diff --git a/.env.example b/.env.example
index 13765574..bb4e64a1 100644
--- a/.env.example
+++ b/.env.example
@@ -14,9 +14,6 @@ LNBITS_ADMIN_EXTENSIONS="ngrok, admin"
# Enable Admin GUI, available for the first user in LNBITS_ADMIN_USERS if available
LNBITS_ADMIN_UI=false
-# Restricts access, User IDs seperated by comma
-LNBITS_ALLOWED_USERS=""
-
LNBITS_DEFAULT_WALLET_NAME="LNbits wallet"
# Ad space description
diff --git a/.github/workflows/on-tag.yml b/.github/workflows/on-tag.yml
index f6fa53e9..a9f58985 100644
--- a/.github/workflows/on-tag.yml
+++ b/.github/workflows/on-tag.yml
@@ -7,6 +7,7 @@ on:
push:
tags:
- "[0-9]+.[0-9]+.[0-9]+"
+ - "[0-9]+.[0-9]+.[0-9]+.[0-9]+"
- "[0-9]+.[0-9]+.[0-9]+-*"
jobs:
diff --git a/Dockerfile b/Dockerfile
index a03e1eb2..cc3a14bd 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM python:3.9-slim
+FROM python:3.10-slim
RUN apt-get clean
RUN apt-get update
diff --git a/docs/guide/admin_ui.md b/docs/guide/admin_ui.md
index 1248d3f3..9637a989 100644
--- a/docs/guide/admin_ui.md
+++ b/docs/guide/admin_ui.md
@@ -40,3 +40,33 @@ Allowed Users
=============
enviroment variable: LNBITS_ALLOWED_USERS, comma-seperated list of user ids
By defining this users, LNbits will no longer be useable by the public, only defined users and admins can then access the LNbits frontend.
+
+
+How to activate
+=============
+```
+$ sudo systemctl stop lnbits.service
+$ cd ~/lnbits-legend
+$ sudo nano .env
+```
+-> set: `LNBITS_ADMIN_UI=true`
+
+Now start LNbits once in the terminal window
+```
+$ poetry run lnbits
+```
+It will now show you the Super User Account:
+
+`SUCCESS | ✔️ Access super user account at: https://127.0.0.1:5000/wallet?usr=5711d7..`
+
+The `/wallet?usr=..` is your super user account. You just have to append it to your normal LNbits web domain.
+
+After that you will find the __`Admin` / `Manage Server`__ between `Wallets` and `Extensions`
+
+Here you can design the interface, it has TOPUP to fill wallets and you can restrict access rights to extensions only for admins or generally deactivated for everyone. You can make users admins or set up Allowed Users if you want to restrict access. And of course the classic settings of the .env file, e.g. to change the funding source wallet or set a charge fee.
+
+Do not forget
+```
+sudo systemctl start lnbits.service
+```
+A little hint, if you set `RESET TO DEFAULTS`, then a new Super User Account will also be created. The old one is then no longer valid.
diff --git a/lnbits/core/crud.py b/lnbits/core/crud.py
index 1c8c71ad..7d9f2a5b 100644
--- a/lnbits/core/crud.py
+++ b/lnbits/core/crud.py
@@ -451,6 +451,34 @@ async def update_payment_details(
return
+async def update_payment_extra(
+ payment_hash: str,
+ extra: dict,
+ conn: Optional[Connection] = None,
+) -> None:
+ """
+ Only update the `extra` field for the payment.
+ Old values in the `extra` JSON object will be kept unless the new `extra` overwrites them.
+ """
+
+ row = await (conn or db).fetchone(
+ "SELECT hash, extra from apipayments WHERE hash = ?",
+ (payment_hash,),
+ )
+ if not row:
+ return
+ db_extra = json.loads(row["extra"] if row["extra"] else "{}")
+ db_extra.update(extra)
+
+ await (conn or db).execute(
+ """
+ UPDATE apipayments SET extra = ?
+ WHERE hash = ?
