Added wallet authentication to creat, get and delete tinyurls

2024-11-19 09:54:21 +01:00 · 2023-01-24 21:26:18 +00:00 · 2023-01-24 21:26:18 +00:00 · c0c4c86808
commit c0c4c86808
parent 7322d27aa3
4 changed files with 76 additions and 25 deletions
--- a/lnbits/core/crud.py
+++ b/lnbits/core/crud.py
@ -628,34 +628,38 @@ async def create_admin_settings(super_user: str, new_settings: dict):
 # -------


-async def create_tinyurl(domain: str, endless: bool, conn: Optional[Connection] = None):
+async def create_tinyurl(domain: str, endless: bool, wallet: str):
    tinyurl_id = shortuuid.uuid()[:8]
-    await (conn or db).execute(
-        f"INSERT INTO tiny_url (id, url, endless) VALUES (?, ?, ?)",
+    await db.execute(
+        f"INSERT INTO tiny_url (id, url, endless, wallet) VALUES (?, ?, ?, ?)",
        (
            tinyurl_id,
            domain,
            endless,
+            wallet,
        ),
    )
    return await get_tinyurl(tinyurl_id)


-async def get_tinyurl(
-    tinyurl_id: str, conn: Optional[Connection] = None
-) -> Optional[TinyURL]:
-    row = await (conn or db).fetchone(
+async def get_tinyurl(tinyurl_id: str) -> Optional[TinyURL]:
+    row = await db.fetchone(
        f"SELECT * FROM tiny_url WHERE id = ?",
        (tinyurl_id,),
    )
    return TinyURL.from_row(row) if row else None


-async def get_tinyurl_by_url(
-    url: str, conn: Optional[Connection] = None
-) -> Optional[TinyURL]:
-    row = await (conn or db).fetchone(
+async def get_tinyurl_by_url(url: str) -> List[TinyURL]:
+    rows = await db.fetchall(
        f"SELECT * FROM tiny_url WHERE url = ?",
        (url,),
    )
-    return TinyURL.from_row(row) if row else None
+    return [TinyURL.from_row(row) for row in rows]
+
+
+async def delete_tinyurl(tinyurl_id: str):
+    row = await db.execute(
+        f"DELETE FROM tiny_url WHERE id = ?",
+        (tinyurl_id,),
+    )
--- a/lnbits/core/migrations.py
+++ b/lnbits/core/migrations.py
@ -278,6 +278,7 @@ async def m009_create_tinyurl_table(db):
          id TEXT PRIMARY KEY,
          url TEXT,
          endless BOOL NOT NULL DEFAULT false,
+          wallet TEXT,
          time TIMESTAMP NOT NULL DEFAULT {db.timestamp_now}
        );
    """
--- a/lnbits/core/models.py
+++ b/lnbits/core/models.py
@ -219,6 +219,7 @@ class TinyURL(BaseModel):
    id: str
    url: str
    endless: bool
+    wallet: str
    time: float

    @classmethod
--- a/lnbits/core/views/api.py
+++ b/lnbits/core/views/api.py
@ -48,6 +48,7 @@ from lnbits.utils.exchange_rates import (
 from .. import core_app, db
 from ..crud import (
    create_tinyurl,
+    delete_tinyurl,
    get_payments,
    get_standalone_payment,
    get_tinyurl,
@ -715,23 +716,67 @@ async def websocket_update_get(item_id: str, data: str):


@core_app.post("/api/v1/tinyurl")
-async def api_create_tinyurl(url: str, endless: bool = False):
-    tinyurl = await get_tinyurl_by_url(url)
-    if tinyurl:
-        return tinyurl
-    return await create_tinyurl(url, endless)
+async def api_create_tinyurl(
+    url: str, endless: bool = False, wallet: WalletTypeInfo = Depends(get_key_type)
+):
+    tinyurls = await get_tinyurl_by_url(url)
+    try:
+        for tinyurl in tinyurls:
+            if tinyurl:
+                if tinyurl.wallet == wallet.wallet.inkey:
+                    return tinyurl
+        return await create_tinyurl(url, endless, wallet.wallet.inkey)
+    except:
+        raise HTTPException(
+            status_code=HTTPStatus.BAD_REQUEST, detail="Unable to create tinyurl"
+        )


@core_app.get("/api/v1/tinyurl/{tinyurl_id}")
-async def api_get_tinyurl(tinyurl_id: str):
-    return await get_tinyurl(tinyurl_id)
+async def api_get_tinyurl(
+    tinyurl_id: str, wallet: WalletTypeInfo = Depends(get_key_type)
+):
+    try:
+        tinyurl = await get_tinyurl(tinyurl_id)
+        if tinyurl.wallet == wallet.wallet.inkey:
+            return tinyurl
+        raise HTTPException(
+            status_code=HTTPStatus.FORBIDDEN, detail="Wrong key provided."
+        )
+    except:
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_FOUND, detail="Unable to fetch tinyurl"
+        )
+
+
+@core_app.delete("/api/v1/tinyurl/{tinyurl_id}")
+async def api_delete_tinyurl(
+    tinyurl_id: str, wallet: WalletTypeInfo = Depends(get_key_type)
+):
+    try:
+        tinyurl = await get_tinyurl(tinyurl_id)
+        if tinyurl.wallet == wallet.wallet.inkey:
+            await delete_tinyurl(tinyurl_id)
+            return {"deleted": True}
+        raise HTTPException(
+            status_code=HTTPStatus.FORBIDDEN, detail="Wrong key provided."
+        )
+    except:
+        raise HTTPException(
+            status_code=HTTPStatus.BAD_REQUEST, detail="Unable to delete"
+        )


@core_app.get("/t/{tinyurl_id}")
 async def api_tinyurl(tinyurl_id: str):
-    tinyurl = await get_tinyurl(tinyurl_id)
-    if tinyurl:
-        response = RedirectResponse(url=tinyurl.url)
-        return response
-    else:
-        return
+    try:
+        tinyurl = await get_tinyurl(tinyurl_id)
+        if tinyurl:
+            response = RedirectResponse(url=tinyurl.url)
+            return response
+        else:
+            return
+    except:
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_FOUND, detail="unable to find tinyurl"
+        )