From 098089af7548bca24fc91ca425c73c31f8a5c242 Mon Sep 17 00:00:00 2001 From: Eneko Illarramendi Date: Thu, 24 Sep 2020 11:44:35 -0300 Subject: [PATCH] PREFER_SECURE_URLS, get rid of FORCE_HTTPS hacks. --- lnbits/extensions/lnurlp/models.py | 5 +---- lnbits/extensions/lnurlp/views_api.py | 4 +--- lnbits/extensions/withdraw/models.py | 9 ++------- lnbits/settings.py | 3 ++- 4 files changed, 6 insertions(+), 15 deletions(-) diff --git a/lnbits/extensions/lnurlp/models.py b/lnbits/extensions/lnurlp/models.py index 94dea61..6cac5af 100644 --- a/lnbits/extensions/lnurlp/models.py +++ b/lnbits/extensions/lnurlp/models.py @@ -5,8 +5,6 @@ from lnurl.types import LnurlPayMetadata from sqlite3 import Row from typing import NamedTuple -from lnbits.settings import FORCE_HTTPS - class PayLink(NamedTuple): id: str @@ -23,8 +21,7 @@ class PayLink(NamedTuple): @property def lnurl(self) -> Lnurl: - scheme = "https" if FORCE_HTTPS else None - url = url_for("lnurlp.api_lnurl_response", link_id=self.id, _external=True, _scheme=scheme) + url = url_for("lnurlp.api_lnurl_response", link_id=self.id, _external=True) return lnurl_encode(url) @property diff --git a/lnbits/extensions/lnurlp/views_api.py b/lnbits/extensions/lnurlp/views_api.py index 2c62878..852a68e 100644 --- a/lnbits/extensions/lnurlp/views_api.py +++ b/lnbits/extensions/lnurlp/views_api.py @@ -7,7 +7,6 @@ from lnurl.exceptions import InvalidUrl as LnurlInvalidUrl from lnbits.core.crud import get_user from lnbits.core.services import create_invoice from lnbits.decorators import api_check_wallet_key, api_validate_post_request -from lnbits.settings import FORCE_HTTPS from lnbits.extensions.lnurlp import lnurlp_ext from .crud import ( @@ -102,8 +101,7 @@ async def api_lnurl_response(link_id): if not link: return jsonify({"status": "ERROR", "reason": "LNURL-pay not found."}), HTTPStatus.OK - scheme = "https" if FORCE_HTTPS else None - url = url_for("lnurlp.api_lnurl_callback", link_id=link.id, _external=True, _scheme=scheme) + url = url_for("lnurlp.api_lnurl_callback", link_id=link.id, _external=True) resp = LnurlPayResponse( callback=url, diff --git a/lnbits/extensions/withdraw/models.py b/lnbits/extensions/withdraw/models.py index 9e4ab75..3e55fc3 100644 --- a/lnbits/extensions/withdraw/models.py +++ b/lnbits/extensions/withdraw/models.py @@ -3,7 +3,6 @@ from lnurl import Lnurl, LnurlWithdrawResponse, encode as lnurl_encode from sqlite3 import Row from typing import NamedTuple import shortuuid # type: ignore -from lnbits.settings import FORCE_HTTPS class WithdrawLink(NamedTuple): @@ -35,7 +34,6 @@ class WithdrawLink(NamedTuple): @property def lnurl(self) -> Lnurl: - scheme = "https" if FORCE_HTTPS else None if self.is_unique: usescssv = self.usescsv.split(",") tohash = self.id + self.unique_hash + usescssv[self.number] @@ -45,18 +43,15 @@ class WithdrawLink(NamedTuple): unique_hash=self.unique_hash, id_unique_hash=multihash, _external=True, - _scheme=scheme, ) else: - url = url_for("withdraw.api_lnurl_response", unique_hash=self.unique_hash, _external=True, _scheme=scheme) + url = url_for("withdraw.api_lnurl_response", unique_hash=self.unique_hash, _external=True) return lnurl_encode(url) @property def lnurl_response(self) -> LnurlWithdrawResponse: - scheme = "https" if FORCE_HTTPS else None - - url = url_for("withdraw.api_lnurl_callback", unique_hash=self.unique_hash, _external=True, _scheme=scheme) + url = url_for("withdraw.api_lnurl_callback", unique_hash=self.unique_hash, _external=True) return LnurlWithdrawResponse( callback=url, k1=self.k1, diff --git a/lnbits/settings.py b/lnbits/settings.py index 983b79e..96f0809 100644 --- a/lnbits/settings.py +++ b/lnbits/settings.py @@ -24,5 +24,6 @@ LNBITS_SITE_TITLE = env.str("LNBITS_SITE_TITLE", default="LNbits") WALLET = wallet_class() DEFAULT_WALLET_NAME = env.str("LNBITS_DEFAULT_WALLET_NAME", default="LNbits wallet") -FORCE_HTTPS = env.bool("LNBITS_FORCE_HTTPS", default=True) +PREFER_SECURE_URLS = env.bool("LNBITS_FORCE_HTTPS", default=True) + SERVICE_FEE = env.float("LNBITS_SERVICE_FEE", default=0.0)