+ """,
+ (json.dumps(db_extra), payment_hash),
+ )
+
+
async def delete_payment(checking_id: str, conn: Optional[Connection] = None) -> None:
await (conn or db).execute(
"DELETE FROM apipayments WHERE checking_id = ?", (checking_id,)
diff --git a/lnbits/core/views/api.py b/lnbits/core/views/api.py
index ebce4b85..2bd19978 100644
--- a/lnbits/core/views/api.py
+++ b/lnbits/core/views/api.py
@@ -214,7 +214,8 @@ async def api_payments_create_invoice(data: CreateInvoiceData, wallet: Wallet):
lnurl_response = resp["reason"]
else:
lnurl_response = True
- except (httpx.ConnectError, httpx.RequestError):
+ except (httpx.ConnectError, httpx.RequestError) as ex:
+ logger.error(ex)
lnurl_response = False
return {
diff --git a/lnbits/extensions/lnurlp/tasks.py b/lnbits/extensions/lnurlp/tasks.py
index 23f312cb..72805603 100644
--- a/lnbits/extensions/lnurlp/tasks.py
+++ b/lnbits/extensions/lnurlp/tasks.py
@@ -2,8 +2,10 @@ import asyncio
import json
import httpx
+from loguru import logger
from lnbits.core import db as core_db
+from lnbits.core.crud import update_payment_extra
from lnbits.core.models import Payment
from lnbits.helpers import get_current_extension_name
from lnbits.tasks import register_invoice_listener
@@ -48,19 +50,21 @@ async def on_invoice_paid(payment: Payment) -> None:
if pay_link.webhook_headers:
kwargs["headers"] = json.loads(pay_link.webhook_headers)
- r = await client.post(pay_link.webhook_url, **kwargs)
- await mark_webhook_sent(payment, r.status_code)
- except (httpx.ConnectError, httpx.RequestError):
- await mark_webhook_sent(payment, -1)
+ r: httpx.Response = await client.post(pay_link.webhook_url, **kwargs)
+ await mark_webhook_sent(
+ payment, r.status_code, r.is_success, r.reason_phrase, r.text
+ )
+ except Exception as ex:
+ logger.error(ex)
+ await mark_webhook_sent(payment, -1, False, "Unexpected Error", str(ex))
-async def mark_webhook_sent(payment: Payment, status: int) -> None:
- payment.extra["wh_status"] = status
+async def mark_webhook_sent(
+ payment: Payment, status: int, is_success: bool, reason_phrase="", text=""
+) -> None:
+ payment.extra["wh_status"] = status # keep for backwards compability
+ payment.extra["wh_success"] = is_success
+ payment.extra["wh_message"] = reason_phrase
+ payment.extra["wh_response"] = text
- await core_db.execute(
- """
- UPDATE apipayments SET extra = ?
- WHERE hash = ?
- """,
- (json.dumps(payment.extra), payment.payment_hash),
- )
+ await update_payment_extra(payment.payment_hash, payment.extra)
diff --git a/lnbits/extensions/usermanager/crud.py b/lnbits/extensions/usermanager/crud.py
index 649888a8..959914f2 100644
--- a/lnbits/extensions/usermanager/crud.py
+++ b/lnbits/extensions/usermanager/crud.py
@@ -10,12 +10,10 @@ from lnbits.core.crud import (
from lnbits.core.models import Payment
from . import db
-from .models import CreateUserData, Users, Wallets
-
-### Users
+from .models import CreateUserData, User, Wallet
-async def create_usermanager_user(data: CreateUserData) -> Users:
+async def create_usermanager_user(data: CreateUserData) -> User:
account = await create_account()
user = await get_user(account.id)
assert user, "Newly created user couldn't be retrieved"
@@ -50,17 +48,17 @@ async def create_usermanager_user(data: CreateUserData) -> Users:
return user_created
-async def get_usermanager_user(user_id: str) -> Optional[Users]:
+async def get_usermanager_user(user_id: str) -> Optional[User]:
row = await db.fetchone("SELECT * FROM usermanager.users WHERE id = ?", (user_id,))
