lukechilds
/
lnbits
mirror of https://github.com/lukechilds/lnbits.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

feat: allow limiting the use of LNbits to some user uuids 

The `LNBITS_ALLOWED_USERS` env var can be used to limit access
to the application to some uuids only. "all" gives open access.
UUIDs should be comma separated.
Login
Eneko Illarramendi 5 years ago
parent
e768e4b075
commit
8add56a24c
3 changed files with 13 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      .env.example
  2. 6
      lnbits/core/views/generic.py
  3. 8
      lnbits/decorators.py

1
.env.example
View File

@ -2,6 +2,7 @@ FLASK_APP=lnbits
FLASK_ENV=development FLASK_ENV=development
LNBITS_SITE_TITLE=LNbits LNBITS_SITE_TITLE=LNbits
LNBITS_ALLOWED_USERS="all"
LNBITS_DEFAULT_WALLET_NAME="LNbits wallet" LNBITS_DEFAULT_WALLET_NAME="LNbits wallet"
LNBITS_DATA_FOLDER="/your_custom_data_folder" LNBITS_DATA_FOLDER="/your_custom_data_folder"
LNBITS_DISABLED_EXTENSIONS="amilk,events" LNBITS_DISABLED_EXTENSIONS="amilk,events"

6
lnbits/core/views/generic.py
View File

@ -1,6 +1,6 @@
from flask import g, abort, redirect, request, render_template, send_from_directory, url_for from flask import g, abort, redirect, request, render_template, send_from_directory, url_for
from http import HTTPStatus from http import HTTPStatus
from os import path from os import getenv, path
from lnbits.core import core_app from lnbits.core import core_app
from lnbits.decorators import check_user_exists, validate_uuids from lnbits.decorators import check_user_exists, validate_uuids
@ -61,6 +61,10 @@ def wallet():
user = get_user(create_account().id) user = get_user(create_account().id)
else: else:
user = get_user(user_id) or abort(HTTPStatus.NOT_FOUND, "User does not exist.") user = get_user(user_id) or abort(HTTPStatus.NOT_FOUND, "User does not exist.")
allowed_users = getenv("LNBITS_ALLOWED_USERS", "all")
if allowed_users != "all" and user_id not in allowed_users.split(","):
abort(HTTPStatus.UNAUTHORIZED, f"User not authorized.")
if not wallet_id: if not wallet_id:
if user.wallets and not wallet_name: if user.wallets and not wallet_name:

8
lnbits/decorators.py
View File

@ -2,6 +2,7 @@ from cerberus import Validator # type: ignore
from flask import g, abort, jsonify, request from flask import g, abort, jsonify, request
from functools import wraps from functools import wraps
from http import HTTPStatus from http import HTTPStatus
from os import getenv
from typing import List, Union from typing import List, Union
from uuid import UUID from uuid import UUID
@ -51,7 +52,12 @@ def check_user_exists(param: str = "usr"):
def wrap(view): def wrap(view):
@wraps(view) @wraps(view)
def wrapped_view(**kwargs): def wrapped_view(**kwargs):
g.user = get_user(request.args.get(param, type=str)) or abort(HTTPStatus.NOT_FOUND, "User not found.") g.user = get_user(request.args.get(param, type=str)) or abort(HTTPStatus.NOT_FOUND, "User does not exist.")
allowed_users = getenv("LNBITS_ALLOWED_USERS", "all")
if allowed_users != "all" and g.user.id not in allowed_users.split(","):
abort(HTTPStatus.UNAUTHORIZED, f"User not authorized.")
return view(**kwargs) return view(**kwargs)
return wrapped_view return wrapped_view

Write Preview
Loading…
Cancel
Save