3 changed files with 13 additions and 2 deletions
--- a/.env.example
+++ b/.env.example
@ -2,6 +2,7 @@ FLASK_APP=lnbits
 FLASK_ENV=development

 LNBITS_SITE_TITLE=LNbits
+LNBITS_ALLOWED_USERS="all"
 LNBITS_DEFAULT_WALLET_NAME="LNbits wallet"
 LNBITS_DATA_FOLDER="/your_custom_data_folder"
 LNBITS_DISABLED_EXTENSIONS="amilk,events"
--- a/lnbits/core/views/generic.py
+++ b/lnbits/core/views/generic.py
@ -1,6 +1,6 @@
 from flask import g, abort, redirect, request, render_template, send_from_directory, url_for
 from http import HTTPStatus
-from os import path
+from os import getenv, path

 from lnbits.core import core_app
 from lnbits.decorators import check_user_exists, validate_uuids
@ -61,6 +61,10 @@ def wallet():
        user = get_user(create_account().id)
    else:
        user = get_user(user_id) or abort(HTTPStatus.NOT_FOUND, "User does not exist.")
+        allowed_users = getenv("LNBITS_ALLOWED_USERS", "all")
+
+        if allowed_users != "all" and user_id not in allowed_users.split(","):
+            abort(HTTPStatus.UNAUTHORIZED, f"User not authorized.")

    if not wallet_id:
        if user.wallets and not wallet_name:
--- a/lnbits/decorators.py
+++ b/lnbits/decorators.py
@ -2,6 +2,7 @@ from cerberus import Validator  # type: ignore
 from flask import g, abort, jsonify, request
 from functools import wraps
 from http import HTTPStatus
+from os import getenv
 from typing import List, Union
 from uuid import UUID

@ -51,7 +52,12 @@ def check_user_exists(param: str = "usr"):
    def wrap(view):
        @wraps(view)
        def wrapped_view(**kwargs):
-            g.user = get_user(request.args.get(param, type=str)) or abort(HTTPStatus.NOT_FOUND, "User not found.")
+            g.user = get_user(request.args.get(param, type=str)) or abort(HTTPStatus.NOT_FOUND, "User  does not exist.")
+            allowed_users = getenv("LNBITS_ALLOWED_USERS", "all")
+
+            if allowed_users != "all" and g.user.id not in allowed_users.split(","):
+                abort(HTTPStatus.UNAUTHORIZED, f"User not authorized.")
+
            return view(**kwargs)

        return wrapped_view