mirrors/lnbits-legend
1
0
Fork 0
mirror of https://github.com/lnbits/lnbits-legend.git synced 2025-02-24 14:51:05 +01:00
Code Issues Projects Releases Packages Wiki Activity
lnbits-legend/lnbits/core/helpers.py

122 lines
4.3 KiB
Python
Raw Normal View History

chore: migrate after major changes on main
2022-12-22 16:30:37 +02:00
import importlib
import re
[FEAT] Auth, Login, OAuth, create account with username and password #1653 (#2092) no more superuser url! delete cookie on logout add usr login feature fix node management * Cleaned up login form * CreateUser * information leak * cleaner parsing usr from url * rename decorators * login secret * fix: add back `superuser` command * chore: remove `fastapi_login` * fix: extract `token` from cookie * chore: prepare to extract user * feat: check user * chore: code clean-up * feat: happy flow working * fix: usr only login * fix: user already logged in * feat: check user in URL * fix: verify password at DB level * fix: do not show `Login` controls if user already logged in * fix: separate login endpoints * fix: remove `usr` param * chore: update error message * refactor: register method * feat: logout * chore: move comments * fix: remove user auth check from API * fix: user check unnecessary * fix: redirect after logout * chore: remove garbage files * refactor: simplify constructor call * fix: hide user icon if not authorized * refactor: rename auth env vars * chore: code clean-up * fix: add types for `python-jose` * fix: add types for `passlib` * fix: return type * feat: set default value for `auth_secret_key` to hash of super user * fix: default value * feat: rework login page * feat: ui polishing * feat: google auth * feat: add google auth * chore: remove `authlib` dependency * refactor: extract `_handle_sso_login` method * refactor: convert methods to `properties` * refactor: rename: `user_api` to `auth_api` * feat: store user info from SSO * chore: re-arange the buttons * feat: conditional rendering of login options * feat: correctly render buttons * fix: re-add `Claim Bitcoin` from the main page * fix: create wallet must send new user * fix: no `username-password` auth method * refactor: rename auth method * fix: do not force API level UUID4 validation * feat: add validation for username * feat: add account page * feat: update account * feat: add `has_password` for user * fix: email not editable * feat: validate email for existing account * fix: register check * feat: reset password * chore: code clean-up * feat: handle token expired * fix: only redirect if `text/html` * refactor: remove `OAuth2PasswordRequestForm` * chore: remove `python-multipart` dependency * fix: handle no headers for exception * feat: add back button on error screen * feat: show user profile image * fix: check account creation permissions * fix: auth for internal api call * chore: add some docs * chore: code clean-up * fix: rebase stuff * fix: default value types * refactor: customize error messages * fix: move types libs to dev dependencies * doc: specify the `Authorization callback URL` * fix: pass missing superuser id in node ui test * fix: keep usr param on wallet redirect removing usr param causes an issue if the browser doesnt yet have an access token. * fix: do not redirect if `wal` query param not present * fix: add nativeBuildInputs and buildInputs overrides to flake.nix * bump fastapi-sso to 0.9.0 which fixes some security issues * refactor: move the `lnbits_admin_extensions` to decorators * chore: bring package config from `dev` * chore: re-add dependencies * chore: re-add cev dependencies * chore: re-add mypy ignores * feat: i18n * refactor: move admin ext check to decorator (fix after rebase) * fix: label mapping * fix: re-fetch user after first wallet was created * fix: unlikely case that `user` is not found * refactor translations (move '*' to code) * reorganize deps in pyproject.toml, add comment * update flake.lock and simplify flake.nix after upstreaming overrides for fastapi-sso, types-passlib, types-pyasn1, types-python-jose were upstreamed in https://github.com/nix-community/poetry2nix/pull/1463 * fix: more relaxed email verification (by @prusnak) * fix: remove `\b` (boundaries) since we re using `fullmatch` * chore: `make bundle` --------- Co-authored-by: dni ⚡ <office@dnilabs.com> Co-authored-by: Arc <ben@arc.wales> Co-authored-by: jackstar12 <jkranawetter05@gmail.com> Co-authored-by: Pavol Rusnak <pavol@rusnak.io>
