feat: parse nested pydantic models fetchone and fetchall + add shortcuts for insert_query and update_query into Database (#2714)
* feat: add shortcuts for insert_query and update_query into `Database`
example: await db.insert("table_name", base_model)
* remove where from argument
* chore: code clean-up
* extension manager
* lnbits-qrcode components
* parse date from dict
* refactor: make `settings` a fixture
* chore: remove verbose key names
* fix: time column
* fix: cast balance to `int`
* extension toggle vue3
* vue3 @input migration
* fix: payment extra and payment hash
* fix dynamic fields and ext db migration
* remove shadow on cards in dark theme
* screwed up and made more css pushes to this branch
* attempt to make chip component in settings dynamic fields
* dynamic chips
* qrscanner
* clean init admin settings
* make get_user better
* add dbversion model
* remove update_payment_status/extra/details
* traces for value and assertion errors
* refactor services
* add PaymentFiatAmount
* return Payment on api endpoints
* rename to get_user_from_account
* refactor: just refactor (#2740)
* rc5
* Fix db cache (#2741)
* [refactor] split services.py (#2742)
* refactor: spit `core.py` (#2743)
* refactor: make QR more customizable
* fix: print.html
* fix: qrcode options
* fix: white shadow on dark theme
* fix: datetime wasnt parsed in dict_to_model
* add timezone for conversion
* only parse timestamp for sqlite, postgres does it
* log internal payment success
* fix: export wallet to phone QR
* Adding a customisable border theme, like gradient (#2746)
* fixed mobile scan btn
* fix test websocket
* fix get_payments tests
* dict_to_model skip none values
* preimage none instead of defaulting to 0000...
* fixup test real invoice tests
* fixed pheonixd for wss
* fix nodemanager test settings
* fix lnbits funding
* only insert extension when they dont exist
---------
Co-authored-by: Vlad Stan <stan.v.vlad@gmail.com>
Co-authored-by: Tiago Vasconcelos <talvasconcelos@gmail.com>
Co-authored-by: Arc <ben@arc.wales>
Co-authored-by: Arc <33088785+arcbtc@users.noreply.github.com>
This commit is contained in:
dni ⚡
GitHub
parent
ae4eda04ba
commit
2940cf97c5
84 changed files with 4220 additions and 3776 deletions
|
|
@ -1,6 +1,7 @@
|
|||
import pytest
|
||||
|
||||
from lnbits.settings import settings
|
||||
from lnbits.core.models import User
|
||||
from lnbits.settings import Settings
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
|
|
@ -18,7 +19,7 @@ async def test_admin_get_settings(client, superuser):
|
|||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_admin_update_settings(client, superuser):
|
||||
async def test_admin_update_settings(client, superuser: User, settings: Settings):
|
||||
new_site_title = "UPDATED SITETITLE"
|
||||
response = await client.put(
|
||||
f"/admin/api/v1/settings?usr={superuser.id}",
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ import pytest
|
|||
from lnbits import bolt11
|
||||
from lnbits.core.models import CreateInvoice, Payment
|
||||
from lnbits.core.views.payment_api import api_payment
|
||||
from lnbits.settings import settings
|
||||
from lnbits.settings import Settings
|
||||
|
||||
from ..helpers import (
|
||||
get_random_invoice_data,
|
||||
|
|
@ -14,10 +14,13 @@ from ..helpers import (
|
|||
|
||||
# create account POST /api/v1/account
|
||||
@pytest.mark.asyncio
|
||||
async def test_create_account(client):
|
||||
async def test_create_account(client, settings: Settings):
|
||||
settings.lnbits_allow_new_accounts = False
|
||||
response = await client.post("/api/v1/account", json={"name": "test"})
|
||||
assert response.status_code == 403
|
||||
|
||||
assert response.status_code == 400
|
||||
assert response.json().get("detail") == "Account creation is disabled."
