aiolabs/lnbits
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

[feat] Add stripe payments (#3184)

Browse source
This commit is contained in:
Vlad Stan 2025-06-30 13:13:13 +03:00 committed by dni ⚡
parent 5c9511ccfe
commit 695e9b6471
No known key found for this signature in database
GPG key ID: D1F416F29AD26E87
51 changed files with 2014 additions and 175 deletions
Download patch file Download diff file Expand all files Collapse all files

4
lnbits/core/__init__.py
View file

@ -5,7 +5,9 @@ from .views.admin_api import admin_router
from .views.api import api_router
from .views.audit_api import audit_router
from .views.auth_api import auth_router
from .views.callback_api import callback_router
from .views.extension_api import extension_router
from .views.fiat_api import fiat_router
# this compat is needed for usermanager extension
from .views.generic import generic_router
@ -34,10 +36,12 @@ def init_core_routers(app: FastAPI):
app.include_router(wallet_router)
app.include_router(api_router)
app.include_router(websocket_router)
app.include_router(callback_router)
app.include_router(tinyurl_router)
app.include_router(webpush_router)
app.include_router(users_router)
app.include_router(audit_router)
app.include_router(fiat_router)
__all__ = ["core_app", "core_app_extra", "db"]

1
lnbits/core/crud/users.py
View file

@ -195,6 +195,7 @@ async def get_user_from_account(
wallets=wallets,
admin=account.is_admin,
super_user=account.is_super_user,
fiat_providers=account.fiat_providers,
has_password=account.password_hash is not None,
)

4
lnbits/core/migrations.py
View file

@ -719,3 +719,7 @@ async def m032_add_external_id_to_accounts(db: Connection):
Used for external account linking.
"""
await db.execute("ALTER TABLE accounts ADD COLUMN external_id TEXT")
async def m033_update_payment_table(db: Connection):
await db.execute("ALTER TABLE apipayments ADD COLUMN fiat_provider TEXT")

56
lnbits/core/models/payments.py
View file

@ -8,6 +8,13 @@ from fastapi import Query
from pydantic import BaseModel, Field, validator
from lnbits.db import FilterModel
from lnbits.fiat import get_fiat_provider
from lnbits.fiat.base import (
FiatPaymentFailedStatus,
FiatPaymentPendingStatus,
FiatPaymentStatus,
FiatPaymentSuccessStatus,
)
from lnbits.utils.exchange_rates import allowed_currencies
from lnbits.wallets import get_funding_source
from lnbits.wallets.base import (
@ -60,6 +67,8 @@ class Payment(BaseModel):
amount: int
fee: int
bolt11: str
# payment_request: str | None
fiat_provider: str | None = None
status: str = PaymentState.PENDING
memo: str | None = None
expiry: datetime | None = None
@ -107,14 +116,23 @@ class Payment(BaseModel):
@property
def is_internal(self) -> bool:
return self.checking_id.startswith("internal_")
return self.checking_id.startswith("internal_") or self.checking_id.startswith(
"fiat_"
)
async def check_status(self) -> PaymentStatus:
async def check_status(
self, skip_internal_payment_notifications: bool | None = False
) -> PaymentStatus:
if self.is_internal:
if self.success:
return PaymentSuccessStatus()
if self.failed:
return PaymentFailedStatus()
if self.is_in and self.fiat_provider:
fiat_status = await self.check_fiat_status(
skip_internal_payment_notifications
)
return PaymentStatus(paid=fiat_status.paid)
return PaymentPendingStatus()
funding_source = get_funding_source()
if self.is_out:
@ -123,6 +141,39 @@ class Payment(BaseModel):
status = await funding_source.get_invoice_status(self.checking_id)
return status
async def check_fiat_status(
self, skip_internal_payment_notifications: bool | None = False
) -> FiatPaymentStatus:
if not self.is_internal:
return FiatPaymentPendingStatus()
if self.success:
return FiatPaymentSuccessStatus()
if self.failed:
return FiatPaymentFailedStatus()
if not self.fiat_provider:
return FiatPaymentPendingStatus()
checking_id = self.extra.get("fiat_checking_id")
if not checking_id:
return FiatPaymentPendingStatus()
fiat_provider = await get_fiat_provider(self.fiat_provider)
if not fiat_provider:
return FiatPaymentPendingStatus()
fiat_status = await fiat_provider.get_invoice_status(checking_id)
if skip_internal_payment_notifications:
return fiat_status
if fiat_status.success:
# notify receivers asynchronously
from lnbits.tasks import internal_invoice_queue
await internal_invoice_queue.put(self.checking_id)
return fiat_status
class PaymentFilters(FilterModel):
__search_fields__ = ["memo", "amount", "wallet_id", "tag", "status", "time"]
@ -206,6 +257,7 @@ class CreateInvoice(BaseModel):
webhook: str | None = None
bolt11: str | None = None
lnurl_callback: str | None = None
fiat_provider: str | None = None
@validator("unit")
@classmethod

3
lnbits/core/models/users.py
View file

@ -110,11 +110,13 @@ class Account(BaseModel):
is_super_user: bool = Field(default=False, no_database=True)
is_admin: bool = Field(default=False, no_database=True)
fiat_providers: list[str] = Field(default=[], no_database=True)
def __init__(self, **data):
super().__init__(**data)
self.is_super_user = settings.is_super_user(self.id)
self.is_admin = settings.is_admin_user(self.id)
self.fiat_providers = settings.get_fiat_providers_for_user(self.id)
def hash_password(self, password: str) -> str:
"""sets and returns the hashed password"""
@ -191,6 +193,7 @@ class User(BaseModel):
wallets: list[Wallet] = []
admin: bool = False
super_user: bool = False
fiat_providers: list[str] = []
has_password: bool = False
extra: UserExtra = UserExtra()

8
lnbits/core/services/__init__.py
View file

@ -8,11 +8,15 @@ from .payments import (
calculate_fiat_amounts,
check_transaction_status,
check_wallet_limits,
create_fiat_invoice,
create_invoice,
create_wallet_invoice,
fee_reserve,
fee_reserve_total,
get_payments_daily_stats,
pay_invoice,
service_fee,
update_pending_payment,
update_pending_payments,
update_wallet_balance,
)
@ -44,10 +48,14 @@ __all__ = [
"check_transaction_status",
"check_wallet_limits",
"create_invoice",
"create_wallet_invoice",
"create_fiat_invoice",
"fee_reserve",
"fee_reserve_total",
"get_payments_daily_stats",
"pay_invoice",
"service_fee",
"update_pending_payment",
"update_pending_payments",
"update_wallet_balance",
# settings

92
lnbits/core/services/fiat_providers.py Normal file
View file

@ -0,0 +1,92 @@
import hashlib
import hmac
import time
from typing import Optional
from loguru import logger
from lnbits.core.crud.payments import get_standalone_payment
from lnbits.core.models.misc import SimpleStatus
from lnbits.fiat import get_fiat_provider
async def handle_stripe_event(event: dict):
event_id = event.get("id")
event_object = event.get("data", {}).get("object", {})
object_type = event_object.get("object")
payment_hash = event_object.get("metadata", {}).get("payment_hash")
logger.debug(
f"Handling Stripe event: '{event_id}'. Type: '{object_type}'."
f" Payment hash: '{payment_hash}'."
)
if not payment_hash:
logger.warning("Stripe event does not contain a payment hash.")
return
payment = await get_standalone_payment(payment_hash)
if not payment:
logger.warning(f"No payment found for hash: '{payment_hash}'.")
return
await payment.check_fiat_status()
def check_stripe_signature(
payload: bytes,
sig_header: Optional[str],
secret: Optional[str],
tolerance_seconds=300,
):
if not sig_header:
logger.warning("Stripe-Signature header is missing.")
raise ValueError("Stripe-Signature header is missing.")
if not secret:
logger.warning("Stripe webhook signing secret is not set.")
raise ValueError("Stripe webhook cannot be verified.")
# Split the Stripe-Signature header
items = dict(i.split("=") for i in sig_header.split(","))
timestamp = int(items["t"])
signature = items["v1"]
# Check timestamp tolerance
if abs(time.time() - timestamp) > tolerance_seconds:
logger.warning("Timestamp outside tolerance.")
logger.debug(
f"Current time: {time.time()}, "
f"Timestamp: {timestamp}, "
f"Tolerance: {tolerance_seconds} seconds"
)
raise ValueError("Timestamp outside tolerance." f"Timestamp: {timestamp}")
signed_payload = f"{timestamp}.{payload.decode()}"
# Compute HMAC SHA256 using the webhook secret
computed_signature = hmac.new(
key=secret.encode(), msg=signed_payload.encode(), digestmod=hashlib.sha256
).hexdigest()
# Compare signatures using constant time comparison
if hmac.compare_digest(computed_signature, signature) is not True:
logger.warning("Stripe signature verification failed.")
raise ValueError("Stripe signature verification failed.")
async def test_connection(provider: str) -> SimpleStatus:
"""
Test the connection to Stripe by checking if the API key is valid.
This function should be called when setting up or testing the Stripe integration.
"""
fiat_provider = await get_fiat_provider(provider)
status = await fiat_provider.status()
if status.error_message:
return SimpleStatus(
success=False,
message=f"Cconnection test failed: {status.error_message}",
)
return SimpleStatus(
success=True,
message="Connection test successful." f" Balance: {status.balance}.",
)

