Commit Graph

344 Commits

Author SHA1 Message Date
ekzyis b9461b7eb3
Allow zapping, posting and commenting without funds or an account (#336)
* Add anon zaps

* Add anon comments and posts (link, discussion, poll)

* Use payment hash instead of invoice id as proof of payment

Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.

Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.

* Allow pay per invoice for stackers

The modal which pops up if the stacker does not have enough sats now has two options: "fund wallet" and "pay invoice"

* Fix onSuccess called twice

For some reason, when calling `showModal`, `useMemo` in modal.js and the code for the modal component (here: <Invoice>) is called twice.

This leads to the `onSuccess` callback being called twice and one failing since the first one deletes the invoice.

* Keep invoice modal open if focus is lost

* Skip anon user during trust calculation

* Add error handling

* Skip 'invoice not found' errors

* Remove duplicate insufficient funds handling

* Fix insufficient funds error detection

* Fix invoice amount for comments

* Allow pay per invoice for bounty and job posts

* Also strike on payment after short press

* Fix unexpected token 'export'

* Fix eslint

* Remove unused id param

* Fix comment copy-paste error

* Rename to useInvoiceable

* Fix unexpected token 'export'

* Fix onConfirmation called at every render

* Add invoice HMAC

This prevents entities which know the invoice hash (like all LN nodes on the payment path) from using the invoice hash on SN.

Only the user which created the invoice knows the HMAC and thus can use the invoice hash.

* make anon posting less hidden, add anon info button explainer

* Fix anon users can't zap other anon users

* Always show repeat and contacts on action error

* Keep track of modal stack

* give anon an icon

* add generic date pivot helper

* make anon user's invoices expire in 5 minutes

* fix forgotten find and replace

* use datePivot more places

* add sat amounts to invoices

* reduce anon invoice expiration to 3 minutes

* don't abbreviate

* Fix [object Object] as error message

Any errors thrown here are already objects of shape { message: string }

* Fix empty invoice creation attempts

I stumbled across this while checking if anons can edit their items.

I monkey patched the code to make it possible (so they can see the 'edit' button) and tried to edit an item but I got this error:

  Variable "$amount" of required type "Int!" was not provided.

I fixed this even though this function should never be called without an amount anyway. It will return a sane error in that case now.

* anon func mods, e.g. inv limits

* anon tips should be denormalized

* remove redundant meTotalSats

* correct overlay zap text for anon

* exclude anon from trust graph before algo runs

* remove balance limit on anon

* give anon a bio and remove cowboy hat/top stackers;