- return Users(**row) if row else None
+ return User(**row) if row else None
-async def get_usermanager_users(user_id: str) -> List[Users]:
+async def get_usermanager_users(user_id: str) -> List[User]:
rows = await db.fetchall(
"SELECT * FROM usermanager.users WHERE admin = ?", (user_id,)
)
- return [Users(**row) for row in rows]
+ return [User(**row) for row in rows]
async def delete_usermanager_user(user_id: str, delete_core: bool = True) -> None:
@@ -73,12 +71,9 @@ async def delete_usermanager_user(user_id: str, delete_core: bool = True) -> Non
await db.execute("""DELETE FROM usermanager.wallets WHERE "user" = ?""", (user_id,))
-### Wallets
-
-
async def create_usermanager_wallet(
user_id: str, wallet_name: str, admin_id: str
-) -> Wallets:
+) -> Wallet:
wallet = await create_wallet(user_id=user_id, wallet_name=wallet_name)
await db.execute(
"""
@@ -92,28 +87,28 @@ async def create_usermanager_wallet(
return wallet_created
-async def get_usermanager_wallet(wallet_id: str) -> Optional[Wallets]:
+async def get_usermanager_wallet(wallet_id: str) -> Optional[Wallet]:
row = await db.fetchone(
"SELECT * FROM usermanager.wallets WHERE id = ?", (wallet_id,)
)
- return Wallets(**row) if row else None
+ return Wallet(**row) if row else None
-async def get_usermanager_wallets(admin_id: str) -> Optional[Wallets]:
+async def get_usermanager_wallets(admin_id: str) -> List[Wallet]:
rows = await db.fetchall(
"SELECT * FROM usermanager.wallets WHERE admin = ?", (admin_id,)
)
- return [Wallets(**row) for row in rows]
+ return [Wallet(**row) for row in rows]
-async def get_usermanager_users_wallets(user_id: str) -> Optional[Wallets]:
+async def get_usermanager_users_wallets(user_id: str) -> List[Wallet]:
rows = await db.fetchall(
"""SELECT * FROM usermanager.wallets WHERE "user" = ?""", (user_id,)
)
- return [Wallets(**row) for row in rows]
+ return [Wallet(**row) for row in rows]
-async def get_usermanager_wallet_transactions(wallet_id: str) -> Optional[Payment]:
+async def get_usermanager_wallet_transactions(wallet_id: str) -> List[Payment]:
return await get_payments(
wallet_id=wallet_id, complete=True, pending=False, outgoing=True, incoming=True
)
diff --git a/lnbits/extensions/usermanager/models.py b/lnbits/extensions/usermanager/models.py
index 15f50e28..05122cc8 100644
--- a/lnbits/extensions/usermanager/models.py
+++ b/lnbits/extensions/usermanager/models.py
@@ -19,7 +19,7 @@ class CreateUserWallet(BaseModel):
admin_id: str = Query(...)
-class Users(BaseModel):
+class User(BaseModel):
id: str
name: str
admin: str
@@ -27,7 +27,7 @@ class Users(BaseModel):
password: Optional[str] = None
-class Wallets(BaseModel):
+class Wallet(BaseModel):
id: str
admin: str
name: str
@@ -36,5 +36,5 @@ class Wallets(BaseModel):
inkey: str
@classmethod
- def from_row(cls, row: Row) -> "Wallets":
+ def from_row(cls, row: Row) -> "Wallet":
return cls(**dict(row))
diff --git a/lnbits/extensions/usermanager/views.py b/lnbits/extensions/usermanager/views.py
index 420669b0..814659f7 100644
--- a/lnbits/extensions/usermanager/views.py
+++ b/lnbits/extensions/usermanager/views.py
@@ -9,7 +9,9 @@ from . import usermanager_ext, usermanager_renderer
@usermanager_ext.get("/", response_class=HTMLResponse)
-async def index(request: Request, user: User = Depends(check_user_exists)):
+async def index(
+ request: Request, user: User = Depends(check_user_exists) # type: ignore
+):
return usermanager_renderer().TemplateResponse(
