mirror of
https://github.com/getAlby/lndhub.go.git
synced 2025-12-21 06:34:58 +01:00
171 lines
5.3 KiB
Go
171 lines
5.3 KiB
Go
package lib
|
|
|
|
import (
|
|
"context"
|
|
"database/sql"
|
|
"fmt"
|
|
"math/rand"
|
|
|
|
"github.com/getAlby/lndhub.go/db/models"
|
|
"github.com/getAlby/lndhub.go/lib/security"
|
|
"github.com/getAlby/lndhub.go/lib/tokens"
|
|
"github.com/labstack/gommon/random"
|
|
"github.com/lightningnetwork/lnd/lnrpc"
|
|
"github.com/uptrace/bun"
|
|
"golang.org/x/crypto/bcrypt"
|
|
)
|
|
|
|
const alphaNumBytes = random.Alphanumeric
|
|
|
|
type LndhubService struct {
|
|
Config *Config
|
|
DB *bun.DB
|
|
LndClient *lnrpc.LightningClient
|
|
}
|
|
type Config struct {
|
|
DatabaseUri string `envconfig:"DATABASE_URI" required:"true"`
|
|
SentryDSN string `envconfig:"SENTRY_DSN"`
|
|
LogFilePath string `envconfig:"LOG_FILE_PATH"`
|
|
JWTSecret []byte `envconfig:"JWT_SECRET" required:"true"`
|
|
JWTExpiry int `envconfig:"JWT_EXPIRY" default:"604800"` // in seconds
|
|
LNDAddress string `envconfig:"LND_ADDRESS" required:"true"`
|
|
LNDMacaroonHex string `envconfig:"LND_MACAROON_HEX" required:"true"`
|
|
LNDCertHex string `envconfig:"LND_CERT_HEX"`
|
|
}
|
|
|
|
func (svc *LndhubService) CurrentBalance(ctx context.Context, userId int64) (int64, error) {
|
|
var balance int64
|
|
|
|
account, err := svc.AccountFor(ctx, "current", userId)
|
|
if err != nil {
|
|
return balance, err
|
|
}
|
|
err = svc.DB.NewSelect().Table("account_ledgers").ColumnExpr("sum(account_ledgers.amount) as balance").Where("account_ledgers.account_id = ?", account.ID).Scan(context.TODO(), &balance)
|
|
return balance, err
|
|
}
|
|
|
|
func (svc *LndhubService) AccountFor(ctx context.Context, accountType string, userId int64) (models.Account, error) {
|
|
account := models.Account{}
|
|
err := svc.DB.NewSelect().Model(&account).Where("user_id = ? AND type= ?", userId, accountType).Limit(1).Scan(ctx)
|
|
return account, err
|
|
}
|
|
|
|
func (svc *LndhubService) AddInvoice(userID int64, amount uint, memo, descriptionHash string) (*models.Invoice, error) {
|
|
invoice := &models.Invoice{
|
|
Type: "",
|
|
UserID: userID,
|
|
TransactionEntryID: 0,
|
|
Amount: amount,
|
|
Memo: memo,
|
|
DescriptionHash: descriptionHash,
|
|
PaymentRequest: "",
|
|
RHash: "",
|
|
State: "",
|
|
}
|
|
|
|
// TODO: move this to a service layer and call a method
|
|
_, err := svc.DB.NewInsert().Model(invoice).Exec(context.TODO())
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return invoice, nil
|
|
}
|
|
func (svc *LndhubService) GenerateToken(login, password, inRefreshToken string) (accessToken, refreshToken string, err error) {
|
|
var user models.User
|
|
|
|
switch {
|
|
case login != "" || password != "":
|
|
{
|
|
if err := svc.DB.NewSelect().Model(&user).Where("login = ?", login).Scan(context.TODO()); err != nil {
|
|
return "", "", fmt.Errorf("bad auth")
|
|
}
|
|
if bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)) != nil {
|
|
return "", "", fmt.Errorf("bad auth")
|
|
|
|
}
|
|
}
|
|
case inRefreshToken != "":
|
|
{
|
|
// TODO: currently not supported
|
|
// I'd love to remove this from the auth handler, as the refresh token
|
|
// is usually a part of the JWT middleware: https://webdevstation.com/posts/user-authentication-with-go-using-jwt-token/
|
|
// if the current client depends on that - we can incorporate the refresh JWT code into here
|
|
return "", "", fmt.Errorf("bad auth")
|
|
}
|
|
default:
|
|
{
|
|
return "", "", fmt.Errorf("login and password or refresh token is required")
|
|
}
|
|
}
|
|
|
|
accessToken, err = tokens.GenerateAccessToken(svc.Config.JWTSecret, svc.Config.JWTExpiry, &user)
|
|
if err != nil {
|
|
return "", "", err
|
|
}
|
|
|
|
refreshToken, err = tokens.GenerateRefreshToken(svc.Config.JWTSecret, svc.Config.JWTExpiry, &user)
|
|
if err != nil {
|
|
return "", "", err
|
|
}
|
|
return accessToken, refreshToken, nil
|
|
}
|
|
|
|
func (svc *LndhubService) Payinvoice(userId int64, invoice string) error {
|
|
debitAccount, err := svc.AccountFor(context.TODO(), "current", userId)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
creditAccount, err := svc.AccountFor(context.TODO(), "outgoing", userId)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
entry := models.TransactionEntry{
|
|
UserID: userId,
|
|
CreditAccountID: creditAccount.ID,
|
|
DebitAccountID: debitAccount.ID,
|
|
Amount: 1000,
|
|
}
|
|
_, err = svc.DB.NewInsert().Model(&entry).Exec(context.TODO())
|
|
return err
|
|
|
|
}
|
|
|
|
func (svc *LndhubService) Create() (user *models.User, err error) {
|
|
|
|
user = &models.User{}
|
|
|
|
// generate user login/password (TODO: allow the user to choose a login/password?)
|
|
user.Login = randStringBytes(8)
|
|
password := randStringBytes(15)
|
|
// we only store the hashed password but return the initial plain text password in the HTTP response
|
|
hashedPassword := security.HashPassword(password)
|
|
user.Password = hashedPassword
|
|
|
|
// Create user and the user's accounts
|
|
// We use double-entry bookkeeping so we use 4 accounts: incoming, current, outgoing and fees
|
|
// Wrapping this in a transaction in case something fails
|
|
err = svc.DB.RunInTx(context.TODO(), &sql.TxOptions{}, func(ctx context.Context, tx bun.Tx) error {
|
|
if _, err := tx.NewInsert().Model(&user).Exec(ctx); err != nil {
|
|
return err
|
|
}
|
|
accountTypes := []string{"incoming", "current", "outgoing", "fees"}
|
|
for _, accountType := range accountTypes {
|
|
account := models.Account{UserID: user.ID, Type: accountType}
|
|
if _, err := svc.DB.NewInsert().Model(&account).Exec(ctx); err != nil {
|
|
return err
|
|
}
|
|
}
|
|
return nil
|
|
})
|
|
return user, err
|
|
}
|
|
|
|
func randStringBytes(n int) string {
|
|
b := make([]byte, n)
|
|
for i := range b {
|
|
b[i] = alphaNumBytes[rand.Intn(len(alphaNumBytes))]
|
|
}
|
|
return string(b)
|
|
}
|