aljaz/lndhub.go
1
1
Fork 0
mirror of https://github.com/getAlby/lndhub.go.git synced 2025-12-20 14:14:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

swagger, require admin token for update user

Browse Source
This commit is contained in:
kiwiidb
2023-05-24 12:53:30 +02:00
parent c9dd382027
commit b890c2c8ec
7 changed files with 248 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -48,7 +48,7 @@ vim .env # edit your config
+ `WEBHOOK_URL`: Optional. Callback URL for incoming and outgoing payment events, see below. + `WEBHOOK_URL`: Optional. Callback URL for incoming and outgoing payment events, see below.
+ `FEE_RESERVE`: (default: false) Keep fee reserve for each user + `FEE_RESERVE`: (default: false) Keep fee reserve for each user
+ `ALLOW_ACCOUNT_CREATION`: (default: true) Enable creation of new accounts + `ALLOW_ACCOUNT_CREATION`: (default: true) Enable creation of new accounts
+ `ADMIN_TOKEN`: Only allow account creation requests if they have the header `Authorization: Bearer ADMIN_TOKEN` + `ADMIN_TOKEN`: Only allow account creation requests if they have the header `Authorization: Bearer ADMIN_TOKEN`. Also required for updating users login, password and (de)activation status.
+ `MIN_PASSWORD_ENTROPY`: (default: 0 = disable check) Minimum entropy (bits) of a password to be accepted during account creation + `MIN_PASSWORD_ENTROPY`: (default: 0 = disable check) Minimum entropy (bits) of a password to be accepted during account creation
+ `MAX_RECEIVE_AMOUNT`: (default: 0 = no limit) Set maximum amount (in satoshi) for which an invoice can be created + `MAX_RECEIVE_AMOUNT`: (default: 0 = no limit) Set maximum amount (in satoshi) for which an invoice can be created
+ `MAX_SEND_AMOUNT`: (default: 0 = no limit) Set maximum amount (in satoshi) of an invoice that can be paid + `MAX_SEND_AMOUNT`: (default: 0 = no limit) Set maximum amount (in satoshi) of an invoice that can be paid

2
controllers_v2/create.ctrl.go
View File

@@ -29,7 +29,7 @@ type CreateUserRequestBody struct {
// CreateUser godoc // CreateUser godoc
// @Summary Create an account // @Summary Create an account
// @Description Create a new account with a login and password // @Description Create a new account with a login and password. Requires Authorization header with admin token.
// @Accept json // @Accept json
// @Produce json // @Produce json
// @Tags Account // @Tags Account

2
controllers_v2/update.ctrl.go
View File

@@ -39,7 +39,7 @@ type UpdateUserRequestBody struct {
// @Success 200 {object} UpdateUserResponseBody // @Success 200 {object} UpdateUserResponseBody
// @Failure 400 {object} responses.ErrorResponse // @Failure 400 {object} responses.ErrorResponse
// @Failure 500 {object} responses.ErrorResponse // @Failure 500 {object} responses.ErrorResponse
// @Router /admin/users [put] // @Router /v2/admin/users [put]
func (controller *UpdateUserController) UpdateUser(c echo.Context) error { func (controller *UpdateUserController) UpdateUser(c echo.Context) error {
var body UpdateUserRequestBody var body UpdateUserRequestBody

94
docs/docs.go
View File

@@ -69,6 +69,51 @@ const docTemplate = `{
} }
} }
}, },
"/v2/admin/users": {
"put": {
"description": "Update an account with a new a login, password and activation status",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"Account"
],
"summary": "Update an account",
"parameters": [
{
"description": "Update User",
"name": "account",
"in": "body",
"schema": {
"$ref": "#/definitions/v2controllers.UpdateUserRequestBody"
}
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/v2controllers.UpdateUserResponseBody"
}
},
"400": {
"description": "Bad Request",
"schema": {
"$ref": "#/definitions/responses.ErrorResponse"
}
},
"500": {
"description": "Internal Server Error",
"schema": {
"$ref": "#/definitions/responses.ErrorResponse"
}
}
}
}
},
"/v2/balance": { "/v2/balance": {
"get": { "get": {
"security": [ "security": [
@@ -536,9 +581,6 @@ const docTemplate = `{
}, },
"v2controllers.AddInvoiceRequestBody": { "v2controllers.AddInvoiceRequestBody": {
"type": "object", "type": "object",
"required": [
"amount"
],
"properties": { "properties": {
"amount": { "amount": {
"type": "integer", "type": "integer",
@@ -680,6 +722,12 @@ const docTemplate = `{
"type": "string" "type": "string"
} }
}, },
"custom_records": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"destination": { "destination": {
"type": "string" "type": "string"
}, },
@@ -694,6 +742,12 @@ const docTemplate = `{
"amount": { "amount": {
"type": "integer" "type": "integer"
}, },
"custom_records": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"description": { "description": {
"type": "string" "type": "string"
}, },
@@ -790,6 +844,40 @@ const docTemplate = `{
"type": "string" "type": "string"
} }
} }
},
"v2controllers.UpdateUserRequestBody": {
"type": "object",
"required": [
"id"
],
"properties": {
"deactivated": {
"type": "boolean"
},
"id": {
"type": "integer"
},
"login": {
"type": "string"
},
"password": {
"type": "string"
}
}
},
"v2controllers.UpdateUserResponseBody": {
"type": "object",
"properties": {
"deactivated": {
"type": "boolean"
},
"id": {
"type": "integer"
},
"login": {
"type": "string"
}
}
} }
}, },
"securityDefinitions": { "securityDefinitions": {