281
lnbits/core/services/payments.py
View file

@ -1,8 +1,10 @@
import asyncio
import json
import time
from datetime import datetime, timedelta, timezone
from typing import Optional
import httpx
from bolt11 import Bolt11, MilliSatoshi, Tags
from bolt11 import decode as bolt11_decode
from bolt11 import encode as bolt11_encode
@ -11,11 +13,13 @@ from loguru import logger
from lnbits.core.crud.payments import get_daily_stats
from lnbits.core.db import db
from lnbits.core.models import PaymentDailyStats, PaymentFilters
from lnbits.core.models.payments import CreateInvoice
from lnbits.db import Connection, Filters
from lnbits.decorators import check_user_extension_access
from lnbits.exceptions import InvoiceError, PaymentError
from lnbits.fiat import get_fiat_provider
from lnbits.helpers import check_callback_url
from lnbits.settings import settings
from lnbits.tasks import create_task
from lnbits.utils.crypto import fake_privkey, random_secret_and_hash
from lnbits.utils.exchange_rates import fiat_amount_as_satoshis, satoshis_amount_as_fiat
from lnbits.wallets import fake_wallet, get_funding_source
@ -94,6 +98,122 @@ async def pay_invoice(
return payment
async def create_fiat_invoice(
wallet_id: str, invoice_data: CreateInvoice, conn: Optional[Connection] = None
):
fiat_provider_name = invoice_data.fiat_provider
if not fiat_provider_name:
raise ValueError("Fiat provider is required for fiat invoices.")
if not settings.is_fiat_provider_enabled(fiat_provider_name):
raise ValueError(
f"Fiat provider '{fiat_provider_name}' is not enabled.",
)
if invoice_data.unit == "sat":
raise ValueError("Fiat provider cannot be used with satoshis.")
amount_sat = await fiat_amount_as_satoshis(invoice_data.amount, invoice_data.unit)
await _check_fiat_invoice_limits(amount_sat, fiat_provider_name, conn)
invoice_data.internal = True # use FakeWallet for fiat invoices
if not invoice_data.memo:
invoice_data.memo = settings.lnbits_site_title + f" ({fiat_provider_name})"
internal_payment = await create_wallet_invoice(wallet_id, invoice_data)
fiat_provider = await get_fiat_provider(fiat_provider_name)
fiat_invoice = await fiat_provider.create_invoice(
amount=invoice_data.amount,
payment_hash=internal_payment.payment_hash,
currency=invoice_data.unit,
memo=invoice_data.memo,
)
if fiat_invoice.failed:
logger.warning(fiat_invoice.error_message)
internal_payment.status = PaymentState.FAILED
await update_payment(internal_payment, conn=conn)
raise ValueError(
f"Cannot create payment request for '{fiat_provider_name}'.",
)
internal_payment.fee = -abs(
service_fee_fiat(internal_payment.msat, fiat_provider_name)
)
internal_payment.fiat_provider = fiat_provider_name
internal_payment.extra["fiat_checking_id"] = fiat_invoice.checking_id
# todo: move to payent
internal_payment.extra["fiat_payment_request"] = fiat_invoice.payment_request
new_checking_id = (
f"fiat_{fiat_provider_name}_"
f"{fiat_invoice.checking_id or internal_payment.checking_id}"
)
await update_payment(internal_payment, new_checking_id, conn=conn)
internal_payment.checking_id = new_checking_id
return internal_payment
async def create_wallet_invoice(wallet_id: str, data: CreateInvoice) -> Payment:
description_hash = b""
unhashed_description = b""
memo = data.memo or settings.lnbits_site_title
if data.description_hash or data.unhashed_description:
if data.description_hash:
try:
description_hash = bytes.fromhex(data.description_hash)
except ValueError as exc:
raise ValueError(
"'description_hash' must be a valid hex string"
) from exc
if data.unhashed_description:
try:
unhashed_description = bytes.fromhex(data.unhashed_description)
except ValueError as exc:
raise ValueError(
"'unhashed_description' must be a valid hex string",
) from exc
# do not save memo if description_hash or unhashed_description is set
memo = ""
payment = await create_invoice(
wallet_id=wallet_id,
amount=data.amount,
memo=memo,
currency=data.unit,
description_hash=description_hash,
unhashed_description=unhashed_description,
expiry=data.expiry,
extra=data.extra,
webhook=data.webhook,
internal=data.internal,
)
# lnurl_response is not saved in the database
if data.lnurl_callback:
headers = {"User-Agent": settings.user_agent}
async with httpx.AsyncClient(headers=headers) as client:
try:
check_callback_url(data.lnurl_callback)
r = await client.get(
data.lnurl_callback,
params={"pr": payment.bolt11},
timeout=10,
)
if r.is_error:
payment.extra["lnurl_response"] = r.text
else:
resp = json.loads(r.text)
if resp["status"] != "OK":
payment.extra["lnurl_response"] = resp["reason"]
else:
payment.extra["lnurl_response"] = True
except (httpx.ConnectError, httpx.RequestError) as ex:
logger.error(ex)
payment.extra["lnurl_response"] = False
return payment
async def create_invoice(
*,
wallet_id: str,
@ -226,6 +346,26 @@ def service_fee(amount_msat: int, internal: bool = False) -> int:
return 0
def service_fee_fiat(amount_msat: int, fiat_provider_name: str) -> int:
"""
Calculate the service fee for a fiat provider based on the amount in msat.
Return the fee in msat.
"""
limits = settings.get_fiat_provider_limits(fiat_provider_name)
if not limits:
return 0
amount_msat = abs(amount_msat)
fee_max = limits.service_max_fee_sats * 1000
if not limits.service_fee_wallet_id:
return 0
fee_percentage = int(amount_msat / 100 * limits.service_fee_percent)
if fee_max > 0 and fee_percentage > fee_max:
return fee_max
else:
return fee_percentage
async def update_wallet_balance(
wallet: Wallet,
amount: int,
@ -449,6 +589,20 @@ async def get_payments_daily_stats(
return data
async def handle_fiat_payment_confirmation(
payment: Payment, conn: Optional[Connection] = None
):
try:
await _credit_fiat_service_fee_wallet(payment, conn=conn)
except Exception as e:
logger.warning(e)
try:
await _debit_fiat_service_faucet_wallet(payment, conn=conn)
except Exception as e:
logger.warning(e)
async def _pay_invoice(
wallet_id: str,
create_payment_model: CreatePayment,
@ -573,6 +727,8 @@ async def _pay_external_invoice(
fee_reserve_msat = fee_reserve(amount_msat, internal=False)
service_fee_msat = service_fee(amount_msat, internal=False)
from lnbits.tasks import create_task
task = create_task(
_fundingsource_pay_invoice(checking_id, payment.bolt11, fee_reserve_msat)
)
@ -728,3 +884,126 @@ async def _credit_service_fee_wallet(
status=PaymentState.SUCCESS,
conn=conn,
)
async def _credit_fiat_service_fee_wallet(
payment: Payment, conn: Optional[Connection] = None
):
fiat_provider_name = payment.fiat_provider
if not fiat_provider_name:
return
if payment.fee == 0:
return
limits = settings.get_fiat_provider_limits(fiat_provider_name)
if not limits:
return
if not limits.service_fee_wallet_id:
return
memo = (
f"Service fee for fiat payment of "
f"{abs(payment.sat)} sats. "
f"Provider: {fiat_provider_name}. "
f"Wallet: '{payment.wallet_id}'."
)
create_payment_model = CreatePayment(
wallet_id=limits.service_fee_wallet_id,
bolt11=payment.bolt11,
payment_hash=payment.payment_hash,
amount_msat=abs(payment.fee),
memo=memo,
)
await create_payment(
checking_id=f"service_fee_{payment.payment_hash}",
data=create_payment_model,
status=PaymentState.SUCCESS,
conn=conn,
)
async def _debit_fiat_service_faucet_wallet(
payment: Payment, conn: Optional[Connection] = None
):
fiat_provider_name = payment.fiat_provider
if not fiat_provider_name:
return
limits = settings.get_fiat_provider_limits(fiat_provider_name)
if not limits:
return
if not limits.service_faucet_wallet_id:
return
faucet_wallet = await get_wallet(limits.service_faucet_wallet_id, conn=conn)
if not faucet_wallet:
raise ValueError(
f"Fiat provider '{fiat_provider_name}' faucet wallet not found."
)
memo = (
f"Faucet payment of {abs(payment.sat)} sats. "
f"Provider: {fiat_provider_name}. "
f"Wallet: '{payment.wallet_id}'."
)
create_payment_model = CreatePayment(
wallet_id=limits.service_faucet_wallet_id,
bolt11=payment.bolt11,
payment_hash=payment.payment_hash,
amount_msat=-abs(payment.amount),
memo=memo,
extra=payment.extra,
)
await create_payment(
checking_id=f"internal_fiat_{fiat_provider_name}_"
f"faucet_{payment.payment_hash}",
data=create_payment_model,
status=PaymentState.SUCCESS,
conn=conn,
)
async def _check_fiat_invoice_limits(
amount_sat: int, fiat_provider_name: str, conn: Optional[Connection] = None
):
limits = settings.get_fiat_provider_limits(fiat_provider_name)
if not limits:
raise ValueError(
f"Fiat provider '{fiat_provider_name}' does not have limits configured.",
)
min_amount_sat = limits.service_min_amount_sats
if min_amount_sat and (amount_sat < min_amount_sat):
raise ValueError(
f"Minimum amount is {min_amount_sat} " f"sats for '{fiat_provider_name}'.",
)
max_amount_sats = limits.service_max_amount_sats
if max_amount_sats and (amount_sat > max_amount_sats):
raise ValueError(
f"Maximum amount is {max_amount_sats} " f"sats for '{fiat_provider_name}'.",
)
if limits.service_max_fee_sats > 0 or limits.service_fee_percent > 0:
if not limits.service_fee_wallet_id:
raise ValueError(
f"Fiat provider '{fiat_provider_name}' service fee wallet missing.",
)
fees_wallet = await get_wallet(limits.service_fee_wallet_id, conn=conn)
if not fees_wallet:
raise ValueError(
f"Fiat provider '{fiat_provider_name}' service fee wallet not found.",
)
if limits.service_faucet_wallet_id:
faucet_wallet = await get_wallet(limits.service_faucet_wallet_id, conn=conn)
if not faucet_wallet:
raise ValueError(
f"Fiat provider '{fiat_provider_name}' faucet wallet not found.",
)
if faucet_wallet.balance < amount_sat:
raise ValueError(
f"The amount exceeds the '{fiat_provider_name}'"
"faucet wallet balance.",
)

287
lnbits/core/templates/admin/_tab_fiat_providers.html Normal file
View file

@ -0,0 +1,287 @@
<q-tab-panel name="fiat_providers">
<h6 class="q-my-none q-mb-sm">
<span v-text="$t('fiat_providers')"></span>
<q-btn
round
flat
@click="hideInputsToggle()"
:icon="hideInputToggle ? 'visibility_off' : 'visibility'"
></q-btn>
</h6>
<div class="row">
<div class="col">
<q-list bordered class="rounded-borders">
<q-expansion-item header-class="text-primary text-bold">
<template v-slot:header>
<q-item-section avatar>
<q-avatar>
<img
:src="'{{ static_url_for('static', 'images/stripe_logo.ico') }}'"
/>
</q-avatar>
</q-item-section>
<q-item-section> Stripe </q-item-section>
<q-item-section side>
<div class="row items-center">
<q-toggle
size="md"
:label="$t('enabled')"
v-model="formData.stripe_enabled"
color="green"
unchecked-icon="clear"
/>
</div>
</q-item-section>
</template>
<q-card class="q-pb-xl">
<q-expansion-item :label="$t('api')" default-opened>
<q-card-section class="q-pa-md">
<q-input
filled
type="text"
v-model="formData.stripe_api_endpoint"
:label="$t('endpoint')"
></q-input>
<q-input
filled
class="q-mt-md"
:type="hideInputToggle ? 'password' : 'text'"
v-model="formData.stripe_api_secret_key"
:label="$t('secret_key')"
></q-input>
<q-input
filled
class="q-mt-md"
type="text"
v-model="formData.stripe_payment_success_url"
:label="$t('callback_success_url')"
:hint="$t('callback_success_url_hint')"
></q-input>
</q-card-section>
<q-card-section class="q-pa-md">
<div class="row">
<div class="col">
<q-btn
outline
color="grey"
class="float-right"
:label="$t('check_connection')"
@click="checkFiatProvider('stripe')"
></q-btn>
</div>
</div>
</q-card-section>
</q-expansion-item>
<q-expansion-item :label="$t('webhook')" default-opened>
<q-card-section>
<span v-text="$t('webhook_stripe_description')"></span>
</q-card-section>
<q-card-section>
<q-input
filled
class="q-mt-md"
type="text"
disable
v-model="formData.stripe_payment_webhook_url"
:label="$t('webhook_url')"
:hint="$t('webhook_url_hint')"
></q-input>
<q-input
filled
class="q-mt-md"
:type="hideInputToggle ? 'password' : 'text'"
v-model="formData.stripe_webhook_signing_secret"
:label="$t('signing_secret')"
:hint="$t('signing_secret_hint')"
></q-input>
</q-card-section>
<q-card-section>
<span v-text="$t('webhook_events_list')"></span>
<ul>
<li><code>checkout.session.async_payment_failed</code></li>
<li><code>checkout.session.async_payment_succeeded</code></li>
<li><code>checkout.session.completed</code></li>
<li><code>checkout.session.expired</code></li>
</ul>
</q-card-section>
</q-expansion-item>
<q-expansion-item :label="$t('service_fee')">
<q-card-section>
<div class="row">
<div class="col-md-4 col-sm-12">
<q-input
filled
class="q-ma-sm"
type="number"
min="0"
v-model="formData.stripe_limits.service_fee_percent"
@update:model-value="touchSettings()"
:label="$t('service_fee_label')"
:hint="$t('service_fee_hint')"
></q-input>
</div>
<div class="col-md-4 col-sm-12">
<q-input
filled
class="q-ma-sm"
type="number"
min="0"
v-model="formData.stripe_limits.service_max_fee_sats"
@update:model-value="touchSettings()"
:label="$t('service_fee_max')"
:hint="$t('service_fee_max_hint')"
></q-input>
</div>
<div class="col-md-4 col-sm-12">
<q-input
filled
class="q-ma-sm"
type="text"
v-model="formData.stripe_limits.service_fee_wallet_id"
@update:model-value="touchSettings()"
:label="$t('fee_wallet_label')"
:hint="$t('fee_wallet_hint')"
></q-input>
</div>
</div>
</q-card-section>
</q-expansion-item>
<q-expansion-item :label="$t('amount_limits')">
<q-card-section>
<div class="row">
<div class="col-md-4 col-sm-12">
<q-input
filled
class="q-ma-sm"
type="number"
min="0"
v-model="formData.stripe_limits.service_min_amount_sats"
@update:model-value="touchSettings()"
:label="$t('min_incoming_payment_amount')"
:hint="$t('min_incoming_payment_amount_desc')"
></q-input>
</div>
<div class="col-md-4 col-sm-12">
<q-input
filled
class="q-ma-sm"
type="number"
min="0"
v-model="formData.stripe_limits.service_max_amount_sats"
@update:model-value="touchSettings()"
:label="$t('max_incoming_payment_amount')"
:hint="$t('max_incoming_payment_amount_desc')"
></q-input>
</div>
<div class="col-md-4 col-sm-12">
<q-input
filled
class="q-ma-sm"
v-model="formData.stripe_limits.service_faucet_wallet_id"
@update:model-value="touchSettings()"
:label="$t('faucest_wallet_id')"
:hint="$t('faucest_wallet_id_hint')"
></q-input>
</div>
</div>
<q-item>
<q-item-section>
<q-item-label v-text="$t('faucest_wallet')"></q-item-label>
<q-item-label caption>
<ul>
<li>
<span
v-text="$t('faucest_wallet_desc_1', {provider: 'stripe'})"
></span>
</li>
<li>
<span
v-text="$t('faucest_wallet_desc_2', {provider: 'stripe'})"
></span>
</li>
<li>
<span v-text="$t('faucest_wallet_desc_3')"></span>
</li>
<li>
<span
v-text="$t('faucest_wallet_desc_4', {provider: 'stripe'})"
></span>
</li>
<li>
<span v-text="$t('faucest_wallet_desc_5')"></span>
</li>
</ul>
<br />
</q-item-label>
</q-item-section>
</q-item>
</q-card-section>
</q-expansion-item>
<q-expansion-item :label="$t('allowed_users')">
<q-card-section>
<q-input
filled
v-model="formAddStripeUser"
@keydown.enter="addAllowedUser"
type="text"
:label="$t('allowed_users_label')"
:hint="$t('allowed_users_hint_feature', {feature: 'Stripe'})"
>
<q-btn
@click="addStripeAllowedUser"
dense
flat
icon="add"
></q-btn>
</q-input>
<div>
<q-chip
v-for="user in formData.stripe_limits.allowed_users"
@update:model-value="touchSettings()"
:key="user"
removable
@remove="removeStripeAllowedUser(user)"
color="primary"
text-color="white"
:label="user"
class="ellipsis"
>
</q-chip>
</div>
</q-card-section>
</q-expansion-item>
</q-card>
</q-expansion-item>
<q-separator />
<q-expansion-item header-class="text-primary text-bold">
<template v-slot:header>
<q-item-section avatar>
<q-avatar>
<img
:src="'{{ static_url_for('static', 'images/square_logo.png') }}'"
/>
</q-avatar>
</q-item-section>
<q-item-section> Square </q-item-section>
<q-item-section side>
<div class="row items-center">Disabled</div>
</q-item-section>
</template>
<q-card>
<q-card-section> Coming Soon </q-card-section>
</q-card>
</q-expansion-item>
</q-list>
</div>
</div>
</q-tab-panel>