"usermanager/index.html", {"request": request, "user": user.dict()}
)
diff --git a/lnbits/extensions/usermanager/views_api.py b/lnbits/extensions/usermanager/views_api.py
index b1bf8ef8..493a71bc 100644
--- a/lnbits/extensions/usermanager/views_api.py
+++ b/lnbits/extensions/usermanager/views_api.py
@@ -23,25 +23,31 @@ from .crud import (
)
from .models import CreateUserData, CreateUserWallet
-# Users
-
@usermanager_ext.get("/api/v1/users", status_code=HTTPStatus.OK)
-async def api_usermanager_users(wallet: WalletTypeInfo = Depends(require_admin_key)):
+async def api_usermanager_users(
+ wallet: WalletTypeInfo = Depends(require_admin_key), # type: ignore
+):
user_id = wallet.wallet.user
return [user.dict() for user in await get_usermanager_users(user_id)]
-@usermanager_ext.get("/api/v1/users/{user_id}", status_code=HTTPStatus.OK)
-async def api_usermanager_user(user_id, wallet: WalletTypeInfo = Depends(get_key_type)):
+@usermanager_ext.get(
+ "/api/v1/users/{user_id}",
+ status_code=HTTPStatus.OK,
+ dependencies=[Depends(get_key_type)],
+)
+async def api_usermanager_user(user_id):
user = await get_usermanager_user(user_id)
- return user.dict()
+ return user.dict() if user else None
-@usermanager_ext.post("/api/v1/users", status_code=HTTPStatus.CREATED)
-async def api_usermanager_users_create(
- data: CreateUserData, wallet: WalletTypeInfo = Depends(get_key_type)
-):
+@usermanager_ext.post(
+ "/api/v1/users",
+ status_code=HTTPStatus.CREATED,
+ dependencies=[Depends(get_key_type)],
+)
+async def api_usermanager_users_create(data: CreateUserData):
user = await create_usermanager_user(data)
full = user.dict()
full["wallets"] = [
@@ -50,11 +56,12 @@ async def api_usermanager_users_create(
return full
-@usermanager_ext.delete("/api/v1/users/{user_id}")
+@usermanager_ext.delete(
+ "/api/v1/users/{user_id}", dependencies=[Depends(require_admin_key)]
+)
async def api_usermanager_users_delete(
user_id,
delete_core: bool = Query(True),
- wallet: WalletTypeInfo = Depends(require_admin_key),
):
user = await get_usermanager_user(user_id)
if not user:
@@ -84,10 +91,8 @@ async def api_usermanager_activate_extension(
# Wallets
-@usermanager_ext.post("/api/v1/wallets")
-async def api_usermanager_wallets_create(
- data: CreateUserWallet, wallet: WalletTypeInfo = Depends(get_key_type)
-):
+@usermanager_ext.post("/api/v1/wallets", dependencies=[Depends(get_key_type)])
+async def api_usermanager_wallets_create(data: CreateUserWallet):
user = await create_usermanager_wallet(
user_id=data.user_id, wallet_name=data.wallet_name, admin_id=data.admin_id
)
@@ -95,31 +100,33 @@ async def api_usermanager_wallets_create(
@usermanager_ext.get("/api/v1/wallets")
-async def api_usermanager_wallets(wallet: WalletTypeInfo = Depends(require_admin_key)):
+async def api_usermanager_wallets(
+ wallet: WalletTypeInfo = Depends(require_admin_key), # type: ignore
+):
admin_id = wallet.wallet.user
return [wallet.dict() for wallet in await get_usermanager_wallets(admin_id)]
-@usermanager_ext.get("/api/v1/transactions/{wallet_id}")
-async def api_usermanager_wallet_transactions(
- wallet_id, wallet: WalletTypeInfo = Depends(get_key_type)
-):
+@usermanager_ext.get(
+ "/api/v1/transactions/{wallet_id}", dependencies=[Depends(get_key_type)]
+)
+async def api_usermanager_wallet_transactions(wallet_id):
return await get_usermanager_wallet_transactions(wallet_id)
-@usermanager_ext.get("/api/v1/wallets/{user_id}")
-async def api_usermanager_users_wallets(