|
||||
|
||||
settings.lnbits_allow_new_accounts = True
|
||||
response = await client.post("/api/v1/account", json={"name": "test"})
|
||||
assert response.status_code == 200
|
||||
|
|
@ -120,7 +123,7 @@ async def test_create_invoice(client, inkey_headers_to):
|
|||
invoice = response.json()
|
||||
assert "payment_hash" in invoice
|
||||
assert len(invoice["payment_hash"]) == 64
|
||||
assert "payment_request" in invoice
|
||||
assert "bolt11" in invoice
|
||||
assert "checking_id" in invoice
|
||||
assert len(invoice["checking_id"])
|
||||
return invoice
|
||||
|
|
@ -135,7 +138,7 @@ async def test_create_invoice_fiat_amount(client, inkey_headers_to):
|
|||
)
|
||||
assert response.status_code == 201
|
||||
invoice = response.json()
|
||||
decode = bolt11.decode(invoice["payment_request"])
|
||||
decode = bolt11.decode(invoice["bolt11"])
|
||||
assert decode.amount_msat != data["amount"] * 1000
|
||||
assert decode.payment_hash
|
||||
|
||||
|
|
@ -177,7 +180,7 @@ async def test_create_internal_invoice(client, inkey_headers_to):
|
|||
assert response.status_code == 201
|
||||
assert "payment_hash" in invoice
|
||||
assert len(invoice["payment_hash"]) == 64
|
||||
assert "payment_request" in invoice
|
||||
assert "bolt11" in invoice
|
||||
assert "checking_id" in invoice
|
||||
assert len(invoice["checking_id"])
|
||||
return invoice
|
||||
|
|
@ -194,26 +197,28 @@ async def test_create_invoice_custom_expiry(client, inkey_headers_to):
|
|||
)
|
||||
assert response.status_code == 201
|
||||
invoice = response.json()
|
||||
bolt11_invoice = bolt11.decode(invoice["payment_request"])
|
||||
bolt11_invoice = bolt11.decode(invoice["bolt11"])
|
||||
assert bolt11_invoice.expiry == expiry_seconds
|
||||
|
||||
|
||||
# check POST /api/v1/payments: make payment
|
||||
@pytest.mark.asyncio
|
||||
async def test_pay_invoice(client, from_wallet_ws, invoice, adminkey_headers_from):
|
||||
data = {"out": True, "bolt11": invoice["payment_request"]}
|
||||
async def test_pay_invoice(
|
||||
client, from_wallet_ws, invoice: Payment, adminkey_headers_from
|
||||
):
|
||||
data = {"out": True, "bolt11": invoice.bolt11}
|
||||
response = await client.post(
|
||||
"/api/v1/payments", json=data, headers=adminkey_headers_from
|
||||
)
|
||||
assert response.status_code < 300
|
||||
invoice = response.json()
|
||||
assert len(invoice["payment_hash"]) == 64
|
||||
assert len(invoice["checking_id"]) > 0
|
||||
invoice_ = response.json()
|
||||
assert len(invoice_["payment_hash"]) == 64
|
||||
assert len(invoice_["checking_id"]) > 0
|
||||
|
||||
data = from_wallet_ws.receive_json()
|
||||
assert "wallet_balance" in data
|
||||
payment = Payment(**data["payment"])
|
||||
assert payment.payment_hash == invoice["payment_hash"]
|
||||
ws_data = from_wallet_ws.receive_json()
|
||||
assert "wallet_balance" in ws_data
|
||||
payment = Payment(**ws_data["payment"])
|
||||
assert payment.payment_hash == invoice_["payment_hash"]
|
||||
|
||||
# websocket from to_wallet cant be tested before https://github.com/lnbits/lnbits/pull/1793
|
||||
# data = to_wallet_ws.receive_json()
|
||||
|
|
@ -224,9 +229,9 @@ async def test_pay_invoice(client, from_wallet_ws, invoice, adminkey_headers_fro
|
|||
|
||||
# check GET /api/v1/payments/<hash>: payment status
|
||||
@pytest.mark.asyncio
|
||||
async def test_check_payment_without_key(client, invoice):
|
||||
async def test_check_payment_without_key(client, invoice: Payment):
|
||||
# check the payment status
|
||||
response = await client.get(f"/api/v1/payments/{invoice['payment_hash']}")
|
||||
response = await client.get(f"/api/v1/payments/{invoice.payment_hash}")
|
||||
assert response.status_code < 300
|
||||
assert response.json()["paid"] is True
|
||||
assert invoice
|
||||
|
|
@ -240,10 +245,10 @@ async def test_check_payment_without_key(client, invoice):
|
|||
# If sqlite: it will succeed only with adminkey_headers_to
|
||||
# TODO: fix this
|
||||
@pytest.mark.asyncio
|
||||
async def test_check_payment_with_key(client, invoice, inkey_headers_from):
|
||||
async def test_check_payment_with_key(client, invoice: Payment, inkey_headers_from):
|
||||
# check the payment status
|
||||
response = await client.get(
|
||||
f"/api/v1/payments/{invoice['payment_hash']}", headers=inkey_headers_from
|
||||
f"/api/v1/payments/{invoice.payment_hash}", headers=inkey_headers_from
|
||||
)
|
||||
assert response.status_code < 300
|
||||
assert response.json()["paid"] is True
|
||||
|
|
@ -255,7 +260,7 @@ async def test_check_payment_with_key(client, invoice, inkey_headers_from):
|
|||
# check POST /api/v1/payments: payment with wrong key type
|
||||
@pytest.mark.asyncio
|
||||
async def test_pay_invoice_wrong_key(client, invoice, adminkey_headers_from):
|
||||
data = {"out": True, "bolt11": invoice["payment_request"]}
|
||||
data = {"out": True, "bolt11": invoice.bolt11}
|
||||
# try payment with wrong key
|
||||
wrong_adminkey_headers = adminkey_headers_from.copy()
|
||||
wrong_adminkey_headers["X-Api-Key"] = "wrong_key"
|
||||
|
|