* make anon hat appear on profile

* concat hash and hmac and call it a token

* Fix localStorage cleared because error were swallowed

* fix qr layout shift

* restyle fund error modal

* Catch invoice errors in fund error modal

* invoice check backoff

* anon info typo

* make invoice expiration times have saner defaults

* add comma to anon info

* use builtin copy input label

---------

Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-11 18:50:57 -05:00
keyan b92f63ca88 fix remaining misuses of plural units 2023-08-08 17:15:30 -05:00
SatsAllDay 6e05cd38f9
Singular/Plural "Sats" labels (#380)
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-08 16:04:06 -05:00
ekzyis 7369bd819d
Add nostr login (#367)
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-07 19:50:01 -05:00
keyan ffb856ae88 fix oauth signup 2023-08-07 15:05:55 -05:00
keyan 3333cc86a2 inline dark mode script 2023-08-07 12:06:58 -05:00
keyan c606510930 update pwa blacks 2023-08-06 14:26:08 -05:00
keyan eeaf6e10e5 reduce rerenders in notifications 2023-08-06 10:47:58 -05:00
keyan e4aaaac20f don't use cache for SSR 2023-08-05 14:46:29 -05:00
keyan aea8948c45 dark-mode needs to block block 2023-08-04 20:45:12 -05:00
keyan 8d8e2859dd fix dark mode 2023-08-04 19:21:51 -05:00
keyan 23257d8c63 fix notifications glitchiness 2023-08-04 12:08:16 -05:00
keyan 8a5cd32be6 don't use next's script tag 2023-08-03 17:49:56 -05:00
keyan 0ab9119739 improve notifications UX: highlight reply and distinguish new notifications 2023-08-03 14:56:59 -05:00
keyan b1b8f9de56 implement our own nprogress bar 2023-08-01 21:06:15 -05:00
keyan a426c8b539 fix 404 problem 2023-08-01 12:45:46 -05:00
keyan c7e2623461 increase apollo slowlog threshold 2023-07-31 16:02:50 -05:00
keyan e1c51075a2 fix conditional nextFetchPolicy overriding cache-only on SSR and suppress time hydration warnings 2023-07-31 14:54:30 -05:00
keyan b550f80b9f make invoices/withdrawals clickable in satistics 2023-07-31 13:00:01 -05:00
keyan 10e8cb35df fix import on invites 2023-07-31 09:11:22 -05:00
keyan d2216e80da conform to linter 2023-07-31 08:39:10 -05:00
keyan c909efb7b7 update wallet code to prisma 5, handle prisma 5 errors on serialization 2023-07-31 08:31:40 -05:00
keyan 42bdd40f91 show errors on settings during auth linking 2023-07-30 15:39:18 -05:00
keyan 63a4a7acad fix settings hydration error 2023-07-30 14:38:50 -05:00
keyan d04dc691df provide jwt migration 2023-07-30 14:03:24 -05:00
keyan 5232b59625 upgrade to next-auth 4 (bonus: improve error pages) 2023-07-29 14:38:20 -05:00
keyan 688d67a0d6 improve service worker asset precaching and offline page 2023-07-28 10:57:12 -05:00
keyan 7542dd6cc4 upgrade to prisma 4 2023-07-26 19:18:42 -05:00
keyan 672853a7ea upgrade to prisma 3 2023-07-26 11:01:31 -05:00
keyan 8ab018af88 fix nested comment sorting 2023-07-25 19:45:35 -05:00
keyan 98552c853c fix back button behavior on select navigation 2023-07-25 15:29:45 -05:00
keyan 4bfd021342 enhance styling 2023-07-25 13:32:48 -05:00
keyan ab2046ab0b fix issues with new linting 2023-07-25 09:14:45 -05:00
keyan dae9c64e96 more package updates 2023-07-24 19:50:55 -05:00
keyan e87610c45b update packages and reduce bundle size 2023-07-24 17:50:12 -05:00
keyan 356f7e072c 50% reduction in bundle size by being careful with big imports 2023-07-24 16:06:26 -05:00
keyan 6407455def upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
keyan 59f7b6ff26 Revert "Revert "shield your eyes; massive, squashed refactor; nextjs/react/react-dom/apollo upgrades""
This reverts commit 18910fa2ed.
2023-07-23 10:08:43 -05:00
keyan 18910fa2ed Revert "shield your eyes; massive, squashed refactor; nextjs/react/react-dom/apollo upgrades"
This reverts commit d0314ab73c.
2023-07-23 09:16:12 -05:00
keyan d0314ab73c shield your eyes; massive, squashed refactor; nextjs/react/react-dom/apollo upgrades 2023-07-21 17:33:11 -05:00
keyan 0ff4da1a4f fix empty signup page 2023-07-11 10:21:46 -05:00
keyan 93afd4ea9a fix credentials login/signup/link bug 2023-07-10 19:20:38 -05:00
keyan efa3172f15 top stackers sorted stat to front 2023-07-10 12:59:21 -05:00
keyan 27833c9888 attempt to fix auth linking regression 2023-07-10 12:18:17 -05:00
keyan e8aa0a4dae users? => stackers? 2023-07-09 12:53:50 -05:00
keyan 0c67808e44 make reward timer dst sensitive 2023-07-07 14:44:12 -05:00
ekzyis 3c3a97fb8e
Fix reward countdown for other time zones (#347)
Co-authored-by: ekzyis <ek@stacker.news>
2023-07-06 20:55:18 -05:00
keyan 0c51309520 enhance pwa presentation 2023-07-06 16:53:48 -05:00
keyan ec9a424bf4 reward countdown in footer 2023-07-06 12:43:51 -05:00
keyan 09d7e960cc back to lightning animation 2023-07-05 09:47:44 -05:00