* add poll expires at column to Item table
* update upsertPoll mutation for pollExpiresAt param
* use pollExpiresAt to show time left for poll
* correctly pluralize days for timeLeft
* correctly update pollExpiresAt when item is updated to remove poll expiration
* add DateTimePicker and DateTimeInput components to select datetimes
* update pollExpiresAt to be nullable and more than 1 day in the future
* hide time left text if poll has no expiration
* initialize pollExpiresAt with current value or default of 25 hours in the future
we add a one hour time buffer so that the user doesn't get a validation error
for pollExpiresAt if they post their poll within an hour from creation. there's
still a chance they'll hit the validation error but they should see the error
message toast
* add DateTimeInput into the options part of the poll form
add right padding to make room for the "clear" button.
allow field to be cleared (i.e. null pollExpiresAt) to allow
non-ending polls.
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
* Use toast flows
"Toast flows" are a group of toasts that should be shown after each other.
Before this commit, they were implemented by manually removing previous toasts in the same flow.
Now a flowId can be passed and ToastProvider will make sure that there always only exists one toast with the same flowId.
This is different to toast tags since tags don't replace toasts with the same tag, they only are shown "above" them.
* Create wrapper for toast flows
* Fix passing of bolt11 for QR payments
* Fix missing provider check
* Only cancel invoice if hash and hmac were given
* Fix duplicate toast on error
* Fix relay might not be set yet when sendPayment is called
* auto canceling bolt11s from lnd when auto dropped from DB
* auto canceling bolt11s from lnd when auto dropped from DB
* removed semicolon for lint
* changed cancleHodlInvoic to deletePayment function
* updated code to account for failed LND deletes
* linter fixes
* updated to only remove hashes and bolt11's from model when successfully deleted from LND
* updated to revert unsuccessful deletes from LND and add those values back into the db
* linter fix and renaming for clarity
* updated WITH query
* added if statement to account for invoices not returning from db
* fixed linter
* reverted docker-compose.yml
* made it dry
* made it dry
* added a comment because the query might be confusing
* made query moar dry
* Query formatting
* Fix query returns number of rows instead of rows
* updated to
* fixed linter
* removed lnbits dir
* removed gitignore and docker-compose.yml from pr
* added deleting from LND in wallet resolver
* linter + added missing import
* fixed merge conflict
* refine invoice deletion
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
* Validate pubkey, relay URL and secret of NWC URL
* Fix NWC secret regexp
* Use sequential validation in Yup schema
* Add note about possible mismatch between hostnames and pubkeys
* Remove unused param
* add subViewGroup function to create view to read sub stats from
* add topSubs resolver to graphql query
* add TOP_SUBS query fragment
* add SUB_SORTS for top territory sorting
* add custom cache policy for topSubs
* add territories to top header select
* add top territories page
* add db views for sub stats
* configure sub_stats views to refresh by worker
* filter rows with empty subName
* update msats_spent calculation to include all ItemAct in sub
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
* Basic CSP with unsafe-inline, unsafe-eval
* Allow 'self' for img-src and connect-src
Apparently, there is a bug for Chrome on iOS if connect-src does not allow 'self'.
See known issues at https://caniuse.com/contentsecuritypolicy
* Use nonces for strict CSP
* More CSP comments
* Add frame-ancestors directive
* Add more useful headers
* Add HSTS header
* Allow youtube and twitter embeds
For some reason, www.youtube.com is enough. It also works for youtube.com and youtube-nocookie.com.
For twitter embeds from twitter.com or x.com, platform.twitter.com is enough.
* Allow CDN and media domain in CSP
* Only allow unsafe-eval in dev build
* Ignore _next/webpack-hmr in middleware
* Fix local prod builds assuming CDN
Prod builds assumed that we're running in an AWS environment and use a CDN. This commit changes that.
Now, if the AWS way to fetch the commit failed _and_ the normal git command fails and only if, we assume we're running the prod build locally and don't configure the CDN.
* Fix path to app_version_manifest.json
Was autoformatted by linter. Probably before I added eslint-next-disable-line above.
* add nsfw column to sub
* add nsfw boolean to territorySchema
* save nsfw value in upsertSub mutation
* return nsfw value from Sub query for correct value in edit territory form
* add nsfw checkbox to territory form
* add nsfw badge to territory header
* add nsfwMode to user
* show nsfw badge next to item territory
* exclude nsfw sub from items query
* show nsfw mode checkbox on settings page
* fix nsfw badge formatting
* separate user from current, signed in user
* update relationClause to join with sub table
* refactor to simplify hide nsfw sql
* filter nsfw items when viewing user items
* hide nsfw posts for logged out users
* filter nsfw subs based on user preference
* show nsfw sub name if logged out user is viewing the page
* show current sub at the top of the list instead of bottom
* always join item with sub to check nsfw
* check for sub presence before showing nsfw badge on item
* skip manually adding sub to select if sub is null
* fix relationClause to join with root item
* move moderation and nsfw into accordion
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
* Refactor setting of default providers
* fixed warning about component update while rendering another component
* individual providers no longer need to know if they are the default or not
* default setting is now handled by WebLNContext -- the same context that returns the provider. this makes a lot more sense and is a lot easier to read
* default payment checkbox is now also disabled if there is only one enabled provider or if it is the default provider
* Fix order lost on page reload
On page reload, the providers were synced in the order they were loaded.