- user_id, wallet: WalletTypeInfo = Depends(require_admin_key)
-):
+@usermanager_ext.get(
+ "/api/v1/wallets/{user_id}", dependencies=[Depends(require_admin_key)]
+)
+async def api_usermanager_users_wallets(user_id):
return [
s_wallet.dict() for s_wallet in await get_usermanager_users_wallets(user_id)
]
-@usermanager_ext.delete("/api/v1/wallets/{wallet_id}")
-async def api_usermanager_wallets_delete(
- wallet_id, wallet: WalletTypeInfo = Depends(require_admin_key)
-):
+@usermanager_ext.delete(
+ "/api/v1/wallets/{wallet_id}", dependencies=[Depends(require_admin_key)]
+)
+async def api_usermanager_wallets_delete(wallet_id):
get_wallet = await get_usermanager_wallet(wallet_id)
if not get_wallet:
raise HTTPException(
diff --git a/lnbits/extensions/withdraw/crud.py b/lnbits/extensions/withdraw/crud.py
index 9868b057..83404c62 100644
--- a/lnbits/extensions/withdraw/crud.py
+++ b/lnbits/extensions/withdraw/crud.py
@@ -27,9 +27,11 @@ async def create_withdraw_link(
open_time,
usescsv,
webhook_url,
+ webhook_headers,
+ webhook_body,
custom_url
)
- VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+ VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
""",
(
link_id,
@@ -45,6 +47,8 @@ async def create_withdraw_link(
int(datetime.now().timestamp()) + data.wait_time,
usescsv,
data.webhook_url,
+ data.webhook_headers,
+ data.webhook_body,
data.custom_url,
),
)
diff --git a/lnbits/extensions/withdraw/lnurl.py b/lnbits/extensions/withdraw/lnurl.py
index 5737e54f..7260df1e 100644
--- a/lnbits/extensions/withdraw/lnurl.py
+++ b/lnbits/extensions/withdraw/lnurl.py
@@ -11,6 +11,7 @@ from loguru import logger
from starlette.requests import Request
from starlette.responses import HTMLResponse
+from lnbits.core.crud import update_payment_extra
from lnbits.core.services import pay_invoice
from . import withdraw_ext
@@ -44,7 +45,11 @@ async def api_lnurl_response(request: Request, unique_hash):
"minWithdrawable": link.min_withdrawable * 1000,
"maxWithdrawable": link.max_withdrawable * 1000,
"defaultDescription": link.title,
+ "webhook_url": link.webhook_url,
+ "webhook_headers": link.webhook_headers,
+ "webhook_body": link.webhook_body,
}
+
return json.dumps(withdrawResponse)
@@ -56,7 +61,7 @@ async def api_lnurl_response(request: Request, unique_hash):
name="withdraw.api_lnurl_callback",
summary="lnurl withdraw callback",
description="""
- This enpoints allows you to put unique_hash, k1
+ This endpoints allows you to put unique_hash, k1
and a payment_request to get your payment_request paid.
""",
response_description="JSON with status",
@@ -143,18 +148,37 @@ async def api_lnurl_callback(
if link.webhook_url:
async with httpx.AsyncClient() as client:
try:
- r = await client.post(
- link.webhook_url,
- json={
+ kwargs = {
+ "json": {
"payment_hash": payment_hash,
"payment_request": payment_request,
"lnurlw": link.id,
},
- timeout=40,
+ "timeout": 40,
+ }
+ if link.webhook_body:
+ kwargs["json"]["body"] = json.loads(link.webhook_body)
+ if link.webhook_headers:
+ kwargs["headers"] = json.loads(link.webhook_headers)
+
+ r: httpx.Response = await client.post(link.webhook_url, **kwargs)
+ await update_payment_extra(
+ payment_hash,
+ {
+ "wh_success": r.is_success,
+ "wh_message": r.reason_phrase,
+ "wh_response": r.text,
+ },
)
except Exception as exc:
# webhook fails shouldn't cause the lnurlw to fail since invoice is already paid
- logger.error("Caught exception when dispatching webhook url:", exc)
+ logger.error(