@ -276,7 +281,7 @@ async def test_pay_invoice_self_payment(client, adminkey_headers_from):
|
|||
)
|
||||
assert response.status_code < 300
|
||||
json_data = response.json()
|
||||
data = {"out": True, "bolt11": json_data["payment_request"]}
|
||||
data = {"out": True, "bolt11": json_data["bolt11"]}
|
||||
response = await client.post(
|
||||
"/api/v1/payments", json=data, headers=adminkey_headers_from
|
||||
)
|
||||
|
|
@ -286,7 +291,7 @@ async def test_pay_invoice_self_payment(client, adminkey_headers_from):
|
|||
# check POST /api/v1/payments: payment with invoice key [should fail]
|
||||
@pytest.mark.asyncio
|
||||
async def test_pay_invoice_invoicekey(client, invoice, inkey_headers_from):
|
||||
data = {"out": True, "bolt11": invoice["payment_request"]}
|
||||
data = {"out": True, "bolt11": invoice.bolt11}
|
||||
# try payment with invoice key
|
||||
response = await client.post(
|
||||
"/api/v1/payments", json=data, headers=inkey_headers_from
|
||||
|
|
@ -297,7 +302,7 @@ async def test_pay_invoice_invoicekey(client, invoice, inkey_headers_from):
|
|||
# check POST /api/v1/payments: payment with admin key, trying to pay twice [should fail]
|
||||
@pytest.mark.asyncio
|
||||
async def test_pay_invoice_adminkey(client, invoice, adminkey_headers_from):
|
||||
data = {"out": True, "bolt11": invoice["payment_request"]}
|
||||
data = {"out": True, "bolt11": invoice.bolt11}
|
||||
# try payment with admin key
|
||||
response = await client.post(
|
||||
"/api/v1/payments", json=data, headers=adminkey_headers_from
|
||||
|
|
@ -306,19 +311,20 @@ async def test_pay_invoice_adminkey(client, invoice, adminkey_headers_from):
|
|||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_get_payments(client, adminkey_headers_from, fake_payments):
|
||||
async def test_get_payments(client, inkey_fresh_headers_to, fake_payments):
|
||||
fake_data, filters = fake_payments
|
||||
|
||||
async def get_payments(params: dict):
|
||||
response = await client.get(
|
||||
"/api/v1/payments",
|
||||
params=filters | params,
|
||||
headers=adminkey_headers_from,
|
||||
headers=inkey_fresh_headers_to,
|
||||
)
|
||||
assert response.status_code == 200
|
||||
return [Payment(**payment) for payment in response.json()]
|
||||
|
||||
payments = await get_payments({"sortby": "amount", "direction": "desc", "limit": 2})
|
||||
assert len(payments) != 0
|
||||
assert payments[-1].amount < payments[0].amount
|
||||
assert len(payments) == 2
|
||||
|
||||
|
|
@ -340,13 +346,13 @@ async def test_get_payments(client, adminkey_headers_from, fake_payments):
|
|||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_get_payments_paginated(client, adminkey_headers_from, fake_payments):
|
||||
async def test_get_payments_paginated(client, inkey_fresh_headers_to, fake_payments):
|
||||
fake_data, filters = fake_payments
|
||||
|
||||
response = await client.get(
|
||||
"/api/v1/payments/paginated",
|
||||
params=filters | {"limit": 2},
|
||||
headers=adminkey_headers_from,
|
||||
headers=inkey_fresh_headers_to,
|
||||
)
|
||||
assert response.status_code == 200
|
||||
paginated = response.json()
|
||||
|
|
@ -355,13 +361,13 @@ async def test_get_payments_paginated(client, adminkey_headers_from, fake_paymen
|
|||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_get_payments_history(client, adminkey_headers_from, fake_payments):
|
||||
async def test_get_payments_history(client, inkey_fresh_headers_to, fake_payments):
|
||||
fake_data, filters = fake_payments
|
||||
|
||||
response = await client.get(
|
||||
"/api/v1/payments/history",
|
||||
params=filters,
|
||||
headers=adminkey_headers_from,
|
||||
headers=inkey_fresh_headers_to,
|
||||
)
|
||||
|
||||
assert response.status_code == 200
|
||||
|
|
@ -377,7 +383,7 @@ async def test_get_payments_history(client, adminkey_headers_from, fake_payments
|
|||
response = await client.get(
|
||||
"/api/v1/payments/history?group=INVALID",
|
||||
params=filters,
|
||||
headers=adminkey_headers_from,
|
||||
headers=inkey_fresh_headers_to,
|
||||
)
|
||||
|
||||
assert response.status_code == 400
|
||||
|
|
@ -385,21 +391,21 @@ async def test_get_payments_history(client, adminkey_headers_from, fake_payments
|
|||
|
||||
# check POST /api/v1/payments/decode
|
||||
@pytest.mark.asyncio
|
||||
async def test_decode_invoice(client, invoice):
|
||||
data = {"data": invoice["payment_request"]}
|
||||
async def test_decode_invoice(client, invoice: Payment):
|
||||
data = {"data": invoice.bolt11}
|
||||
response = await client.post(
|
||||
"/api/v1/payments/decode",
|
||||
json=data,
|
||||
)
|
||||
assert response.status_code < 300
|
||||
assert response.json()["payment_hash"] == invoice["payment_hash"]
|
||||
assert response.json()["payment_hash"] == invoice.payment_hash
|
||||
|
||||
|
||||
# check api_payment() internal function call (NOT API): payment status
|
||||
@pytest.mark.asyncio
|
||||
async def test_api_payment_without_key(invoice):
|
||||
async def test_api_payment_without_key(invoice: Payment):
|
||||
# check the payment status
|
||||
response = await api_payment(invoice["payment_hash"])
|
||||
