LBRYCommunity/wallet-sync-server
1
0
Fork 0
Code Issues 11 Pull requests Projects Releases 2 Packages Wiki Activity
154 commits 1 branch 4 tags 437 KiB
Commit graph

154 commits

This branch
This branch
All branches
Author SHA1 Message Date
Daniel Krol
6c9b9d07b2 Pass root password directly to SDK again. 
Related to this: https://github.com/lbryio/wallet-sync-server/issues/4

Passing in a KDF output messes with the existing CLI UI for wallet locking. Also the SDK has its own encryption from password, may as well use it.
 2022-08-09 10:16:48 -04:00
Daniel Krol
165bcf1964 scrypt inputs to consts, and fmt 2022-08-04 20:26:01 -04:00
Daniel Krol
f5650e8d96 Hosting configs FOR DEV ONLY to let lbry.id work out of the box again 2022-08-01 11:46:06 -04:00
Daniel Krol
1e37b0e7b1 Add mailgun env vars 2022-07-31 19:23:21 -04:00
Daniel Krol
510dfe2b96 Integration test (sort of) for account verify 2022-07-31 16:43:36 -04:00
Daniel Krol
f60e5659b6 Don't update verify tokens if the account is already verified 2022-07-31 14:13:30 -04:00
Daniel Krol
39144aa3c0 Comment assumptions on store functions 2022-07-31 13:54:40 -04:00
Daniel Krol
aa1361a5fa Human-friendly output for verify account endpoint 2022-07-31 12:59:46 -04:00
Daniel Krol
ea3b04eff6 store.VerifyToken 2022-07-31 12:42:03 -04:00
Daniel Krol
2dd3019b08 store.UpdateVerifyTokenString 2022-07-31 12:26:03 -04:00
Daniel Krol
eabfa9d54c No password change for unverified accounts 2022-07-30 23:09:33 -04:00
Daniel Krol
4a205bbda7 GetUserId - Return error if account unverified 2022-07-30 15:06:27 -04:00
Daniel Krol
dee2882fe9 Verify token db fields, CreateAccount changes 2022-07-30 14:24:33 -04:00
Daniel Krol
3b44a55f5a Connect the latest handlers to endpoints. 2022-07-29 20:53:28 -04:00
Daniel Krol
5ffcddf8f7 Endpoint to re-send verify token string 2022-07-29 20:49:00 -04:00
Daniel Krol
c8620f7c8c Comment 2022-07-29 20:34:47 -04:00
Daniel Krol
19396e9797 Make error message more accurate. Rename test. 2022-07-29 15:52:23 -04:00
Daniel Krol
e6f5628a94 Note for when getting auth token fails 2022-07-29 14:34:54 -04:00
Daniel Krol
4ecf8538be log.Printf istead fmt.Printf to be uniform 2022-07-29 13:43:27 -04:00
Daniel Krol
be0e022c92 Check/log email configs on startup. 2022-07-29 13:42:25 -04:00
Daniel Krol
f2ba31d972 Warning for self-hosting users 2022-07-29 13:38:26 -04:00
Daniel Krol
0948e95932 Forgot the mail package 2022-07-29 09:42:12 -04:00
Daniel Krol
fcbab29d06 Test make new verify token 2022-07-29 09:14:25 -04:00
Daniel Krol
6672175a25 Server test/implement send verify-account email 2022-07-27 19:45:09 -04:00
Daniel Krol
f15875c4a6 Verify account endpoint 2022-07-26 16:36:57 -04:00
Daniel Krol
0c6964df0e Oops delete way outdated comment 2022-07-26 12:48:44 -04:00
Daniel Krol
2f4ffd752c Temporarily fix integration tests for email verify 
Require email verify. As of now we don't have the "verified" bit in the storage layer so it passes. Once we put that in, we'll have to go back and add a call to the verification endpoint.
 2022-07-26 11:21:55 -04:00
Daniel Krol
aee351a2b1 Don't allow password change for unverified accounts 
Mainly because wallet change is tied up in it
 2022-07-26 11:18:43 -04:00
Daniel Krol
5985631410 Don't hand out auth tokens if they're not verified 2022-07-26 10:53:31 -04:00
Daniel Krol
55db62e2f9 Register endpoint handles "verified" status 
Based on the verification mode specified in env. The db doesn't do anything with it yet.
 2022-07-26 10:16:44 -04:00
Daniel Krol
832778ffd1 env: rename things, export type 2022-07-25 18:02:25 -04:00
Daniel Krol
f792ba5846 env package provides config values 2022-07-24 16:03:37 -04:00
Daniel Krol
ade526f4f9 Create environmental var package 2022-07-23 19:03:51 -04:00
Daniel Krol
36659ef720 More unique metric name; comment 2022-07-23 16:47:18 -04:00
Daniel Krol
41b14dad44 Prometheus - track wallet requests 2022-07-22 19:49:30 -04:00
Daniel Krol
3ff36f169c Add prometheus packages 2022-07-22 19:29:08 -04:00
Daniel Krol
4f8a648cc4 Notes for auditor. 2022-07-22 16:37:27 -04:00
Daniel Krol
aefda1245b Make emails case insensitive (for now). 
Prevents duplicate accounts. Also allows case insensitive search (user id, salt seed, etc) while still having an index. This is done by storing normalized as a separate field from originally formated (which we'll use for sending emails, etc).
 2022-07-22 16:29:03 -04:00
Daniel Krol
f10cc8aa26 Salt Seed, used to generate secrets on client 2022-07-21 19:10:16 -04:00
Daniel Krol
23f9d45ed5 More useful 404, particularly for API version change 2022-07-21 15:14:21 -04:00
Daniel Krol
4430013bae KDF for server password. Save salt in DB. 2022-07-14 22:04:03 -04:00
Daniel Krol
dbfdff167b Confirm scrypt parameters; remove comment 2022-07-13 06:44:42 -04:00
Daniel Krol
ed8b22363e Hosting instructions 2022-07-11 22:25:43 -04:00
Daniel Krol
55686cb7b5 Change module name to new repo account 2022-07-11 22:14:53 -04:00
Daniel Krol
7833015f56 Clear up what ErrNoWallet means 2022-07-11 10:41:18 -04:00
Daniel Krol
2e0eb736f9 Remove outdated comment 2022-07-11 09:51:22 -04:00
Daniel Krol
aa7dd09816 Remove old comment 2022-07-11 09:46:45 -04:00
Daniel Krol
6646e9a4f9 validate() functions return error messages 2022-07-11 09:42:08 -04:00
Daniel Krol
18e30bd6b1 Outdated comment; version is now in endpoint path 2022-07-08 13:17:44 -04:00
Daniel Krol
f9e3013e64 Test client: Don't allow password change if there are pending local wallet changes. 
This is in line with:

https://github.com/orblivion/lbry-wallet-sync-draft/blob/master/spec/user-flows.md#push-local-password-change

This is the only rule we have to go out of our way to implement, and it's for UI simplicity, and/or to keep the hierarchy consistent. The rest of the rules you see there sort of automatically get enforced with the existing guardrails.
 2022-07-08 12:55:57 -04:00