userAdityaa/caravel
1
1
Fork 0
forked from coracle/caravel
Code Pull Requests Activity

fix: manual Lightning payment reconciliation with Stripe invoice state (#54)

Browse Source 
Reviewed-on: coracle/caravel#54
Co-authored-by: userAdityaa <aditya.chaudhary1558@gmail.com>
Co-committed-by: userAdityaa <aditya.chaudhary1558@gmail.com>
This commit is contained in:
Aditya Chaudhary
2026-05-01 23:38:57 +00:00
parent 29f657635c
commit f23ba5ee00
15 changed files with 321 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/.env.template
+1
View File
@@ -28,5 +28,6 @@ LIVEKIT_API_SECRET=
# Billing # Billing
NWC_URL= # Nostr Wallet Connect URL for generating Lightning invoices NWC_URL= # Nostr Wallet Connect URL for generating Lightning invoices
ENCRYPTION_SECRET= # Nostr secret key (hex or nsec) used for NIP-44 encryption of tenant nwc_url at rest
STRIPE_SECRET_KEY= # Required Stripe API secret key (sk_...) STRIPE_SECRET_KEY= # Required Stripe API secret key (sk_...)
STRIPE_WEBHOOK_SECRET=whsec_test_00000000000000000000000000 # Webhook signing secret (use real value in production) STRIPE_WEBHOOK_SECRET=whsec_test_00000000000000000000000000 # Webhook signing secret (use real value in production)
backend/README.md
+24 -23
View File
@@ -30,29 +30,30 @@ backend/
Environment variables: Environment variables:
| Variable | Description | Default | | Variable | Description | Default |
| ------------------------ | ----------------------------------------------------------------------- | ------------------------------------ | | ------------------------ | --------------------------------------------------------------------------------------- | ---------------------------------------- |
| `DATABASE_URL` | SQLite URL. Relative paths are resolved under `backend/`. | `sqlite://<backend>/data/caravel.db` | | `DATABASE_URL` | SQLite URL. Relative paths are resolved under `backend/`. | `sqlite://<backend>/data/caravel.db` |
| `HOST` | API bind host (also used for NIP-98 `u` host check) | `127.0.0.1` | | `HOST` | API bind host (also used for NIP-98 `u` host check) | `127.0.0.1` |
| `PORT` | API bind port | `2892` | | `PORT` | API bind port | `2892` |
| `ADMINS` | Comma-separated admin pubkeys (hex) | _optional_ | | `ADMINS` | Comma-separated admin pubkeys (hex) | _optional_ |
| `ALLOW_ORIGINS` | Comma-separated CORS origins. If empty, CORS is permissive. | _optional_ | | `ALLOW_ORIGINS` | Comma-separated CORS origins. If empty, CORS is permissive. | _optional_ |
| `ZOOID_API_URL` | Zooid API base URL used by infra worker | _required for infra sync_ | | `ZOOID_API_URL` | Zooid API base URL used by infra worker | _required for infra sync_ |
| `ZOOID_API_SECRET` | Nostr secret key used for authentication of requests to the zooid API | _required_ | | `ZOOID_API_SECRET` | Nostr secret key used for authentication of requests to the zooid API | _required_ |
| `RELAY_DOMAIN` | Base domain appended to relay subdomains | empty | | `RELAY_DOMAIN` | Base domain appended to relay subdomains | empty |
| `LIVEKIT_URL` | LiveKit URL sent to zooid when relay livekit is enabled | _optional_ | | `LIVEKIT_URL` | LiveKit URL sent to zooid when relay livekit is enabled | _optional_ |
| `LIVEKIT_API_KEY` | LiveKit API key sent to zooid | _optional_ | | `LIVEKIT_API_KEY` | LiveKit API key sent to zooid | _optional_ |