10
lnbits/core/templates/admin/index.html
View file

@ -115,6 +115,13 @@ import window_vars with context %} {% block scripts %} {{ window_vars(user) }}
><q-tooltip v-if="!$q.screen.gt.sm"
><span v-text="$t('exchanges')"></span></q-tooltip
></q-tab>
<q-tab
name="fiat_providers"
icon="credit_score"
:label="$q.screen.gt.sm ? $t('fiat_providers') : null"
><q-tooltip v-if="!$q.screen.gt.sm"
><span v-text="$t('fiat_providers')"></span></q-tooltip
></q-tab>
<q-tab
name="users"
icon="group"
@ -183,7 +190,8 @@ import window_vars with context %} {% block scripts %} {{ window_vars(user) }}
>
{% include "admin/_tab_funding.html" %} {% include
"admin/_tab_users.html" %} {% include "admin/_tab_server.html"
%} {% include "admin/_tab_exchange_providers.html" %} {% include
%} {% include "admin/_tab_exchange_providers.html" %}{% include
"admin/_tab_fiat_providers.html" %} {% include
"admin/_tab_extensions.html" %} {% include
"admin/_tab_notifications.html" %} {% include
"admin/_tab_security.html" %} {% include "admin/_tab_theme.html"

128
lnbits/core/templates/core/wallet.html
View file

@ -211,7 +211,12 @@
</q-card>
<div id="hiddenQrCodeContainer" style="display: none">
<lnbits-qrcode
:value="'lightning:' + this.receive.paymentReq"
v-if="receive.fiatPaymentReq"
:value="receive.fiatPaymentReq"
></lnbits-qrcode>
<lnbits-qrcode
v-else
:value="'lightning:' + (this.receive.paymentReq || '').toUpperCase()"
></lnbits-qrcode>
</div>
</div>
@ -619,14 +624,30 @@
:readonly="receive.lnurl && receive.lnurl.fixed"
></q-input>
{% else %}
<q-select
filled
dense
v-model="receive.unit"
type="text"
:label="$t('unit')"
:options="receive.units"
></q-select>
<div class="row">
<div class="col-10">
<q-select
filled
dense
v-model="receive.unit"
type="text"
:label="$t('unit')"
:options="receive.units"
></q-select>
</div>
<div class="col-2">
<q-btn
v-if="g.fiatTracking"
@click="swapBalancePriority"
class="float-right"
color="primary"
flat
dense
icon="swap_vert"
></q-btn>
</div>
</div>
<q-input
ref="setAmount"
filled
@ -644,9 +665,59 @@
<q-input
filled
dense
type="textarea"
rows="2"
v-model.trim="receive.data.memo"
:label="$t('memo')"
></q-input>
<div v-if="g.user.fiat_providers?.length" class="q-mt-md">
<q-list bordered dense class="rounded-borders">
<q-item-label dense header>
<span v-text="$t('select_payment_provider')"></span>
</q-item-label>
<q-separator></q-separator>
<q-item
:active="!receive.fiatProvider"
@click="receive.fiatProvider = ''"
active-class="bg-teal-1 text-grey-8 text-weight-bold"
clickable
v-ripple
>
<q-item-section avatar>
<q-avatar square>
<img
:src="'{{ static_url_for('static', 'images/logos/lnbits.png') }}'"
/>
</q-avatar>
</q-item-section>
<q-item-section>
<span
v-text="$t('pay_with', {provider: 'Lightning Network'})"
></span>
</q-item-section>
</q-item>
<q-separator></q-separator>
<q-item
:active="receive.fiatProvider === 'stripe'"
@click="receive.fiatProvider = 'stripe'"
active-class="bg-teal-1 text-grey-8 text-weight-bold"
clickable
v-ripple
>
<q-item-section avatar>
<q-avatar>
<img
:src="'{{ static_url_for('static', 'images/stripe_logo.ico') }}'"
/>
</q-avatar>
</q-item-section>
<q-item-section>
<span v-text="$t('pay_with', {provider: 'Stripe'})"></span>
</q-item-section>
</q-item>
</q-list>
</div>
<div v-if="receive.status == 'pending'" class="row q-mt-lg">
<q-btn
unelevated
@ -680,7 +751,14 @@
class="q-pa-lg q-pt-xl lnbits__dialog-card"
>
<div class="text-center q-mb-lg">
<a :href="'lightning:' + receive.paymentReq">
<a
v-if="receive.fiatPaymentReq"
:href="receive.fiatPaymentReq"
target="_blank"
>
<div v-html="invoiceQrCode"></div>
</a>
<a v-else :href="'lightning:' + receive.paymentReq">
<div v-html="invoiceQrCode"></div>
</a>
</div>
@ -691,25 +769,27 @@
<h5 v-if="receive.unit != 'sat'" class="q-mt-none q-mb-sm">
<span v-text="formattedSatAmount"></span>
</h5>
<q-chip v-if="hasNfc" outline square color="positive">
<q-avatar
icon="nfc"
color="positive"
text-color="white"
></q-avatar>
<span v-text="$t('nfc_supported')"></span>
</q-chip>
<span
v-else
class="text-caption text-grey"
v-text="$t('nfc_not_supported')"
></span>
<div v-if="!receive.fiatPaymentReq">
<q-chip v-if="hasNfc" outline square color="positive">
<q-avatar
icon="nfc"
color="positive"
text-color="white"
></q-avatar>
<span v-text="$t('nfc_supported')"></span>
</q-chip>
<span
v-else
class="text-caption text-grey"
v-text="$t('nfc_not_supported')"
></span>
</div>
</div>
<div class="row q-mt-lg">
<q-btn
outline
color="grey"
@click="copyText(receive.paymentReq)"
@click="copyText(receive.fiatPaymentReq || receive.paymentReq)"
:label="$t('copy_invoice')"
></q-btn>
<q-btn

35
lnbits/core/views/callback_api.py Normal file
View file

@ -0,0 +1,35 @@
from fastapi import APIRouter, Request
from lnbits.core.models.misc import SimpleStatus
from lnbits.core.services.fiat_providers import (
check_stripe_signature,
handle_stripe_event,
)
from lnbits.settings import settings
callback_router = APIRouter(prefix="/api/v1/callback", tags=["callback"])
@callback_router.post("/{provider_name}")
async def api_generic_webhook_handler(
provider_name: str, request: Request
) -> SimpleStatus:
if provider_name.lower() == "stripe":
payload = await request.body()
sig_header = request.headers.get("Stripe-Signature")
check_stripe_signature(
payload, sig_header, settings.stripe_webhook_signing_secret
)
event = await request.json()
await handle_stripe_event(event)
return SimpleStatus(
success=True,
message=f"Callback received successfully from '{provider_name}'.",
)
return SimpleStatus(
success=False,
message=f"Unknown fiat provider '{provider_name}'.",
)

18
lnbits/core/views/fiat_api.py Normal file
View file

@ -0,0 +1,18 @@
from http import HTTPStatus
from fastapi import APIRouter, Depends
from lnbits.core.models.misc import SimpleStatus
from lnbits.core.services.fiat_providers import test_connection
from lnbits.decorators import check_admin
fiat_router = APIRouter(tags=["Fiat API"], prefix="/api/v1/fiat")
@fiat_router.put(
"/check/{provider}",
status_code=HTTPStatus.OK,
dependencies=[Depends(check_admin)],
)
async def api_test_fiat_provider(provider: str) -> SimpleStatus:
return await test_connection(provider)

87
lnbits/core/views/payment_api.py
View file

@ -34,13 +34,8 @@ from lnbits.core.models import (
PaymentFilters,
PaymentHistoryPoint,
PaymentWalletStats,
Wallet,
)
from lnbits.core.models.users import User
from lnbits.core.services.payments import (
get_payments_daily_stats,
update_pending_payment,
)
from lnbits.db import Filters, Page
from lnbits.decorators import (
WalletTypeInfo,
@ -67,9 +62,12 @@ from ..crud import (
get_wallet_for_key,
)
from ..services import (
create_invoice,
create_fiat_invoice,
create_wallet_invoice,
fee_reserve_total,
get_payments_daily_stats,
pay_invoice,
update_pending_payment,
update_pending_payments,
)
@ -198,69 +196,6 @@ async def api_payments_paginated(
return page
async def _api_payments_create_invoice(data: CreateInvoice, wallet: Wallet):
description_hash = b""
unhashed_description = b""
memo = data.memo or settings.lnbits_site_title
if data.description_hash or data.unhashed_description:
if data.description_hash:
try:
description_hash = bytes.fromhex(data.description_hash)
except ValueError as exc:
raise HTTPException(
status_code=HTTPStatus.BAD_REQUEST,
detail="'description_hash' must be a valid hex string",
) from exc
if data.unhashed_description:
try:
unhashed_description = bytes.fromhex(data.unhashed_description)
except ValueError as exc:
raise HTTPException(
status_code=HTTPStatus.BAD_REQUEST,
detail="'unhashed_description' must be a valid hex string",
) from exc
# do not save memo if description_hash or unhashed_description is set
memo = ""
payment = await create_invoice(
wallet_id=wallet.id,
amount=data.amount,
memo=memo,
currency=data.unit,
description_hash=description_hash,
unhashed_description=unhashed_description,
expiry=data.expiry,
extra=data.extra,
webhook=data.webhook,
internal=data.internal,
)
# lnurl_response is not saved in the database
if data.lnurl_callback:
headers = {"User-Agent": settings.user_agent}
async with httpx.AsyncClient(headers=headers) as client:
try:
check_callback_url(data.lnurl_callback)
r = await client.get(
data.lnurl_callback,
params={"pr": payment.bolt11},
timeout=10,
)
if r.is_error:
payment.extra["lnurl_response"] = r.text
else:
resp = json.loads(r.text)
if resp["status"] != "OK":
payment.extra["lnurl_response"] = resp["reason"]
else:
payment.extra["lnurl_response"] = True
except (httpx.ConnectError, httpx.RequestError) as ex:
logger.error(ex)
payment.extra["lnurl_response"] = False
return payment
@payment_router.get(
"/all/paginated",
name="Payment List",
@ -308,6 +243,7 @@ async def api_payments_create(
invoice_data: CreateInvoice,
wallet: WalletTypeInfo = Depends(require_invoice_key),
) -> Payment:
wallet_id = wallet.wallet.id
if invoice_data.out is True and wallet.key_type == KeyType.admin:
if not invoice_data.bolt11:
raise HTTPException(
@ -315,21 +251,24 @@ async def api_payments_create(
detail="Missing BOLT11 invoice",
)
payment = await pay_invoice(
wallet_id=wallet.wallet.id,
wallet_id=wallet_id,
payment_request=invoice_data.bolt11,
extra=invoice_data.extra,
)
return payment
elif not invoice_data.out:
# invoice key
return await _api_payments_create_invoice(invoice_data, wallet.wallet)
else:
if invoice_data.out:
raise HTTPException(
status_code=HTTPStatus.FORBIDDEN,
detail="Invoice (or Admin) key required.",
)
# If the payment is not outgoing, we can create a new invoice.
if invoice_data.fiat_provider:
return await create_fiat_invoice(wallet_id, invoice_data)
return await create_wallet_invoice(wallet_id, invoice_data)
@payment_router.get("/fee-reserve")
async def api_payments_fee_reserve(invoice: str = Query("invoice")) -> JSONResponse:

