tips overlay security

services/gunDB/contact-api/jobs/onOrders.js

@@ -286,7 +286,7 @@ const listenerForAddr = (addr, SEA) => async (order, orderID) => {
           TipForwarder.notifySocketIfAny(
             postID,
             order.from,
-            'TIPPED YOU',
+            paidInvoice.memo || 'TIPPED YOU',
             amt + ' sats'
           )
           const ackData = { tippedPost: postID }

services/tipsCallback.js

@@ -1,8 +1,21 @@
 //@ts-nocheck TODO- fix types
+const { gunUUID } = require("../utils")
 class TipsCB {
     listeners = {}
 
-    addSocket(postID,socket){
+    postsEnabled = {}
+    
+    enablePostNotifications(postID){
+        const accessId = gunUUID()
+        this.postsEnabled[accessId] = postID
+        return accessId
+    }
+
+    addSocket(accessId,socket){
+        if(!this.postsEnabled[accessId]){
+            return "invalid access id"
+        }
+        const postID = this.postsEnabled[accessId]
         console.log("subbing new socket for post: "+postID)
         
         if(!this.listeners[postID]){

src/index.html

@@ -51,8 +51,8 @@
 </head>
 <body>
     <div class="main">
-        <div class="content hide">
-            <p id="content-name">fdsigfudfsbigbfduigbdfb</p>
+        <div class="content">
+            <p id="content-name">some random name i dont know</p>
             <p id="content-message">JUST TIPPED YOU!</p>
             <p id="content-amount">100sats</p>
         </div>
@@ -61,9 +61,9 @@
     console.log(location.origin)
     const queryString = window.location.search;
     const urlParams = new URLSearchParams(queryString);
-    const postID = urlParams.get("postID")
+    const accessId = urlParams.get("accessId")
     var socket = io(`${location.origin}/streams`);
-    socket.emit("postID",postID)
+    socket.emit("accessId",accessId)
     let latestTimeout = null
     socket.on("update",(update)=>{
         const name = document.querySelector("#content-name")

src/routes.js

@@ -37,6 +37,7 @@ const GunWriteRPC = require('../services/gunDB/rpc')
 const Key = require('../services/gunDB/contact-api/key')
 const { startedStream, endStream } = require('../services/streams')
 const channelRequest = require('../utils/lightningServices/channelRequests')
+const TipsForwarder = require('../services/tipsCallback')
 
 const DEFAULT_MAX_NUM_ROUTES_TO_QUERY = 10
 const SESSION_ID = uuid()
@@ -2291,11 +2292,20 @@ module.exports = async (
 
   app.post(`/api/gun/wall/`, async (req, res) => {
     try {
-      const { tags, title, contentItems } = req.body
+      const { tags, title, contentItems, enableTipsOverlay } = req.body
       const SEA = require('../services/gunDB/Mediator').mySEA
-      return res
-        .status(200)
-        .json(await GunActions.createPostNew(tags, title, contentItems, SEA))
+      const postRes = await GunActions.createPostNew(
+        tags,
+        title,
+        contentItems,
+        SEA
+      )
+      if (enableTipsOverlay) {
+        const [postID] = postRes
+        const accessId = TipsForwarder.enablePostNotifications(postID)
+        return res.status(200).json([...postRes, accessId])
+      }
+      return res.status(200).json(postRes)
     } catch (e) {
       console.log(e)
       return res.status(500).json({
@@ -3348,6 +3358,18 @@ module.exports = async (
   ap.get('/api/subscribeStream', (req, res) => {
     res.sendFile(path.join(__dirname, '/index.html'))
   })
+  ap.post('/api/enableNotificationsOverlay', (req, res) => {
+    const { postID } = req.body
+    if (!postID) {
+      return res.status(400).json({
+        errorMessage: 'no post id provided'
+      })
+    }
+    const accessId = TipsForwarder.enablePostNotifications(postID)
+    res.json({
+      accessId
+    })
+  })
   //this is for wasLive/isLive status
   ap.post('/api/listenStream', (req, res) => {
     try {

src/sockets.js

@@ -186,10 +186,13 @@ module.exports = (
 
   io.of('streams').on('connect', socket => {
     console.log('a user connected')
-    socket.on('postID', postID => {
-      TipsForwarder.addSocket(postID, socket)
+    socket.on('accessId', accessId => {
+      const err = TipsForwarder.addSocket(accessId, socket)
+      if (err) {
+        console.log('err invalid socket for tips notifications ' + err)
+        socket.disconnect(true)
+      }
     })
   })
-
   return io
 }

utils/index.js

@@ -10,7 +10,7 @@ const { asyncFilter } = require('./helpers')
  */
 const gunUUID = () => {
   // @ts-expect-error Not typed
-  const uuid = Gun.Text.random()
+  const uuid = Gun.text.random()
 
   return uuid
 }