* add subViewGroup function to create view to read sub stats from
* add topSubs resolver to graphql query
* add TOP_SUBS query fragment
* add SUB_SORTS for top territory sorting
* add custom cache policy for topSubs
* add territories to top header select
* add top territories page
* add db views for sub stats
* configure sub_stats views to refresh by worker
* filter rows with empty subName
* update msats_spent calculation to include all ItemAct in sub
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
* add nsfw column to sub
* add nsfw boolean to territorySchema
* save nsfw value in upsertSub mutation
* return nsfw value from Sub query for correct value in edit territory form
* add nsfw checkbox to territory form
* add nsfw badge to territory header
* add nsfwMode to user
* show nsfw badge next to item territory
* exclude nsfw sub from items query
* show nsfw mode checkbox on settings page
* fix nsfw badge formatting
* separate user from current, signed in user
* update relationClause to join with sub table
* refactor to simplify hide nsfw sql
* filter nsfw items when viewing user items
* hide nsfw posts for logged out users
* filter nsfw subs based on user preference
* show nsfw sub name if logged out user is viewing the page
* show current sub at the top of the list instead of bottom
* always join item with sub to check nsfw
* check for sub presence before showing nsfw badge on item
* skip manually adding sub to select if sub is null
* fix relationClause to join with root item
* move moderation and nsfw into accordion
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
* Refactor setting of default providers
* fixed warning about component update while rendering another component
* individual providers no longer need to know if they are the default or not
* default setting is now handled by WebLNContext -- the same context that returns the provider. this makes a lot more sense and is a lot easier to read
* default payment checkbox is now also disabled if there is only one enabled provider or if it is the default provider
* Fix order lost on page reload
On page reload, the providers were synced in the order they were loaded.
This means that the default payment provider setting was lost.
Fixed this by syncing order to local storage and on page reload, only syncing providers when they were initialized (else the order would have been lost again).
* Add LNbits card
* Save LNbits Provider in WebLN context
* Check LNbits connection on save
* refactor: put LNbitsProvider into own file
* Pay invoices using WebLN provider from context
* Remove deprecated FIXME
* Try WebLN provider first
* Fix unhandled promise rejection
* Fix this in sendPayment
* Be optimistic regarding WebLN zaps
This wraps the WebLN payment promise with Apollo cache updates.
We will be optimistics and assume that the payment will succeed and update the cache accordingly.
When we notice that the payment failed, we undo this update.
* Bold strike on WebLN zap
If lightning strike animation is disabled, toaster will be used.
* Rename undo variable to amount
* Fix zap undo
* Add NWC card
* Attempt to check NWC connection using info event
* Fix NaN on zap
Third argument of update is reserved for context
* Fix TypeError in catch of QR code
* Add basic NWC payments
* Wrap LNbits getInfo with try/catch
* EOSE is enough to check NWC connection
* refactor: Wrap WebLN providers into own context
I should have done this earlier
* Show red indicator on error
* Fix useEffect return value
* Fix wrong usage of pubkey
The event pubkey is derived from the secret. Doesn't make sense to manually set it. It's also the wrong pubkey: we're not the wallet service.
* Use p tag in NWC request
* Add comment about required filter field
* Aesthetic changes to NWC sendPayment
* Add TODO about receipt verification
* Fix WebLN attempted again after error
* Fix undefined name
* Add code to mock NWC relay
* Revert "Bold strike on WebLN zap"
This reverts commit a9eb27daec0cd2ef30b56294b05e0056fb5b4184.
* Fix update undo
* Fix lightning strike before payment
* WIP: Wrap WebLN payments with toasts
* add toasts for pending, error, success
* while pending, invoice can be canceled
* there are still some race conditions between payiny the invoice / error on payment and invoice cancellation
* Fix invoice poll using stale value from cache
* Remove unnecessary if
* Make sure that pay_invoice is declared as supported
* Check if WebLN provider is enabled before calling sendPayment
* Fix bad retry
If WebLN payments failed due to insufficient balances, the promise resolved and thus the action was retried but failed immediately since the invoice (still) wasn't paid.
