refactor(paywall): remove unnecessary hashing paranoia

2025-02-21 22:11:59 +01:00 · 2020-04-25 23:55:07 +02:00 · 2020-04-25 23:55:07 +02:00 · 4b4a297c3f
commit 4b4a297c3f
parent 5d128523c7
5 changed files with 11 additions and 64 deletions
--- a/lnbits/extensions/paywall/init.py
+++ b/lnbits/extensions/paywall/init.py
@ -1,7 +1,7 @@
 from flask import Blueprint


-paywall_ext = Blueprint("paywall", __name__, static_folder="static", template_folder="templates")
+paywall_ext: Blueprint = Blueprint("paywall", __name__, static_folder="static", template_folder="templates")


 from .views_api import *  # noqa
--- a/lnbits/extensions/paywall/models.py
+++ b/lnbits/extensions/paywall/models.py
@ -1,4 +1,3 @@
-from hashlib import sha256
 from typing import NamedTuple


@ -10,6 +9,3 @@ class Paywall(NamedTuple):
    memo: str
    amount: int
    time: int
-
-    def key_for(self, fingerprint: str) -> str:
-        return sha256(f"{self.secret}{fingerprint}".encode("utf-8")).hexdigest()
--- a/lnbits/extensions/paywall/static/vendor/fingerprintjs2@2.1.0/fingerprint2.min.js
+++ b/lnbits/extensions/paywall/static/vendor/fingerprintjs2@2.1.0/fingerprint2.min.js
--- a/lnbits/extensions/paywall/templates/paywall/display.html
+++ b/lnbits/extensions/paywall/templates/paywall/display.html
@ -40,7 +40,6 @@
 {% endblock %}

 {% block scripts %}
-  <script src="{{ url_for('paywall.static', filename='vendor/fingerprintjs2@2.1.0/fingerprint2.min.js') }}"></script>
  <script src="{{ url_for('static', filename='vendor/vue-qrcode@1.0.2/vue-qrcode.min.js') }}"></script>
  <script>
    Vue.component(VueQrcode.name, VueQrcode);
@ -51,10 +50,6 @@
      data: function () {
        return {
          paymentReq: null,
-          fingerprint: {
-            hash: null,
-            isValid: false
-          },
          redirectUrl: null
        };
      },
@ -75,13 +70,13 @@
            paymentChecker = setInterval(function () {
              axios.post(
                '/paywall/api/v1/paywalls/{{ paywall.id }}/check_invoice',
-                {checking_id: response.data.checking_id, fingerprint: self.fingerprint.hash}
+                {checking_id: response.data.checking_id}
              ).then(function (res) {
                if (res.data.paid) {
                  clearInterval(paymentChecker);
                  dismissMsg();
                  self.redirectUrl = res.data.url;
-                  self.$q.localStorage.set('lnbits.paywall.{{ paywall.id }}', res.data.key);
+                  self.$q.localStorage.set('lnbits.paywall.{{ paywall.id }}', res.data.url);

                  self.$q.notify({
                    type: 'positive',
@ -99,29 +94,13 @@
        }
      },
      created: function () {
-        var self = this;
+        var url = this.$q.localStorage.getItem('lnbits.paywall.{{ paywall.id }}');

-        Fingerprint2.get(function (components) {
-          self.fingerprint.hash = Fingerprint2.x64hash128(JSON.stringify(components));
-
-          var key = self.$q.localStorage.getItem('lnbits.paywall.{{ paywall.id }}');
-
-          if (key) {
-            axios.post(
-              '/paywall/api/v1/paywalls/{{ paywall.id }}/check_access',
-              {key: key, fingerprint: self.fingerprint.hash}
-            ).then(function (response) {
-              if (response.data.valid) {
-                self.fingerprint.isValid = true;
-                self.redirectUrl = response.data.url;
-              } else {
-                self.getInvoice();
-              }
-            });
-          } else {
-            self.getInvoice();
-          };
-        });
+        if (url) {
+          this.redirectUrl = url;
+        } else {
+          this.getInvoice();
+        };
      }
    });
  </script>
--- a/lnbits/extensions/paywall/views_api.py
+++ b/lnbits/extensions/paywall/views_api.py
@ -67,12 +67,7 @@ def api_paywall_get_invoice(paywall_id):


@paywall_ext.route("/api/v1/paywalls/<paywall_id>/check_invoice", methods=["POST"])
-@api_validate_post_request(
-    schema={
-        "checking_id": {"type": "string", "empty": False, "required": True},
-        "fingerprint": {"type": "string", "empty": False, "required": True},
-    }
-)
+@api_validate_post_request(schema={"checking_id": {"type": "string", "empty": False, "required": True}})
 def api_paywal_check_invoice(paywall_id):
    paywall = get_paywall(paywall_id)

@ -89,25 +84,6 @@ def api_paywal_check_invoice(paywall_id):
        payment = wallet.get_payment(g.data["checking_id"])
        payment.set_pending(False)

-        return jsonify({"paid": True, "key": paywall.key_for(g.data["fingerprint"]), "url": paywall.url}), Status.OK
+        return jsonify({"paid": True, "url": paywall.url}), Status.OK

    return jsonify({"paid": False}), Status.OK
-
-
-@paywall_ext.route("/api/v1/paywalls/<paywall_id>/check_access", methods=["POST"])
-@api_validate_post_request(
-    schema={
-        "key": {"type": "string", "empty": False, "required": True},
-        "fingerprint": {"type": "string", "empty": False, "required": True},
-    }
-)
-def api_fingerprint_check(paywall_id):
-    paywall = get_paywall(paywall_id)
-
-    if not paywall:
-        return jsonify({"message": "Paywall does not exist."}), Status.NOT_FOUND
-
-    if paywall.key_for(g.data["fingerprint"]) != g.data["key"]:
-        return jsonify({"valid": False}), Status.OK
-
-    return jsonify({"valid": True, "url": paywall.url}), Status.OK