diff --git a/README.md b/README.md index 2088e9c..ebad0ca 100644 --- a/README.md +++ b/README.md @@ -48,7 +48,7 @@ vim .env # edit your config + `WEBHOOK_URL`: Optional. Callback URL for incoming and outgoing payment events, see below. + `FEE_RESERVE`: (default: false) Keep fee reserve for each user + `ALLOW_ACCOUNT_CREATION`: (default: true) Enable creation of new accounts -+ `ADMIN_TOKEN`: Only allow account creation requests if they have the header `Authorization: Bearer ADMIN_TOKEN` ++ `ADMIN_TOKEN`: Only allow account creation requests if they have the header `Authorization: Bearer ADMIN_TOKEN`. Also required for updating users login, password and (de)activation status. + `MIN_PASSWORD_ENTROPY`: (default: 0 = disable check) Minimum entropy (bits) of a password to be accepted during account creation + `MAX_RECEIVE_AMOUNT`: (default: 0 = no limit) Set maximum amount (in satoshi) for which an invoice can be created + `MAX_SEND_AMOUNT`: (default: 0 = no limit) Set maximum amount (in satoshi) of an invoice that can be paid diff --git a/controllers_v2/create.ctrl.go b/controllers_v2/create.ctrl.go index 59fb038..d1ecf7e 100644 --- a/controllers_v2/create.ctrl.go +++ b/controllers_v2/create.ctrl.go @@ -29,7 +29,7 @@ type CreateUserRequestBody struct { // CreateUser godoc // @Summary Create an account -// @Description Create a new account with a login and password +// @Description Create a new account with a login and password. Requires Authorization header with admin token. // @Accept json // @Produce json // @Tags Account diff --git a/controllers_v2/update.ctrl.go b/controllers_v2/update.ctrl.go index 5531f20..c66716b 100644 --- a/controllers_v2/update.ctrl.go +++ b/controllers_v2/update.ctrl.go @@ -39,7 +39,7 @@ type UpdateUserRequestBody struct { // @Success 200 {object} UpdateUserResponseBody // @Failure 400 {object} responses.ErrorResponse // @Failure 500 {object} responses.ErrorResponse -// @Router /admin/users [put] +// @Router /v2/admin/users [put] func (controller *UpdateUserController) UpdateUser(c echo.Context) error { var body UpdateUserRequestBody diff --git a/docs/docs.go b/docs/docs.go index 4867caf..ff36189 100644 --- a/docs/docs.go +++ b/docs/docs.go @@ -69,6 +69,51 @@ const docTemplate = `{ } } }, + "/v2/admin/users": { + "put": { + "description": "Update an account with a new a login, password and activation status", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "tags": [ + "Account" + ], + "summary": "Update an account", + "parameters": [ + { + "description": "Update User", + "name": "account", + "in": "body", + "schema": { + "$ref": "#/definitions/v2controllers.UpdateUserRequestBody" + } + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/v2controllers.UpdateUserResponseBody" + } + }, + "400": { + "description": "Bad Request", + "schema": { + "$ref": "#/definitions/responses.ErrorResponse" + } + }, + "500": { + "description": "Internal Server Error", + "schema": { + "$ref": "#/definitions/responses.ErrorResponse" + } + } + } + } + }, "/v2/balance": { "get": { "security": [ @@ -536,9 +581,6 @@ const docTemplate = `{ }, "v2controllers.AddInvoiceRequestBody": { "type": "object", - "required": [ - "amount" - ], "properties": { "amount": { "type": "integer", @@ -680,6 +722,12 @@ const docTemplate = `{ "type": "string" } }, + "custom_records": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, "destination": { "type": "string" }, @@ -694,6 +742,12 @@ const docTemplate = `{ "amount": { "type": "integer" }, + "custom_records": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, "description": { "type": "string" }, @@ -790,6 +844,40 @@ const docTemplate = `{ "type": "string" } } + }, + "v2controllers.UpdateUserRequestBody": { + "type": "object", + "required": [ + "id" + ], + "properties": { + "deactivated": { + "type": "boolean" + }, + "id": { + "type": "integer" + }, + "login": { + "type": "string" + }, + "password": { + "type": "string" + } + } + }, + "v2controllers.UpdateUserResponseBody": { + "type": "object", + "properties": { + "deactivated": { + "type": "boolean" + }, + "id": { + "type": "integer" + }, + "login": { + "type": "string" + } + } } }, "securityDefinitions": { diff --git a/docs/swagger.json b/docs/swagger.json index b3407d8..6a49b25 100644 --- a/docs/swagger.json +++ b/docs/swagger.json @@ -61,6 +61,51 @@ } } }, + "/v2/admin/users": { + "put": { + "description": "Update an account with a new a login, password and activation status", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "tags": [ + "Account" + ], + "summary": "Update an account", + "parameters": [ + { + "description": "Update User", + "name": "account", + "in": "body", + "schema": { + "$ref": "#/definitions/v2controllers.UpdateUserRequestBody" + } + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/v2controllers.UpdateUserResponseBody" + } + }, + "400": { + "description": "Bad Request", + "schema": { + "$ref": "#/definitions/responses.ErrorResponse" + } + }, + "500": { + "description": "Internal Server Error", + "schema": { + "$ref": "#/definitions/responses.ErrorResponse" + } + } + } + } + }, "/v2/balance": { "get": { "security": [ @@ -528,9 +573,6 @@ }, "v2controllers.AddInvoiceRequestBody": { "type": "object", - "required": [ - "amount" - ], "properties": { "amount": { "type": "integer", @@ -672,6 +714,12 @@ "type": "string" } }, + "custom_records": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, "destination": { "type": "string" }, @@ -686,6 +734,12 @@ "amount": { "type": "integer" }, + "custom_records": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, "description": { "type": "string" }, @@ -782,6 +836,40 @@ "type": "string" } } + }, + "v2controllers.UpdateUserRequestBody": { + "type": "object", + "required": [ + "id" + ], + "properties": { + "deactivated": { + "type": "boolean" + }, + "id": { + "type": "integer" + }, + "login": { + "type": "string" + }, + "password": { + "type": "string" + } + } + }, + "v2controllers.UpdateUserResponseBody": { + "type": "object", + "properties": { + "deactivated": { + "type": "boolean" + }, + "id": { + "type": "integer" + }, + "login": { + "type": "string" + } + } } }, "securityDefinitions": { diff --git a/docs/swagger.yaml b/docs/swagger.yaml index 89c761b..2d2377f 100644 --- a/docs/swagger.yaml +++ b/docs/swagger.yaml @@ -34,8 +34,6 @@ definitions: type: string description_hash: type: string - required: - - amount type: object v2controllers.AddInvoiceResponseBody: properties: @@ -114,6 +112,10 @@ definitions: properties: amount: type: integer + custom_records: + additionalProperties: + type: string + type: object customRecords: additionalProperties: type: string @@ -130,6 +132,10 @@ definitions: properties: amount: type: integer + custom_records: + additionalProperties: + type: string + type: object description: type: string description_hash: @@ -193,6 +199,28 @@ definitions: payment_request: type: string type: object + v2controllers.UpdateUserRequestBody: + properties: + deactivated: + type: boolean + id: + type: integer + login: + type: string + password: + type: string + required: + - id + type: object + v2controllers.UpdateUserResponseBody: + properties: + deactivated: + type: boolean + id: + type: integer + login: + type: string + type: object info: contact: email: hello@getalby.com @@ -235,6 +263,35 @@ paths: summary: Authenticate tags: - Account + /v2/admin/users: + put: + consumes: + - application/json + description: Update an account with a new a login, password and activation status + parameters: + - description: Update User + in: body + name: account + schema: + $ref: '#/definitions/v2controllers.UpdateUserRequestBody' + produces: + - application/json + responses: + "200": + description: OK + schema: + $ref: '#/definitions/v2controllers.UpdateUserResponseBody' + "400": + description: Bad Request + schema: + $ref: '#/definitions/responses.ErrorResponse' + "500": + description: Internal Server Error + schema: + $ref: '#/definitions/responses.ErrorResponse' + summary: Update an account + tags: + - Account /v2/balance: get: consumes: diff --git a/v2_endpoints.go b/v2_endpoints.go index 9f34118..324deb2 100644 --- a/v2_endpoints.go +++ b/v2_endpoints.go @@ -12,7 +12,10 @@ func RegisterV2Endpoints(svc *service.LndhubService, e *echo.Echo, secured *echo if svc.Config.AllowAccountCreation { e.POST("/v2/users", v2controllers.NewCreateUserController(svc).CreateUser, strictRateLimitMiddleware, adminMw) } - e.PUT("/v2/admin/users", v2controllers.NewUpdateUserController(svc).UpdateUser, strictRateLimitMiddleware, adminMw) + //require admin token for update user endpoint + if svc.Config.AdminToken != "" { + e.PUT("/v2/admin/users", v2controllers.NewUpdateUserController(svc).UpdateUser, strictRateLimitMiddleware, adminMw) + } invoiceCtrl := v2controllers.NewInvoiceController(svc) keysendCtrl := v2controllers.NewKeySendController(svc) secured.POST("/v2/invoices", invoiceCtrl.AddInvoice)