4
lnbits/exceptions.py
View file

@ -26,6 +26,10 @@ class InvoiceError(Exception):
self.status = status
class UnsupportedError(Exception):
pass
def render_html_error(request: Request, exc: Exception) -> Optional[Response]:
# Only the browser sends "text/html" request
# not fail proof, but everything else get's a JSON response

46
lnbits/fiat/__init__.py Normal file
View file

@ -0,0 +1,46 @@
from __future__ import annotations
import importlib
from enum import Enum
from lnbits.fiat.base import FiatProvider
from lnbits.settings import settings
from .stripe import StripeWallet
fiat_module = importlib.import_module("lnbits.fiat")
class FiatProviderType(Enum):
stripe = "StripeWallet"
async def get_fiat_provider(name: str) -> FiatProvider:
if name not in FiatProviderType.__members__:
raise ValueError(f"Fiat provider '{name}' is not supported.")
fiat_provider = fiat_providers.get(name)
if fiat_provider:
status = await fiat_provider.status(only_check_settings=True)
if status.error_message:
await fiat_provider.cleanup()
del fiat_providers[name]
else:
return fiat_provider
fiat_providers[name] = _init_fiat_provider(FiatProviderType[name])
return fiat_providers[name]
def _init_fiat_provider(fiat_provider: FiatProviderType) -> FiatProvider:
if not settings.is_fiat_provider_enabled(fiat_provider.name):
raise ValueError(f"Fiat provider '{fiat_provider.name}' not enabled.")
provider_constructor = getattr(fiat_module, fiat_provider.value)
return provider_constructor()
fiat_providers: dict[str, FiatProvider] = {}
__all__ = [
"StripeWallet",
]

134
lnbits/fiat/base.py Normal file
View file

@ -0,0 +1,134 @@
from __future__ import annotations
from abc import ABC, abstractmethod
from typing import TYPE_CHECKING, AsyncGenerator, Coroutine, NamedTuple
if TYPE_CHECKING:
pass
class FiatStatusResponse(NamedTuple):
error_message: str | None = None
balance: float = 0
class FiatInvoiceResponse(NamedTuple):
ok: bool
checking_id: str | None = None # payment_hash, rpc_id
payment_request: str | None = None
error_message: str | None = None
@property
def success(self) -> bool:
return self.ok is True
@property
def pending(self) -> bool:
return self.ok is None
@property
def failed(self) -> bool:
return self.ok is False
class FiatPaymentResponse(NamedTuple):
# when ok is None it means we don't know if this succeeded
ok: bool | None = None
checking_id: str | None = None # payment_hash, rcp_id
fee: float | None = None
error_message: str | None = None
@property
def success(self) -> bool:
return self.ok is True
@property
def pending(self) -> bool:
return self.ok is None
@property
def failed(self) -> bool:
return self.ok is False
class FiatPaymentStatus(NamedTuple):
paid: bool | None = None
fee: float | None = None # todo: what fee is this?
@property
def success(self) -> bool:
return self.paid is True
@property
def pending(self) -> bool:
return self.paid is not True
@property
def failed(self) -> bool:
return self.paid is False
def __str__(self) -> str:
if self.success:
return "success"
if self.failed:
return "failed"
return "pending"
class FiatPaymentSuccessStatus(FiatPaymentStatus):
paid = True
class FiatPaymentFailedStatus(FiatPaymentStatus):
paid = False
class FiatPaymentPendingStatus(FiatPaymentStatus):
paid = None
class FiatProvider(ABC):
@abstractmethod
async def cleanup(self):
pass
@abstractmethod
def status(
self, only_check_settings: bool | None = False
) -> Coroutine[None, None, FiatStatusResponse]:
pass
@abstractmethod
def create_invoice(
self,
amount: float,
payment_hash: str,
currency: str,
memo: str | None = None,
**kwargs,
) -> Coroutine[None, None, FiatInvoiceResponse]:
pass
@abstractmethod
def pay_invoice(
self,
payment_request: str,
) -> Coroutine[None, None, FiatPaymentResponse]:
pass
@abstractmethod
def get_invoice_status(
self, checking_id: str
) -> Coroutine[None, None, FiatPaymentStatus]:
pass
@abstractmethod
def get_payment_status(
self, checking_id: str
) -> Coroutine[None, None, FiatPaymentStatus]:
pass
async def paid_invoices_stream(
self,
) -> AsyncGenerator[str, None]:
yield ""

173
lnbits/fiat/stripe.py Normal file
View file

@ -0,0 +1,173 @@
import asyncio
import json
from datetime import datetime, timedelta, timezone
from typing import AsyncGenerator, Optional
from urllib.parse import urlencode
import httpx
from loguru import logger
from lnbits.helpers import normalize_endpoint
from lnbits.settings import settings
from .base import (
FiatInvoiceResponse,
FiatPaymentFailedStatus,
FiatPaymentPendingStatus,
FiatPaymentResponse,
FiatPaymentStatus,
FiatPaymentSuccessStatus,
FiatProvider,
FiatStatusResponse,
)
class StripeWallet(FiatProvider):
"""https://docs.stripe.com/api"""
def __init__(self):
logger.debug("Initializing StripeWallet")
self._settings_fields = self._settings_connection_fields()
if not settings.stripe_api_endpoint:
raise ValueError("Cannot initialize StripeWallet: missing endpoint.")
if not settings.stripe_api_secret_key:
raise ValueError("Cannot initialize StripeWallet: missing API secret key.")
self.endpoint = normalize_endpoint(settings.stripe_api_endpoint)
self.headers = {
"Authorization": f"Bearer {settings.stripe_api_secret_key}",
"User-Agent": settings.user_agent,
}
self.client = httpx.AsyncClient(base_url=self.endpoint, headers=self.headers)
logger.info("StripeWallet initialized.")
async def cleanup(self):
try:
await self.client.aclose()
except RuntimeError as e:
logger.warning(f"Error closing stripe wallet connection: {e}")
async def status(
self, only_check_settings: Optional[bool] = False
) -> FiatStatusResponse:
if only_check_settings:
if self._settings_fields != self._settings_connection_fields():
return FiatStatusResponse("Connection settings have changed.", 0)
return FiatStatusResponse(balance=0)
try:
r = await self.client.get(url="/v1/balance", timeout=15)
r.raise_for_status()
data = r.json()
available_balance = data.get("available", [{}])[0].get("amount", 0)
# pending_balance = data.get("pending", {}).get("amount", 0)
return FiatStatusResponse(balance=available_balance)
except json.JSONDecodeError:
return FiatStatusResponse("Server error: 'invalid json response'", 0)
except Exception as exc:
logger.warning(exc)
return FiatStatusResponse(f"Unable to connect to {self.endpoint}.", 0)
async def create_invoice(
self,
amount: float,
payment_hash: str,
currency: str,
memo: Optional[str] = None,
**kwargs,
) -> FiatInvoiceResponse:
amount_cents = int(amount * 100)
form_data = [
("mode", "payment"),
(
"success_url",
settings.stripe_payment_success_url or "https://lnbits.com",
),
("metadata[payment_hash]", payment_hash),
("line_items[0][price_data][currency]", currency.lower()),
("line_items[0][price_data][product_data][name]", memo or "LNbits Invoice"),
("line_items[0][price_data][unit_amount]", amount_cents),
("line_items[0][quantity]", "1"),
]
encoded_data = urlencode(form_data)
try:
headers = self.headers.copy()
headers["Content-Type"] = "application/x-www-form-urlencoded"
r = await self.client.post(
url="/v1/checkout/sessions", headers=headers, content=encoded_data
)
r.raise_for_status()
data = r.json()
session_id = data.get("id")
if not session_id:
return FiatInvoiceResponse(
ok=False, error_message="Server error: 'missing session id'"
)
payment_request = data.get("url")
if not payment_request:
return FiatInvoiceResponse(
ok=False, error_message="Server error: 'missing payment URL'"
)
return FiatInvoiceResponse(
ok=True, checking_id=session_id, payment_request=payment_request
)
except json.JSONDecodeError:
return FiatInvoiceResponse(
ok=False, error_message="Server error: 'invalid json response'"
)
except Exception as exc:
logger.warning(exc)
return FiatInvoiceResponse(
ok=False, error_message=f"Unable to connect to {self.endpoint}."
)
async def pay_invoice(self, payment_request: str) -> FiatPaymentResponse:
raise NotImplementedError("Stripe does not support paying invoices directly.")
async def get_invoice_status(self, checking_id: str) -> FiatPaymentStatus:
try:
r = await self.client.get(
url=f"/v1/checkout/sessions/{checking_id}",
)
r.raise_for_status()
data = r.json()
payment_status = data.get("payment_status")
if not payment_status:
return FiatPaymentPendingStatus()
if payment_status == "paid":
# todo: handle fee
return FiatPaymentSuccessStatus()
expires_at = data.get("expires_at")
_24_hours_ago = datetime.now(timezone.utc) - timedelta(hours=24)
if expires_at and expires_at < _24_hours_ago.timestamp():
# be defensive: add a 24 hour buffer
return FiatPaymentFailedStatus()
return FiatPaymentPendingStatus()
except Exception as exc:
logger.debug(f"Error getting invoice status: {exc}")
return FiatPaymentPendingStatus()
async def get_payment_status(self, checking_id: str) -> FiatPaymentStatus:
raise NotImplementedError("Stripe does not support outgoing payments.")
async def paid_invoices_stream(self) -> AsyncGenerator[str, None]:
logger.warning(
"Stripe does not support paid invoices stream. Use webhooks instead."
)
mock_queue: asyncio.Queue[str] = asyncio.Queue(0)
while settings.lnbits_running:
value = await mock_queue.get()
yield value
def _settings_connection_fields(self) -> str:
return "-".join(
[str(settings.stripe_api_endpoint), str(settings.stripe_api_secret_key)]
)

11
lnbits/helpers.py
View file

@ -363,3 +363,14 @@ def safe_upload_file_path(filename: str, directory: str = "images") -> Path:
# Prevent filename with subdirectories
file_path = image_folder / filename.split("/")[-1]
return file_path.resolve()
def normalize_endpoint(endpoint: str, add_proto=True) -> str:
endpoint = endpoint[:-1] if endpoint.endswith("/") else endpoint
if add_proto:
if endpoint.startswith("ws://") or endpoint.startswith("wss://"):
return endpoint
endpoint = (
f"https://{endpoint}" if not endpoint.startswith("http") else endpoint
)
return endpoint