* Fix cache undo update
* Fix no cache update after QR payment
* refactor: Use fragments to undo cache updates
* Remove console.log
* Small changes to NWC relay mocking
* Return SendPaymentResponse
See https://www.webln.guide/building-lightning-apps/webln-reference/webln.sendpayment
* Also undo cache update on retry failure
* Disable NWC mocking
* Fix initialValue not set
But following warning is now shown in console:
"""
Warning: A component is changing a controlled input to be uncontrolled.
This is likely caused by the value changing from a defined to undefined, which should not happen.
Decide between using a controlled or uncontrolled input element for the lifetime of the component. More info: https://reactjs.org/link/controlled-components
"""
* Remove comment since only relevant for blastr (mutiny relay)
* Remove TODO
* Fix duplicate cache update
* Fix QR modal not closed after payment
* Ignore lnbits variable unused
* Use single relay connection for all NWC events
* Fix missing timer and subscription cleanup
* Remove TODO
Confirmed that nostr-tools verifies events and filters for us.
See https://github.com/nbd-wtf/nostr-tools/blob/master/abstract-relay.ts#L161
* Fix switch from controlled to uncontrolled input
* Show 'configure' on error
* Use budgetable instead of async
* Remove EOSE listener
Only nostr.mutinywallet.com didn't respond with info events due to implementation-specific reasons. This is no longer the case.
* Use invoice expiry for NWC timeout
I don't think there was a specific reason why I used 60 seconds initially.
* Validate LNbits config on save
* Validate NWC config on save
* Also show unattach if configuration is invalid
If unattach is only shown if configuration is valid, resetting the configuration is not possible while it's invalid. So we're stuck with a red wallet indicator.
* Fix detection of WebLN payment
It depended on a Apollo cache update function being available. But that is not the case for every WebLN payment.
* Fix formik bag lost
* Use payment instead of zap in toast
* autoscale capture svc by response time
* docs and changes for testing lnbits locally
* Rename configJSON to config
Naming of config object was inconsistent with saveConfig function which was annoying.
Also fixed other inconsistencies between LNbits and NWC provider.
* Allow setting of default payment provider
* Update TODO comment about provider priority
The list 'paymentMethods' is not used yet but is already implemented for future iterations.
* Add wallet security disclaimer
* Update labels
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
Currently, all the billing types radios are being assigned the
same "billingType" id, so clicking on any of the labels
always selects the monthly one. If you inspect the HTML, all the
billing type labels have 'for="billingType"' which is how the HTML
knows which input to select.
We have to keep the "name" attribute the same because that's how
the input values are linked to the billingType form field.
To fix, we explicitly assign the "id" prop for each radio so
that the <label>'s "for" attribute is tied to the correct
radio input.
Currently, all the post types checkbox are being assigned the
same "postTypes" id, so clicking on any of the post type labels
always toggles the first one. If you inspect the HTML, all the
post type labels have 'for="postTypes"' which is how the HTML
knows which checkbox to toggle.
We have to keep the "name" attribute the same because that's how
the checkbox values are linked to the postTypes field.
To fix, we explicitly assign the id prop for each checkbox so
that the <label>'s "for" attribute is tied to the correct
checkbox input.
* refactor: replace recursion with promise sequence
This commit refactors `useInvoicable`. The hard-to-follow recursion was replaced by awaiting promises which resolve or reject when one step of our JIT invoice flow is done.
Therefore, `onSubmit` is now fully agnostic of JIT invoices. The handler only returns when payment + action was successful or canceled - just like when a custodial zap was successful.
* refactor more and fix bugs
* move invoice cancel logic into hook where invoice is also created
* fix missing invoice cancellation if user closes modal or goes back.
* refactor promise logic: it makes more sense to wrap the payment promise with the modal promise than the other way around.
* Fix unhandled rejection
* Fix unnecessary prop drilling
* Fix modal not closed after successful action
* Fix unnecessary async promise executor
* Use function to set state
* Show territory details in post form
* Style territory details in post form
* Keep details closed by default
* Use SUB_FULL
* Undo unused changes to specify accordian default
---------
Co-authored-by: ekzyis <ek@stacker.news>
* Only close notifications manually on iOS
* Use function instead of hardcoded string
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
* refactor: Use log function in service worker
* Add verbose logging on push listener
* Fix TypeError: Cannot read properties of null (reading 'postMessage')
navigator.serviceWorker.controller is null on forced refreshes:
"""
This property returns null if the request is a force refresh (Shift + refresh) or if there is no active worker.