| `LIVEKIT_API_SECRET` | LiveKit API secret sent to zooid | _optional_ | | `LIVEKIT_API_SECRET` | LiveKit API secret sent to zooid | _optional_ |
| `NWC_URL` | Platform NWC URL used to generate BOLT11 invoices | _required for invoice generation_ | | `NWC_URL` | Platform NWC URL used to generate BOLT11 invoices | _required for invoice generation_ |
| `STRIPE_SECRET_KEY` | Stripe API secret key used for billing API operations | _required_ | | `ENCRYPTION_SECRET` | Nostr secret key (hex or `nsec`) used for NIP-44 encryption of tenant `nwc_url` at rest | _required when tenant `nwc_url` is used_ |
| `STRIPE_WEBHOOK_SECRET` | Stripe webhook signing secret used to verify `Stripe-Signature` headers | _required_ | | `STRIPE_SECRET_KEY` | Stripe API secret key used for billing API operations | _required_ |
| `ROBOT_SECRET` | Robot Nostr secret key | _required_ | | `STRIPE_WEBHOOK_SECRET` | Stripe webhook signing secret used to verify `Stripe-Signature` headers | _required_ |
| `ROBOT_NAME` | Robot display name (kind `0`) | _optional_ | | `ROBOT_SECRET` | Robot Nostr secret key | _required_ |
| `ROBOT_DESCRIPTION` | Robot description (kind `0`) | _optional_ | | `ROBOT_NAME` | Robot display name (kind `0`) | _optional_ |
| `ROBOT_PICTURE` | Robot picture URL (kind `0`) | _optional_ | | `ROBOT_DESCRIPTION` | Robot description (kind `0`) | _optional_ |
| `ROBOT_OUTBOX_RELAYS` | Comma-separated relays published as kind `10002` | _required_ | | `ROBOT_PICTURE` | Robot picture URL (kind `0`) | _optional_ |
| `ROBOT_INDEXER_RELAYS` | Comma-separated relays used for recipient relay discovery | _required_ | | `ROBOT_OUTBOX_RELAYS` | Comma-separated relays published as kind `10002` | _required_ |
| `ROBOT_MESSAGING_RELAYS` | Comma-separated relays published as kind `10050` | _required_ | | `ROBOT_INDEXER_RELAYS` | Comma-separated relays used for recipient relay discovery | _required_ |
| `ROBOT_MESSAGING_RELAYS` | Comma-separated relays published as kind `10050` | _required_ |
Relay list env vars are comma-separated and trimmed. If a relay has no `ws://` or `wss://` scheme, `wss://` is prepended. Relay list env vars are comma-separated and trimmed. If a relay has no `ws://` or `wss://` scheme, `wss://` is prepended.
backend/migrations/0004_invoice_manual_lightning_payment.sql
+11
View File
@@ -0,0 +1,11 @@
CREATE TABLE IF NOT EXISTS invoice_manual_lightning_payment (
invoice_id TEXT PRIMARY KEY,
tenant_pubkey TEXT NOT NULL,
bolt11 TEXT NOT NULL,
created_at INTEGER NOT NULL,
updated_at INTEGER NOT NULL,
FOREIGN KEY (tenant_pubkey) REFERENCES tenant(pubkey)
);
CREATE INDEX IF NOT EXISTS idx_invoice_manual_lightning_payment_tenant_pubkey
ON invoice_manual_lightning_payment (tenant_pubkey);
backend/src/api.rs
+53 -7
View File
@@ -445,6 +445,17 @@ struct IdentityResponse {
is_admin: bool, is_admin: bool,
} }
#[derive(Serialize)]
struct TenantResponse {
pubkey: String,
nwc_configured: bool,
nwc_error: Option<String>,
created_at: i64,
stripe_customer_id: String,
stripe_subscription_id: Option<String>,
past_due_at: Option<i64>,
}
#[derive(Deserialize)] #[derive(Deserialize)]
struct CreateRelayRequest { struct CreateRelayRequest {
tenant: String, tenant: String,
@@ -486,7 +497,7 @@ async fn list_tenants(
state.api.require_admin(&pubkey)?; state.api.require_admin(&pubkey)?;
match state.api.query.list_tenants().await { match state.api.query.list_tenants().await {