response = await api_payment(invoice.payment_hash)
|
||||
assert isinstance(response, dict)
|
||||
assert response["paid"] is True
|
||||
# no key, that's why no "details"
|
||||
|
|
@ -408,11 +414,9 @@ async def test_api_payment_without_key(invoice):
|
|||
|
||||
# check api_payment() internal function call (NOT API): payment status
|
||||
@pytest.mark.asyncio
|
||||
async def test_api_payment_with_key(invoice, inkey_headers_from):
|
||||
async def test_api_payment_with_key(invoice: Payment, inkey_headers_from):
|
||||
# check the payment status
|
||||
response = await api_payment(
|
||||
invoice["payment_hash"], inkey_headers_from["X-Api-Key"]
|
||||
)
|
||||
response = await api_payment(invoice.payment_hash, inkey_headers_from["X-Api-Key"])
|
||||
assert isinstance(response, dict)
|
||||
assert response["paid"] is True
|
||||
assert "details" in response
|
||||
|
|
@ -431,7 +435,7 @@ async def test_create_invoice_with_description_hash(client, inkey_headers_to):
|
|||
)
|
||||
invoice = response.json()
|
||||
|
||||
invoice_bolt11 = bolt11.decode(invoice["payment_request"])
|
||||
invoice_bolt11 = bolt11.decode(invoice["bolt11"])
|
||||
assert invoice_bolt11.description_hash == descr_hash
|
||||
return invoice
|
||||
|
||||
|
|
@ -448,7 +452,7 @@ async def test_create_invoice_with_unhashed_description(client, inkey_headers_to
|
|||
)
|
||||
invoice = response.json()
|
||||
|
||||
invoice_bolt11 = bolt11.decode(invoice["payment_request"])
|
||||
invoice_bolt11 = bolt11.decode(invoice["bolt11"])
|
||||
assert invoice_bolt11.description_hash == descr_hash
|
||||
assert invoice_bolt11.description is None
|
||||
return invoice
|
||||
|
|
@ -475,7 +479,7 @@ async def test_update_wallet(client, adminkey_headers_from):
|
|||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_fiat_tracking(client, adminkey_headers_from):
|
||||
async def test_fiat_tracking(client, adminkey_headers_from, settings: Settings):
|
||||
async def create_invoice():
|
||||
data = await get_random_invoice_data()
|
||||
response = await client.post(
|
||||
|
|
@ -501,13 +505,15 @@ async def test_fiat_tracking(client, adminkey_headers_from):
|
|||
|
||||
settings.lnbits_default_accounting_currency = "USD"
|
||||
payment = await create_invoice()
|
||||
assert payment["extra"]["wallet_fiat_currency"] == "USD"
|
||||
assert payment["extra"]["wallet_fiat_amount"] != payment["amount"]
|
||||
assert payment["extra"]["wallet_fiat_rate"]
|
||||
extra = payment["extra"]
|
||||
assert extra["wallet_fiat_currency"] == "USD"
|
||||
assert extra["wallet_fiat_amount"] != payment["amount"]
|
||||
assert extra["wallet_fiat_rate"]
|
||||
|
||||
await update_currency("EUR")
|
||||
|
||||
payment = await create_invoice()
|
||||
assert payment["extra"]["wallet_fiat_currency"] == "EUR"
|
||||
assert payment["extra"]["wallet_fiat_amount"] != payment["amount"]
|
||||
assert payment["extra"]["wallet_fiat_rate"]
|
||||
extra = payment["extra"]
|
||||
assert extra["wallet_fiat_currency"] == "EUR"
|
||||
assert extra["wallet_fiat_amount"] != payment["amount"]
|
||||
assert extra["wallet_fiat_rate"]
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@ from httpx import AsyncClient
|
|||
|
||||
from lnbits.core.models import AccessTokenPayload, User
|
||||
from lnbits.core.views.user_api import api_users_reset_password
|
||||
from lnbits.settings import AuthMethods, settings
|
||||
from lnbits.settings import AuthMethods, Settings
|
||||
from lnbits.utils.nostr import hex_to_npub, sign_event
|
||||
|
||||
nostr_event = {
|
||||
|
|
@ -29,8 +29,6 @@ private_key = secp256k1.PrivateKey(
|
|||
)
|
||||
pubkey_hex = private_key.pubkey.serialize().hex()[2:]
|
||||
|
||||
settings.auth_allowed_methods = AuthMethods.all()
|
||||
|
||||
|
||||
################################ LOGIN ################################
|
||||
@pytest.mark.asyncio
|
||||
|
|
@ -63,7 +61,9 @@ async def test_login_alan_usr(user_alan: User, http_client: AsyncClient):
|
|||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_login_usr_not_allowed(user_alan: User, http_client: AsyncClient):
|
||||
async def test_login_usr_not_allowed(
|
||||
user_alan: User, http_client: AsyncClient, settings: Settings
|
||||
):
|
||||
# exclude 'user_id_only'
|
||||
settings.auth_allowed_methods = [AuthMethods.username_and_password.value]
|
||||
|
||||
|
|
@ -83,7 +83,7 @@ async def test_login_usr_not_allowed(user_alan: User, http_client: AsyncClient):
|
|||
|
||||
@pytest.mark.asyncio
|
||||
async def test_login_alan_username_password_ok(
|
||||
user_alan: User, http_client: AsyncClient
|
||||
user_alan: User, http_client: AsyncClient, settings: Settings
|
||||
):
|
||||
response = await http_client.post(
|
||||
"/api/v1/auth", json={"username": user_alan.username, "password": "secret1234"}
|
||||
|
|
@ -95,6 +95,7 @@ async def test_login_alan_username_password_ok(
|
|||
|
||||
payload: dict = jwt.decode(access_token, settings.auth_secret_key, ["HS256"])
|
||||
access_token_payload = AccessTokenPayload(**payload)
|
||||
|
||||
assert access_token_payload.sub == "alan", "Subject is Alan."