"""
-- https://developer.mozilla.org/en-US/docs/Web/API/ServiceWorkerContainer/controller
This means when we unregister a service worker manually (like I do for debugging purposes) and then reload the page, there is no service worker available when this code is run.
Adding a check with a more helpful error message should improve UX.
This error might also happen in other cases where a page refresh should also help.
---------
Co-authored-by: ekzyis <ek@stacker.news>
* Christmas zaps
* Also add 50px margin on left side
* Remove wrong comment
* Use grey snow in light mode
---------
Co-authored-by: ekzyis <ek@stacker.news>
* Add nostr event id field to items
* crosspost-item
* crosspost old items, update with nEventId
* Updating noteId encoding, cleaning up a little
* Fixing item-info condition, cleaning up
* Linting
* Spacing nit
* Add createdAt variable back
* Change instances of eventId to noteId
* Adding upsertNoteId mutation
* Cleaning up updateItem, using toasts to communivate success/failure in crosspost-item
* Linting
* Fix type
* Move crosspost to share button, make sure only OP can crosspost
* Lint
* Simplify conditions
* user might have no nostr extension installed
Co-authored-by: ekzyis <27162016+ekzyis@users.noreply.github.com>
* change upsertNoteId to updateNoteID for resolver and mutations, change isOp to mine, remove unused noteId params
* Use nostr.com for linking out with noteId
* lint
* add noopener to window.open call
* Simplify condition, throw GraphQLError
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: ekzyis <27162016+ekzyis@users.noreply.github.com>
* Toast on successful delete bot directive
* refactor duplicate code into a reusable function
* restore empty spacing lines to clean up the diff
* perf optimization, only query for deleteScheduledAt for your own items
* Issue a warning toast if the delete bot was mentioned but the item was not scheduled for deletion
* use bs-secondary color for warning
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
* * add error boundary immediately above page component
* send error logs to server via LoggerContext
* display error stack and component stack in copyable text area
* wrap every context provider in an error boundary
* memoize context values to fix error boundary propagation issue
* Wrap page component in an error boundary so we can use our context utilities
for a better experience, like toast and logger
Still have a top-level error boundary that catches things from the context providers,
just in case.
Don't display the whole error stack, just because it's ugly, but make it copyable
* First pass of implementing Badging API for notifications
* Only show app badge when driven from push notifications
* Display number of unread push notifications instead of just an empty badge
Clear badge via postMessage when notifications page is loaded
* de-dupe some code, update badge counter on each notification click
* remove ids, track open note count instead
* restore optional chaining
* ensure note count doesn't go below 0, and fix event.waitUntil error when clearing badge
* incorporate PR feedback
* add custom range option to top items page
* add custom range option to profile page
* add date filter option to chart pages
* cleanup
* fix x-axis date labels
* date picker improvements
* enhancements to custom date selection
* remove unneeded condition
---------
Co-authored-by: rleed <rleed1@pm.me>
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
* Add icon to add images
* Open file explorer to select image
* Upload images to S3 on selection
* Show uploaded images below text input
* Link and remove image
* Fetch unsubmitted images from database
* Mark S3 images as submitted in imgproxy job
* Add margin-top
* Mark images as submitted on client after successful mutation
* Also delete objects in S3
* Allow items to have multiple uploads linked
* Overwrite old avatar
* Add fees for presigned URLs
* Use Github style upload
* removed upfront fees
* removed images provider since we no longer need to keep track of unsubmitted images on the client
* removed User.images resolver
* removed deleteImage mutation
* use Github style upload where it shows ![Uploading <filename>...]() first and then replaces that with ![<filename>](<url>) after successful upload
* Add Upload.paid boolean column
One item can have multiple images linked to it, but an image can also be used in multiple items (many-to-many relation).
Since we don't really care to which item an image is linked and vice versa, we just use a boolean column to mark if an image was already paid for.