2023-12-12 12:38:19 +02:00
from typing import Any, Optional
Create super user account if it does not exist (#1688) * fix: temp create account for `super_user_id` if missing * chore: remove dumb import * refactor: move logic outside `crud` * feat: add uuid4 conversion * fix: require valid string in .env file * fix: update the `settings.super_user` value in case or normalisation for UUID4 * fix: allow long super_user * chore: code format * fix: add UI redirect with the normalized user * fix: normalize `super_user` up one level * fix: should normalize user in non-ui mode also
2023-05-09 11:22:19 +03:00
from uuid import UUID
chore: migrate after major changes on main
2022-12-22 16:30:37 +02:00
feat: stop extension background work on `uninstall` or `upgrade`
2023-02-15 15:34:09 +02:00
import httpx
chore: migrate after major changes on main
2022-12-22 16:30:37 +02:00
from loguru import logger
[REFACTOR] core/__init__ to not have circular import issues (#1876) * F541 fix remove unused workflow and combine linters into one add lnbits/static to ruff ignore remote setupnode ignore upgrades for mypy ignore F401 for __init__ files unused noqa ignore upgrades for black F821: undefine name disabled and logged webhook_listener for opennode and lnpay because they are obvisouly not working E402: module level import not at top of file fixup revert breaking changes wait for PR #1876 https://github.com/lnbits/lnbits/pull/1876 E721 fixes, only popped up for python3.9 not 3.10 [REFACTOR] core/__init__ to not have circular import issues WIP add db for backwards compat fix pyright make mypy happy again pyright did not catch those, i think mypy got confused with relative imports. maybe we should use absolute ones everywhere E402: module level import not at top of file dont forget to add core_app rebase on ruff pr f remo format * fix clnrest * ignore E402 in conftest * refactoring issues --------- Co-authored-by: jacksn <jkranawetter05@gmail.com>
2023-09-12 12:25:05 +02:00
from lnbits.core.db import db as core_db
chore: add types to method params
2023-01-20 17:08:44 +02:00
from lnbits.db import Connection
fix: import after renaming
2023-01-20 10:06:32 +02:00
from lnbits.extension_manager import Extension
fix: extension `DELETE` call
2023-02-15 17:25:58 +02:00
from lnbits.settings import settings
refactor: move more logic to `InstallableExtension`
2023-01-11 10:57:19 +02:00
chore: migrate after major changes on main
2022-12-22 16:30:37 +02:00
from .crud import update_migration_version
refactor: move more logic to `InstallableExtension`
2023-01-11 10:57:19 +02:00
async def migrate_extension_database(ext: Extension, current_version):
chore: migrate after major changes on main
2022-12-22 16:30:37 +02:00
try:
fix: migration module name
2022-11-30 10:56:23 +02:00
ext_migrations = importlib.import_module(f"{ext.module_name}.migrations")
ext_db = importlib.import_module(ext.module_name).db
feat: adhere to ruff's `B` rules (#2423) * feat: adhere to ruff's `B` rules last of the ruff checks. closes #2308 * B904 * B008 * B005 * B025 * cleanup on fake
2024-04-17 13:11:51 +02:00
except ImportError as exc:
logger.error(exc)
chore: migrate after major changes on main
2022-12-22 16:30:37 +02:00
raise ImportError(
f"Please make sure that the extension `{ext.code}` has a migrations file."
