Commit Graph

637 Commits

Author SHA1 Message Date
ekzyis 6fa747b234 Fix missing fragmentName 2024-10-25 14:10:41 +02:00
Keyan 7d139faca1
Merge branch 'master' into upgrade-deps 2024-10-15 11:34:55 -05:00
k00b 4b18498651 hide cowboy hat -> essentials 2024-10-14 17:52:40 -05:00
k00b 6a8b823f9f upgrade qr code scanner and fix #1476 2024-10-12 18:06:07 -05:00
k00b f9ed1ee6f5 upgrade non-(apparently)-breaking major versions 2024-10-12 18:06:07 -05:00
Keyan 245419185f
wallet streaks (#1468)
* wallet streaks backend

* notifications and badges

* reuseable streak fragment

* squash migrations

* push notifications

* update cowboy notification setting label text
2024-10-11 19:14:18 -05:00
ekzyis 41da95b125
Fix wallet double tap on mobile (#1467)
* Fix wallet double tap on mobile

* also add icon that card can be dragged

* Fix ugly drag image
2024-10-09 19:27:49 -05:00
Keyan e48cd61721
remove unused fields from me fragment (#1466) 2024-10-09 11:56:29 -05:00
k00b a916533826 fix apple-mobile-web-app-capable deprecation 2024-10-07 10:52:29 -05:00
k00b 153455983e Revert "Encrypted device sync (#1373)"
This reverts commit a9a566a79f.
2024-10-04 15:00:13 -05:00
Keyan 5543a0755a
paginating wallet logs (#1459)
* paginating wallet logs

* refine
2024-10-04 06:59:32 -05:00
k00b 65a7ef10d0 make bio work as paid action 2024-10-02 18:39:56 -05:00
toyota-corolla0 c400a6c1c6
feat: cache bio draft (#1455) 2024-10-02 18:06:22 -05:00
Keyan 4ce395889d
Be kind to lnd (#1448)
* cache or remove unecessary calls to lnd

* avoid redundant grpc calls in state machine

* store preimage whenever available

* enhancements post self-code review

* small refinements

* fixes

* fix lnurl-verify

* prevent wallet logger throwing on idb close

* fix promise in race while waiting for payment
2024-10-02 15:03:30 -05:00
Riccardo Balbo a9a566a79f
Encrypted device sync (#1373)
* user vault

* code cleanup and fixes

* improve ui

* prevent name collisions between users on the same device

* some improvements

* implement storage migration

* comments and cleanup

* make connect button primary instead of warning

* move show passphrase in new line (improvement for small screen devices)

* make show passphrase field readOnly

* fixes

* fix vault key unsync

* implicit migration

* move device sync under  general tab

* fix locally disabled wallets and default wallet selection

* improve text

* remove useless SSR check

* add auth checks

* Rename variables

* Fix missing await

* Refactor local<>vault storage interface

I've changed quite some things here. Attempt of a summary:

* storageKey is now only controlled by useVaultStorageState

I've noticed that dealing with how storage keys are generated (to apply user scope) was handled in two places: the existing wallet code and in the new vault code.

This was confusing and error-prone. I've fixed that by completely relying on the new vault code to generate correct storage keys.

* refactored migration

Migration now simply encrypts any existing local wallets and sends them to the server. On success, the local unencrypted version is deleted.

The previous code seemed to unnecessarily generate new local entries prefixed by 'vault:'.

However, since we either use unencrypted local state OR use the encrypted vault on the server for the data, I didn't see any need for these.

Migration seems to work just as well as before.

* removed unnecessary state

In the <DeviceSync> component, enabled & connected were using a unnecessary combo of useState+useEffect.

They were only using variables that are always available during render so simple assignments were enough.

* other minor changes include:

  * early returns
  * remove unnecessary SSR checks in useEffect or useCallback
  * formatting, comments
  * remove unnecessary me? to expose possible bugs

* Fix missing dependency for useZap

This didn't cause any bugs because useWallet returns everything we need on first render.

This caused a bug with E2EE device sync branch though since there the wallet is loaded async.

This meant that during payment, the wallet config was undefined.

* Assume JSON during encryption and decryption

* Fix stale value from cache served on next fetches

* Add wallet.perDevice field

This adds 'perDevice' as a new wallet field to force local storage. For example, WebLN should not be synced across devices.

