* Login form loading
* add first install middleware and settings
* updates
* Login form loading
* add first install middleware and settings
* updates
* only set first install when superuser is created
* refactor first install
* only show if first install
* cleanup
* set password
* update calls
* login superuser on first install
* fix
* fixup!
* fixup!
* fixup!
* fixup!
* fixup!
* last fixup!
* fix mypy and prettier CI errors
* disable first install
* add random super user
* set first install after startup
* remove user id from form
* Update lnbits/core/views/auth_api.py
Co-authored-by: Vlad Stan <stan.v.vlad@gmail.com>
* Update lnbits/core/views/auth_api.py
Co-authored-by: Vlad Stan <stan.v.vlad@gmail.com>
* Update lnbits/middleware.py
Co-authored-by: dni ⚡ <office@dnilabs.com>
* addressing Vlad's comments
* remove super user
* move to transient settings
* fix: show `first_install` page even after a server restart
* fix: do not add `user_id` in the auth token
* fix: `make check` errors
* fix: `username` is not optional for `UpdateSuperuserPassword`
* feat: nicer error message
---------
Co-authored-by: dni ⚡ <office@dnilabs.com>
Co-authored-by: Tiago Vasconcelos <talvasconcelos@gmail.com>
Co-authored-by: Vlad Stan <stan.v.vlad@gmail.com>
* feat: allow all extension deactivation
* doc: updated comment
* fix: make sure `register_routes` executes after installed extensions are checked
* chore: code format
* fix: do not run migration on deactivated extensions
* fix: make sure the deactivated extension list is loaded in time
* feat: register extension routes if extension never loaded before
* fix: move `load_disabled_extension_list`
* doc: disable by default
* feat: set `samesite="none", secure=True` for `is_lnbits_user_authorized` (required in iframe)
* feat: add icons for User ID actions
* feat: set `samesite="none", secure=True
no more superuser url!
delete cookie on logout
add usr login feature
fix node management
* Cleaned up login form
* CreateUser
* information leak
* cleaner parsing usr from url
* rename decorators
* login secret
* fix: add back `superuser` command
* chore: remove `fastapi_login`
* fix: extract `token` from cookie
* chore: prepare to extract user
* feat: check user
* chore: code clean-up
* feat: happy flow working
* fix: usr only login
* fix: user already logged in
* feat: check user in URL
* fix: verify password at DB level
* fix: do not show `Login` controls if user already logged in
* fix: separate login endpoints
* fix: remove `usr` param
* chore: update error message
* refactor: register method
* feat: logout
* chore: move comments
* fix: remove user auth check from API
* fix: user check unnecessary
* fix: redirect after logout
* chore: remove garbage files
* refactor: simplify constructor call
* fix: hide user icon if not authorized
* refactor: rename auth env vars
* chore: code clean-up
* fix: add types for `python-jose`
* fix: add types for `passlib`
* fix: return type
* feat: set default value for `auth_secret_key` to hash of super user
* fix: default value
* feat: rework login page
* feat: ui polishing
* feat: google auth
* feat: add google auth
* chore: remove `authlib` dependency
* refactor: extract `_handle_sso_login` method
* refactor: convert methods to `properties`
* refactor: rename: `user_api` to `auth_api`
* feat: store user info from SSO
* chore: re-arange the buttons
* feat: conditional rendering of login options
* feat: correctly render buttons
* fix: re-add `Claim Bitcoin` from the main page
* fix: create wallet must send new user
* fix: no `username-password` auth method
* refactor: rename auth method
* fix: do not force API level UUID4 validation
* feat: add validation for username
* feat: add account page
* feat: update account
* feat: add `has_password` for user
* fix: email not editable
* feat: validate email for existing account
* fix: register check
* feat: reset password
* chore: code clean-up
* feat: handle token expired
* fix: only redirect if `text/html`
* refactor: remove `OAuth2PasswordRequestForm`
* chore: remove `python-multipart` dependency
* fix: handle no headers for exception
* feat: add back button on error screen
* feat: show user profile image
* fix: check account creation permissions
* fix: auth for internal api call
* chore: add some docs
* chore: code clean-up
* fix: rebase stuff
* fix: default value types
* refactor: customize error messages
* fix: move types libs to dev dependencies
* doc: specify the `Authorization callback URL`
* fix: pass missing superuser id in node ui test
* fix: keep usr param on wallet redirect
removing usr param causes an issue if the browser doesnt yet have an access token.