This makes fee calculation easier since no JOINs are required.
* Add image fees during item creation/update
* we calculate image fees during item creation and update now
* function imageFees returns queries which deduct fees from user and mark images as paid + fees
* queries need to be run inside same transaction as item creation/update
* Allow anons to get presigned URLs
* Add comments regarding avatar upload
* Use megabytes in error message
* Remove unnecessary avatar check during image fees calculation
* Show image fees in frontend
* Also update image fees on blur
This makes sure that the images fees reflect the current state. For example, if an image was removed.
We could also add debounced requests.
* Show amount of unpaid images in receipt
* Fix fees in sats deducted from msats
* Fix algebraic order of fees
Spam fees must come immediately after the base fee since it multiplies the base fee.
* Fix image fees in edit receipt
* Fix stale fees shown
If we pay for an image and then want to edit the comment, the cache might return stale date; suggesting we didn't pay for the existing image yet.
* Add 0 base fee in edit receipt
* Remove 's' from 'image fees' in receipts
* Remove unnecessary async
* Remove 'Uploading <name>...' from text input on error
* Support upload of multiple files at once
* Add schedule to delete unused images
* Fix image fee display in receipts
* Use Drag and Drop API for image upload
* Remove dragOver style on drop
* Increase max upload size to 10MB to allow HQ camera pictures
* Fix free upload quota
* Fix stale image fees served
* Fix bad image fee return statements
* Fix multiplication with feesPerImage
* Fix NULL returned for size24h, sizeNow
* Remove unnecessary text field in query
* refactor: Unify <ImageUpload> and <Upload> component
* Add avatar cache busting using random query param
* Calculate image fee info in postgres function
* we now calculate image fee info in a postgres function which is much cleaner
* we use this function inside `create_item` and `update_item`: image fees are now deducted in the same transaction as creating/updating the item!
* reversed changes in `serializeInvoiceable`
* Fix line break in receipt
* Update upload limits
* Add comment about `e.target.value = null`
* Use debounce instead of onBlur to update image fees info
* Fix invoice amount
* Refactor avatar upload control flow
* Update image fees in onChange
* Fix rescheduling of other jobs
* also update schedule from every minute to every hour
* Add image fees in calling context
* keep item ids on uploads
* Fix incompatible onSubmit signature
* Revert "keep item ids on uploads"
This reverts commit 4688962abc.
* many2many item uploads
* pretty subdomain for images
* handle upload conditions for profile images and job logos
---------
Co-authored-by: ekzyis <ek@ekzyis.com>
Co-authored-by: ekzyis <ek@stacker.news>
* Also delete push subscription in IndexedDB
* Fix pushsubscriptionchange function signature
* Send SYNC_SUBSCRIPTION after successful registration
* Resubscribe if service worker lost subscription
---------
Co-authored-by: ekzyis <ek@stacker.news>
* add link comment functionality
* handle anon case
* revise info text
* simplify by using item.text
* remove hint
* cleanup
---------
Co-authored-by: rleed <rleed1@pm.me>
* display bolt11 info and preimage for invoices
* Remove preimage attempt for wdrwl, since it doesn't make sense
Other various code cleanup
* Only include preimage for confirmed paid and settled invoices
adds auto-complete support for other stacker.news users when withdrawing
to a lightning address
implemented via adding an optional `transformUser` prop to the `UserSuggest` and `InputUserSuggest`
components, which allows you to transform fetched user results before displaying in the suggestion
dropdown
this is used to transform a user nym to nym@stacker.news, the corresponding
lightning address
by default, `transformUser` is an identity fn aka no transformation
this change also clears suggestions when the surrounding input field is blurred, which
is a better UX IMO
* Handle quote reply of selections in iOS Safari
Approach borrowed from https://stackoverflow.com/a/72537632
Basically this makes a copy of the selection when the "touchend" event
occurs, so we can use it for processing later
This code listens to that event for each instance of the reply component,
removing the event listener on unmount
* Update docker-compose up command in dev notes
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
* uber rough first pass at mention autocompletes
* support custom limit on topUsers query
* hot keys for selecting user suggestion in markdown input
* query top stackers for mentions with no search query
* refactor UserSuggestion to help with reusability
textarea-caret for placing the user suggest dropdown appropriately
other various code cleanup items to make it easier to use
off by one errors are fun!
