From 34e18820de72553cedd11adcc72454c58140f609 Mon Sep 17 00:00:00 2001
From: emad-salah <emads14@gmail.com>
Date: Wed, 12 Aug 2020 14:51:29 +0100
Subject: [PATCH 1/2] Trusted keys bug fixes

---
 src/routes.js | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

diff --git a/src/routes.js b/src/routes.js
index 8c016615..47a21922 100644
--- a/src/routes.js
+++ b/src/routes.js
@@ -522,17 +522,22 @@ module.exports = async (
           trustedKey => trustedKey === publicKey
         )
         const walletUnlocked = health.LNDStatus.walletStatus === 'unlocked'
+        const { authorization = '' } = req.headers
 
         if (!walletUnlocked) {
-          const unlockedWallet = await unlockWallet(password)
+          await unlockWallet(password)
+        }
 
-          if (!isKeyTrusted && unlockedWallet.field !== 'walletUnlocker') {
-            await Storage.set('trustedPKs', [...trustedKeys, publicKey])
-          }
+        if (walletUnlocked && !authorization && !isKeyTrusted) {
+          res.status(401).json({
+            field: 'alias',
+            errorMessage: 'Invalid alias/password combination',
+            success: false
+          })
+          return
         }
 
         if (walletUnlocked && !isKeyTrusted) {
-          const { authorization = '' } = req.headers
           const validatedToken = await validateToken(
             authorization.replace('Bearer ', '')
           )
@@ -547,6 +552,10 @@ module.exports = async (
           }
         }
 
+        if (!isKeyTrusted) {
+          await Storage.set('trustedPKs', [...(trustedKeys || []), publicKey])
+        }
+
         // Send an event to update lightning's status
         mySocketsEvents.emit('updateLightning')
 

From 4738228d3683004daf993532c63cca9db477e2c7 Mon Sep 17 00:00:00 2001
From: emad-salah <emads14@gmail.com>
Date: Wed, 12 Aug 2020 15:22:42 +0100
Subject: [PATCH 2/2] Fixed so public keys are trusted after registering with
 existing wallet

---
 src/routes.js | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/routes.js b/src/routes.js
index 47a21922..c05de1f4 100644
--- a/src/routes.js
+++ b/src/routes.js
@@ -861,6 +861,9 @@ module.exports = async (
       // Register user after verifying wallet password
       const publicKey = await GunDB.register(alias, password)
 
+      const trustedKeys = await Storage.get('trustedPKs')
+      await Storage.setItem('trustedPKs', [...(trustedKeys || []), publicKey])
+
       // Generate Access Token
       const token = await auth.generateToken()