* Remove debug buttons

* Rename userVault -> vault

* Update console.log's

* revert some of the migration and key handling changes. restore debug buttons for testing

* Fix existing wallets not loaded

* Pass in localOnly and generate localStorageKey once

* Small refactor of migration

* Fix wallet drag and drop

* Add passphrase copy button

* Fix priorityOnly -> skipTests

* Disable autocompletion for reset confirmation prompt

* Show wrong passphrase as input error

* Move code into components/device-sync.js

* Import/export passphrase via QR code

* Fix modal back button invisible in light mode

* Fix modal closed even on connect error

* Use me-2 for cancel/close button

* Some rephrasing

* Fix wallet detach

* Remove debug buttons

* Fix QR code scan in dark mode

* Don't allow custom passphrases

* More rephrasing

* Only use schema if not enabled

* Fix typo in comment

* Replace 'generate passphrase' button with reload icon

* Add comment about IV reuse in GCM

* Use 600k iterations as recommended by OWASP

* Set extractable to false where not needed

* use-vault fallbacks to local storage only for anonymous users

* fix localStorage reset on logout

* add copy button

* move reset out of modals

* hide server side errors

* hardened passphrase storage

* do not show passphrase even if hardened storage is disabled (ie. indexeddb not supported)

* show qr code button on passphrase creation

* use toast for serverside error

* Move key (de)serialization burden to get/setLocalKey functions

* password textarea and remove qr

* don't print plaintext vault values into console

---------

Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: k00b <k00b@stacker.news>
2024-10-01 14:55:01 -05:00
Keyan 76218dccac
batch zap requests (#1424) 2024-09-24 09:38:48 -05:00
k00b 59d5fd60f2 wider top boost on rewards page 2024-09-20 10:46:07 -05:00
Keyan 5f0494de30
rethinking boost (#1408)
* reuse boost for jobs

* wip

* allow job stopping

* restore upvote.js

* expire boost

* boost beyond edit window

* fix boost bolt styling

* rank comments with boost

* no random sort for jobs

* top boost for month at top of territory

* boost hints

* more boost help

* squash migrations

* for same boost, prioritize older

* show ad only if active

* fix itemCreate/Update boost expiration jobs

* fix fee button precedence
2024-09-19 13:13:14 -05:00
ekzyis dcbe83f155
Add wss:// to user relays by default (#1412) 2024-09-18 15:42:48 -05:00
ekzyis 5088673b84
Fix margin on row overflow (#1411) 2024-09-18 11:18:08 -05:00
ekzyis be7ea41d03
Always set Secure for multi auth cookies in prod (#1404) 2024-09-13 13:00:16 -05:00
ekzyis a32d1f2177
Use X-Forwarded-Proto to detect scheme (#1403) 2024-09-13 12:27:52 -05:00
ekzyis 8a4e67e9f0
Anon edits (#1393)
* Rename vars around edit permission

* Allow anon edits with hash+hmac

* Fix missing time zone for invoice.confirmedAt of comments

* Fix missing invoice update on item update

---------

Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
2024-09-13 10:11:19 -05:00
ekzyis a6713f9793
Account Switching (#644)
* WIP: Account switching

* Fix empty USER query

ANON_USER_ID was undefined and thus the query for @anon had no variables.

* Apply multiAuthMiddleware in /api/graphql

* Fix 'you must be logged in' query error on switch to anon

* Add smart 'switch account' button

"smart" means that it only shows if there are accounts to which one can switch

* Fix multiAuth not set in backend

* Comment fixes, minor changes

* Use fw-bold instead of 'selected'

* Close dropdown and offcanvas

Inside a dropdown, we can rely on autoClose but need to wrap the buttons with <Dropdown.Item> for that to work.

For the offcanvas, we need to pass down handleClose.

* Use button to add account

* Some pages require hard reload on account switch

* Reinit settings form on account switch

* Also don't refetch WalletHistory

* Formatting

* Use width: fit-content for standalone SignUpButton

* Remove unused className

* Use fw-bold and text-underline on selected

* Fix inconsistent padding of login buttons

* Fix duplicate redirect from /settings on anon switch

* Never throw during refetch

* Throw errors which extend GraphQLError

* Only use meAnonSats if logged out

* Use reactive variable for meAnonSats

The previous commit broke the UI update after anon zaps because we actually updated item.meSats in the cache and not item.meAnonSats.

Updating item.meAnonSats was not possible because it's a local field. For that, one needs to use reactive variables.

We do this now and thus also don't need the useEffect hack in item-info.js anymore.

* Switch to new user

* Fix missing cleanup during logout

If we logged in but never switched to any other account, the 'multi_auth.user-id' cookie was not set.

This meant that during logout, the other 'multi_auth.*' cookies were not deleted.

This broke the account switch modal.

This is fixed by setting the 'multi_auth.user-id' cookie on login.

Additionally, we now cleanup if cookie pointer OR session is set (instead of only if both are set).

