* refactor: add `prepareFilterQuery` to utils
factored out the preparation of the url params for a paginated table and its requests.
usermanager will also use that.
move authentication into security in preparation of user manager pr where users tab will be removed.
move service fee into server tab, i think its more fitting there.
* feat: `cleanup-wallet` cli command
`lnbits-cli db cleanup-wallets` removes all wallets that never had an transaction.
this helps against spammers creating random wallets, eventually slowing down the db.
* add commands
* add to example env
* db_versions was used in app
* add delta as cli argument
* use days unit
* simplify cli argument name (cleanup_wallet_days -> days)!
---------
Co-authored-by: Vlad Stan <stan.v.vlad@gmail.com>
Co-authored-by: Pavol Rusnak <pavol@rusnak.io>
* Login form loading
* add first install middleware and settings
* updates
* Login form loading
* add first install middleware and settings
* updates
* only set first install when superuser is created
* refactor first install
* only show if first install
* cleanup
* set password
* update calls
* login superuser on first install
* fix
* fixup!
* fixup!
* fixup!
* fixup!
* fixup!
* last fixup!
* fix mypy and prettier CI errors
* disable first install
* add random super user
* set first install after startup
* remove user id from form
* Update lnbits/core/views/auth_api.py
Co-authored-by: Vlad Stan <stan.v.vlad@gmail.com>
* Update lnbits/core/views/auth_api.py
Co-authored-by: Vlad Stan <stan.v.vlad@gmail.com>
* Update lnbits/middleware.py
Co-authored-by: dni ⚡ <office@dnilabs.com>
* addressing Vlad's comments
* remove super user
* move to transient settings
* fix: show `first_install` page even after a server restart
* fix: do not add `user_id` in the auth token
* fix: `make check` errors
* fix: `username` is not optional for `UpdateSuperuserPassword`
* feat: nicer error message
---------
Co-authored-by: dni ⚡ <office@dnilabs.com>
Co-authored-by: Tiago Vasconcelos <talvasconcelos@gmail.com>
Co-authored-by: Vlad Stan <stan.v.vlad@gmail.com>
* feat: allow all extension deactivation
* doc: updated comment
* fix: make sure `register_routes` executes after installed extensions are checked
* chore: code format
* fix: do not run migration on deactivated extensions
* fix: make sure the deactivated extension list is loaded in time
* feat: register extension routes if extension never loaded before
* fix: move `load_disabled_extension_list`
* doc: disable by default
* feat: add `created_at` and `updated_at` to wallets and accounts
the title says it all :)
* fixup!
* nitpicks :)
* fixup!
* sqlite fix
* sqlite compat
* fixup!
* mypy
* revert db py
* motorinas suggestions
* int(time()) proper default values in migration
* uncomment migration
* use now = int(time()) idiom to make code more readable
also this fixes the issue where time() is called multiple times
providing different return values for multiple invocations
---------
Co-authored-by: Pavol Rusnak <pavol@rusnak.io>
* feat: set `samesite="none", secure=True` for `is_lnbits_user_authorized` (required in iframe)
* feat: add icons for User ID actions
* feat: set `samesite="none", secure=True
* feat: show auth configs on the admin UI
* fix: do not access settings on load
* fix: redirect for click on item (not only on text)
* fix: remove `Display Name`
* fix: do not show `Verify email with` if no auth option is available
* feat: show warning before logout
* feat: i18n of account page
* fix: show account icon for user ID login
* fix: always check `isUserAuthorized`
* fix: update the `disclaimer_dialog` message
* feat: hide user ID by default
* fix: redirect from login page when user authorized
* feat: update logout message
* fix: do not translate company names
no more superuser url!
