Commit Graph

21 Commits

Author SHA1 Message Date
rleed 45bad1219e
Fix link to profile matching current URL, not profile (#395)
* break out profile menu and remove top-level href

* group the bio hint with the menu

* rebase/merge

---------

Co-authored-by: rleed <rleed1@pm.me>
2023-08-15 12:54:24 -05:00
ekzyis b9461b7eb3
Allow zapping, posting and commenting without funds or an account (#336)
* Add anon zaps

* Add anon comments and posts (link, discussion, poll)

* Use payment hash instead of invoice id as proof of payment

Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.

Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.

* Allow pay per invoice for stackers

The modal which pops up if the stacker does not have enough sats now has two options: "fund wallet" and "pay invoice"

* Fix onSuccess called twice

For some reason, when calling `showModal`, `useMemo` in modal.js and the code for the modal component (here: <Invoice>) is called twice.

This leads to the `onSuccess` callback being called twice and one failing since the first one deletes the invoice.

* Keep invoice modal open if focus is lost

* Skip anon user during trust calculation

* Add error handling

* Skip 'invoice not found' errors

* Remove duplicate insufficient funds handling

* Fix insufficient funds error detection

* Fix invoice amount for comments

* Allow pay per invoice for bounty and job posts

* Also strike on payment after short press

* Fix unexpected token 'export'

* Fix eslint

* Remove unused id param

* Fix comment copy-paste error

* Rename to useInvoiceable

* Fix unexpected token 'export'

* Fix onConfirmation called at every render

* Add invoice HMAC

This prevents entities which know the invoice hash (like all LN nodes on the payment path) from using the invoice hash on SN.

Only the user which created the invoice knows the HMAC and thus can use the invoice hash.

* make anon posting less hidden, add anon info button explainer

* Fix anon users can't zap other anon users

* Always show repeat and contacts on action error

* Keep track of modal stack

* give anon an icon

* add generic date pivot helper

* make anon user's invoices expire in 5 minutes

* fix forgotten find and replace

* use datePivot more places

* add sat amounts to invoices

* reduce anon invoice expiration to 3 minutes

* don't abbreviate

* Fix [object Object] as error message

Any errors thrown here are already objects of shape { message: string }

* Fix empty invoice creation attempts

I stumbled across this while checking if anons can edit their items.

I monkey patched the code to make it possible (so they can see the 'edit' button) and tried to edit an item but I got this error:

  Variable "$amount" of required type "Int!" was not provided.

I fixed this even though this function should never be called without an amount anyway. It will return a sane error in that case now.

* anon func mods, e.g. inv limits

* anon tips should be denormalized

* remove redundant meTotalSats

* correct overlay zap text for anon

* exclude anon from trust graph before algo runs

* remove balance limit on anon

* give anon a bio and remove cowboy hat/top stackers;

* make anon hat appear on profile

* concat hash and hmac and call it a token

* Fix localStorage cleared because error were swallowed

* fix qr layout shift

* restyle fund error modal

* Catch invoice errors in fund error modal

* invoice check backoff

* anon info typo

* make invoice expiration times have saner defaults

* add comma to anon info

* use builtin copy input label

---------

Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-11 18:50:57 -05:00
keyan 8d8e2859dd fix dark mode 2023-08-04 19:21:51 -05:00
keyan 6407455def upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
keyan d4988694c8 make room in header to pwa back button 2023-06-01 19:34:26 -05:00
keyan a241d683d8 nostr sub 2023-05-01 15:58:30 -05:00
keyan c2685a659e sign up buttons 2023-01-09 18:33:44 -06:00
keyan 9abc41b7b2 image uploading backend 2022-05-12 13:44:21 -05:00
keyan e2409efbaf indicate to user when there are new jobs 2022-05-09 13:01:23 -05:00
keyan 74b191837e refine reply-only notifications 2022-04-21 12:48:27 -05:00
keyan 291eab6ada move notifications to icon 2022-04-19 16:37:05 -05:00
keyan a7a72f0d2d improve navbar on mobile 2022-03-08 14:51:06 -06:00
keyan 1a3fdda382 new bolt 2021-12-05 11:37:55 -06:00
keyan dd97710d71 many small design enhancements 2021-11-12 16:39:52 -06:00
keyan 8e7dc9c7c3 prevent login button navbar shift 2021-11-11 16:25:12 -06:00
keyan 749b49c313 preload font, only show header items when they're done loading 2021-11-11 16:14:42 -06:00
keyan a3544fb67f dark mode with css variables instead 2021-11-09 16:43:56 -06:00
keyan 782dc78652 speed hack notification query 2021-10-06 20:20:59 -07:00
keyan d2c84dbacc navbar layout 2021-04-28 11:30:02 -05:00
keyan ec3f6b922d a bunch of new stuff 2021-04-22 17:14:32 -05:00
keyan 9acde2df1c a bunch of increments 2021-04-12 13:05:09 -05:00