Commit Graph

1129 Commits

Author SHA1 Message Date
ekzyis b9461b7eb3
Allow zapping, posting and commenting without funds or an account (#336)
* Add anon zaps

* Add anon comments and posts (link, discussion, poll)

* Use payment hash instead of invoice id as proof of payment

Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.

Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.

* Allow pay per invoice for stackers

The modal which pops up if the stacker does not have enough sats now has two options: "fund wallet" and "pay invoice"

* Fix onSuccess called twice

For some reason, when calling `showModal`, `useMemo` in modal.js and the code for the modal component (here: <Invoice>) is called twice.

This leads to the `onSuccess` callback being called twice and one failing since the first one deletes the invoice.

* Keep invoice modal open if focus is lost

* Skip anon user during trust calculation

* Add error handling

* Skip 'invoice not found' errors

* Remove duplicate insufficient funds handling

* Fix insufficient funds error detection

* Fix invoice amount for comments

* Allow pay per invoice for bounty and job posts

* Also strike on payment after short press

* Fix unexpected token 'export'

* Fix eslint

* Remove unused id param

* Fix comment copy-paste error

* Rename to useInvoiceable

* Fix unexpected token 'export'

* Fix onConfirmation called at every render

* Add invoice HMAC

This prevents entities which know the invoice hash (like all LN nodes on the payment path) from using the invoice hash on SN.

Only the user which created the invoice knows the HMAC and thus can use the invoice hash.

* make anon posting less hidden, add anon info button explainer

* Fix anon users can't zap other anon users

* Always show repeat and contacts on action error

* Keep track of modal stack

* give anon an icon

* add generic date pivot helper

* make anon user's invoices expire in 5 minutes

* fix forgotten find and replace

* use datePivot more places

* add sat amounts to invoices

* reduce anon invoice expiration to 3 minutes

* don't abbreviate

* Fix [object Object] as error message

Any errors thrown here are already objects of shape { message: string }

* Fix empty invoice creation attempts

I stumbled across this while checking if anons can edit their items.

I monkey patched the code to make it possible (so they can see the 'edit' button) and tried to edit an item but I got this error:

  Variable "$amount" of required type "Int!" was not provided.

I fixed this even though this function should never be called without an amount anyway. It will return a sane error in that case now.

* anon func mods, e.g. inv limits

* anon tips should be denormalized

* remove redundant meTotalSats

* correct overlay zap text for anon

* exclude anon from trust graph before algo runs

* remove balance limit on anon

* give anon a bio and remove cowboy hat/top stackers;

* make anon hat appear on profile

* concat hash and hmac and call it a token

* Fix localStorage cleared because error were swallowed

* fix qr layout shift

* restyle fund error modal

* Catch invoice errors in fund error modal

* invoice check backoff

* anon info typo

* make invoice expiration times have saner defaults

* add comma to anon info

* use builtin copy input label

---------

Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-11 18:50:57 -05:00
ekzyis 41463d7183
Set IMGPROXY_MAX_SRC_RESOLUTION to 200 (#389)
Co-authored-by: ekzyis <ek@stacker.news>
2023-08-10 12:17:33 -05:00
keyan 248e0c1c13 rewards: rm negative log range and lowest trust step = 1 2023-08-10 12:15:01 -05:00
keyan e913ab71ad more even rewards 2023-08-09 22:27:03 -05:00
SatsAllDay d5f7855adf
Debounce API requests on edit nym by 500ms (#387)
Support an optional debounce prop on Input component

If provided, the debounce is applied to the validation of the containing form,
imperatively invoking form validation after debounce is finalized

Also required introducing the `validateOnChange` prop on `Form` which gets passed to `Formik`, and defaults to true, just as it does in `Formik`.

Imperatively invoking form validation seemed to be the only way to debounce the validation call through formik.
2023-08-09 17:06:22 -05:00
keyan 0fb1bf7095 fix git dubious ownership error in dev docker setup 2023-08-09 10:25:34 -05:00
keyan b92f63ca88 fix remaining misuses of plural units 2023-08-08 17:15:30 -05:00
keyan da78d244ef handle when navigator controller isn't present 2023-08-08 16:55:53 -05:00
keyan 3cfeede46a handle all singular units appropriately 2023-08-08 16:47:27 -05:00
SatsAllDay 9941bc6519
render "reply" or "replies", "comment" or "comments" depending on the count (singular or plural) (#382)
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
2023-08-08 16:07:00 -05:00
SatsAllDay 6e05cd38f9
Singular/Plural "Sats" labels (#380)
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-08 16:04:06 -05:00
ekzyis 67a0de3ea5
Notifications with nostr info (#368)
* Show zap message and pubkey in notifications

+ show zap request event in invoice view

* enhance ui

---------

Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-08 13:19:31 -05:00
ekzyis 4094adfa4f
Remove markdown from body in push notifications (#374)
Co-authored-by: ekzyis <ek@stacker.news>
2023-08-07 20:03:50 -05:00
ekzyis e3c60d1ef8
Sync push subscriptions on every page load (#370)
Most browsers don't support the pushsubscriptionchange event.