94
docs/swagger.json
View File

@@ -61,6 +61,51 @@
} }
} }
}, },
"/v2/admin/users": {
"put": {
"description": "Update an account with a new a login, password and activation status",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"Account"
],
"summary": "Update an account",
"parameters": [
{
"description": "Update User",
"name": "account",
"in": "body",
"schema": {
"$ref": "#/definitions/v2controllers.UpdateUserRequestBody"
}
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/v2controllers.UpdateUserResponseBody"
}
},
"400": {
"description": "Bad Request",
"schema": {
"$ref": "#/definitions/responses.ErrorResponse"
}
},
"500": {
"description": "Internal Server Error",
"schema": {
"$ref": "#/definitions/responses.ErrorResponse"
}
}
}
}
},
"/v2/balance": { "/v2/balance": {
"get": { "get": {
"security": [ "security": [
@@ -528,9 +573,6 @@
}, },
"v2controllers.AddInvoiceRequestBody": { "v2controllers.AddInvoiceRequestBody": {
"type": "object", "type": "object",
"required": [
"amount"
],
"properties": { "properties": {
"amount": { "amount": {
"type": "integer", "type": "integer",
@@ -672,6 +714,12 @@
"type": "string" "type": "string"
} }
}, },
"custom_records": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"destination": { "destination": {
"type": "string" "type": "string"
}, },
@@ -686,6 +734,12 @@
"amount": { "amount": {
"type": "integer" "type": "integer"
}, },
"custom_records": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"description": { "description": {
"type": "string" "type": "string"
}, },
@@ -782,6 +836,40 @@
"type": "string" "type": "string"
} }
} }
},
"v2controllers.UpdateUserRequestBody": {
"type": "object",
"required": [
"id"
],
"properties": {
"deactivated": {
"type": "boolean"
},
"id": {
"type": "integer"
},
"login": {
"type": "string"
},
"password": {
"type": "string"
}
}
},
"v2controllers.UpdateUserResponseBody": {
"type": "object",
"properties": {
"deactivated": {
"type": "boolean"
},
"id": {
"type": "integer"
},
"login": {
"type": "string"
}
}
} }
}, },
"securityDefinitions": { "securityDefinitions": {

61
docs/swagger.yaml
View File

@@ -34,8 +34,6 @@ definitions:
type: string type: string
description_hash: description_hash:
type: string type: string
required:
- amount
type: object type: object
v2controllers.AddInvoiceResponseBody: v2controllers.AddInvoiceResponseBody:
properties: properties:
@@ -114,6 +112,10 @@ definitions:
properties: properties:
amount: amount:
type: integer type: integer
custom_records:
additionalProperties:
type: string
type: object
customRecords: customRecords:
additionalProperties: additionalProperties:
type: string type: string
@@ -130,6 +132,10 @@ definitions:
properties: properties:
amount: amount:
type: integer type: integer
custom_records:
additionalProperties:
type: string
type: object
description: description:
type: string type: string
description_hash: description_hash:
@@ -193,6 +199,28 @@ definitions:
payment_request: payment_request:
type: string type: string
type: object type: object
v2controllers.UpdateUserRequestBody:
properties:
deactivated:
type: boolean
id:
type: integer
login:
type: string
password:
type: string
required:
- id
type: object
v2controllers.UpdateUserResponseBody:
properties:
deactivated:
type: boolean
id:
type: integer
login:
type: string
type: object
info: info:
contact: contact:
email: hello@getalby.com email: hello@getalby.com
@@ -235,6 +263,35 @@ paths:
summary: Authenticate summary: Authenticate
tags: tags:
- Account - Account
/v2/admin/users:
put:
consumes:
- application/json
description: Update an account with a new a login, password and activation status
parameters:
- description: Update User
in: body
name: account
schema:
$ref: '#/definitions/v2controllers.UpdateUserRequestBody'
produces:
- application/json
responses:
"200":
description: OK
schema:
$ref: '#/definitions/v2controllers.UpdateUserResponseBody'
"400":
description: Bad Request
schema:
$ref: '#/definitions/responses.ErrorResponse'
"500":
description: Internal Server Error
schema:
$ref: '#/definitions/responses.ErrorResponse'
summary: Update an account
tags:
- Account
/v2/balance: /v2/balance:
get: get:
consumes: consumes:

5
v2_endpoints.go
View File

@@ -12,7 +12,10 @@ func RegisterV2Endpoints(svc *service.LndhubService, e *echo.Echo, secured *echo
if svc.Config.AllowAccountCreation { if svc.Config.AllowAccountCreation {
e.POST("/v2/users", v2controllers.NewCreateUserController(svc).CreateUser, strictRateLimitMiddleware, adminMw) e.POST("/v2/users", v2controllers.NewCreateUserController(svc).CreateUser, strictRateLimitMiddleware, adminMw)
} }
e.PUT("/v2/admin/users", v2controllers.NewUpdateUserController(svc).UpdateUser, strictRateLimitMiddleware, adminMw) //require admin token for update user endpoint
if svc.Config.AdminToken != "" {
e.PUT("/v2/admin/users", v2controllers.NewUpdateUserController(svc).UpdateUser, strictRateLimitMiddleware, adminMw)
}
invoiceCtrl := v2controllers.NewInvoiceController(svc) invoiceCtrl := v2controllers.NewInvoiceController(svc)
keysendCtrl := v2controllers.NewKeySendController(svc) keysendCtrl := v2controllers.NewKeySendController(svc)
secured.POST("/v2/invoices", invoiceCtrl.AddInvoice) secured.POST("/v2/invoices", invoiceCtrl.AddInvoice)