-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathviews_lnurl.py
269 lines (229 loc) · 8.79 KB
/
views_lnurl.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
import json
from datetime import datetime
from http import HTTPStatus
from typing import Callable, Optional
from urllib.parse import urlparse
import httpx
import shortuuid
from fastapi import APIRouter, HTTPException, Request, Response
from fastapi.responses import JSONResponse
from fastapi.routing import APIRoute
from lnbits.core.crud import update_payment
from lnbits.core.models import Payment
from lnbits.core.services import pay_invoice
from loguru import logger
from .crud import (
create_hash_check,
delete_hash_check,
get_withdraw_link_by_hash,
increment_withdraw_link,
remove_unique_withdraw_link,
)
from .models import WithdrawLink
class LNURLErrorResponseHandler(APIRoute):
def get_route_handler(self) -> Callable:
original_route_handler = super().get_route_handler()
async def custom_route_handler(request: Request) -> Response:
try:
response = await original_route_handler(request)
return response
except HTTPException as exc:
logger.debug(f"HTTPException: {exc}")
response = JSONResponse(
status_code=200,
content={"status": "ERROR", "reason": f"{exc.detail}"},
)
return response
return custom_route_handler
withdraw_ext_lnurl = APIRouter(prefix="/api/v1/lnurl")
withdraw_ext_lnurl.route_class = LNURLErrorResponseHandler
@withdraw_ext_lnurl.get(
"/{unique_hash}",
response_class=JSONResponse,
name="withdraw.api_lnurl_response",
)
async def api_lnurl_response(request: Request, unique_hash: str):
link = await get_withdraw_link_by_hash(unique_hash)
if not link:
raise HTTPException(
status_code=HTTPStatus.NOT_FOUND, detail="Withdraw link does not exist."
)
if link.is_spent:
raise HTTPException(
status_code=HTTPStatus.NOT_FOUND, detail="Withdraw is spent."
)
if link.is_unique:
raise HTTPException(
status_code=HTTPStatus.NOT_FOUND,
detail="This link requires an id_unique_hash.",
)
url = str(
request.url_for("withdraw.api_lnurl_callback", unique_hash=link.unique_hash)
)
# Check if url is .onion and change to http
if urlparse(url).netloc.endswith(".onion"):
# change url string scheme to http
url = url.replace("https://", "http://")
return {
"tag": "withdrawRequest",
"callback": url,
"k1": link.k1,
"minWithdrawable": link.min_withdrawable * 1000,
"maxWithdrawable": link.max_withdrawable * 1000,
"defaultDescription": link.title,
"webhook_url": link.webhook_url,
"webhook_headers": link.webhook_headers,
"webhook_body": link.webhook_body,
}
@withdraw_ext_lnurl.get(
"/cb/{unique_hash}",
name="withdraw.api_lnurl_callback",
summary="lnurl withdraw callback",
description="""
This endpoints allows you to put unique_hash, k1
and a payment_request to get your payment_request paid.
""",
response_class=JSONResponse,
response_description="JSON with status",
responses={
200: {"description": "status: OK"},
400: {"description": "k1 is wrong or link open time or withdraw not working."},
404: {"description": "withdraw link not found."},
405: {"description": "withdraw link is spent."},
},
)
async def api_lnurl_callback(
unique_hash: str,
k1: str,
pr: str,
id_unique_hash: Optional[str] = None,
):
link = await get_withdraw_link_by_hash(unique_hash)
if not link:
raise HTTPException(
status_code=HTTPStatus.NOT_FOUND, detail="withdraw not found."
)
if link.is_spent:
raise HTTPException(
status_code=HTTPStatus.METHOD_NOT_ALLOWED, detail="withdraw is spent."
)
if link.k1 != k1:
raise HTTPException(status_code=HTTPStatus.BAD_REQUEST, detail="k1 is wrong.")
now = int(datetime.now().timestamp())
if now < link.open_time:
raise HTTPException(
status_code=HTTPStatus.BAD_REQUEST,
detail=f"wait link open_time {link.open_time - now} seconds.",
)
if not id_unique_hash and link.is_unique:
raise HTTPException(
status_code=HTTPStatus.BAD_REQUEST,
detail="id_unique_hash is required for this link.",
)
if id_unique_hash:
if check_unique_link(link, id_unique_hash):
await remove_unique_withdraw_link(link, id_unique_hash)
else:
raise HTTPException(
status_code=HTTPStatus.NOT_FOUND, detail="withdraw not found."
)
# Create a record with the id_unique_hash or unique_hash, if it already exists,
# raise an exception thus preventing the same LNURL from being processed twice.
try:
await create_hash_check(id_unique_hash or unique_hash, k1)
except Exception as exc:
raise HTTPException(
status_code=HTTPStatus.BAD_REQUEST, detail="LNURL already being processed."
) from exc
try:
payment = await pay_invoice(
wallet_id=link.wallet,
payment_request=pr,
max_sat=link.max_withdrawable,
extra={"tag": "withdraw", "withdrawal_link_id": link.id},
)
await increment_withdraw_link(link)
# If the payment succeeds, delete the record with the unique_hash.
# TODO: we delete this now: "If it has unique_hash, do not delete to prevent
# the same LNURL from being processed twice."
await delete_hash_check(id_unique_hash or unique_hash)
if link.webhook_url:
await dispatch_webhook(link, payment, pr)
return {"status": "OK"}
except Exception as exc:
# If payment fails, delete the hash stored so another attempt can be made.
await delete_hash_check(id_unique_hash or unique_hash)
raise HTTPException(
status_code=HTTPStatus.BAD_REQUEST, detail=f"withdraw not working. {exc!s}"
) from exc
def check_unique_link(link: WithdrawLink, unique_hash: str) -> bool:
return any(
unique_hash == shortuuid.uuid(name=link.id + link.unique_hash + x.strip())
for x in link.usescsv.split(",")
)
async def dispatch_webhook(
link: WithdrawLink, payment: Payment, payment_request: str
) -> None:
async with httpx.AsyncClient() as client:
try:
r: httpx.Response = await client.post(
link.webhook_url,
json={
"payment_hash": payment.payment_hash,
"payment_request": payment_request,
"lnurlw": link.id,
"body": json.loads(link.webhook_body) if link.webhook_body else "",
},
headers=(
json.loads(link.webhook_headers) if link.webhook_headers else None
),
timeout=40,
)
payment.extra["wh_success"] = r.is_success
payment.extra["wh_message"] = r.reason_phrase
payment.extra["wh_response"] = r.text
await update_payment(payment)
except Exception as exc:
# webhook fails shouldn't cause the lnurlw to fail
# since invoice is already paid
logger.error(f"Caught exception when dispatching webhook url: {exc!s}")
payment.extra["wh_success"] = False
payment.extra["wh_message"] = str(exc)
await update_payment(payment)
# FOR LNURLs WHICH ARE UNIQUE
@withdraw_ext_lnurl.get(
"/{unique_hash}/{id_unique_hash}",
response_class=JSONResponse,
name="withdraw.api_lnurl_multi_response",
)
async def api_lnurl_multi_response(
request: Request, unique_hash: str, id_unique_hash: str
):
link = await get_withdraw_link_by_hash(unique_hash)
if not link:
raise HTTPException(
status_code=HTTPStatus.NOT_FOUND, detail="LNURL-withdraw not found."
)
if link.is_spent:
raise HTTPException(
status_code=HTTPStatus.NOT_FOUND, detail="Withdraw is spent."
)
if not check_unique_link(link, id_unique_hash):
raise HTTPException(
status_code=HTTPStatus.NOT_FOUND, detail="LNURL-withdraw not found."
)
url = str(
request.url_for("withdraw.api_lnurl_callback", unique_hash=link.unique_hash)
)
# Check if url is .onion and change to http
if urlparse(url).netloc.endswith(".onion"):
# change url string scheme to http
url = url.replace("https://", "http://")
return {
"tag": "withdrawRequest",
"callback": f"{url}?id_unique_hash={id_unique_hash}",
"k1": link.k1,
"minWithdrawable": link.min_withdrawable * 1000,
"maxWithdrawable": link.max_withdrawable * 1000,
"defaultDescription": link.title,
}