various code cleanup and reuse the UserSuggest component in InputUserSuggest to reduce duplication
* change default users to week query
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
* Crossposting discussion function, crossposting setting migration
* Passing in id, adding relays to test
* Adding checkbox setting for crossposting enabled
* Adding paramaterized event fields to crosspostDiscussion, successfully crossposting discussions
* Cleaning up for rebase
* Removing nostrRelays
* Retry crosspost toast
* Adding nostrCrossposting to settings, fixing migration
* Full flow is working with error surfacing, retries, and skips for a retry
* Updates to error handling/retries for crossposting, fixing settings for crossposting
* Allowing recursive retries for crossposting to specific relays
* Fixing / syncing crossposting settings, cleaning up and seperating out nostr functions
* Cleaning up
* Running linter
* make nostr crossposter a hook
---------
Co-authored-by: Austin <austin@pop-os.localdomain>
Co-authored-by: plebdev <plebdev@plebdevs-MacBook-Pro.local>
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
* Quote reply support on text-based posts and comments
* Clean up the `onQuoteReply` prop usage
* Refactor to use `useImperativeHandle` for Reply
* quote selected text if any, otherwise quote whole item
* Only quote selected text if it's from the item we're replying to, not just any selected text
* add trailing newline to copied text
* onPointerDown for mobile, quote+reply quotes text
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
* LUD-18 Wallet implementation
Query the lightning address provider client-side to learn of capabilities
Conditionally render LUD-12 and LUD-18 fields based on what the remote
server says is supported
Allow identifier, name, and email to be sent from the SN side during the withdrawal flow. Auth seems too complicated for our use case, and idk about pubkey?
* Clear inputs if the new ln addr provier doesn't support those fields
* various ux improvements
* dynamic client-side validation for required payer data
* don't re-init form state on error
* correct min and max amount values
* only send applicable data to graphql api based on payerdata schema
* input type for numeric values (amount, max fee)
* update step for amount and max fee
* Fix identifier optional and field blur
* reuse more code
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
* first pass of LUD-18 support
* Various LUD-18 updates
* don't cache the well-known response, since it includes randomly generated single use values
* validate k1 from well-known response to pay URL
* only keep k1's for 10 minutes if they go unused
* fix validation logic to make auth object optional
* Various LUD18 updates
* move k1 cache to database
* store payer data in invoice db table
* show payer data in invoices on satistics page
* show comments and payer data on invoice page
* Show lud18 data in invoice notification
* PayerData component for easier display of info in invoice, notification, wallet history
* `payerData` -> `invoicePayerData` in fact schema
* Merge prisma migrations
* lint fixes
* worker job to clear out unused lnurlp requests after 30 minutes
* More linting
* Move migration to older
* WIP review
* enhance lud-18
* refine notification ui
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
* Remove outdated comments about srcSet value
We no longer distinguish between `undefined` and `null` for `srcSet`.
* Fix misleading URL shown
* Update/fix comments in <ImageOriginal>
* Simplify condition when to show image
I think this is not required since `showImage` will always stay false if tab !== 'preview' or me?.clickToLoadImg are true.
* Rename to imgproxyOnly
* Add info to imgproxyOnly setting
* Fix text of markdown links not used on imgproxy errors
* Fix rendering markdown links with text as images
---------
Co-authored-by: ekzyis <ek@stacker.news>
* Prototype implementing LUD-12 comments on payRequest in LNURLP Lightning Address flow
* Support sending comment when withdrawing to ln addr (LUD-12)
* Prevent `initialError` from being toasted informs multiple times
* delete the old create_invoice function
* improve lightning addr withdrawal styling
* allow lnaddr comment to show up in notifications
* enhance satistics
---------
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
* Add diagnostics settings & endpoint
Stackers can now help us to identify and fix bugs by enabling diagnostics.
This will send anonymized data to us.
For now, this is only used to send events around push notifications.