|
||||
assert access_token_payload.email == "alan@lnbits.com"
|
||||
assert access_token_payload.auth_time, "Auth time should be set by server."
|
||||
|
|
@ -113,7 +114,9 @@ async def test_login_alan_username_password_ok(
|
|||
assert not user.admin, "Not admin."
|
||||
assert not user.super_user, "Not superuser."
|
||||
assert user.has_password, "Password configured."
|
||||
assert len(user.wallets) == 1, "One default wallet."
|
||||
assert (
|
||||
len(user.wallets) == 1
|
||||
), f"Expected 1 default wallet, not {len(user.wallets)}."
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
|
|
@ -139,7 +142,7 @@ async def test_login_alan_password_nok(user_alan: User, http_client: AsyncClient
|
|||
|
||||
@pytest.mark.asyncio
|
||||
async def test_login_username_password_not_allowed(
|
||||
user_alan: User, http_client: AsyncClient
|
||||
user_alan: User, http_client: AsyncClient, settings: Settings
|
||||
):
|
||||
# exclude 'username_password'
|
||||
settings.auth_allowed_methods = [AuthMethods.user_id_only.value]
|
||||
|
|
@ -164,7 +167,7 @@ async def test_login_username_password_not_allowed(
|
|||
|
||||
@pytest.mark.asyncio
|
||||
async def test_login_alan_change_auth_secret_key(
|
||||
user_alan: User, http_client: AsyncClient
|
||||
user_alan: User, http_client: AsyncClient, settings: Settings
|
||||
):
|
||||
response = await http_client.post(
|
||||
"/api/v1/auth", json={"username": user_alan.username, "password": "secret1234"}
|
||||
|
|
@ -221,7 +224,9 @@ async def test_register_ok(http_client: AsyncClient):
|
|||
assert not user.admin, "Not admin."
|
||||
assert not user.super_user, "Not superuser."
|
||||
assert user.has_password, "Password configured."
|
||||
assert len(user.wallets) == 1, "One default wallet."
|
||||
assert (
|
||||
len(user.wallets) == 1
|
||||
), f"Expected 1 default wallet, not {len(user.wallets)}."
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
|
|
@ -250,7 +255,8 @@ async def test_register_email_twice(http_client: AsyncClient):
|
|||
"email": f"u21.{tiny_id}@lnbits.com",
|
||||
},
|
||||
)
|
||||
assert response.status_code == 403, "Not allowed."
|
||||
|
||||
assert response.status_code == 400, "Not allowed."
|
||||
assert response.json().get("detail") == "Email already exists."
|
||||
|
||||
|
||||
|
|
@ -280,7 +286,7 @@ async def test_register_username_twice(http_client: AsyncClient):
|
|||
"email": f"u21.{tiny_id_2}@lnbits.com",
|
||||
},
|
||||
)
|
||||
assert response.status_code == 403, "Not allowed."
|
||||
assert response.status_code == 400, "Not allowed."
|
||||
assert response.json().get("detail") == "Username already exists."
|
||||
|
||||
|
||||
|
|
@ -320,7 +326,7 @@ async def test_register_bad_email(http_client: AsyncClient):
|
|||
|
||||
################################ CHANGE PASSWORD ################################
|
||||
@pytest.mark.asyncio
|
||||
async def test_change_password_ok(http_client: AsyncClient):
|
||||
async def test_change_password_ok(http_client: AsyncClient, settings: Settings):
|
||||
tiny_id = shortuuid.uuid()[:8]
|
||||
response = await http_client.post(
|
||||
"/api/v1/auth/register",
|
||||
|
|
@ -409,8 +415,8 @@ async def test_alan_change_password_old_nok(user_alan: User, http_client: AsyncC
|
|||
},
|
||||
)
|
||||
|
||||
assert response.status_code == 403, "Old password bad."
|
||||
assert response.json().get("detail") == "Invalid credentials."
|
||||
assert response.status_code == 400, "Old password bad."
|
||||
assert response.json().get("detail") == "Invalid old password."