63
lnbits/settings.py
View file

@ -565,6 +565,34 @@ class StrikeFundingSource(LNbitsSettings):
strike_api_key: str | None = Field(default=None, env="STRIKE_API_KEY")
class FiatProviderLimits(BaseModel):
# empty list means all users are allowed to receive payments via Stripe
allowed_users: list[str] = Field(default=[])
service_max_fee_sats: int = Field(default=0)
service_fee_percent: float = Field(default=0)
service_fee_wallet_id: str | None = Field(default=None)
service_min_amount_sats: int = Field(default=0)
service_max_amount_sats: int = Field(default=0)
service_faucet_wallet_id: str | None = Field(default="")
class StripeFiatProvider(LNbitsSettings):
stripe_enabled: bool = Field(default=False)
stripe_api_endpoint: str = Field(default="https://api.stripe.com")
stripe_api_secret_key: str | None = Field(default=None)
stripe_payment_success_url: str = Field(default="https://lnbits.com")
stripe_payment_webhook_url: str = Field(
default="https://your-lnbits-domain-here.com/api/v1/callback/stripe"
)
# Use this secret to verify that events come from Stripe.
stripe_webhook_signing_secret: str | None = Field(default=None)
stripe_limits: FiatProviderLimits = Field(default_factory=FiatProviderLimits)
class LightningSettings(LNbitsSettings):
lightning_invoice_expiry: int = Field(default=3600, gt=0)
@ -597,6 +625,40 @@ class FundingSourcesSettings(
lnbits_funding_source_pay_invoice_wait_seconds: int = Field(default=5, ge=0)
class FiatProvidersSettings(StripeFiatProvider):
def is_fiat_provider_enabled(self, provider: str | None) -> bool:
"""
Checks if a specific fiat provider is enabled.
"""
if not provider:
return False
if provider == "stripe":
return self.stripe_enabled
# Add checks for other fiat providers here as needed
return False
def get_fiat_providers_for_user(self, user_id: str) -> list[str]:
"""
Returns a list of fiat payment methods allowed for the user.
"""
allowed_providers = []
if self.stripe_enabled and (
not self.stripe_limits.allowed_users
or user_id in self.stripe_limits.allowed_users
):
allowed_providers.append("stripe")
# Add other fiat providers here as needed
return allowed_providers
def get_fiat_provider_limits(self, provider_name: str) -> FiatProviderLimits | None:
"""
Returns the limits for a specific fiat provider.
"""
return getattr(self, provider_name + "_limits", None)
class WebPushSettings(LNbitsSettings):
lnbits_webpush_pubkey: str | None = Field(default=None)
lnbits_webpush_privkey: str | None = Field(default=None)
@ -769,6 +831,7 @@ class EditableSettings(
SecuritySettings,
NotificationsSettings,
FundingSourcesSettings,
FiatProvidersSettings,
LightningSettings,
WebPushSettings,
NodeUISettings,

20
lnbits/static/bundle.min.js vendored
View file

File diff suppressed because one or more lines are too long

45
lnbits/static/i18n/en.js
View file

@ -22,6 +22,7 @@ window.localisation.en = {
active_channels: 'Active Channels',
connect_peer: 'Connect Peer',
connect: 'Connect',
reconnect: 'Reconnect',
open_channel: 'Open Channel',
open: 'Open',
close_channel: 'Close Channel',
@ -60,6 +61,7 @@ window.localisation.en = {
rename_wallet: 'Rename wallet',
update_name: 'Update name',
fiat_tracking: 'Fiat tracking',
fiat_providers: 'Fiat providers',
currency: 'Currency',
update_currency: 'Update currency',
press_to_claim: 'Press to claim bitcoin',
@ -141,6 +143,7 @@ window.localisation.en = {
uninstall: 'Uninstall',
drop_db: 'Remove Data',
enable: 'Enable',
enabled: 'Enabled',
pay_to_enable: 'Pay To Enable',
enable_extension_details: 'Enable extension for current user',
disable: 'Disable',
@ -171,12 +174,33 @@ window.localisation.en = {
payment_hash: 'Payment Hash',
fee: 'Fee',
amount: 'Amount',
amount_limits: 'Amount Limits',
amount_sats: 'Amount (sats)',
faucest_wallet: 'Faucet Wallet',
faucest_wallet_desc_1:
'Each time a payment is confirmed by the {provider} provider funds will be subtracted from this wallet.',
faucest_wallet_desc_2:
'This helps monitor all {provider} payments and their status.',
faucest_wallet_desc_3:
'This wallet must be topped up with the amount of sats that the admin is willing to offer in exchange for the fiat currency.',
faucest_wallet_desc_4:
'If this wallet is configured, but is empty, the {provider} payments will not be processed.',
faucest_wallet_desc_5:
'This wallet can eventually get to a negative balance if parallel fiat payments are made.',
faucest_wallet_id: 'Faucet Wallet ID (optional)',
faucest_wallet_id_hint:
'Wallet ID to use for the faucet. It will be used to send the funds to the user.',
tag: 'Tag',
unit: 'Unit',
description: 'Description',
expiry: 'Expiry',
webhook: 'Webhook',
webhook_url: 'Webhook URL',
webhook_url_hint:
'Webhook URL to send the payment details to. It will be called when the payment is completed.',
webhook_events_list: 'The following events must be supported by the webhook:',
webhook_stripe_description:
'One the stripe side you must configure a webhook with a URL that points to your LNbits server.',
payment_proof: 'Payment Proof',
update: 'Update',
update_available: 'Update {version} available!',
@ -357,6 +381,8 @@ window.localisation.en = {
back: 'Back',
logout: 'Logout',
look_and_feel: 'Look and Feel',
endpoint: 'Endpoint',
api: 'API',
api_token: 'API Token',
api_tokens: 'API Tokens',
access_control_list: 'Access Control List',
@ -374,6 +400,8 @@ window.localisation.en = {
extension_paid_sats: 'You have already paid {paid_sats} sats.',
release_details_error: 'Cannot get the release details.',
pay_from_wallet: 'Pay from Wallet',
pay_with: 'Pay with {provider}',
select_payment_provider: 'Select payment provider',
wallet_required: 'Wallet *',
show_qr: 'Show QR',
retry_install: 'Retry Install',
@ -386,6 +414,9 @@ window.localisation.en = {
'The {name} extension requires a payment of minimum {amount} sats to enable.',
hide_empty_wallets: 'Hide empty wallets',
recheck: 'Recheck',
check: 'Check',
check_connection: 'Check Connection',
check_webhook: 'Check Webhook',
contributors: 'Contributors',
license: 'License',
reset_key: 'Reset Key',
@ -492,7 +523,9 @@ window.localisation.en = {
allowed_currencies_hint: 'Limit the number of available fiat currencies',
default_account_currency: 'Default Account Currency',
default_account_currency_hint: 'Default currency for accounting',
min_incoming_payment_amount: 'Min Incoming Payment Amount',
min_incoming_payment_amount_desc:
'Minimum amount allowed for generating an invoice',
max_incoming_payment_amount: 'Max Incoming Payment Amount',
max_incoming_payment_amount_desc:
'Maximum amount allowed for generating an invoice',
@ -554,6 +587,7 @@ window.localisation.en = {
admin_users_label: 'User ID',
allowed_users: 'Allowed Users',
allowed_users_hint: 'Only these users can use LNbits',
allowed_users_hint_feature: 'Only these users can use {feature}',
allowed_users_label: 'User ID',
allow_creation_user: 'Allow creation of new users',
allow_creation_user_desc: 'Allow creation of new users on the index page',
@ -588,5 +622,12 @@ window.localisation.en = {
view_column: 'View wallets as rows',
filter_payments: 'Filter payments',
filter_date: 'Filter by date',
websocket_example: 'Websocket example'
websocket_example: 'Websocket example',
secret_key: 'Secret Key',
signing_secret: 'Signing Secret',
signing_secret_hint:
'Signing secret for the webhook. Messages will be signed with this secret.',
callback_success_url: 'Callback Success URL',
callback_success_url_hint:
'The user will be redirected to this URL after the payment is successful'
}

BIN
lnbits/static/images/square_logo.png Executable file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 7.9 KiB

BIN
lnbits/static/images/stripe_logo.ico Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 15 KiB

32
lnbits/static/js/admin.js
View file

@ -54,6 +54,7 @@ window.AdminPageLogic = {
chartReady: false,
formAddAdmin: '',
formAddUser: '',
formAddStripeUser: '',
hideInputToggle: true,
formAddExtensionsManifest: '',
nostrNotificationIdentifier: '',
@ -187,6 +188,23 @@ window.AdminPageLogic = {
let allowed_users = this.formData.lnbits_allowed_users
this.formData.lnbits_allowed_users = allowed_users.filter(u => u !== user)
},
addStripeAllowedUser() {
const addUser = this.formAddStripeUser || ''
if (
addUser.length &&
!this.formData.stripe_limits.allowed_users.includes(addUser)
) {
this.formData.stripe_limits.allowed_users = [
...this.formData.stripe_limits.allowed_users,
addUser
]
this.formAddStripeUser = ''
}
},
removeStripeAllowedUser(user) {
this.formData.stripe_limits.allowed_users =
this.formData.stripe_limits.allowed_users.filter(u => u !== user)
},
addIncludePath() {
if (!this.formAddIncludePath) {
return
@ -613,6 +631,20 @@ window.AdminPageLogic = {
.catch(LNbits.utils.notifyApiError)
})
},
checkFiatProvider(providerName) {
LNbits.api
.request('PUT', `/api/v1/fiat/check/${providerName}`)
.then(response => {
response
const data = response.data
Quasar.Notify.create({
type: data.success ? 'positive' : 'warning',
message: data.message,
icon: null
})
})
.catch(LNbits.utils.notifyApiError)
},
downloadBackup() {
window.open('/admin/api/v1/backup', '_blank')
},

7
lnbits/static/js/base.js
View file

@ -19,14 +19,16 @@ window.LNbits = {
amount,
memo,
unit = 'sat',
lnurlCallback = null
lnurlCallback = null,
fiatProvider = null
) {
return this.request('post', '/api/v1/payments', wallet.inkey, {
out: false,
amount: amount,
memo: memo,
lnurl_callback: lnurlCallback,
unit: unit
unit: unit,
fiat_provider: fiatProvider
})
},
payInvoice(wallet, bolt11) {
@ -197,6 +199,7 @@ window.LNbits = {
email: data.email,
extensions: data.extensions,
wallets: data.wallets,
fiat_providers: data.fiat_providers || [],
super_user: data.super_user,
extra: data.extra ?? {}
}

9
lnbits/static/js/wallet.js
View file

@ -35,6 +35,7 @@ window.WalletPageLogic = {
lnurl: null,
units: ['sat'],
unit: 'sat',
fiatProvider: '',
data: {
amount: null,
memo: ''
@ -253,12 +254,15 @@ window.WalletPageLogic = {
this.receive.data.amount,
this.receive.data.memo,
this.receive.unit,
this.receive.lnurl && this.receive.lnurl.callback
this.receive.lnurl && this.receive.lnurl.callback,
this.receive.fiatProvider
)
.then(response => {
this.g.updatePayments = !this.g.updatePayments
this.receive.status = 'success'
this.receive.paymentReq = response.data.bolt11
this.receive.fiatPaymentReq =
response.data.extra?.fiat_payment_request
this.receive.amountMsat = response.data.amount
this.receive.paymentHash = response.data.payment_hash
if (!this.receive.lnurl) {
@ -820,6 +824,9 @@ window.WalletPageLogic = {
},
swapBalancePriority() {
this.isFiatPriority = !this.isFiatPriority
this.receive.unit = this.isFiatPriority
? this.g.wallet.currency || 'sat'
: 'sat'
this.$q.localStorage.setItem('lnbits.isFiatPriority', this.isFiatPriority)
},
handleFiatTracking() {