+ "Caught exception when dispatching webhook url: " + str(exc)
+ )
+ await update_payment_extra(
+ payment_hash,
+ {"wh_success": False, "wh_message": str(exc)},
+ )
return {"status": "OK"}
diff --git a/lnbits/extensions/withdraw/migrations.py b/lnbits/extensions/withdraw/migrations.py
index 0c6ed4fc..95805ae7 100644
--- a/lnbits/extensions/withdraw/migrations.py
+++ b/lnbits/extensions/withdraw/migrations.py
@@ -122,3 +122,13 @@ async def m005_add_custom_print_design(db):
Adds custom print design
"""
await db.execute("ALTER TABLE withdraw.withdraw_link ADD COLUMN custom_url TEXT;")
+
+
+async def m006_webhook_headers_and_body(db):
+ """
+ Add headers and body to webhooks
+ """
+ await db.execute(
+ "ALTER TABLE withdraw.withdraw_link ADD COLUMN webhook_headers TEXT;"
+ )
+ await db.execute("ALTER TABLE withdraw.withdraw_link ADD COLUMN webhook_body TEXT;")
diff --git a/lnbits/extensions/withdraw/models.py b/lnbits/extensions/withdraw/models.py
index 2672537f..51c6a1cf 100644
--- a/lnbits/extensions/withdraw/models.py
+++ b/lnbits/extensions/withdraw/models.py
@@ -16,6 +16,8 @@ class CreateWithdrawData(BaseModel):
wait_time: int = Query(..., ge=1)
is_unique: bool
webhook_url: str = Query(None)
+ webhook_headers: str = Query(None)
+ webhook_body: str = Query(None)
custom_url: str = Query(None)
@@ -35,6 +37,8 @@ class WithdrawLink(BaseModel):
usescsv: str = Query(None)
number: int = Query(0)
webhook_url: str = Query(None)
+ webhook_headers: str = Query(None)
+ webhook_body: str = Query(None)
custom_url: str = Query(None)
@property
diff --git a/lnbits/extensions/withdraw/static/js/index.js b/lnbits/extensions/withdraw/static/js/index.js
index a3eaa593..ced78439 100644
--- a/lnbits/extensions/withdraw/static/js/index.js
+++ b/lnbits/extensions/withdraw/static/js/index.js
@@ -63,7 +63,8 @@ new Vue({
secondMultiplierOptions: ['seconds', 'minutes', 'hours'],
data: {
is_unique: false,
- use_custom: false
+ use_custom: false,
+ has_webhook: false
}
},
simpleformDialog: {
@@ -188,23 +189,35 @@ new Vue({
},
updateWithdrawLink: function (wallet, data) {
var self = this
+ const body = _.pick(
+ data,
+ 'title',
+ 'min_withdrawable',
+ 'max_withdrawable',
+ 'uses',
+ 'wait_time',
+ 'is_unique',
+ 'webhook_url',
+ 'webhook_headers',
+ 'webhook_body',
+ 'custom_url'
+ )
+
+ if (data.has_webhook) {
+ body = {
+ ...body,
+ webhook_url: data.webhook_url,
+ webhook_headers: data.webhook_headers,
+ webhook_body: data.webhook_body
+ }
+ }
LNbits.api
.request(
'PUT',
'/withdraw/api/v1/links/' + data.id,
wallet.adminkey,
- _.pick(
- data,
- 'title',
- 'min_withdrawable',
- 'max_withdrawable',
- 'uses',
- 'wait_time',
- 'is_unique',
- 'webhook_url',
- 'custom_url'
- )
+ body
)
.then(function (response) {
self.withdrawLinks = _.reject(self.withdrawLinks, function (obj) {
diff --git a/lnbits/extensions/withdraw/templates/withdraw/index.html b/lnbits/extensions/withdraw/templates/withdraw/index.html
index 27684f6b..3ae244e6 100644
--- a/lnbits/extensions/withdraw/templates/withdraw/index.html
+++ b/lnbits/extensions/withdraw/templates/withdraw/index.html
@@ -209,7 +209,13 @@
+
+
+
diff --git a/pyproject.toml b/pyproject.toml
index a08e5f71..e0a42fc3 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -110,7 +110,6 @@ exclude = """(?x)(
| ^lnbits/extensions/streamalerts.
| ^lnbits/extensions/tipjar.
| ^lnbits/extensions/tpos.
- | ^lnbits/extensions/usermanager.
| ^lnbits/extensions/watchonly.
| ^lnbits/extensions/withdraw.
| ^lnbits/wallets/lnd_grpc_files.