feat: adhere to ruff's `B` rules (#2423) * feat: adhere to ruff's `B` rules last of the ruff checks. closes #2308 * B904 * B008 * B005 * B025 * cleanup on fake
2024-04-17 13:11:51 +02:00
) from exc
chore: migrate after major changes on main
2022-12-22 16:30:37 +02:00
async with ext_db.connect() as ext_conn:
fix: explicitly specify the DB name when migrating (#2039)
2023-10-17 11:56:38 +03:00
await run_migration(ext_conn, ext_migrations, ext.code, current_version)
chore: migrate after major changes on main
2022-12-22 16:30:37 +02:00
fix: explicitly specify the DB name when migrating (#2039)
2023-10-17 11:56:38 +03:00
async def run_migration(
db: Connection, migrations_module: Any, db_name: str, current_version: int
):
chore: migrate after major changes on main
2022-12-22 16:30:37 +02:00
matcher = re.compile(r"^m(\d\d\d)_")
for key, migrate in migrations_module.__dict__.items():
fix: double assignment
2023-01-20 16:11:51 +02:00
match = matcher.match(key)
chore: migrate after major changes on main
2022-12-22 16:30:37 +02:00
if match:
version = int(match.group(1))
if version > current_version:
logger.debug(f"running migration {db_name}.{version}")
print(f"running migration {db_name}.{version}")
await migrate(db)
fix flake8 E711 (comparison-to-none)
2023-01-21 15:08:59 +00:00
if db.schema is None:
chore: migrate after major changes on main
2022-12-22 16:30:37 +02:00
await update_migration_version(db, db_name, version)
else:
async with core_db.connect() as conn:
await update_migration_version(conn, db_name, version)
feat: stop extension background work on `uninstall` or `upgrade`
2023-02-15 15:34:09 +02:00
[FEAT] Auth, Login, OAuth, create account with username and password #1653 (#2092) no more superuser url! delete cookie on logout add usr login feature fix node management * Cleaned up login form * CreateUser * information leak * cleaner parsing usr from url * rename decorators * login secret * fix: add back `superuser` command * chore: remove `fastapi_login` * fix: extract `token` from cookie * chore: prepare to extract user * feat: check user * chore: code clean-up * feat: happy flow working * fix: usr only login * fix: user already logged in * feat: check user in URL * fix: verify password at DB level * fix: do not show `Login` controls if user already logged in * fix: separate login endpoints * fix: remove `usr` param * chore: update error message * refactor: register method * feat: logout * chore: move comments * fix: remove user auth check from API * fix: user check unnecessary * fix: redirect after logout * chore: remove garbage files * refactor: simplify constructor call * fix: hide user icon if not authorized * refactor: rename auth env vars * chore: code clean-up * fix: add types for `python-jose` * fix: add types for `passlib` * fix: return type * feat: set default value for `auth_secret_key` to hash of super user * fix: default value * feat: rework login page * feat: ui polishing * feat: google auth * feat: add google auth * chore: remove `authlib` dependency * refactor: extract `_handle_sso_login` method * refactor: convert methods to `properties` * refactor: rename: `user_api` to `auth_api` * feat: store user info from SSO * chore: re-arange the buttons * feat: conditional rendering of login options * feat: correctly render buttons * fix: re-add `Claim Bitcoin` from the main page * fix: create wallet must send new user * fix: no `username-password` auth method * refactor: rename auth method * fix: do not force API level UUID4 validation * feat: add validation for username * feat: add account page * feat: update account * feat: add `has_password` for user * fix: email not editable * feat: validate email for existing account * fix: register check * feat: reset password * chore: code clean-up * feat: handle token expired * fix: only redirect if `text/html` * refactor: remove `OAuth2PasswordRequestForm` * chore: remove `python-multipart` dependency * fix: handle no headers for exception * feat: add back button on error screen * feat: show user profile image * fix: check account creation permissions * fix: auth for internal api call * chore: add some docs * chore: code clean-up * fix: rebase stuff * fix: default value types * refactor: customize error messages * fix: move types libs to dev dependencies * doc: specify the `Authorization callback URL` * fix: pass missing superuser id in node ui test * fix: keep usr param on wallet redirect removing usr param causes an issue if the browser doesnt yet have an access token. * fix: do not redirect if `wal` query param not present * fix: add nativeBuildInputs and buildInputs overrides to flake.nix * bump fastapi-sso to 0.9.0 which fixes some security issues * refactor: move the `lnbits_admin_extensions` to decorators * chore: bring package config from `dev` * chore: re-add dependencies * chore: re-add cev dependencies * chore: re-add mypy ignores * feat: i18n * refactor: move admin ext check to decorator (fix after rebase) * fix: label mapping * fix: re-fetch user after first wallet was created * fix: unlikely case that `user` is not found * refactor translations (move '*' to code) * reorganize deps in pyproject.toml, add comment * update flake.lock and simplify flake.nix after upstreaming overrides for fastapi-sso, types-passlib, types-pyasn1, types-python-jose were upstreamed in https://github.com/nix-community/poetry2nix/pull/1463 * fix: more relaxed email verification (by @prusnak) * fix: remove `\b` (boundaries) since we re using `fullmatch` * chore: `make bundle` --------- Co-authored-by: dni ⚡ <office@dnilabs.com> Co-authored-by: Arc <ben@arc.wales> Co-authored-by: jackstar12 <jkranawetter05@gmail.com> Co-authored-by: Pavol Rusnak <pavol@rusnak.io>
2023-12-12 12:38:19 +02:00
async def stop_extension_background_work(
ext_id: str, user: str, access_token: Optional[str] = None
):
fix: extension `DELETE` call
2023-02-15 17:25:58 +02:00
"""
chore: fix typos
2023-02-15 17:32:49 +02:00
Stop background work for extension (like asyncio.Tasks, WebSockets, etc).
fix: extension stop background work (#2281) * feat: add helper methods * fix: do not try to stop background work on first install * fix: first stop via function call then try REST API * fix: `make check` * fix: prepare for `{ext_id}_stop`
2024-02-21 12:08:37 +02:00
Extensions SHOULD expose a `api_stop()` function and/or a DELETE enpoint
at the root level of their API.
fix: extension `DELETE` call
2023-02-15 17:25:58 +02:00
"""
fix: extension stop background work (#2281) * feat: add helper methods * fix: do not try to stop background work on first install * fix: first stop via function call then try REST API * fix: `make check` * fix: prepare for `{ext_id}_stop`
2024-02-21 12:08:37 +02:00
stopped = await _stop_extension_background_work(ext_id)
if not stopped:
# fallback to REST API call
await _stop_extension_background_work_via_api(ext_id, user, access_token)
async def _stop_extension_background_work(ext_id) -> bool:
upgrade_hash = settings.extension_upgrade_hash(ext_id) or ""
ext = Extension(ext_id, True, False, upgrade_hash=upgrade_hash)
try:
logger.info(f"Stopping background work for extension '{ext.module_name}'.")
old_module = importlib.import_module(ext.module_name)
# Extensions must expose an `{ext_id}_stop()` function at the module level
# The `api_stop()` function is for backwards compatibility (will be deprecated)
stop_fns = [f"{ext_id}_stop", "api_stop"]
stop_fn_name = next((fn for fn in stop_fns if hasattr(old_module, fn)), None)
assert stop_fn_name, "No stop function found for '{ext.module_name}'"
[feat] Pay to enable extension (#2516) * feat: add payment tab * feat: add buttons * feat: persist `pay to enable` changes * fix: do not disable extension on upgrade * fix: show releases tab first * feat: extract `enableExtension` logic * refactor: rename routes * feat: show dialog for paying extension * feat: create invoice to enable * refactor: extract enable/disable extension logic * feat: add extra info to UserExtensions * feat: check payment for extension enable * fix: parsing * feat: admins must not pay * fix: code checks * fix: test * refactor: extract extension activate/deactivate to the `api` side * feat: add `get_user_extensions ` * feat: return explicit `requiresPayment` * feat: add `isPaymentRequired` to extension list * fix: `paid_to_enable` status * fix: ui layout * feat: show QR Code * feat: wait for invoice to be paid * test: removed deprecated test and dead code * feat: add re-check button * refactor: rename paths for endpoints * feat: i18n * feat: add `{"success": True}` * test: fix listener * fix: rebase errors * chore: update bundle * fix: return error status code for the HTML error pages * fix: active extension loading from file system * chore: temp commit * fix: premature optimisation * chore: make check * refactor: remove extracted logic * chore: code format * fix: enable by default after install * fix: use `discard` instead of `remove` for `set` * chore: code format * fix: better error code * fix: check for stop function before invoking * feat: check if the wallet belongs to the admin user * refactor: return 402 Requires Payment * chore: more typing * chore: temp checkout different branch for tests * fix: too much typing * fix: remove try-except * fix: typo * fix: manual format * fix: merge issue * remove this line --------- Co-authored-by: dni ⚡ <office@dnilabs.com>
2024-05-28 14:07:33 +03:00
stop_fn = getattr(old_module, stop_fn_name)
if stop_fn:
await stop_fn()
fix: extension stop background work (#2281) * feat: add helper methods * fix: do not try to stop background work on first install * fix: first stop via function call then try REST API * fix: `make check` * fix: prepare for `{ext_id}_stop`
2024-02-21 12:08:37 +02:00
logger.info(f"Stopped background work for extension '{ext.module_name}'.")