33
lnbits/tasks.py
View file

@ -18,6 +18,7 @@ from lnbits.core.crud import (
update_payment,
)
from lnbits.core.models import Payment, PaymentState
from lnbits.core.services.payments import handle_fiat_payment_confirmation
from lnbits.settings import settings
from lnbits.wallets import get_funding_source
@ -200,15 +201,23 @@ async def invoice_callback_dispatcher(checking_id: str, is_internal: bool = Fals
invoice_listeners from core and extensions.
"""
payment = await get_standalone_payment(checking_id, incoming=True)
if payment and payment.is_in:
status = await payment.check_status()
payment.fee = status.fee_msat or 0
# only overwrite preimage if status.preimage provides it
payment.preimage = status.preimage or payment.preimage
payment.status = PaymentState.SUCCESS
await update_payment(payment)
internal = "internal" if is_internal else ""
logger.success(f"{internal} invoice {checking_id} settled")
for name, send_chan in invoice_listeners.items():
logger.trace(f"invoice listeners: sending to `{name}`")
await send_chan.put(payment)
if not payment:
logger.warning(f"No payment found for '{checking_id}'.")
return
if not payment.is_in:
logger.warning(f"Payment '{checking_id}' is not incoming, skipping.")
return
status = await payment.check_status(skip_internal_payment_notifications=True)
payment.fee = status.fee_msat or payment.fee
# only overwrite preimage if status.preimage provides it
payment.preimage = status.preimage or payment.preimage
payment.status = PaymentState.SUCCESS
await update_payment(payment)
if payment.fiat_provider:
await handle_fiat_payment_confirmation(payment)
internal = "internal" if is_internal else ""
logger.success(f"{internal} invoice {checking_id} settled")
for name, send_chan in invoice_listeners.items():
logger.trace(f"invoice listeners: sending to `{name}`")
await send_chan.put(payment)

28
lnbits/templates/components.vue
View file

@ -998,11 +998,23 @@
v-if="props.row.isIn && props.row.isPending && props.row.bolt11"
class="text-center q-my-lg"
>
<a :href="'lightning:' + props.row.bolt11">
<lnbits-qrcode
:value="'lightning:' + props.row.bolt11.toUpperCase()"
></lnbits-qrcode>
</a>
<div v-if="props.row.extra.fiat_payment_request">
<a
:href="props.row.extra.fiat_payment_request"
target="_blank"
>
<lnbits-qrcode
:value="props.row.extra.fiat_payment_request"
></lnbits-qrcode>
</a>
</div>
<div v-else>
<a :href="'lightning:' + props.row.bolt11">
<lnbits-qrcode
:value="'lightning:' + props.row.bolt11.toUpperCase()"
></lnbits-qrcode>
</a>
</div>
</div>
</q-card-section>
<q-card-section>
@ -1013,7 +1025,11 @@
"
outline
color="grey"
@click="copyText(props.row.bolt11)"
@click="
copyText(
props.row.extra.fiat_payment_request || props.row.bolt11
)
"
:label="$t('copy_invoice')"
></q-btn>
<q-btn

3
lnbits/wallets/alby.py
View file

@ -6,6 +6,7 @@ from typing import AsyncGenerator, Optional
import httpx
from loguru import logger
from lnbits.helpers import normalize_endpoint
from lnbits.settings import settings
from .base import (
@ -27,7 +28,7 @@ class AlbyWallet(Wallet):
if not settings.alby_access_token:
raise ValueError("cannot initialize AlbyWallet: missing alby_access_token")
self.endpoint = self.normalize_endpoint(settings.alby_api_endpoint)
self.endpoint = normalize_endpoint(settings.alby_api_endpoint)
self.auth = {
"Authorization": "Bearer " + settings.alby_access_token,
"User-Agent": settings.user_agent,

14
lnbits/wallets/base.py
View file

@ -150,17 +150,3 @@ class Wallet(ABC):
except Exception as exc:
logger.error(f"could not get status of invoice {invoice}: '{exc}' ")
await asyncio.sleep(5)
def normalize_endpoint(self, endpoint: str, add_proto=True) -> str:
endpoint = endpoint[:-1] if endpoint.endswith("/") else endpoint
if add_proto:
if endpoint.startswith("ws://") or endpoint.startswith("wss://"):
return endpoint
endpoint = (
f"https://{endpoint}" if not endpoint.startswith("http") else endpoint
)
return endpoint
class UnsupportedError(Exception):
pass

5
lnbits/wallets/blink.py
View file

@ -10,6 +10,7 @@ from websockets.client import WebSocketClientProtocol, connect
from websockets.typing import Subprotocol
from lnbits import bolt11
from lnbits.helpers import normalize_endpoint
from lnbits.settings import settings
from .base import (
@ -34,13 +35,13 @@ class BlinkWallet(Wallet):
if not settings.blink_token:
raise ValueError("cannot initialize BlinkWallet: missing blink_token")
self.endpoint = self.normalize_endpoint(settings.blink_api_endpoint)
self.endpoint = normalize_endpoint(settings.blink_api_endpoint)
self.auth = {
"X-API-KEY": settings.blink_token,
"User-Agent": settings.user_agent,
}
self.ws_endpoint = self.normalize_endpoint(settings.blink_ws_endpoint)
self.ws_endpoint = normalize_endpoint(settings.blink_ws_endpoint)
self.ws_auth = {
"type": "connection_init",
"payload": {"X-API-KEY": settings.blink_token},

3
lnbits/wallets/boltz.py
View file

@ -5,6 +5,7 @@ from bolt11.decode import decode
from grpc.aio import AioRpcError
from loguru import logger
from lnbits.helpers import normalize_endpoint
from lnbits.settings import settings
from lnbits.wallets.boltz_grpc_files import boltzrpc_pb2, boltzrpc_pb2_grpc
from lnbits.wallets.lnd_grpc_files.lightning_pb2_grpc import grpc
@ -42,7 +43,7 @@ class BoltzWallet(Wallet):
"cannot initialize BoltzWallet: missing boltz_client_wallet"
)
self.endpoint = self.normalize_endpoint(
self.endpoint = normalize_endpoint(
settings.boltz_client_endpoint, add_proto=True
)

3
lnbits/wallets/breez.py
View file

@ -1,5 +1,7 @@
import base64
from lnbits.exceptions import UnsupportedError
try:
import breez_sdk # type: ignore
@ -34,7 +36,6 @@ else:
PaymentStatus,
PaymentSuccessStatus,
StatusResponse,
UnsupportedError,
Wallet,
)

3
lnbits/wallets/cliche.py
View file

@ -6,6 +6,7 @@ from typing import AsyncGenerator, Optional
from loguru import logger
from websocket import create_connection
from lnbits.helpers import normalize_endpoint
from lnbits.settings import settings
from .base import (
@ -25,7 +26,7 @@ class ClicheWallet(Wallet):
if not settings.cliche_endpoint:
raise ValueError("cannot initialize ClicheWallet: missing cliche_endpoint")
self.endpoint = self.normalize_endpoint(settings.cliche_endpoint)
self.endpoint = normalize_endpoint(settings.cliche_endpoint)
async def cleanup(self):
pass

2
lnbits/wallets/corelightning.py
View file

@ -8,6 +8,7 @@ from bolt11.exceptions import Bolt11Exception
from loguru import logger
from pyln.client import LightningRpc, RpcError
from lnbits.exceptions import UnsupportedError
from lnbits.nodes.cln import CoreLightningNode
from lnbits.settings import settings
from lnbits.utils.crypto import random_secret_and_hash
@ -20,7 +21,6 @@ from .base import (
PaymentStatus,
PaymentSuccessStatus,
StatusResponse,
UnsupportedError,
Wallet,
)

5
lnbits/wallets/corelightningrest.py
View file

@ -9,6 +9,8 @@ from bolt11 import Bolt11Exception
from bolt11.decode import decode
from loguru import logger
from lnbits.exceptions import UnsupportedError
from lnbits.helpers import normalize_endpoint
from lnbits.settings import settings
from lnbits.utils.crypto import random_secret_and_hash
@ -18,7 +20,6 @@ from .base import (
PaymentResponse,
PaymentStatus,
StatusResponse,
UnsupportedError,
Wallet,
)
from .macaroon import load_macaroon
@ -43,7 +44,7 @@ class CoreLightningRestWallet(Wallet):
"invalid corelightning_rest_macaroon provided"
)
self.url = self.normalize_endpoint(settings.corelightning_rest_url)
self.url = normalize_endpoint(settings.corelightning_rest_url)
headers = {
"macaroon": macaroon,
"encodingtype": "hex",

3
lnbits/wallets/eclair.py
View file

@ -11,6 +11,7 @@ import httpx
from loguru import logger
from websockets.client import connect
from lnbits.helpers import normalize_endpoint
from lnbits.settings import settings
from lnbits.utils.crypto import random_secret_and_hash
@ -39,7 +40,7 @@ class EclairWallet(Wallet):
if not settings.eclair_pass:
raise ValueError("cannot initialize EclairWallet: missing eclair_pass")
self.url = self.normalize_endpoint(settings.eclair_url)
self.url = normalize_endpoint(settings.eclair_url)
self.ws_url = f"ws://{urllib.parse.urlsplit(self.url).netloc}/ws"
password = settings.eclair_pass

3
lnbits/wallets/lnbits.py
View file

@ -6,6 +6,7 @@ import httpx
from loguru import logger
from websockets.client import connect
from lnbits.helpers import normalize_endpoint
from lnbits.settings import settings
from .base import (
@ -36,7 +37,7 @@ class LNbitsWallet(Wallet):
"cannot initialize LNbitsWallet: "
"missing lnbits_key or lnbits_admin_key or lnbits_invoice_key"
)
self.endpoint = self.normalize_endpoint(settings.lnbits_endpoint)
self.endpoint = normalize_endpoint(settings.lnbits_endpoint)
self.ws_url = f"{self.endpoint.replace('http', 'ws', 1)}/api/v1/ws/{key}"
self.headers = {"X-Api-Key": key, "User-Agent": settings.user_agent}
self.client = httpx.AsyncClient(base_url=self.endpoint, headers=self.headers)

5
lnbits/wallets/lndgrpc.py
View file

@ -11,6 +11,7 @@ import lnbits.wallets.lnd_grpc_files.lightning_pb2 as ln
import lnbits.wallets.lnd_grpc_files.lightning_pb2_grpc as lnrpc
import lnbits.wallets.lnd_grpc_files.router_pb2 as router
import lnbits.wallets.lnd_grpc_files.router_pb2_grpc as routerrpc
from lnbits.helpers import normalize_endpoint
from lnbits.settings import settings
from lnbits.utils.crypto import random_secret_and_hash
@ -72,9 +73,7 @@ class LndWallet(Wallet):
"cannot initialize LndWallet: missing lnd_grpc_cert or lnd_cert"
)
self.endpoint = self.normalize_endpoint(
settings.lnd_grpc_endpoint, add_proto=False
)
self.endpoint = normalize_endpoint(settings.lnd_grpc_endpoint, add_proto=False)
self.port = int(settings.lnd_grpc_port)
macaroon = (

3
lnbits/wallets/lndrest.py
View file

@ -7,6 +7,7 @@ from typing import Any, AsyncGenerator, Dict, Optional
import httpx
from loguru import logger
from lnbits.helpers import normalize_endpoint
from lnbits.nodes.lndrest import LndRestNode
from lnbits.settings import settings
from lnbits.utils.crypto import random_secret_and_hash
@ -41,7 +42,7 @@ class LndRestWallet(Wallet):
"This only works if you have a publicly issued certificate."
)
self.endpoint = self.normalize_endpoint(settings.lnd_rest_endpoint)
self.endpoint = normalize_endpoint(settings.lnd_rest_endpoint)
# if no cert provided it should be public so we set verify to True
# and it will still check for validity of certificate and fail if its not valid

3
lnbits/wallets/lnpay.py
View file

@ -5,6 +5,7 @@ from typing import AsyncGenerator, Dict, Optional
import httpx
from loguru import logger
from lnbits.helpers import normalize_endpoint
from lnbits.settings import settings
from .base import (
@ -36,7 +37,7 @@ class LNPayWallet(Wallet):
"missing lnpay_wallet_key or lnpay_admin_key"
)
self.wallet_key = wallet_key
self.endpoint = self.normalize_endpoint(settings.lnpay_api_endpoint)
self.endpoint = normalize_endpoint(settings.lnpay_api_endpoint)
headers = {
"X-Api-Key": settings.lnpay_api_key,