This means that the default payment provider setting was lost.
Fixed this by syncing order to local storage and on page reload, only syncing providers when they were initialized (else the order would have been lost again).
Almost every stacker was below 50 MB per day (except one stacker at one day).
Since storage is cheap, we can allow 50 MB per day for free; especially since UX around image fees suck.
* Add LNbits card
* Save LNbits Provider in WebLN context
* Check LNbits connection on save
* refactor: put LNbitsProvider into own file
* Pay invoices using WebLN provider from context
* Remove deprecated FIXME
* Try WebLN provider first
* Fix unhandled promise rejection
* Fix this in sendPayment
* Be optimistic regarding WebLN zaps
This wraps the WebLN payment promise with Apollo cache updates.
We will be optimistics and assume that the payment will succeed and update the cache accordingly.
When we notice that the payment failed, we undo this update.
* Bold strike on WebLN zap
If lightning strike animation is disabled, toaster will be used.
* Rename undo variable to amount
* Fix zap undo
* Add NWC card
* Attempt to check NWC connection using info event
* Fix NaN on zap
Third argument of update is reserved for context
* Fix TypeError in catch of QR code
* Add basic NWC payments
* Wrap LNbits getInfo with try/catch
* EOSE is enough to check NWC connection
* refactor: Wrap WebLN providers into own context
I should have done this earlier
* Show red indicator on error
* Fix useEffect return value
* Fix wrong usage of pubkey
The event pubkey is derived from the secret. Doesn't make sense to manually set it. It's also the wrong pubkey: we're not the wallet service.
* Use p tag in NWC request
* Add comment about required filter field
* Aesthetic changes to NWC sendPayment
* Add TODO about receipt verification
* Fix WebLN attempted again after error
* Fix undefined name
* Add code to mock NWC relay
* Revert "Bold strike on WebLN zap"
This reverts commit a9eb27daec0cd2ef30b56294b05e0056fb5b4184.
* Fix update undo
* Fix lightning strike before payment
* WIP: Wrap WebLN payments with toasts
* add toasts for pending, error, success
* while pending, invoice can be canceled
* there are still some race conditions between payiny the invoice / error on payment and invoice cancellation
* Fix invoice poll using stale value from cache
* Remove unnecessary if
* Make sure that pay_invoice is declared as supported
* Check if WebLN provider is enabled before calling sendPayment
* Fix bad retry
If WebLN payments failed due to insufficient balances, the promise resolved and thus the action was retried but failed immediately since the invoice (still) wasn't paid.
* Fix cache undo update
* Fix no cache update after QR payment
* refactor: Use fragments to undo cache updates
* Remove console.log
* Small changes to NWC relay mocking
* Return SendPaymentResponse
See https://www.webln.guide/building-lightning-apps/webln-reference/webln.sendpayment
* Also undo cache update on retry failure
* Disable NWC mocking
* Fix initialValue not set
But following warning is now shown in console:
"""
Warning: A component is changing a controlled input to be uncontrolled.
This is likely caused by the value changing from a defined to undefined, which should not happen.
Decide between using a controlled or uncontrolled input element for the lifetime of the component. More info: https://reactjs.org/link/controlled-components
"""
* Remove comment since only relevant for blastr (mutiny relay)
* Remove TODO
* Fix duplicate cache update
* Fix QR modal not closed after payment
* Ignore lnbits variable unused
* Use single relay connection for all NWC events
* Fix missing timer and subscription cleanup
* Remove TODO
Confirmed that nostr-tools verifies events and filters for us.
See https://github.com/nbd-wtf/nostr-tools/blob/master/abstract-relay.ts#L161
* Fix switch from controlled to uncontrolled input
* Show 'configure' on error
* Use budgetable instead of async
* Remove EOSE listener
Only nostr.mutinywallet.com didn't respond with info events due to implementation-specific reasons. This is no longer the case.
* Use invoice expiry for NWC timeout
I don't think there was a specific reason why I used 60 seconds initially.
* Validate LNbits config on save
* Validate NWC config on save
* Also show unattach if configuration is invalid
If unattach is only shown if configuration is valid, resetting the configuration is not possible while it's invalid. So we're stuck with a red wallet indicator.
* Fix detection of WebLN payment
It depended on a Apollo cache update function being available. But that is not the case for every WebLN payment.
* Fix formik bag lost
* Use payment instead of zap in toast
* autoscale capture svc by response time
* docs and changes for testing lnbits locally
* Rename configJSON to config
Naming of config object was inconsistent with saveConfig function which was annoying.
Also fixed other inconsistencies between LNbits and NWC provider.
* Allow setting of default payment provider
* Update TODO comment about provider priority
The list 'paymentMethods' is not used yet but is already implemented for future iterations.
* Add wallet security disclaimer
* Update labels
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>