* fix: do not redirect if `wal` query param not present
* fix: add nativeBuildInputs and buildInputs overrides to flake.nix
* bump fastapi-sso to 0.9.0 which fixes some security issues
* refactor: move the `lnbits_admin_extensions` to decorators
* chore: bring package config from `dev`
* chore: re-add dependencies
* chore: re-add cev dependencies
* chore: re-add mypy ignores
* feat: i18n
* refactor: move admin ext check to decorator (fix after rebase)
* fix: label mapping
* fix: re-fetch user after first wallet was created
* fix: unlikely case that `user` is not found
* refactor translations (move '*' to code)
* reorganize deps in pyproject.toml, add comment
* update flake.lock and simplify flake.nix after upstreaming
overrides for fastapi-sso, types-passlib, types-pyasn1, types-python-jose
were upstreamed in https://github.com/nix-community/poetry2nix/pull/1463
* fix: more relaxed email verification (by @prusnak)
* fix: remove `\b` (boundaries) since we re using `fullmatch`
* chore: `make bundle`
---------
Co-authored-by: dni ⚡ <office@dnilabs.com>
Co-authored-by: Arc <ben@arc.wales>
Co-authored-by: jackstar12 <jkranawetter05@gmail.com>
Co-authored-by: Pavol Rusnak <pavol@rusnak.io>
* add service fee to specific wallet
* add to .env.example
* Added service fee wallet to manage server
* cleaned
* prettier
* Added badge for service fee
* Added tooltip
* Added service fee max
* allow ignoring service fee for internal transactions
* add fee_reserve_total helper funciton that includes service_fee
* html for admin ui
* typo
* Update .env.example
Co-authored-by: Pavol Rusnak <pavol@rusnak.io>
* fix .env.template comment
* bundle
* WIP: expose fee reserve endpoint
---------
Co-authored-by: Arc <ben@arc.wales>
Co-authored-by: dni ⚡ <office@dnilabs.com>
Co-authored-by: Pavol Rusnak <pavol@rusnak.io>
closes#1954
this PR add cache busting to `/static`
additionally i combined `lnbits/core/static` with `lnbits/static`, it was not necessary and added a lot of duplicate code for cache busting. now you have to include all static files inside the html files with `{{ static_url_for("static", "app.css" ) }}`
Co-authored-by: Vlad Stan <stan.v.vlad@gmail.com>
Co-authored-by: Pavol Rusnak <pavol@rusnak.io>
logs into `lnbits.log` with info loglevel and `debug.log` with DEBUG loglevel
files will be saved into `LNBITS_DATA_DIR`.
retentions is configurable but defaults to `90 days`
* added log rotation aswell
---------
Co-authored-by: Vlad Stan <stan.v.vlad@gmail.com>
* F541 fix
remove unused workflow and combine linters into one
add lnbits/static to ruff ignore
remote setupnode
ignore upgrades for mypy
ignore F401 for __init__ files
unused noqa
ignore upgrades for black
F821: undefine name
disabled and logged webhook_listener for opennode and lnpay because they are obvisouly not working
E402: module level import not at top of file
fixup
revert breaking changes wait for PR #1876https://github.com/lnbits/lnbits/pull/1876
E721 fixes, only popped up for python3.9 not 3.10
[REFACTOR] core/__init__ to not have circular import issues
WIP
add db for backwards compat
fix pyright
make mypy happy again
pyright did not catch those, i think mypy got confused with relative imports. maybe we should use absolute ones everywhere
E402: module level import not at top of file
dont forget to add core_app
rebase on ruff pr
f
remo
format
* fix clnrest
* ignore E402 in conftest
* refactoring issues
---------
Co-authored-by: jacksn <jkranawetter05@gmail.com>
* push notification integration into core
added missing component
fixed bell working on all pages
- made pubkey global template env var
- had to move `get_push_notification_pubkey` to `helpers.py` because of circular reference with `tasks.py`
formay
trying to fix mypy
added py-vapid to requirements
Trying to fix stub mypy issue
* removed key files
* webpush key pair is saved in db `webpush_settings`
* removed lnaddress extension changes
* support for multi user account subscriptions, subscriptions are stored user based
fixed syntax error
fixed syntax error
removed unused line
* fixed subscribed user storage with local storage, no get request required
* method is singular now
* cleanup unsubscribed or expired push subscriptions
fixed flake8 errors
fixed poetry errors
* updating to latest lnbits
formatting, rebase error
fix
* remove unused?