3
lnbits/wallets/lntips.py
View file

@ -7,6 +7,7 @@ from typing import AsyncGenerator, Dict, Optional
import httpx
from loguru import logger
from lnbits.helpers import normalize_endpoint
from lnbits.settings import settings
from .base import (
@ -36,7 +37,7 @@ class LnTipsWallet(Wallet):
"missing lntips_api_key or lntips_admin_key or lntips_invoice_key"
)
self.endpoint = self.normalize_endpoint(settings.lntips_api_endpoint)
self.endpoint = normalize_endpoint(settings.lntips_api_endpoint)
headers = {
"Authorization": f"Basic {key}",

5
lnbits/wallets/opennode.py
View file

@ -4,6 +4,8 @@ from typing import AsyncGenerator, Optional
import httpx
from loguru import logger
from lnbits.exceptions import UnsupportedError
from lnbits.helpers import normalize_endpoint
from lnbits.settings import settings
from .base import (
@ -12,7 +14,6 @@ from .base import (
PaymentResponse,
PaymentStatus,
StatusResponse,
UnsupportedError,
Wallet,
)
@ -38,7 +39,7 @@ class OpenNodeWallet(Wallet):
)
self.key = key
self.endpoint = self.normalize_endpoint(settings.opennode_api_endpoint)
self.endpoint = normalize_endpoint(settings.opennode_api_endpoint)
headers = {
"Authorization": self.key,

3
lnbits/wallets/phoenixd.py
View file

@ -9,6 +9,7 @@ import httpx
from loguru import logger
from websockets.client import connect
from lnbits.helpers import normalize_endpoint
from lnbits.settings import settings
from .base import (
@ -35,7 +36,7 @@ class PhoenixdWallet(Wallet):
"cannot initialize PhoenixdWallet: missing phoenixd_api_password"
)
self.endpoint = self.normalize_endpoint(settings.phoenixd_api_endpoint)
self.endpoint = normalize_endpoint(settings.phoenixd_api_endpoint)
parsed_url = urllib.parse.urlparse(settings.phoenixd_api_endpoint)
if parsed_url.scheme == "http":

3
lnbits/wallets/spark.py
View file

@ -7,6 +7,7 @@ from typing import AsyncGenerator, Optional
import httpx
from loguru import logger
from lnbits.helpers import normalize_endpoint
from lnbits.settings import settings
from .base import (
@ -36,7 +37,7 @@ class SparkWallet(Wallet):
if not settings.spark_token:
raise ValueError("cannot initialize SparkWallet: missing spark_token")
url = self.normalize_endpoint(settings.spark_url)
url = normalize_endpoint(settings.spark_url)
url = url.replace("/rpc", "")
self.token = settings.spark_token

3
lnbits/wallets/strike.py
View file

@ -6,6 +6,7 @@ from typing import Any, AsyncGenerator, Dict, Optional
import httpx
from loguru import logger
from lnbits.helpers import normalize_endpoint
from lnbits.settings import settings
from .base import (
@ -94,7 +95,7 @@ class StrikeWallet(Wallet):
self._general_limiter = TokenBucket(1000, 600)
self.client = httpx.AsyncClient(
base_url=self.normalize_endpoint(settings.strike_api_endpoint),
base_url=normalize_endpoint(settings.strike_api_endpoint),
headers={
"Authorization": f"Bearer {settings.strike_api_key}",
"Content-Type": "application/json",

3
lnbits/wallets/zbd.py
View file

@ -6,6 +6,7 @@ import httpx
from bolt11 import decode as bolt11_decode
from loguru import logger
from lnbits.helpers import normalize_endpoint
from lnbits.settings import settings
from .base import (
@ -27,7 +28,7 @@ class ZBDWallet(Wallet):
if not settings.zbd_api_key:
raise ValueError("cannot initialize ZBDWallet: missing zbd_api_key")
self.endpoint = self.normalize_endpoint(settings.zbd_api_endpoint)
self.endpoint = normalize_endpoint(settings.zbd_api_endpoint)
headers = {
"apikey": settings.zbd_api_key,
"User-Agent": settings.user_agent,

56
tests/api/test_api.py
View file

@ -8,10 +8,12 @@ from pytest_mock.plugin import MockerFixture
from lnbits import bolt11
from lnbits.core.models import CreateInvoice, Payment
from lnbits.core.views.payment_api import api_payment
from lnbits.fiat.base import FiatInvoiceResponse
from lnbits.settings import Settings
from ..helpers import (
get_random_invoice_data,
get_random_string,
)
@ -155,6 +157,60 @@ async def test_create_invoice_fiat_amount(client, inkey_headers_to):
assert extra["fiat_rate"]
@pytest.mark.anyio
async def test_create_fiat_invoice(
client, inkey_headers_to, settings: Settings, mocker: MockerFixture
):
data = await get_random_invoice_data()
data["unit"] = "EUR"
data["fiat_provider"] = "stripe"
settings.stripe_enabled = True
settings.stripe_api_secret_key = "mock_sk_test_4eC39HqLyjWDarjtT1zdp7dc"
fiat_payment_request = "https://stripe.com/pay/session_123"
fiat_mock_response = FiatInvoiceResponse(
ok=True,
checking_id=f"session_123_{get_random_string(10)}",
payment_request=fiat_payment_request,
)
mocker.patch(
"lnbits.fiat.StripeWallet.create_invoice",
AsyncMock(return_value=fiat_mock_response),
)
mocker.patch(
"lnbits.utils.exchange_rates.get_fiat_rate_satoshis",
AsyncMock(return_value=1000), # 1 BTC = 100 000 EUR, so 1 EUR = 1000 sats
)
response = await client.post(
"/api/v1/payments", json=data, headers=inkey_headers_to
)
assert response.status_code == 201
invoice = response.json()
decode = bolt11.decode(invoice["bolt11"])
assert decode.amount_msat == 10_000_000
assert decode.payment_hash
assert invoice["fiat_provider"] == "stripe"
assert invoice["status"] == "pending"
assert invoice["extra"]["fiat_checking_id"]
assert invoice["extra"]["fiat_payment_request"] == fiat_payment_request
response = await client.get(
f"/api/v1/payments/{decode.payment_hash}", headers=inkey_headers_to
)
assert response.is_success
data = response.json()
assert data["status"] == "pending"
invoice = data["details"]
assert invoice["fiat_provider"] == "stripe"
assert invoice["status"] == "pending"
assert invoice["amount"] == 10_000_000
assert invoice["extra"]["fiat_checking_id"]
assert invoice["extra"]["fiat_payment_request"] == fiat_payment_request
@pytest.mark.anyio
@pytest.mark.parametrize("currency", ("msat", "RRR"))
async def test_create_invoice_validates_used_currency(

7
tests/conftest.py
View file

@ -19,10 +19,10 @@ from lnbits.core.crud import (
from lnbits.core.models import Account, CreateInvoice, PaymentState, User
from lnbits.core.models.users import UpdateSuperuserPassword
from lnbits.core.services import create_user_account, update_wallet_balance
from lnbits.core.services.payments import create_wallet_invoice
from lnbits.core.views.auth_api import first_install
from lnbits.core.views.payment_api import _api_payments_create_invoice
from lnbits.db import DB_TYPE, SQLITE, Database
from lnbits.settings import AuthMethods, Settings
from lnbits.settings import AuthMethods, FiatProviderLimits, Settings
from lnbits.settings import settings as lnbits_settings
from lnbits.wallets.fake import FakeWallet
from tests.helpers import (
@ -255,7 +255,7 @@ async def adminkey_headers_to(to_wallet):
async def invoice(to_wallet):
data = await get_random_invoice_data()
invoice_data = CreateInvoice(**data)
invoice = await _api_payments_create_invoice(invoice_data, to_wallet)
invoice = await create_wallet_invoice(to_wallet.id, invoice_data)
yield invoice
del invoice
@ -312,3 +312,4 @@ def _settings_cleanup(settings: Settings):
settings.lnbits_admin_users = []
settings.lnbits_max_outgoing_payment_amount_sats = 10_000_000_100
settings.lnbits_max_incoming_payment_amount_sats = 10_000_000_200
settings.stripe_limits = FiatProviderLimits()

432
tests/unit/test_fiat_providers.py Normal file
View file

@ -0,0 +1,432 @@
import hashlib
import hmac
import time
from unittest.mock import AsyncMock
import pytest
from pytest_mock.plugin import MockerFixture
from lnbits.core.crud.payments import get_payments
from lnbits.core.crud.users import get_user
from lnbits.core.crud.wallets import create_wallet
from lnbits.core.models.payments import CreateInvoice, PaymentState
from lnbits.core.models.users import User
from lnbits.core.models.wallets import Wallet
from lnbits.core.services import payments
from lnbits.core.services.fiat_providers import check_stripe_signature
from lnbits.core.services.users import create_user_account
from lnbits.fiat.base import FiatInvoiceResponse, FiatPaymentStatus
from lnbits.settings import Settings
from tests.helpers import get_random_string
@pytest.mark.anyio
async def test_create_wallet_fiat_invoice_missing_provider():
invoice_data = CreateInvoice(
unit="USD", amount=1.0, memo="Test", fiat_provider=None
)
with pytest.raises(ValueError, match="Fiat provider is required"):
await payments.create_fiat_invoice("wallet_id", invoice_data)
@pytest.mark.anyio
async def test_create_wallet_fiat_invoice_provider_not_enabled(settings: Settings):
settings.stripe_enabled = False
invoice_data = CreateInvoice(
unit="USD", amount=1.0, memo="Test", fiat_provider="notarealprovider"
)
with pytest.raises(
ValueError, match="Fiat provider 'notarealprovider' is not enabled"
):
await payments.create_fiat_invoice("wallet_id", invoice_data)
@pytest.mark.anyio
async def test_create_wallet_fiat_invoice_with_sat_unit(settings: Settings):
settings.stripe_enabled = True
invoice_data = CreateInvoice(
unit="sat", amount=1.0, memo="Test", fiat_provider="stripe"
)
with pytest.raises(ValueError, match="Fiat provider cannot be used with satoshis"):
await payments.create_fiat_invoice("wallet_id", invoice_data)
@pytest.mark.anyio
async def test_create_wallet_fiat_invoice_allowed_users(
to_user: User, settings: Settings
):
settings.stripe_enabled = False
settings.stripe_limits.allowed_users = []
user = await get_user(to_user.id)
assert user
assert user.fiat_providers == []
settings.stripe_enabled = True
user = await get_user(to_user.id)
assert user
assert user.fiat_providers == ["stripe"]
settings.stripe_limits.allowed_users = ["some_other_user_id"]
user = await get_user(to_user.id)
assert user
assert user.fiat_providers == []
settings.stripe_limits.allowed_users.append(to_user.id)
user = await get_user(to_user.id)
assert user
assert user.fiat_providers == ["stripe"]
settings.stripe_enabled = False
user = await get_user(to_user.id)
assert user
assert user.fiat_providers == []
@pytest.mark.anyio
async def test_create_wallet_fiat_invoice_fiat_limits_fail(
to_wallet: Wallet, settings: Settings, mocker: MockerFixture
):
settings.stripe_enabled = True
settings.stripe_limits.service_min_amount_sats = 0
settings.stripe_limits.service_max_amount_sats = 105
settings.stripe_limits.service_faucet_wallet_id = None
invoice_data = CreateInvoice(
unit="USD", amount=1.0, memo="Test", fiat_provider="stripe"
)
mocker.patch(
"lnbits.utils.exchange_rates.get_fiat_rate_satoshis",
AsyncMock(return_value=1000), # 1 BTC = 100 000 USD, so 1 USD = 1000 sats
)
with pytest.raises(ValueError, match="Maximum amount is 105 sats for 'stripe'."):
await payments.create_fiat_invoice(to_wallet.id, invoice_data)
settings.stripe_limits.service_min_amount_sats = 1001
settings.stripe_limits.service_max_amount_sats = 10000
with pytest.raises(ValueError, match="Minimum amount is 1001 sats for 'stripe'."):
await payments.create_fiat_invoice(to_wallet.id, invoice_data)
settings.stripe_limits.service_min_amount_sats = 10
settings.stripe_limits.service_max_amount_sats = 10000
settings.stripe_limits.service_max_fee_sats = 100
with pytest.raises(
ValueError, match="Fiat provider 'stripe' service fee wallet missing."
):
await payments.create_fiat_invoice(to_wallet.id, invoice_data)
settings.stripe_limits.service_fee_wallet_id = "not_a_real_wallet_id"
with pytest.raises(
ValueError, match="Fiat provider 'stripe' service fee wallet not found."
):
await payments.create_fiat_invoice(to_wallet.id, invoice_data)
settings.stripe_limits.service_fee_wallet_id = to_wallet.id
settings.stripe_limits.service_faucet_wallet_id = "not_a_real_wallet_id"
with pytest.raises(
ValueError, match="Fiat provider 'stripe' faucet wallet not found."
):
await payments.create_fiat_invoice(to_wallet.id, invoice_data)
user = await create_user_account()
wallet = await create_wallet(user_id=user.id)
settings.stripe_limits.service_faucet_wallet_id = wallet.id
with pytest.raises(
ValueError, match="The amount exceeds the 'stripe'faucet wallet balance."
):
await payments.create_fiat_invoice(to_wallet.id, invoice_data)
@pytest.mark.anyio
async def test_create_wallet_fiat_provider_fails(
settings: Settings, mocker: MockerFixture
):
settings.stripe_enabled = True
settings.stripe_api_secret_key = "mock_sk_test_4eC39HqLyjWDarjtT1zdp7dc"
invoice_data = CreateInvoice(
unit="USD", amount=2.0, memo="Test", fiat_provider="stripe"
)
fiat_mock_response = FiatInvoiceResponse(
ok=False,
error_message="Failed to create invoice",
)
mocker.patch(
"lnbits.fiat.StripeWallet.create_invoice",
AsyncMock(return_value=fiat_mock_response),
)
mocker.patch(
"lnbits.utils.exchange_rates.get_fiat_rate_satoshis",
AsyncMock(return_value=1000), # 1 BTC = 100 000 USD, so 1 USD = 1000 sats
)
user = await create_user_account()
wallet = await create_wallet(user_id=user.id)
with pytest.raises(ValueError, match="Cannot create payment request for 'stripe'."):
await payments.create_fiat_invoice(wallet.id, invoice_data)
wallet_payments = await get_payments(wallet_id=wallet.id)
assert len(wallet_payments) == 1
assert wallet_payments[0].status == PaymentState.FAILED
assert wallet_payments[0].amount == 2000000
assert wallet_payments[0].fee == 0
@pytest.mark.anyio
async def test_create_wallet_fiat_invoice_success(
to_wallet: Wallet, settings: Settings, mocker: MockerFixture
):
settings.stripe_enabled = True
settings.stripe_api_secret_key = "mock_sk_test_4eC39HqLyjWDarjtT1zdp7dc"
settings.stripe_limits.service_min_amount_sats = 0
settings.stripe_limits.service_max_amount_sats = 0
settings.stripe_limits.service_faucet_wallet_id = None
invoice_data = CreateInvoice(
unit="USD", amount=1.0, memo="Test", fiat_provider="stripe"
)
fiat_mock_response = FiatInvoiceResponse(
ok=True,
checking_id=f"session_123_{get_random_string(10)}",
payment_request="https://stripe.com/pay/session_123",
)
mocker.patch(
"lnbits.fiat.StripeWallet.create_invoice",
AsyncMock(return_value=fiat_mock_response),
)
mocker.patch(
"lnbits.utils.exchange_rates.get_fiat_rate_satoshis",
AsyncMock(return_value=1000), # 1 BTC = 100 000 USD, so 1 USD = 1000 sats
)
payment = await payments.create_fiat_invoice(to_wallet.id, invoice_data)
assert payment.status == PaymentState.PENDING
assert payment.amount == 1000_000
assert payment.fiat_provider == "stripe"
assert payment.extra.get("fiat_checking_id") == fiat_mock_response.checking_id
assert (
payment.extra.get("fiat_payment_request")
== "https://stripe.com/pay/session_123"
)
assert payment.checking_id.startswith("fiat_stripe_")
assert payment.fee <= 0
status = await payment.check_status()
assert status.success is False
assert status.pending is True
fiat_mock_status = FiatPaymentStatus(paid=True, fee=123)
mocker.patch(
"lnbits.fiat.StripeWallet.get_invoice_status",
AsyncMock(return_value=fiat_mock_status),
)
status = await payment.check_status()
assert status.paid is True
assert status.success is True
@pytest.mark.anyio
async def test_fiat_service_fee(settings: Settings):
# settings.stripe_limits.service_min_amount_sats = 0
amount_msats = 100_000
fee = payments.service_fee_fiat(amount_msats, "no_such_fiat_provider")
assert fee == 0
settings.stripe_limits.service_fee_wallet_id = None
fee = payments.service_fee_fiat(amount_msats, "stripe")
assert fee == 0
settings.stripe_limits.service_fee_wallet_id = "wallet_id"
fee = payments.service_fee_fiat(amount_msats, "stripe")
assert fee == 0
settings.stripe_limits.service_max_fee_sats = 5
settings.stripe_limits.service_fee_percent = 20
fee = payments.service_fee_fiat(amount_msats, "stripe")
assert fee == 5000
fee = payments.service_fee_fiat(-amount_msats, "stripe")
assert fee == 5000
settings.stripe_limits.service_max_fee_sats = 5
settings.stripe_limits.service_fee_percent = 3
fee = payments.service_fee_fiat(amount_msats, "stripe")
assert fee == 3000
fee = payments.service_fee_fiat(-amount_msats, "stripe")
assert fee == 3000
@pytest.mark.anyio
async def test_handle_fiat_payment_confirmation(
to_wallet: Wallet, settings: Settings, mocker: MockerFixture
):
user = await create_user_account()
service_fee_wallet = await create_wallet(user_id=user.id)
faucet_wallet = await create_wallet(user_id=user.id)
await payments.update_wallet_balance(wallet=faucet_wallet, amount=100_000_000)
settings.stripe_api_secret_key = "mock_sk_test_4eC39HqLyjWDarjtT1zdp7dc"
invoice_data = CreateInvoice(
unit="USD", amount=1.0, memo="Test", fiat_provider="stripe"
)
settings.stripe_enabled = True
settings.stripe_limits.service_min_amount_sats = 0
settings.stripe_limits.service_max_amount_sats = 0
settings.stripe_limits.service_fee_percent = 20
settings.stripe_limits.service_fee_wallet_id = service_fee_wallet.id
settings.stripe_limits.service_faucet_wallet_id = faucet_wallet.id
fiat_mock_response = FiatInvoiceResponse(
ok=True,
checking_id=f"session_1000_{get_random_string(10)}",
payment_request="https://stripe.com/pay/session_1000",
)
mocker.patch(
"lnbits.fiat.StripeWallet.create_invoice",
AsyncMock(return_value=fiat_mock_response),
)
mocker.patch(
"lnbits.utils.exchange_rates.get_fiat_rate_satoshis",
AsyncMock(return_value=10000), # 1 BTC = 100 000 USD, so 1 USD = 1000 sats
)
payment = await payments.create_fiat_invoice(to_wallet.id, invoice_data)
assert payment.status == PaymentState.PENDING
assert payment.amount == 10_000_000
await payments.handle_fiat_payment_confirmation(payment)
# await asyncio.sleep(1) # Simulate async delay
service_fee_payments = await get_payments(wallet_id=service_fee_wallet.id)
assert len(service_fee_payments) == 1
assert service_fee_payments[0].amount == 2_000_000
assert service_fee_payments[0].fee == 0
assert service_fee_payments[0].status == PaymentState.SUCCESS
assert service_fee_payments[0].fiat_provider is None
faucet_wallet_payments = await get_payments(wallet_id=faucet_wallet.id)
# Background tasks may create more payments, so we check for at least 2
# One for the service fee, one for the top-up)
assert len(faucet_wallet_payments) >= 2
faucet_payment = next(
(p for p in faucet_wallet_payments if p.payment_hash == payment.payment_hash),
None,
)
assert faucet_payment
assert faucet_payment.amount == -10_000_000
assert faucet_payment.fee == 0
assert faucet_payment.status == PaymentState.SUCCESS
assert faucet_payment.fiat_provider is None
assert (
faucet_payment.extra.get("fiat_checking_id") == fiat_mock_response.checking_id
)
assert (
faucet_payment.extra.get("fiat_payment_request")
== fiat_mock_response.payment_request
)
assert faucet_payment.checking_id.startswith("internal_fiat_stripe_")
@pytest.mark.parametrize("payload", [b'{"id": "evt_test"}', b"{}", b""])
def test_check_stripe_signature_success(payload):
secret = "whsec_testsecret"
sig_header, _, _ = _make_stripe_sig_header(payload, secret)
# Should not raise
check_stripe_signature(payload, sig_header, secret)
@pytest.mark.parametrize("payload", [b'{"id": "evt_test"}'])
def test_check_stripe_signature_missing_header(payload):
secret = "whsec_testsecret"
with pytest.raises(ValueError, match="Stripe-Signature header is missing"):
check_stripe_signature(payload, None, secret)
def test_check_stripe_signature_missing_secret():
payload = b'{"id": "evt_test"}'
sig_header, _, _ = _make_stripe_sig_header(payload, "whsec_testsecret")
with pytest.raises(ValueError, match="Stripe webhook cannot be verified"):
check_stripe_signature(payload, sig_header, None)
def test_check_stripe_signature_invalid_signature():
payload = b'{"id": "evt_test"}'
secret = "whsec_testsecret"
_, timestamp, _ = _make_stripe_sig_header(payload, secret)
# Tamper with signature
bad_sig_header = f"t={timestamp},v1=deadbeef"
with pytest.raises(ValueError, match="Stripe signature verification failed"):
check_stripe_signature(payload, bad_sig_header, secret)
def test_check_stripe_signature_old_timestamp():
payload = b'{"id": "evt_test"}'
secret = "whsec_testsecret"
old_timestamp = int(time.time()) - 10000 # way outside default tolerance
sig_header, _, _ = _make_stripe_sig_header(payload, secret, timestamp=old_timestamp)
with pytest.raises(ValueError, match="Timestamp outside tolerance"):
check_stripe_signature(payload, sig_header, secret)
def test_check_stripe_signature_future_timestamp():
payload = b'{"id": "evt_test"}'
secret = "whsec_testsecret"
future_timestamp = int(time.time()) + 10000
sig_header, _, _ = _make_stripe_sig_header(
payload, secret, timestamp=future_timestamp
)
with pytest.raises(ValueError, match="Timestamp outside tolerance"):
check_stripe_signature(payload, sig_header, secret)
def test_check_stripe_signature_malformed_header():
payload = b'{"id": "evt_test"}'
secret = "whsec_testsecret"
# Missing v1 part
bad_header = "t=1234567890"
with pytest.raises(Exception): # noqa: B017
check_stripe_signature(payload, bad_header, secret)
# Missing t part
bad_header2 = "v1=abcdef"
with pytest.raises(Exception): # noqa: B017
check_stripe_signature(payload, bad_header2, secret)
# Not split by =
bad_header3 = "t1234567890,v1abcdef"
with pytest.raises(Exception): # noqa: B017
check_stripe_signature(payload, bad_header3, secret)
def test_check_stripe_signature_non_utf8_payload():
secret = "whsec_testsecret"
payload = b"\xff\xfe\xfd" # not valid utf-8
timestamp = int(time.time())
# This will raise UnicodeDecodeError inside check_stripe_signature
signed_payload = f"{timestamp}." + payload.decode(errors="ignore")
signature = hmac.new(
secret.encode(), signed_payload.encode(), hashlib.sha256
).hexdigest()
sig_header = f"t={timestamp},v1={signature}"
with pytest.raises(UnicodeDecodeError):
check_stripe_signature(payload, sig_header, secret)
# Helper to generate a valid Stripe signature header
def _make_stripe_sig_header(payload, secret, timestamp=None):
if timestamp is None:
timestamp = int(time.time())
signed_payload = f"{timestamp}.{payload.decode()}"
signature = hmac.new(
secret.encode(), signed_payload.encode(), hashlib.sha256
).hexdigest()
return f"t={timestamp},v1={signature}", timestamp, signature