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
|
|
@ -441,7 +447,7 @@ async def test_alan_change_password_different_user(
|
|||
|
||||
@pytest.mark.asyncio
|
||||
async def test_alan_change_password_auth_threshold_expired(
|
||||
user_alan: User, http_client: AsyncClient
|
||||
user_alan: User, http_client: AsyncClient, settings: Settings
|
||||
):
|
||||
|
||||
response = await http_client.post("/api/v1/auth/usr", json={"usr": user_alan.id})
|
||||
|
|
@ -464,7 +470,7 @@ async def test_alan_change_password_auth_threshold_expired(
|
|||
},
|
||||
)
|
||||
|
||||
assert response.status_code == 403, "Treshold expired."
|
||||
assert response.status_code == 400
|
||||
assert (
|
||||
response.json().get("detail") == "You can only update your credentials"
|
||||
" in the first 1 seconds."
|
||||
|
|
@ -476,7 +482,7 @@ async def test_alan_change_password_auth_threshold_expired(
|
|||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_register_nostr_ok(http_client: AsyncClient):
|
||||
async def test_register_nostr_ok(http_client: AsyncClient, settings: Settings):
|
||||
event = {**nostr_event}
|
||||
event["created_at"] = int(time.time())
|
||||
|
||||
|
|
@ -502,6 +508,7 @@ async def test_register_nostr_ok(http_client: AsyncClient):
|
|||
response = await http_client.get(
|
||||
"/api/v1/auth", headers={"Authorization": f"Bearer {access_token}"}
|
||||
)
|
||||
|
||||
user = User(**response.json())
|
||||
assert user.username is None, "No username."
|
||||
assert user.email is None, "No email."
|
||||
|
|
@ -509,11 +516,13 @@ async def test_register_nostr_ok(http_client: AsyncClient):
|
|||
assert not user.admin, "Not admin."
|
||||
assert not user.super_user, "Not superuser."
|
||||
assert not user.has_password, "Password configured."
|
||||
assert len(user.wallets) == 1, "One default wallet."
|
||||
assert (
|
||||
len(user.wallets) == 1
|
||||
), f"Expected 1 default wallet, not {len(user.wallets)}."
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_register_nostr_not_allowed(http_client: AsyncClient):
|
||||
async def test_register_nostr_not_allowed(http_client: AsyncClient, settings: Settings):
|
||||
# exclude 'nostr_auth_nip98'
|
||||
settings.auth_allowed_methods = [AuthMethods.username_and_password.value]
|
||||
response = await http_client.post(
|
||||
|
|
@ -540,25 +549,25 @@ async def test_register_nostr_bad_header(http_client: AsyncClient):
|
|||
)
|
||||
|
||||
assert response.status_code == 401, "Non nostr header."
|
||||
assert response.json().get("detail") == "Authorization header is not nostr."
|
||||
assert response.json().get("detail") == "Invalid Authorization scheme."
|
||||
|
||||
response = await http_client.post(
|
||||
"/api/v1/auth/nostr",
|
||||
headers={"Authorization": "nostr xyz"},
|
||||
)
|
||||
assert response.status_code == 401, "Nostr not base64."
|
||||
assert response.status_code == 400, "Nostr not base64."
|
||||
assert response.json().get("detail") == "Nostr login event cannot be parsed."
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_register_nostr_bad_event(http_client: AsyncClient):
|
||||
async def test_register_nostr_bad_event(http_client: AsyncClient, settings: Settings):
|
||||
settings.auth_allowed_methods = AuthMethods.all()
|
||||
base64_event = base64.b64encode(json.dumps(nostr_event).encode()).decode("ascii")
|
||||
response = await http_client.post(
|
||||
"/api/v1/auth/nostr",
|
||||
headers={"Authorization": f"nostr {base64_event}"},
|
||||
)
|
||||
assert response.status_code == 401, "Nostr event expired."
|
||||
assert response.status_code == 400, "Nostr event expired."
|
||||
assert (
|
||||
response.json().get("detail")
|
||||
== f"More than {settings.auth_credetials_update_threshold}"
|
||||
|
|
@ -574,7 +583,7 @@ async def test_register_nostr_bad_event(http_client: AsyncClient):
|
|||
"/api/v1/auth/nostr",
|
||||
headers={"Authorization": f"nostr {base64_event}"},
|
||||
)
|
||||
assert response.status_code == 401, "Nostr event signature invalid."
|
||||
assert response.status_code == 400, "Nostr event signature invalid."
|
||||
assert response.json().get("detail") == "Nostr login event is not valid."
|
||||
|
||||
|
||||
|
|
@ -591,7 +600,7 @@ async def test_register_nostr_bad_event_kind(http_client: AsyncClient):
|
|||
"/api/v1/auth/nostr",
|
||||
headers={"Authorization": f"nostr {base64_event_bad_kind}"},
|
||||
)
|
||||
assert response.status_code == 401, "Nostr event kind invalid."