We workaround this by saving the current push subscription in IndexedDB so we can check during every page load if the push subscription changed.

If that is the case, we manually sync the push subscription with the server.

However, this solution is not perfect as mentioned in https://medium.com/@madridserginho/how-to-handle-webpush-api-pushsubscriptionchange-event-in-modern-browsers-6e47840d756f which was used for reference:

> This solution is not perfect, the user could lose some push notifications if he doesn’t open the webapp for a long time.

Co-authored-by: ekzyis <ek@stacker.news>
2023-08-07 20:03:34 -05:00
ekzyis 49867f5dd5
Make web push & imgproxy setup optional for local dev (#373)
* Make web push setup optional for local dev

* Make imgproxy setup optional for local dev

---------

Co-authored-by: ekzyis <ek@stacker.news>
2023-08-07 19:53:21 -05:00
ekzyis 7369bd819d
Add nostr login (#367)
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-07 19:50:01 -05:00
kevkevin 4586fd7f70
Eslint setup and github action (#360) 2023-08-07 18:43:15 -05:00
keyan 7967891e99 validate service worker on every request 2023-08-07 16:36:02 -05:00
keyan a3b668587d fix top cowboys 2023-08-07 16:26:15 -05:00
keyan 1b1463d2d9 add twitter oauth v1 migrations 2023-08-07 15:07:45 -05:00
keyan ffb856ae88 fix oauth signup 2023-08-07 15:05:55 -05:00
keyan 138deafffc use node v18 in docker 2023-08-07 13:19:11 -05:00
keyan 3333cc86a2 inline dark mode script 2023-08-07 12:06:58 -05:00
keyan 0867f3ff1c only outline eldest new comment ... unset on touch 2023-08-07 09:29:47 -05:00
keyan d661c70f16 more noticable new comment indicator 2023-08-06 14:31:24 -05:00
keyan c606510930 update pwa blacks 2023-08-06 14:26:08 -05:00
keyan 1efc17fcc2 subtle highlight of new comments 2023-08-06 14:18:40 -05:00
keyan ea1e31c6ee prevent horizontal layout shift on new comments 2023-08-06 13:21:38 -05:00
keyan ebfff4677f fix top header/stat order on back/forward nav 2023-08-06 13:13:32 -05:00
keyan 90f4d41fc8 remove list jitter by initially preferring ssr 2023-08-06 13:04:25 -05:00
keyan eeaf6e10e5 reduce rerenders in notifications 2023-08-06 10:47:58 -05:00
keyan e4aaaac20f don't use cache for SSR 2023-08-05 14:46:29 -05:00
keyan b9fdbde520 fix back button render jitter 2023-08-05 12:56:03 -05:00
keyan d9dd4bc05b prevent scroll to comment on rerender 2023-08-05 12:13:15 -05:00
keyan aea8948c45 dark-mode needs to block block 2023-08-04 20:45:12 -05:00
keyan 8d8e2859dd fix dark mode 2023-08-04 19:21:51 -05:00
keyan 23257d8c63 fix notifications glitchiness 2023-08-04 12:08:16 -05:00
keyan 42234eae9b highlight notification on back button 2023-08-03 19:14:04 -05:00
keyan 4e41f67e87 fix notification url replacement 2023-08-03 18:04:43 -05:00
keyan 8a5cd32be6 don't use next's script tag 2023-08-03 17:49:56 -05:00
keyan 94e975033c fix fee button receipt background color 2023-08-03 15:13:07 -05:00
keyan 0ab9119739 improve notifications UX: highlight reply and distinguish new notifications 2023-08-03 14:56:59 -05:00
keyan 7596b0302a improve click to context behavior and add ssrForceFetchDelay to apollo 2023-08-03 13:13:49 -05:00
keyan c088a379d7 add lb based scaling health check 2023-08-02 21:33:53 -05:00
keyan 8f52d63569 try upgrading next to canary? 2023-08-02 20:32:56 -05:00
keyan 394b898bd8 downgrade next 13.4.11 due to buggy child processes 2023-08-02 19:44:26 -05:00
keyan 4bf0c46efc npm dedupe 2023-08-02 17:56:43 -05:00
keyan 087e43ae8f make sudo preserve env on build 2023-08-02 16:59:23 -05:00
keyan 98c3632f58 su webapp on deploy 2023-08-02 15:51:09 -05:00
keyan 16e882a1ce upgrade back to node 18 2023-08-02 15:51:01 -05:00