* Send diagnostics to slack
* Detect OS
* Diagnostics data is only pseudonymous, not anonymous
It's only pseudonymous since with additional knowledge (which stacker uses which fancy name), we could trace the events back to individual stackers.
Data is only anonymous if this is not possible - it must be irreversible.
* Check if window.navigator is defined
* Use Slack SDK
* Catch errors of slack requests
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
* Subscribe to user posts and comments independently
* Track when comments and posts subscriptions are set to filter out old items
* Only send push notification to subscribed user if posts/comments enabled
* Remove `posts` and `comments` boolean fields on UserSub, rely solely on timestamps
* Hide wallet balance on long press
* Use setting to hide wallet balance
* Fix layout shift on hover
* Fix SSR warning about useLayoutEffect
See https://reactjs.org/link/uselayouteffect-ssr
* Also hide balance in wallet
---------
Co-authored-by: ekzyis <ek@stacker.news>
* Add block height to price carousel
source block height from mempool.space API
https://mempool.space/docs/api/rest#get-block-tip-height
* Add block height to SSR, clean up fragment query
* Cache block height for 1 minute, not 30 seconds
use `numWithUnits` for block height label
* Replace mempool.space API with LND API call
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
* Notifications for when you are forwarded sats from a post
Support notifications when a post for which you are forwarded gets zapped
This is controlled by a new boolean flag in user settings
* Send push notifications to forwarded users when they get forwarded sats
* Add `Promise.allSettled` per PR feedback
* Remove `FEE` act type when building forwarded zaps notifications
Don't include `FEE` actions, only `TIP` actions to avoid "0 sats forwarded" notifications
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
* Indicate how many chars remain for title field and poll options
Live counter update to help authors know how many more chars they have
to use in their post titles, and also poll options
* Use InputInner for consistency
* Refactor to reuse title hint across all forms
* Character(s)
* Move maxLength hint impl to InputInner, per PR feedback
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
* invoices are no longer deleted to prevent double-spends but marked as confirmed.
therefore, during checkInvoice, we also check if the invoice is already confirmed.
* instead of showing FundError (with "fund wallet" and "pay invoice" as options), we now always immediately show an invoice
* since flagging, paying bounties and poll voting used FundError but only allowed spending from balance, they now also support paying per invoice
Co-authored-by: ekzyis <ek@stacker.news>
* Use HODL invoices
* Fix expiry check comparing string with Date
* Fix unconfirmed user balance for HODL invoices
This is done by syncing the data from LND to the Invoice table.
If the columns is_held and msatsReceived are set, the frontend is told that we're ready to execute the action.
We then update the user balance in the same tx as the action.
We need to still keep checking the invoice for expiration though.
* Fix worker acting upon deleted invoices
* Prevent usage of invoice after expiration
* Use onComplete from <Countdown> to show expired status
* Remove unused lnd argument
* Fix item destructuring from query
* Fix balance added to every stacker
* Fix hmac required
* Fix invoices not used when logged in
* refactor: move invoiceable code into form
* renamed invoiceHash, invoiceHmac to hash, hmac since it's less verbose all over the place
* form now supports `invoiceable` in its props
* form then wraps `onSubmit` with `useInvoiceable` and passes optional invoice options
* Show expired if expired and canceled
* Also use useCallback for zapping
* Always expire modal invoices after 3m
* little styling thing
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
* First pass of user subscriptions
* add new db model to track subscriptions
* update user typedef and api resolver for subscription state
* add subscribe action to user profile page
* add mutation to subscribe to a user
* Update notifications queries, hasNewNotes queries for FollowActivity note type
* Only show items that have been created since subscribing to the user
* Send push notifications to user subscribers for posts and comments
* Rename item dropdown to action dropdown and re-use for item info and user actions
* Don't allow self-follows
* Add index on followee for faster lookups
* Don't show subscribe action if not logged in
* small style enhance
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
* Prototype of toast system
* More toast adoption
* share
* flag
* bookmark
* subscribe
* delete
* More toast usage:
* forms
* settings save
* Log error during flag failure
* Incorporate PR feedback:
1. return `toaster` from `useToast` hook, with simplified `success` and `danger` methods
2. remove toast header, move close button to body
3. change how toast ids are generated to use a global incrementing int