|
||||
assert response.status_code == 400, "Nostr event kind invalid."
|
||||
assert response.json().get("detail") == "Invalid event kind."
|
||||
|
||||
|
||||
|
|
@ -610,7 +619,7 @@ async def test_register_nostr_bad_event_tag_u(http_client: AsyncClient):
|
|||
"/api/v1/auth/nostr",
|
||||
headers={"Authorization": f"nostr {base64_event_tag_kind}"},
|
||||
)
|
||||
assert response.status_code == 401, "Nostr event tag missing."
|
||||
assert response.status_code == 400, "Nostr event tag missing."
|
||||
assert response.json().get("detail") == "Tag 'method' is missing."
|
||||
|
||||
event_bad_kind["tags"] = [["u", "http://localhost:5000/nostr"], ["method", "XYZ"]]
|
||||
|
|
@ -623,8 +632,8 @@ async def test_register_nostr_bad_event_tag_u(http_client: AsyncClient):
|
|||
"/api/v1/auth/nostr",
|
||||
headers={"Authorization": f"nostr {base64_event_tag_kind}"},
|
||||
)
|
||||
assert response.status_code == 401, "Nostr event tag invalid."
|
||||
assert response.json().get("detail") == "Incorrect value for tag 'method'."
|
||||
assert response.status_code == 400, "Nostr event tag invalid."
|
||||
assert response.json().get("detail") == "Invalid value for tag 'method'."
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
|
|
@ -642,7 +651,7 @@ async def test_register_nostr_bad_event_tag_menthod(http_client: AsyncClient):
|
|||
"/api/v1/auth/nostr",
|
||||
headers={"Authorization": f"nostr {base64_event}"},
|
||||
)
|
||||
assert response.status_code == 401, "Nostr event tag missing."
|
||||
assert response.status_code == 400, "Nostr event tag missing."
|
||||
assert response.json().get("detail") == "Tag 'u' for URL is missing."
|
||||
|
||||
event_bad_kind["tags"] = [["u", "http://demo.lnbits.com/nostr"], ["method", "POST"]]
|
||||
|
|
@ -655,15 +664,15 @@ async def test_register_nostr_bad_event_tag_menthod(http_client: AsyncClient):
|
|||
"/api/v1/auth/nostr",
|
||||
headers={"Authorization": f"nostr {base64_event}"},
|
||||
)
|
||||
assert response.status_code == 401, "Nostr event tag invalid."
|
||||
assert response.status_code == 400, "Nostr event tag invalid."
|
||||
assert (
|
||||
response.json().get("detail") == "Incorrect value for tag 'u':"
|
||||
response.json().get("detail") == "Invalid value for tag 'u':"
|
||||
" 'http://demo.lnbits.com/nostr'."
|
||||
)
|
||||
|
||||
|
||||
################################ CHANGE PUBLIC KEY ################################
|
||||
async def test_change_pubkey_npub_ok(http_client: AsyncClient, user_alan: User):
|
||||
async def test_change_pubkey_npub_ok(http_client: AsyncClient, settings: Settings):
|
||||
tiny_id = shortuuid.uuid()[:8]
|
||||
response = await http_client.post(
|
||||
"/api/v1/auth/register",
|
||||
|
|
@ -703,7 +712,9 @@ async def test_change_pubkey_npub_ok(http_client: AsyncClient, user_alan: User):
|
|||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_change_pubkey_ok(http_client: AsyncClient, user_alan: User):
|
||||
async def test_change_pubkey_ok(
|
||||
http_client: AsyncClient, user_alan: User, settings: Settings
|
||||
):
|
||||
tiny_id = shortuuid.uuid()[:8]
|
||||
response = await http_client.post(
|
||||
"/api/v1/auth/register",
|
||||
|
|
@ -783,7 +794,7 @@ async def test_change_pubkey_ok(http_client: AsyncClient, user_alan: User):
|
|||
},
|
||||
)
|
||||
|
||||
assert response.status_code == 403, "Pubkey already used."
|
||||
assert response.status_code == 400, "Pubkey already used."
|
||||
assert response.json().get("detail") == "Public key already in use."
|
||||
|
||||
|
||||
|
|
@ -825,7 +836,7 @@ async def test_change_pubkey_other_user(http_client: AsyncClient, user_alan: Use
|
|||
|
||||
@pytest.mark.asyncio
|
||||
async def test_alan_change_pubkey_auth_threshold_expired(
|
||||
user_alan: User, http_client: AsyncClient
|
||||
user_alan: User, http_client: AsyncClient, settings: Settings
|
||||
):
|
||||
|
||||
response = await http_client.post("/api/v1/auth/usr", json={"usr": user_alan.id})
|
||||
|
|
@ -835,7 +846,7 @@ async def test_alan_change_pubkey_auth_threshold_expired(
|
|||
assert access_token is not None
|
||||
|
||||
settings.auth_credetials_update_threshold = 1
|
||||
time.sleep(1.1)
|
||||
time.sleep(2.1)
|
||||
response = await http_client.put(
|
||||
"/api/v1/auth/pubkey",
|
||||
headers={"Authorization": f"Bearer {access_token}"},
|
||||
|
|
@ -845,17 +856,17 @@ async def test_alan_change_pubkey_auth_threshold_expired(
|
|||
},
|
||||
)
|
||||
|
||||
assert response.status_code == 403, "Treshold expired."
