Commit Graph

110 Commits

Author SHA1 Message Date
keyan 68f298fc21 add simple badge to ad 2023-08-16 14:39:01 -05:00
ekzyis b9461b7eb3
Allow zapping, posting and commenting without funds or an account (#336)
* Add anon zaps

* Add anon comments and posts (link, discussion, poll)

* Use payment hash instead of invoice id as proof of payment

Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.

Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.

* Allow pay per invoice for stackers

The modal which pops up if the stacker does not have enough sats now has two options: "fund wallet" and "pay invoice"

* Fix onSuccess called twice

For some reason, when calling `showModal`, `useMemo` in modal.js and the code for the modal component (here: <Invoice>) is called twice.

This leads to the `onSuccess` callback being called twice and one failing since the first one deletes the invoice.

* Keep invoice modal open if focus is lost

* Skip anon user during trust calculation

* Add error handling

* Skip 'invoice not found' errors

* Remove duplicate insufficient funds handling

* Fix insufficient funds error detection

* Fix invoice amount for comments

* Allow pay per invoice for bounty and job posts

* Also strike on payment after short press

* Fix unexpected token 'export'

* Fix eslint

* Remove unused id param

* Fix comment copy-paste error

* Rename to useInvoiceable

* Fix unexpected token 'export'

* Fix onConfirmation called at every render

* Add invoice HMAC

This prevents entities which know the invoice hash (like all LN nodes on the payment path) from using the invoice hash on SN.

Only the user which created the invoice knows the HMAC and thus can use the invoice hash.

* make anon posting less hidden, add anon info button explainer

* Fix anon users can't zap other anon users

* Always show repeat and contacts on action error

* Keep track of modal stack

* give anon an icon

* add generic date pivot helper

* make anon user's invoices expire in 5 minutes

* fix forgotten find and replace

* use datePivot more places

* add sat amounts to invoices

* reduce anon invoice expiration to 3 minutes

* don't abbreviate

* Fix [object Object] as error message

Any errors thrown here are already objects of shape { message: string }

* Fix empty invoice creation attempts

I stumbled across this while checking if anons can edit their items.

I monkey patched the code to make it possible (so they can see the 'edit' button) and tried to edit an item but I got this error:

  Variable "$amount" of required type "Int!" was not provided.

I fixed this even though this function should never be called without an amount anyway. It will return a sane error in that case now.

* anon func mods, e.g. inv limits

* anon tips should be denormalized

* remove redundant meTotalSats

* correct overlay zap text for anon

* exclude anon from trust graph before algo runs

* remove balance limit on anon

* give anon a bio and remove cowboy hat/top stackers;

* make anon hat appear on profile

* concat hash and hmac and call it a token

* Fix localStorage cleared because error were swallowed

* fix qr layout shift

* restyle fund error modal

* Catch invoice errors in fund error modal

* invoice check backoff

* anon info typo

* make invoice expiration times have saner defaults

* add comma to anon info

* use builtin copy input label

---------

Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-11 18:50:57 -05:00
SatsAllDay 6e05cd38f9
Singular/Plural "Sats" labels (#380)
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-08 16:04:06 -05:00
ekzyis 67a0de3ea5
Notifications with nostr info (#368)
* Show zap message and pubkey in notifications

+ show zap request event in invoice view

* enhance ui

---------

Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-08 13:19:31 -05:00
keyan ffb856ae88 fix oauth signup 2023-08-07 15:05:55 -05:00
keyan 1efc17fcc2 subtle highlight of new comments 2023-08-06 14:18:40 -05:00
keyan e4aaaac20f don't use cache for SSR 2023-08-05 14:46:29 -05:00
keyan 23257d8c63 fix notifications glitchiness 2023-08-04 12:08:16 -05:00
keyan 7596b0302a improve click to context behavior and add ssrForceFetchDelay to apollo 2023-08-03 13:13:49 -05:00
keyan e1c51075a2 fix conditional nextFetchPolicy overriding cache-only on SSR and suppress time hydration warnings 2023-07-31 14:54:30 -05:00
keyan 5232b59625 upgrade to next-auth 4 (bonus: improve error pages) 2023-07-29 14:38:20 -05:00
keyan 7542dd6cc4 upgrade to prisma 4 2023-07-26 19:18:42 -05:00
keyan 9c93e4f89e remove marginal sort types 2023-07-25 20:05:12 -05:00
keyan 8ab018af88 fix nested comment sorting 2023-07-25 19:45:35 -05:00
keyan 98552c853c fix back button behavior on select navigation 2023-07-25 15:29:45 -05:00
keyan e09ea310cd fix mdast library conflict 2023-07-25 13:59:07 -05:00
keyan 4bfd021342 enhance styling 2023-07-25 13:32:48 -05:00
keyan ab2046ab0b fix issues with new linting 2023-07-25 09:14:45 -05:00
keyan 041b711c21 fix mdast find and replace imports 2023-07-24 20:03:56 -05:00
keyan e87610c45b update packages and reduce bundle size 2023-07-24 17:50:12 -05:00
keyan 59f7b6ff26 Revert "Revert "shield your eyes; massive, squashed refactor; nextjs/react/react-dom/apollo upgrades""
This reverts commit 18910fa2ed.
2023-07-23 10:08:43 -05:00
keyan 18910fa2ed Revert "shield your eyes; massive, squashed refactor; nextjs/react/react-dom/apollo upgrades"
This reverts commit d0314ab73c.
2023-07-23 09:16:12 -05:00
keyan d0314ab73c shield your eyes; massive, squashed refactor; nextjs/react/react-dom/apollo upgrades 2023-07-21 17:33:11 -05:00
keyan 3c711b6083 enhance image detection and proxy 2023-07-13 15:18:04 -05:00
Jo Wo bf4b8714fe
Render images without markdown and use image proxy (#245)
* Parse image links during markdown rendering