4. update toast messages
* PR feedback:
* reduce width of toast on narrow screens
* dynamic delete success toast message based on deleted type
* add toasts to auth methods deletion operations
* Dismiss all toasts upon page navigation
* refine style and use delay prop
* more styling
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
* multiple forwards on a post
first phase of the multi-forward support
* update the graphql mutation for discussion posts to accept and validate multiple forwards
* update the discussion form to allow multiple forwards in the UI
* start working on db schema changes
* uncomment db schema, add migration to create the new model, and update create_item, update_item
stored procedures
* Propagate updates from discussion to poll, link, and bounty forms
Update the create, update poll sql functions for multi forward support
* Update gql, typedefs, and resolver to return forwarded users in items responses
* UI changes to show multiple forward recipients, and conditional upvote logic changes
* Update notification text to reflect multiple forwards upon vote action
* Disallow duplicate stacker entries
* reduce duplication in populating adv-post-form initial values
* Update item_act sql function to implement multi-way forwarding
* Update referral functions to scale referral bonuses for forwarded users
* Update notification text to reflect non-100% forwarded sats cases
* Update wallet history sql queries to accommodate multi-forward use cases
* Block zaps for posts you are forwarded zaps at the API layer, in addition
to in the UI
* Delete fwdUserId column from Item table as part of migration
* Fix how we calculate stacked sats after partial forwards in wallet history
* Exclude entries from wallet history that are 0 stacked sats from posts with 100% forwarded to other users
* Fix wallet history query for forwarded stacked sats to be scaled by the fwd pct
* Reduce duplication in adv post form, and do some style tweaks for better layout
* Use MAX_FORWARDS constants
* Address various PR feedback
* first enhancement pass
* enhancement pass too
---------
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
* Configure imgproxy timeouts
* Use click to load on imgproxy errors
* Add setting for click to load
---------
Co-authored-by: ekzyis <ek@stacker.news>
I stumbled across this while checking if anons can edit their items.
I monkey patched the code to make it possible (so they can see the 'edit' button) and tried to edit an item but I got this error:
Variable "$amount" of required type "Int!" was not provided.
I fixed this even though this function should never be called without an amount anyway. It will return a sane error in that case now.
This prevents entities which know the invoice hash (like all LN nodes on the payment path) from using the invoice hash on SN.
Only the user which created the invoice knows the HMAC and thus can use the invoice hash.
Support an optional debounce prop on Input component
If provided, the debounce is applied to the validation of the containing form,
imperatively invoking form validation after debounce is finalized
Also required introducing the `validateOnChange` prop on `Form` which gets passed to `Formik`, and defaults to true, just as it does in `Formik`.
Imperatively invoking form validation seemed to be the only way to debounce the validation call through formik.
Most browsers don't support the pushsubscriptionchange event.
We workaround this by saving the current push subscription in IndexedDB so we can check during every page load if the push subscription changed.
If that is the case, we manually sync the push subscription with the server.
However, this solution is not perfect as mentioned in https://medium.com/@madridserginho/how-to-handle-webpush-api-pushsubscriptionchange-event-in-modern-browsers-6e47840d756f which was used for reference:
> This solution is not perfect, the user could lose some push notifications if he doesn’t open the webapp for a long time.
Co-authored-by: ekzyis <ek@stacker.news>
Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.
Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.
* Show longest cowboy streak in profile
* Fix image offset
* Initialize maxStreak for every user
* Use resolver instead of denormalization for maxStreak
---------
Co-authored-by: ekzyis <ek@stacker.news>
* Parse image links during markdown rendering
* Use imgproxy to replace links
* Add healthcheck
See https://docs.imgproxy.net/healthcheck
* Enable WebP and animation support
* Only replace image URLs
* Replace all occurrences
* Fix creating posts with no text
* Embed image on link posts where link is image
---------
Co-authored-by: ekzyis <ek@stacker.news>
* Scroll from root item in reach on notification click
Instead of going directly to the item of the notification, we now scroll from the root item which is still in reach to the comment.
This should provide more context to the user in most cases.
* Also scroll from root item in reach in /notifications
---------
Co-authored-by: ekzyis <ek@stacker.news>