|
||||
assert response.status_code == 400, "Treshold expired."
|
||||
assert (
|
||||
response.json().get("detail") == "You can only update your credentials"
|
||||
" in the first 1 seconds after login."
|
||||
" Please login again!"
|
||||
" in the first 1 seconds."
|
||||
" Please login again or ask a new reset key!"
|
||||
)
|
||||
|
||||
|
||||
################################ RESET PASSWORD ################################
|
||||
@pytest.mark.asyncio
|
||||
async def test_request_reset_key_ok(http_client: AsyncClient):
|
||||
async def test_request_reset_key_ok(http_client: AsyncClient, settings: Settings):
|
||||
tiny_id = shortuuid.uuid()[:8]
|
||||
response = await http_client.post(
|
||||
"/api/v1/auth/register",
|
||||
|
|
@ -922,12 +933,14 @@ async def test_request_reset_key_user_not_found(http_client: AsyncClient):
|
|||
},
|
||||
)
|
||||
|
||||
assert response.status_code == 403, "User does not exist."
|
||||
assert response.status_code == 404, "User does not exist."
|
||||
assert response.json().get("detail") == "User not found."
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_reset_username_password_not_allowed(http_client: AsyncClient):
|
||||
async def test_reset_username_password_not_allowed(
|
||||
http_client: AsyncClient, settings: Settings
|
||||
):
|
||||
# exclude 'username_password'
|
||||
settings.auth_allowed_methods = [AuthMethods.user_id_only.value]
|
||||
|
||||
|
|
@ -968,7 +981,7 @@ async def test_reset_username_passwords_do_not_matcj(
|
|||
},
|
||||
)
|
||||
|
||||
assert response.status_code == 403, "Passwords do not match."
|
||||
assert response.status_code == 400, "Passwords do not match."
|
||||
assert response.json().get("detail") == "Passwords do not match."
|
||||
|
||||
|
||||
|
|
@ -983,13 +996,13 @@ async def test_reset_username_password_bad_key(http_client: AsyncClient):
|
|||
"password_repeat": "secret0000",
|
||||
},
|
||||
)
|
||||
assert response.status_code == 500, "Bad reset key."
|
||||
assert response.json().get("detail") == "Cannot reset user password."
|
||||
assert response.status_code == 400, "Bad reset key."
|
||||
assert response.json().get("detail") == "Invalid reset key."
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_reset_password_auth_threshold_expired(
|
||||
user_alan: User, http_client: AsyncClient
|
||||
user_alan: User, http_client: AsyncClient, settings: Settings
|
||||
):
|
||||
|
||||
reset_key = await api_users_reset_password(user_alan.id)
|
||||
|
|
@ -1006,7 +1019,7 @@ async def test_reset_password_auth_threshold_expired(
|
|||
},
|
||||
)
|
||||
|
||||
assert response.status_code == 403, "Treshold expired."
|
||||
assert response.status_code == 400, "Treshold expired."
|
||||
assert (
|
||||
response.json().get("detail") == "You can only update your credentials"
|
||||
" in the first 1 seconds."
|
||||
|
|
|
|||
|
|
@ -1,5 +1,7 @@
|
|||
import pytest
|
||||
|
||||
from lnbits.core.models import Payment
|
||||
|
||||
|
||||
# check if the client is working
|
||||
@pytest.mark.asyncio
|
||||
|
|
@ -10,17 +12,15 @@ async def test_core_views_generic(client):
|
|||
|
||||
# check GET /public/v1/payment/{payment_hash}: correct hash [should pass]
|
||||
@pytest.mark.asyncio
|
||||
async def test_api_public_payment_longpolling(client, invoice):
|
||||
response = await client.get(f"/public/v1/payment/{invoice['payment_hash']}")
|
||||
async def test_api_public_payment_longpolling(client, invoice: Payment):
|
||||
response = await client.get(f"/public/v1/payment/{invoice.payment_hash}")
|
||||
assert response.status_code < 300
|
||||
assert response.json()["status"] == "paid"
|
||||
|
||||
|
||||
# check GET /public/v1/payment/{payment_hash}: wrong hash [should fail]
|
||||
@pytest.mark.asyncio
|
||||
async def test_api_public_payment_longpolling_wrong_hash(client, invoice):
|
||||
response = await client.get(
|
||||
f"/public/v1/payment/{invoice['payment_hash'] + '0'*64}"
|
||||
)
|
||||
async def test_api_public_payment_longpolling_wrong_hash(client, invoice: Payment):
|
||||
response = await client.get(f"/public/v1/payment/{invoice.payment_hash + '0'*64}")
|
||||
assert response.status_code == 404
|
||||
assert response.json()["detail"] == "Payment does not exist."
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue