aljaz/nutshell
1
0
Fork 0
mirror of https://github.com/aljazceru/nutshell.git synced 2025-12-21 02:54:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Mint API: Check ?amount is within a sensible range (#226)

Browse Source
This commit is contained in:
Angus Pearson
2023-05-18 21:31:20 +01:00
committed by GitHub
parent 5f3f88c8ed
commit e25100c1e0
2 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cashu/mint/router.py
View File

@@ -108,6 +108,8 @@ async def request_mint(amount: int = 0) -> Union[GetMintResponse, CashuError]:
Call `POST /mint` after paying the invoice. Call `POST /mint` after paying the invoice.
""" """
logger.trace(f"> GET /mint: amount={amount}") logger.trace(f"> GET /mint: amount={amount}")
if amount > 21_000_000 * 100_000_000 or amount <= 0:
return CashuError(code=0, error="Amount must be a valid amount of sats.")
if settings.mint_peg_out_only: if settings.mint_peg_out_only:
return CashuError(code=0, error="Mint does not allow minting new tokens.") return CashuError(code=0, error="Mint does not allow minting new tokens.")
try: try:

12
tests/test_mint_api.py
View File

@@ -42,3 +42,15 @@ async def test_api_keyset_keys(ledger):
assert response.json() == { assert response.json() == {
str(k): v.serialize().hex() for k, v in ledger.keyset.public_keys.items() str(k): v.serialize().hex() for k, v in ledger.keyset.public_keys.items()
} }
@pytest.mark.asyncio
async def test_api_mint_validation(ledger):
response = requests.get(f"{BASE_URL}/mint?amount=-21")
assert "error" in response.json()
response = requests.get(f"{BASE_URL}/mint?amount=0")
assert "error" in response.json()
response = requests.get(f"{BASE_URL}/mint?amount=2100000000000001")
assert "error" in response.json()
response = requests.get(f"{BASE_URL}/mint?amount=1")
assert "error" not in response.json()