* Use imgproxy to replace links

* Add healthcheck

See https://docs.imgproxy.net/healthcheck

* Enable WebP and animation support

* Only replace image URLs

* Replace all occurrences

* Fix creating posts with no text

* Embed image on link posts where link is image

---------

Co-authored-by: ekzyis <ek@stacker.news>
2023-07-12 19:10:01 -05:00
keyan e8aa0a4dae users? => stackers? 2023-07-09 12:53:50 -05:00
ekzyis 388e00dd04
Service worker rework, Web Target Share API & Web Push API (#324)
* npm uninstall next-pwa

next-pwa was last updated in August 2022.
There is also an issue which mentions that next-pwa is abandoned (?): https://github.com/shadowwalker/next-pwa/issues/482

But the main reason for me uninstalling it is that it adds a lot of preconfigured stuff which is not necessary for us.
It even lead to a bug since pages were cached without our knowledge.

So I will go with a different PWA approach. This different approach should do the following:
- make it more transparent what the service worker is doing
- gives us more control to configure the service worker and thus making it easier

* Use workbox-webpack-plugin

Every other plugin (`next-offline`, `next-workbox-webpack-plugin`, `next-with-workbox`, ...) added unnecessary configuration which felt contrary to how PWAs should be built.
(PWAs should progressivly enhance the website in small steps, see https://web.dev/learn/pwa/getting-started/#focus-on-a-feature)

These default configurations even lead to worse UX since they made invalid assumptions about stacker.news:
We _do not_ want to cache our start url and we _do not_ want to cache anything unless explicitly told to.
Almost every page on SN should be fresh for the best UX.

To achieve this, by default, the service worker falls back to the network (as if the service worker wasn't there).

Therefore, this should be the simplest configuration with a valid precache and cache busting support.

In the future, we can try to use prefetching to improve performance of navigation requests.

* Add support for Web Share Target API

See https://developer.chrome.com/articles/web-share-target/

* Use Web Push API for push notifications

I followed this (very good!) guide: https://web.dev/notifications/

* Refactor code related to Web Push

* Send push notification to users on events

* Merge notifications

* Send notification to author of every parent recursively

* Remove unused userId param in savePushSubscription

As it should be, the user id is retrieved from the authenticated user in the backend.

* Resubscribe user if push subscription changed

* Update old subscription if oldEndpoint was given

* Allow users to unsubscribe

* Use LTREE operator instead of recursive query

* Always show checkbox for push notifications

* Justify checkbox to end

* Update title of first push notification

* Fix warning from uncontrolled to controlled

* Add comment about Notification.requestPermission

* Fix timestamp

* Catch error on push subscription toggle

* Wrap function bodies in try/catch

* Use Promise.allSettled

* Filter subscriptions by user notification settings

* Fix user notification filter

* Use skipWaiting

---------

Co-authored-by: ekzyis <ek@stacker.news>
2023-07-04 14:36:07 -05:00
keyan 03e0646560 ~meta sub 2023-06-20 11:27:41 -05:00
ekzyis 876b3e0fdd
Use <atom:author> in RSS feeds (#312)
Co-authored-by: ekzyis <ek@stacker.news>
2023-06-12 12:41:52 -05:00
ekzyis b890215b98
Tech sub (#311)
* Add tech sub

* Fix line break in RSS popover

---------

Co-authored-by: ekzyis <ek@stacker.news>
2023-06-12 12:41:22 -05:00
ekzyis f05f3deb17 Fix ensureProtocol not trimming whitespace 2023-05-21 12:48:30 -05:00
keyan e946f3c434 prevent selection from causing clicks on clickToContext 2023-05-18 13:36:01 -05:00
keyan df1f1a483a require sub selection, allow editting 2023-05-10 19:30:51 -05:00
keyan 2ee780ec7a prevent external subdomain redirect 2023-05-07 10:02:23 -05:00
keyan 8830b8ee9c slight mods to open redirect fix 2023-05-07 08:34:08 -05:00
keyan 833b31980e add jobs rss and style footer popovers consistently 2023-05-04 16:41:56 -05:00
keyan 5e6e6a18e6 a little cleanup on new rss feeds 2023-05-04 15:05:07 -05:00
ekzyis 0d347c7221 Use guid var 2023-05-04 13:43:40 -05:00
ekzyis d98421d9cd Add RSS feeds for ~bitcoin and ~nostr 2023-05-04 13:43:40 -05:00
ekzyis 7b838cdeb2
Implement bookmarking of posts and comments (#235) 2023-02-16 16:23:59 -06:00
keyan f258d6da1c fix poll validation 2023-02-12 06:23:40 -06:00
keyan 0d0940069a update nostr pubkey to be nullable 2023-02-10 16:09:26 -06:00
keyan 97f74da0fd top cowboys 2023-02-09 12:41:28 -06:00
keyan 74df0db035 client side error boundary 2023-02-08 17:59:14 -06:00
keyan 4cae1ae230 reuse validation on server 2023-02-08 13:39:53 -06:00
keyan 10ff3fa1c3 delete 2023-01-13 11:52:18 -06:00
keyan 15c76aa134 recognize all youtube links 2023-01-11 14:58:52 -06:00
Keyan 10e5257375
Merge branch 'master' into 190-strip-tracking-info 2023-01-11 12:17:25 -06:00
keyan 2d012ba7fe allow nip05 for users 2023-01-06 18:53:29 -06:00
keyan 2080cb896d lexical beta test url 2023-01-05 13:24:09 -06:00