* revert
* relock
* remove
* do not create settings table use adminsettings
mypy
fix
* cleanup old code
* catch case when client tries to recreate existing webpush subscription e.g. on cleared local storage
* show notification bell on user related pages only
* use local storage with one key like array, some refactoring
* fixed crud import
* fixed too long line
* removed unused imports
* ruff
* make webpush editable
* fixed privkey encoding
* fix ruff
* fix migration
---------
Co-authored-by: schneimi <admin@schneimi.de>
Co-authored-by: schneimi <dev@schneimi.de>
Co-authored-by: dni ⚡ <office@dnilabs.com>
* [CHORE] cleanup cache and exception on `make test`
moved the invalidate_forever task to proper location and use `create_permanent_task`.
and there was a Task never awaited Exception when running tests
* imrpove expiration test
* move cache into utils
* fix issue with pytest_asyncio
s
---------
Co-authored-by: jacksn <jkranawetter05@gmail.com>
* [CHORE] update mypy and new issues
lnbits/cache.py:21: note: By default the bodies of untyped functions are not checked, consider using --check-untyped-defs [annotation-unchecked]
lnbits/extension_manager.py:210: note: By default the bodies of untyped functions are not checked, consider using --check-untyped-defs [annotation-unchecked]
lnbits/db.py:110: error: Only instance methods can be decorated with @property [misc]
lnbits/tasks.py:152: note: By default the bodies of untyped functions are not checked, consider using --check-untyped-defs [annotation-unchecked]
lnbits/tasks.py:171: note: By default the bodies of untyped functions are not checked, consider using --check-untyped-defs [annotation-unchecked]
lnbits/core/services.py:520: note: By default the bodies of untyped functions are not checked, consider using --check-untyped-defs [annotation-unchecked]
lnbits/app.py:520: note: By default the bodies of untyped functions are not checked, consider using --check-untyped-defs [annotation-unchecked]
lnbits/app.py:525: note: By default the bodies of untyped functions are not checked, consider using --check-untyped-defs [annotation-unchecked]
lnbits/app.py:532: note: By default the bodies of untyped functions are not checked, consider using --check-untyped-defs [annotation-unchecked]
* fix db.py
* fix mypy notes, type were not needed
* remove unused and update black + precommit
* makefile add ruff remove unused
* F541 fix
* complete ruff ignore
* remove unused workflow and combine linters into one
add lnbits/static to ruff ignore
save preview and linelength for later
define target version for black
* ignore upgrades for mypy
* remove flake8
* ignore F401 for __init__ files
* unused pylint comment
* unused noqa
* ignore upgrades for black
* run linting on py3.9 and py3.10
* dont assume python
* add centralized task management
in order to properly cleanup all long-running tasks we have to keep a list of them
* use new task management functions
* unify shutdown events
* vlads suggestions
rename variable for create_task
wrap cancel() with try/catch
fixup
* rename func to coro
---------
Co-authored-by: dni ⚡ <office@dnilabs.com>
* add simple caching utility
* test cache
* remove prefix, default on get
* check expiry in pop aswell
* remove unnecessary type
* improve invalidation task
increase default interval to 10 seconds - doesnt have to check that often.
instead of recreating the dict everytime mutate the existing one
* added ratelimiter
* Adds server logs to admin ui
* Added IP allow/ban list
* fixed remove ips
* Split rate limit number and unit
* security tab and background tasks for killswitch
* fix test for auditor api
---------
Co-authored-by: dni ⚡ <office@dnilabs.com>
* remove static/vendor
* add node dependencies
* add bolt11-decoder
* run npm install inside dockerimage
* only use bundle.js and bundle.css
* use node_modules for bundling vendor assets
* remove dead code
* make argument optional
* reintroduce vendor dir
* reintroduce vendor and single javascript files, minification
* wrong moment, remove minification
* lock packages with non critical issues
* black
* feat: basic redirect to extension endpoint
* feat: filter by headers
* refactor: extract `middleware.py`
* fix: do not add twice the same extension to redirects
* chore: code clean-up
