aiolabs/lightning-pub
2
0
Fork 0
Code Issues 9 Pull requests 4 Projects Releases Packages Wiki Activity Actions

allow locked lnd

Browse source
This commit is contained in:
hatim boufnichel 2021-09-08 21:00:29 +02:00
parent 4c17f033f5
commit 28eb429000
3 changed files with 55 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.env.example
View file

@ -17,4 +17,6 @@ TORRENT_SEED_URL=https://webtorrent.shock.network
# Admin token for your own seed server # Admin token for your own seed server
TORRENT_SEED_TOKEN=jibberish TORRENT_SEED_TOKEN=jibberish
# "default" or "hosting" # "default" or "hosting"
DEPLOYMENT_TYPE=hosting DEPLOYMENT_TYPE=hosting
# allow to create a user with unlocked lnd
ALLOW_UNLOCKED_LND="true"

47
src/routes.js
View file

@ -611,7 +611,7 @@ module.exports = async (
// If we're connected to lnd, unlock the wallet using the password supplied // If we're connected to lnd, unlock the wallet using the password supplied
// and generate an auth token if that operation was successful. // and generate an auth token if that operation was successful.
if (health.LNDStatus.success && walletInitialized) { if (health.LNDStatus.success && walletInitialized) {
const { alias, password, invite } = req.body const { alias, password, invite, accessSecret } = req.body
await recreateLnServices() await recreateLnServices()
@ -647,8 +647,18 @@ module.exports = async (
if (!walletUnlocked) { if (!walletUnlocked) {
await unlockWallet(password) await unlockWallet(password)
} }
let secretUsed = null
if (walletUnlocked && !authorization && !isKeyTrusted) { if (accessSecret) {
secretUsed = await Storage.get(
`UnlockedAccessSecrets/${accessSecret}`
)
}
if (
walletUnlocked &&
!authorization &&
!isKeyTrusted &&
(process.env.ALLOW_UNLOCKED_LND !== 'true' || secretUsed !== false)
) {
res.status(401).json({ res.status(401).json({
field: 'alias', field: 'alias',
errorMessage: errorMessage:
@ -658,7 +668,11 @@ module.exports = async (
return return
} }
if (walletUnlocked && !isKeyTrusted) { if (
walletUnlocked &&
!isKeyTrusted &&
(process.env.ALLOW_UNLOCKED_LND !== 'true' || secretUsed !== false)
) {
const validatedToken = await validateToken( const validatedToken = await validateToken(
authorization.replace('Bearer ', '') authorization.replace('Bearer ', '')
) )
@ -674,6 +688,10 @@ module.exports = async (
} }
} }
if (secretUsed === false) {
await Storage.setItem(`UnlockedAccessSecrets/${accessSecret}`, true)
}
if (!isKeyTrusted) { if (!isKeyTrusted) {
await Storage.set('trustedPKs', [...(trustedKeys || []), publicKey]) await Storage.set('trustedPKs', [...(trustedKeys || []), publicKey])
} }
@ -1003,7 +1021,7 @@ module.exports = async (
app.post('/api/lnd/wallet/existing', async (req, res) => { app.post('/api/lnd/wallet/existing', async (req, res) => {
try { try {
const { password, alias, invite } = req.body const { password, alias, invite, accessSecret } = req.body
const healthResponse = await checkHealth() const healthResponse = await checkHealth()
const exists = await walletExists() const exists = await walletExists()
if (!exists) { if (!exists) {
@ -1034,17 +1052,30 @@ module.exports = async (
"Please specify a password that's longer than 8 characters" "Please specify a password that's longer than 8 characters"
}) })
} }
let secretUsed = null
if (healthResponse.LNDStatus.service !== 'walletUnlocker') { if (accessSecret) {
secretUsed = await Storage.get(
`UnlockedAccessSecrets/${accessSecret}`
)
}
if (
healthResponse.LNDStatus.service !== 'walletUnlocker' &&
(process.env.ALLOW_UNLOCKED_LND !== 'true' || secretUsed !== false)
) {
return res.status(400).json({ return res.status(400).json({
field: 'wallet', field: 'wallet',
errorMessage: errorMessage:
'Wallet is already unlocked. Please restart your LND instance and try again.' 'Wallet is already unlocked. Please restart your LND instance and try again.'
}) })
} }
if (secretUsed === false) {
await Storage.setItem(`UnlockedAccessSecrets/${accessSecret}`, true)
}
try { try {
await unlockWallet(password) if (healthResponse.LNDStatus.service === 'walletUnlocker') {
await unlockWallet(password)
}
} catch (err) { } catch (err) {
return res.status(401).json({ return res.status(401).json({
field: 'wallet', field: 'wallet',

13
src/server.js
View file

@ -1,3 +1,5 @@
const { generateRandomString } = require('../utils/encryptionStore')
/** /**
* @prettier * @prettier
*/ */
@ -437,6 +439,17 @@ const server = program => {
} }
}) })
} }
if(process.env.ALLOW_UNLOCKED_LND === 'true'){
const codes = await Storage.valuesWithKeyMatch(/^UnlockedAccessSecrets\//u)
if(codes.length === 0){
const code = generateRandomString(12)
await Storage.setItem(`UnlockedAccessSecrets/${code}`, false)
logger.info("the access code is:"+code)
} else if(codes.length === 1 || codes[0] === false){
logger.info("the access code is:"+codes[0])
}
}
serverInstance.listen(serverPort, serverHost) serverInstance.listen(serverPort, serverHost)
logger.info('App listening on ' + serverHost + ' port ' + serverPort) logger.info('App listening on ' + serverHost + ' port ' + serverPort)
module.server = serverInstance module.server = serverInstance