Removed key for password that generates a key

2024-11-19 01:43:42 +01:00 · 2022-02-03 12:52:51 +00:00 · 2022-02-03 12:52:51 +00:00 · 8db19f33e3
commit 8db19f33e3
parent 8a43611232
2 changed files with 11 additions and 6 deletions
--- a/.env.example
+++ b/.env.example
@ -75,5 +75,5 @@ OPENNODE_API_ENDPOINT=https://api.opennode.com/
 OPENNODE_KEY=OPENNODE_ADMIN_KEY

 # FakeWallet
-FAKE_WALLET_KEY=E9873D79C6D87DC0FB6A5778633389F4453213303DA61F20BD67FC233AA33262
+FAKE_WALLET_SECRET="ToTheMoon1"
 LNBITS_DENOMINATION=sats
--- a/lnbits/wallets/fake.py
+++ b/lnbits/wallets/fake.py
@ -31,11 +31,12 @@ class FakeWallet(Wallet):
        memo: Optional[str] = None,
        description_hash: Optional[bytes] = None,
    ) -> InvoiceResponse:
+        secret = getenv("FAKE_WALLET_SECRET")
        data: Dict = {
            "out": False,
            "amount": amount,
            "currency": "bc",
-            "privkey": getenv("FAKE_WALLET_KEY"),
+            "privkey": hashlib.pbkdf2_hmac('sha256', secret.encode("utf-8"), ("FakeWallet").encode("utf-8"), 2048, 32).hex(),
            "memo": None,
            "description_hash": None,
            "description": "",
@ -52,9 +53,9 @@ class FakeWallet(Wallet):
            data["tags_set"] = ["d"]
            data["memo"] = memo
            data["description"] = memo
-        randomHash = hashlib.sha256(
+        randomHash = data["privkey"][:6] + hashlib.sha256(
            str(random.getrandbits(256)).encode("utf-8")
-        ).hexdigest()
+        ).hexdigest()[6:]
        data["paymenthash"] = randomHash
        payment_request = encode(data)
        checking_id = randomHash
@ -63,7 +64,11 @@ class FakeWallet(Wallet):

    async def pay_invoice(self, bolt11: str) -> PaymentResponse:
        invoice = decode(bolt11)        
-        return PaymentResponse(True, invoice.payment_hash, 0)
+        if hasattr(invoice, 'checking_id') and invoice.checking_id[6:] == data["privkey"][:6]:
+            return PaymentResponse(True, invoice.payment_hash, 0)
+        else:
+            return PaymentResponse(ok = False, error_message="Only internal invoices can be used!")
+

    async def get_invoice_status(self, checking_id: str) -> PaymentStatus:
        return PaymentStatus(False)