delete cookie on logout
add usr login feature
fix node management
* Cleaned up login form
* CreateUser
* information leak
* cleaner parsing usr from url
* rename decorators
* login secret
* fix: add back `superuser` command
* chore: remove `fastapi_login`
* fix: extract `token` from cookie
* chore: prepare to extract user
* feat: check user
* chore: code clean-up
* feat: happy flow working
* fix: usr only login
* fix: user already logged in
* feat: check user in URL
* fix: verify password at DB level
* fix: do not show `Login` controls if user already logged in
* fix: separate login endpoints
* fix: remove `usr` param
* chore: update error message
* refactor: register method
* feat: logout
* chore: move comments
* fix: remove user auth check from API
* fix: user check unnecessary
* fix: redirect after logout
* chore: remove garbage files
* refactor: simplify constructor call
* fix: hide user icon if not authorized
* refactor: rename auth env vars
* chore: code clean-up
* fix: add types for `python-jose`
* fix: add types for `passlib`
* fix: return type
* feat: set default value for `auth_secret_key` to hash of super user
* fix: default value
* feat: rework login page
* feat: ui polishing
* feat: google auth
* feat: add google auth
* chore: remove `authlib` dependency
* refactor: extract `_handle_sso_login` method
* refactor: convert methods to `properties`
* refactor: rename: `user_api` to `auth_api`
* feat: store user info from SSO
* chore: re-arange the buttons
* feat: conditional rendering of login options
* feat: correctly render buttons
* fix: re-add `Claim Bitcoin` from the main page
* fix: create wallet must send new user
* fix: no `username-password` auth method
* refactor: rename auth method
* fix: do not force API level UUID4 validation
* feat: add validation for username
* feat: add account page
* feat: update account
* feat: add `has_password` for user
* fix: email not editable
* feat: validate email for existing account
* fix: register check
* feat: reset password
* chore: code clean-up
* feat: handle token expired
* fix: only redirect if `text/html`
* refactor: remove `OAuth2PasswordRequestForm`
* chore: remove `python-multipart` dependency
* fix: handle no headers for exception
* feat: add back button on error screen
* feat: show user profile image
* fix: check account creation permissions
* fix: auth for internal api call
* chore: add some docs
* chore: code clean-up
* fix: rebase stuff
* fix: default value types
* refactor: customize error messages
* fix: move types libs to dev dependencies
* doc: specify the `Authorization callback URL`
* fix: pass missing superuser id in node ui test
* fix: keep usr param on wallet redirect
removing usr param causes an issue if the browser doesnt yet have an access token.
* fix: do not redirect if `wal` query param not present
* fix: add nativeBuildInputs and buildInputs overrides to flake.nix
* bump fastapi-sso to 0.9.0 which fixes some security issues
* refactor: move the `lnbits_admin_extensions` to decorators
* chore: bring package config from `dev`
* chore: re-add dependencies
* chore: re-add cev dependencies
* chore: re-add mypy ignores
* feat: i18n
* refactor: move admin ext check to decorator (fix after rebase)
* fix: label mapping
* fix: re-fetch user after first wallet was created
* fix: unlikely case that `user` is not found
* refactor translations (move '*' to code)
* reorganize deps in pyproject.toml, add comment
* update flake.lock and simplify flake.nix after upstreaming
overrides for fastapi-sso, types-passlib, types-pyasn1, types-python-jose
were upstreamed in https://github.com/nix-community/poetry2nix/pull/1463
* fix: more relaxed email verification (by @prusnak)
* fix: remove `\b` (boundaries) since we re using `fullmatch`
* chore: `make bundle`
---------
Co-authored-by: dni ⚡ <office@dnilabs.com>
Co-authored-by: Arc <ben@arc.wales>
Co-authored-by: jackstar12 <jkranawetter05@gmail.com>
Co-authored-by: Pavol Rusnak <pavol@rusnak.io>
* use translated string
* fix typos in lnbits/static/i18n/{it,jp,nl,we}.js