except Exception as ex:
logger.warning(f"Failed to stop background work for '{ext.module_name}'.")
logger.warning(ex)
return False
return True
async def _stop_extension_background_work_via_api(ext_id, user, access_token):
logger.info(
f"Stopping background work for extension '{ext_id}' using the REST API."
)
feat: stop extension background work on `uninstall` or `upgrade`
2023-02-15 15:34:09 +02:00
async with httpx.AsyncClient() as client:
try:
fix: extension `DELETE` call
2023-02-15 17:25:58 +02:00
url = f"http://{settings.host}:{settings.port}/{ext_id}/api/v1?usr={user}"
[FEAT] Auth, Login, OAuth, create account with username and password #1653 (#2092) no more superuser url! delete cookie on logout add usr login feature fix node management * Cleaned up login form * CreateUser * information leak * cleaner parsing usr from url * rename decorators * login secret * fix: add back `superuser` command * chore: remove `fastapi_login` * fix: extract `token` from cookie * chore: prepare to extract user * feat: check user * chore: code clean-up * feat: happy flow working * fix: usr only login * fix: user already logged in * feat: check user in URL * fix: verify password at DB level * fix: do not show `Login` controls if user already logged in * fix: separate login endpoints * fix: remove `usr` param * chore: update error message * refactor: register method * feat: logout * chore: move comments * fix: remove user auth check from API * fix: user check unnecessary * fix: redirect after logout * chore: remove garbage files * refactor: simplify constructor call * fix: hide user icon if not authorized * refactor: rename auth env vars * chore: code clean-up * fix: add types for `python-jose` * fix: add types for `passlib` * fix: return type * feat: set default value for `auth_secret_key` to hash of super user * fix: default value * feat: rework login page * feat: ui polishing * feat: google auth * feat: add google auth * chore: remove `authlib` dependency * refactor: extract `_handle_sso_login` method * refactor: convert methods to `properties` * refactor: rename: `user_api` to `auth_api` * feat: store user info from SSO * chore: re-arange the buttons * feat: conditional rendering of login options * feat: correctly render buttons * fix: re-add `Claim Bitcoin` from the main page * fix: create wallet must send new user * fix: no `username-password` auth method * refactor: rename auth method * fix: do not force API level UUID4 validation * feat: add validation for username * feat: add account page * feat: update account * feat: add `has_password` for user * fix: email not editable * feat: validate email for existing account * fix: register check * feat: reset password * chore: code clean-up * feat: handle token expired * fix: only redirect if `text/html` * refactor: remove `OAuth2PasswordRequestForm` * chore: remove `python-multipart` dependency * fix: handle no headers for exception * feat: add back button on error screen * feat: show user profile image * fix: check account creation permissions * fix: auth for internal api call * chore: add some docs * chore: code clean-up * fix: rebase stuff * fix: default value types * refactor: customize error messages * fix: move types libs to dev dependencies * doc: specify the `Authorization callback URL` * fix: pass missing superuser id in node ui test * fix: keep usr param on wallet redirect removing usr param causes an issue if the browser doesnt yet have an access token. * fix: do not redirect if `wal` query param not present * fix: add nativeBuildInputs and buildInputs overrides to flake.nix * bump fastapi-sso to 0.9.0 which fixes some security issues * refactor: move the `lnbits_admin_extensions` to decorators * chore: bring package config from `dev` * chore: re-add dependencies * chore: re-add cev dependencies * chore: re-add mypy ignores * feat: i18n * refactor: move admin ext check to decorator (fix after rebase) * fix: label mapping * fix: re-fetch user after first wallet was created * fix: unlikely case that `user` is not found * refactor translations (move '*' to code) * reorganize deps in pyproject.toml, add comment * update flake.lock and simplify flake.nix after upstreaming overrides for fastapi-sso, types-passlib, types-pyasn1, types-python-jose were upstreamed in https://github.com/nix-community/poetry2nix/pull/1463 * fix: more relaxed email verification (by @prusnak) * fix: remove `\b` (boundaries) since we re using `fullmatch` * chore: `make bundle` --------- Co-authored-by: dni ⚡ <office@dnilabs.com> Co-authored-by: Arc <ben@arc.wales> Co-authored-by: jackstar12 <jkranawetter05@gmail.com> Co-authored-by: Pavol Rusnak <pavol@rusnak.io>
2023-12-12 12:38:19 +02:00
headers = (
{"Authorization": "Bearer " + access_token} if access_token else None
)
resp = await client.delete(url=url, headers=headers)
resp.raise_for_status()
fix: extension stop background work (#2281) * feat: add helper methods * fix: do not try to stop background work on first install * fix: first stop via function call then try REST API * fix: `make check` * fix: prepare for `{ext_id}_stop`
2024-02-21 12:08:37 +02:00
logger.info(f"Stopped background work for extension '{ext_id}'.")
feat: stop extension background work on `uninstall` or `upgrade`
2023-02-15 15:34:09 +02:00
except Exception as ex:
fix: extension stop background work (#2281) * feat: add helper methods * fix: do not try to stop background work on first install * fix: first stop via function call then try REST API * fix: `make check` * fix: prepare for `{ext_id}_stop`
2024-02-21 12:08:37 +02:00
logger.warning(
f"Failed to stop background work for '{ext_id}' using the REST API."
)
feat: stop extension background work on `uninstall` or `upgrade`
2023-02-15 15:34:09 +02:00
logger.warning(ex)
Create super user account if it does not exist (#1688) * fix: temp create account for `super_user_id` if missing * chore: remove dumb import * refactor: move logic outside `crud` * feat: add uuid4 conversion * fix: require valid string in .env file * fix: update the `settings.super_user` value in case or normalisation for UUID4 * fix: allow long super_user * chore: code format * fix: add UI redirect with the normalized user * fix: normalize `super_user` up one level * fix: should normalize user in non-ui mode also
2023-05-09 11:22:19 +03:00
def to_valid_user_id(user_id: str) -> UUID:
if len(user_id) < 32:
raise ValueError("User ID must have at least 128 bits")
try:
int(user_id, 16)
feat: adhere to ruff's `B` rules (#2423) * feat: adhere to ruff's `B` rules last of the ruff checks. closes #2308 * B904 * B008 * B005 * B025 * cleanup on fake
2024-04-17 13:11:51 +02:00
except Exception as exc:
raise ValueError("Invalid hex string for User ID.") from exc
Create super user account if it does not exist (#1688) * fix: temp create account for `super_user_id` if missing * chore: remove dumb import * refactor: move logic outside `crud` * feat: add uuid4 conversion * fix: require valid string in .env file * fix: update the `settings.super_user` value in case or normalisation for UUID4 * fix: allow long super_user * chore: code format * fix: add UI redirect with the normalized user * fix: normalize `super_user` up one level * fix: should normalize user in non-ui mode also
2023-05-09 11:22:19 +03:00
return UUID(hex=user_id[:32], version=4)
Reference in a new issue Copy permalink