* Fix comments in middleware

* Remove unnecessary effect dependencies

setState is stable and thus only noise in effect dependencies

* Show but disable unavailable auth methods

* make signup button consistent with others

* Always reload page on switch

* refine account switch styling

* logout barrier

---------

Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: k00b <k00b@stacker.news>
2024-09-12 13:05:11 -05:00
ekzyis 0bf9fb0780
Fix layout shift between setting tabs (#1390) 2024-09-11 11:14:56 -05:00
ekzyis ec5241ad29
Enable WebLN wallet on 'webln:enabled' (#1385)
* Enable WebLN wallet on 'webln:enabled'

* Optimistically use WebLN for login with lightning

* Don't scope WebLN config to user

* Rename var to wallet
2024-09-10 11:13:39 -05:00
ekzyis 2ad2cabb03
Remove overused fw-bold from infos (#1377) 2024-09-08 16:53:13 -05:00
Keyan 15b038cd78
refactor embeds to be reused (#1368)
* refactor embeds to be reused

* adjust the meaning of settings for embeds

* add wavlake embed (close #1359)

* add spotify embed (closes #1360)

* fix 'format' appearing in srcSet

* add nostr embed

* refine nostr embed

* Update components/media-or-link.js

Co-authored-by: ekzyis <ek@stacker.news>

* Update pages/settings/index.js

Co-authored-by: ekzyis <ek@stacker.news>

* ek suggestions

---------

Co-authored-by: ekzyis <ek@stacker.news>
2024-09-07 12:07:10 -05:00
ekzyis f05b29717a
Fix grammar in autodelete invoices info (#1371) 2024-09-07 10:01:27 -05:00
ekzyis 54f8a61483
Random CSS fixes (#1370)
* Fix missing margin-left for invoice status in /satistics

* Fix margin-bottom not applied in invoice info

* Only apply margin-left if there is something left
2024-09-07 10:01:00 -05:00
Keyan 07b98c3253
Optout of display of images and video (show them as links) (#1358)
* optout of display of images/video

* fix disableFreebies warning in settings

* preview trusted images

Co-authored-by: ekzyis <ek@stacker.news>

---------

Co-authored-by: ekzyis <ek@stacker.news>
2024-09-04 09:23:06 -05:00
ekzyis d9024ff837
Reinitialize wallet form if initial values change + fix readOnly hydration error (#1354)
* Reinitialize wallet form if initial values change

This fixes that enabled is not set on first render if only recv is configured

* Remove unnecessary old usage of ClientCheckbox

This isn't needed even without enableReinitialize since for send, enabled is correctly set on first render.

It was needed in the past when we were still validating wallets before enabling them on first page load but now, we simply load the configuration from localStorage which is immediately available on the client.

* Fix readOnly hydration error

* Replace repetitive isMounted logic with useIsClient hook
2024-09-03 09:15:04 -05:00
ekzyis 2503a3cb6a
Update wallet security banner (#1338)
* fix condition
* update text
2024-08-27 17:16:41 -05:00
Keyan 266e9a892d
Improve freebies (#1333)
* remove free posts

* deleted and freebie comments are always last
2024-08-26 19:23:07 -05:00
Keyan bc94ec7d28
disable freebies setting (#1320)
* disable freebies setting

* await in disableFreebie resolver + better info modal
2024-08-21 09:37:25 -05:00
Tom 4fd23a3694
Add Random link and basic query (#1306)
* Add Random link and basic query

* Use random

* refine random sort query

* make vote threshold higher

---------

Co-authored-by: k00b <k00b@stacker.news>
2024-08-20 16:50:55 -05:00
k00b 3608d133d7 remove redundant info help text from wallets 2024-08-18 15:20:31 -05:00
ekzyis 4000522773
Fix WebLN checkbox unclickable (#1299)
Checkbox was unclickable because wallet.isConfigured is false if wallet.config was null.
2024-08-14 14:29:24 -05:00
k00b ddb32e0bb7 fix null initial values for wallet forms 2024-08-14 13:22:17 -05:00
k00b 11ac605cd9 fix clicking on p2p in satistics 2024-08-14 12:59:27 -05:00
Keyan cc289089cf
not-custodial zap beta (#1178)
* not-custodial zap scaffolding

* invoice forward state machine

* small refinements to state machine

* make wrap invoice work

* get state machine working end to end

* untested logic layout for paidAction invoice wraps

* perform pessimisitic actions before outgoing payment

* working end to end

* remove unneeded params from wallets/server/createInvoice

* fix cltv relative/absolute confusion + cancelling forwards

* small refinements

* add p2p wrap info to paidAction docs

* fallback to SN invoice when wrap fails

* fix paidAction retry description

* consistent naming scheme for state machine

* refinements

* have sn pay bounded outbound fee

* remove debug logging

* reenable lnc permissions checks

* don't p2p zap on item forward splits

* make createInvoice params json encodeable

* direct -> p2p badge on notifications

* allow no tls in dev for core lightning

* fix autowithdraw to create invoice with msats

* fix autowithdraw msats/sats inconsitency

* label p2p zaps properly in satistics

* add fees to autowithdrawal notifications

* add RETRYING as terminal paid action state

* Update api/paidAction/README.md

Co-authored-by: ekzyis <ek@stacker.news>

* Update api/paidAction/README.md

Co-authored-by: ekzyis <ek@stacker.news>

* Update api/lnd/index.js

Co-authored-by: ekzyis <ek@stacker.news>

* ek suggestions

* add bugetable to nwc card

* get paranoid with numbers

* better finalize retries and better max timeout height

* refine forward failure transitions

* more accurate satistics p2p status

* make sure paidaction cancel in state machine only

* dont drop bolt11s unless status is not null

* only allow PENDING_HELD to transition to FORWARDING

* add mermaid state machine diagrams to paid action doc

* fix cancel transition name

* cleanup readme

* move forwarding outside of transition

* refine testServerConnect and make sure ensureB64 transforms

* remove unused params from testServerConnect

---------

Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: k00b <k00b@stacker.news>
2024-08-13 09:48:30 -05:00
ekzyis ae73b0c19f
Support receiving via LNbits (#1278)
* Support receiving with LNbits

* Remove hardcoded LNbits url on server

* Fix saveConfig ignoring save errors

* saveConfig was meant to only ignore validation errors, not save errors
* on server save errors, we redirected as if save was successful
* this is now fixed with a promise chain
* logging payments vs receivals was also moved to correct place

* Fix enabled falsely disabled on SSR

If a wallet was configured for payments but not for receivals and you refreshed the configuration form, enabled was disabled even though payments were enabled.

This was the case since we don't know during SSR if it's enabled since this information is stored on the client.

* Fix missing 'receivals disabled' log message

* Move 'wallet detached for payments' log message

* Fix stale walletId during detach

If page was reloaded, walletId in clearConfig was stale since callback dependency was missing.

* Add missing callback dependencies for saveConfig

* Verify that invoiceKey != adminKey

* Verify LNbits keys are hex-encoded

* Fix local config polluted with server data

* Fix creation of duplicate wallets

* Remove unused dependency

* Fix missing error message in logs

* Fix setPriority

* Rename: localConfig -> clientConfig

* Add description to LNbits autowithdrawals

* Rename: receivals -> receives

* Use try/catch instead of promise chain in saveConfig

* add connect label to lnbits for no url found for lnbits

* Fix adminKey not saved

* Remove hardcoded LNbits url on server again

* Add LNbits ATTACH.md

* Delete old docs to attach LNbits with polar

* Add missing callback dependencies

* Set editable: false

* Only set readOnly if field is configured

---------

Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
2024-08-12 17:23:39 -05:00
Keyan c5f043c625
replace greeter mode with investment filter (#1291)
* replace greeter mode with investment filter

* change name to satsFilter

* drop freebie column

---------

Co-authored-by: k00b <k00b@stacker.news>
2024-08-11 18:47:03 -05:00
ekzyis 288fa37197
Only validate tipRandom if enabled (#1284)
* Only validate tipRandom if enabled

* Use consistent naming scheme for zap settings

---------

Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
2024-08-03 19:51:15 -05:00
keyan 5d0e071939 better random zaps 2024-08-03 19:37:43 -05:00
ekzyis 0c3337fb97
More zap undo fixes IV (#1282)
* Add margin-top to zap undo input

* Update zap undo hint

* Fix zap undo pulse not reflecting zap amount
2024-08-02 17:41:47 -05:00
SatsAllDay dc0370ba17
random zap amounts (#1263)
* add random zapping support

adds an option to enable random zap amounts per stacker

configurable in settings, you can enable this feature and provide
an upper and lower range of your random zap amount

* rename github eslint check to lint

this has been bothering me since we aren't using eslint for linting

* fixup! add random zapping support

* fixup! rename github eslint check to lint

* fixup! fixup! add random zapping support

---------

Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
2024-07-26 22:37:03 -05:00
ekzyis 628a0466fd
Use validation for WebLN wallet (#1277)
* remove available prop
* 'enabled' checkbox is now always enabled but uses validation
* CheckboxGroup was missing to show error message
2024-07-24 10:08:09 -05:00
ekzyis d3ca87a78b
Add WebLN for sending payments (#1274)
* Add WebLN for sending payments

* attach docs for alby

---------

Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2024-07-23 13:23:48 -05:00
Keyan c20a954cfc
This day on ... automated post (#1273)
* add this day posting job

* put in proper timezone

* make sure we're in central timezone

* schedule thisDay job
2024-07-23 10:35:15 -05:00