* add missing strings to cs,en,sk translations
* remove duplicates from lnbits/static/i18n/{cs,en,kr,sk}.js
* add i18n checker
* add i18n ai tool
* add autogenerated AI translations
* add i18n-ai-tool check whether variables in formatted strings are not broken
* fix issues with variables found by the script
* chore: make bundle
if lightning/lnurl param is present in /wallet, it will pass to the decode dialogue
* chore: code format
* fix: call to `decodeRequest`
* feat: set `position="top"` for all dialogs (avoid mobile keyboard overlap)
---------
Co-authored-by: Vlad Stan <stan.v.vlad@gmail.com>
* fix issue with displaying languages
* readd tooltip
* remove all raw stuff
* fix api docs tooltip
* fix remaining {% raw %} + $t() usage
---------
Co-authored-by: dni ⚡ <office@dnilabs.com>
Co-authored-by: Pavol Rusnak <pavol@rusnak.io>
* add service fee to specific wallet
* add to .env.example
* Added service fee wallet to manage server
* cleaned
* prettier
* Added badge for service fee
* Added tooltip
* Added service fee max
* allow ignoring service fee for internal transactions
* add fee_reserve_total helper funciton that includes service_fee
* html for admin ui
* typo
* Update .env.example
Co-authored-by: Pavol Rusnak <pavol@rusnak.io>
* fix .env.template comment
* bundle
* WIP: expose fee reserve endpoint
---------
Co-authored-by: Arc <ben@arc.wales>
Co-authored-by: dni ⚡ <office@dnilabs.com>
Co-authored-by: Pavol Rusnak <pavol@rusnak.io>
closes#1954
this PR add cache busting to `/static`
additionally i combined `lnbits/core/static` with `lnbits/static`, it was not necessary and added a lot of duplicate code for cache busting. now you have to include all static files inside the html files with `{{ static_url_for("static", "app.css" ) }}`
Co-authored-by: Vlad Stan <stan.v.vlad@gmail.com>
Co-authored-by: Pavol Rusnak <pavol@rusnak.io>
* [FEAT] add extension functionality to lnbits-cli
WIP
draft cli commands for vlad :)
* add extension list command
* [feat] lnbits-cli add install, uninstall and upgrade
* feat: load settings from DB
* refactor: simplify settings loading
* feat: show current version if installed
* feat: add mor emessages
* feat: basic DB install
* feat: add extension
* feat: do not install if the server is up
* feat: add logic for uninstall
* refactor: prepare for upgrade
* feat: check extension before upgrade
* refactor: stuff
* fix: have a default value
* feat: use the API logic
* feat: use pi methods for un-install
* refactor: extract _select_release
* feat: add flags
* feat: check if extension already up to date
* refactor: use `_run_async`
* feat: install all extensions
* feat: install online
* fix: api install
* fix: API upgrade & install
* feat: add API uninstall
* failed typo
* typo running
* url duplication
* [fix] provide short-options too (same as upgrade command)
Co-authored-by: Pavol Rusnak <pavol@rusnak.io>
* make black
* fix: fail if .superuser file not found; add `--admin-user` option
* fix: ambiguous use of `logger.debug`
- register_new_ext_routes must not be None
- `logger.debug` was used because it allowed any arguments, but that was a bad idea
- now an explicit empty `_do_nothing(*_)` function is used
* fix: load settings
* doc: updated `--source-repo`
* chore: rename `upgrade` to `update`
* refactor: use `@annotation` for making commands async
* fix: code checks
---------
Co-authored-by: Vlad Stan <stan.v.vlad@gmail.com>
Co-authored-by: Pavol Rusnak <pavol@rusnak.io>
* feat: improve on admin ui funding tab
* now only shows settings of selected fundingsource.
* refactor into vue component
* use camel case
* refactor: move admin js into .js file (#1990)
* updateFundingData is redundent now
---------
Co-authored-by: Vlad Stan <stan.v.vlad@gmail.com>
* add QR_LOGO variable
* add logo to images folder
* css for overlaying logo on qr
* qr url on settings
* add qr url to global env
* add QR url input on theme tab in adminUI
* new component added
* use svg
* remove white border around logo in the QR
---------
Co-authored-by: Pavol Rusnak <pavol@rusnak.io>
Co-authored-by: dni ⚡ <office@dnilabs.com>