Ok(tenants) => Ok(ok(StatusCode::OK, tenants)), Ok(tenants) => Ok(ok(StatusCode::OK, scrub_tenants_for_response(tenants))),
Err(e) => Ok(err( Err(e) => Ok(err(
StatusCode::INTERNAL_SERVER_ERROR, StatusCode::INTERNAL_SERVER_ERROR,
"internal", "internal",
@@ -515,7 +526,7 @@ async fn create_tenant(
let pubkey = state.api.extract_auth_pubkey(&headers)?; let pubkey = state.api.extract_auth_pubkey(&headers)?;
match state.api.query.get_tenant(&pubkey).await { match state.api.query.get_tenant(&pubkey).await {
Ok(Some(t)) => Ok(ok(StatusCode::OK, t)), Ok(Some(t)) => Ok(ok(StatusCode::OK, scrub_tenant_for_response(t))),
Ok(None) => { Ok(None) => {
let stripe_customer_id = match state.api.billing.stripe_create_customer(&pubkey).await { let stripe_customer_id = match state.api.billing.stripe_create_customer(&pubkey).await {
Ok(id) => id, Ok(id) => id,
@@ -539,10 +550,10 @@ async fn create_tenant(
}; };
match state.api.command.create_tenant(&tenant).await { match state.api.command.create_tenant(&tenant).await {
Ok(()) => Ok(ok(StatusCode::OK, tenant)), Ok(()) => Ok(ok(StatusCode::OK, scrub_tenant_for_response(tenant))),
Err(e) if matches!(map_unique_error(&e), Some("pubkey-exists")) => { Err(e) if matches!(map_unique_error(&e), Some("pubkey-exists")) => {
match state.api.query.get_tenant(&pubkey).await { match state.api.query.get_tenant(&pubkey).await {
Ok(Some(t)) => Ok(ok(StatusCode::OK, t)), Ok(Some(t)) => Ok(ok(StatusCode::OK, scrub_tenant_for_response(t))),
Ok(None) => Ok(err( Ok(None) => Ok(err(
StatusCode::INTERNAL_SERVER_ERROR, StatusCode::INTERNAL_SERVER_ERROR,
"internal", "internal",
@@ -585,7 +596,7 @@ async fn get_tenant(
let auth = state.api.extract_auth_pubkey(&headers)?; let auth = state.api.extract_auth_pubkey(&headers)?;
state.api.require_admin_or_tenant(&auth, &pubkey)?; state.api.require_admin_or_tenant(&auth, &pubkey)?;
let tenant = state.api.get_tenant_or_404(&pubkey).await?; let tenant = state.api.get_tenant_or_404(&pubkey).await?;
Ok(ok(StatusCode::OK, tenant)) Ok(ok(StatusCode::OK, scrub_tenant_for_response(tenant)))
} }
async fn list_relays( async fn list_relays(
@@ -1009,6 +1020,13 @@ async fn get_invoice(
.map_err(map_invoice_lookup_error)?; .map_err(map_invoice_lookup_error)?;
state.api.require_admin_or_tenant(&auth, &tenant.pubkey)?; state.api.require_admin_or_tenant(&auth, &tenant.pubkey)?;
let invoice = state
.api
.billing
.reconcile_manual_lightning_invoice(&id, &invoice)
.await
.map_err(map_invoice_lookup_error)?;
Ok(ok(StatusCode::OK, invoice)) Ok(ok(StatusCode::OK, invoice))
} }
@@ -1026,6 +1044,13 @@ async fn get_invoice_bolt11(
.map_err(map_invoice_lookup_error)?; .map_err(map_invoice_lookup_error)?;
state.api.require_admin_or_tenant(&auth, &tenant.pubkey)?; state.api.require_admin_or_tenant(&auth, &tenant.pubkey)?;
let invoice = state
.api
.billing
.reconcile_manual_lightning_invoice(&id, &invoice)
.await
.map_err(map_invoice_lookup_error)?;
let status = invoice["status"].as_str().unwrap_or_default(); let status = invoice["status"].as_str().unwrap_or_default();
if status != "open" { if status != "open" {
return Ok(err( return Ok(err(
@@ -1038,7 +1063,12 @@ async fn get_invoice_bolt11(
let amount_due = invoice["amount_due"].as_i64().unwrap_or(0); let amount_due = invoice["amount_due"].as_i64().unwrap_or(0);
let currency = invoice["currency"].as_str().unwrap_or("usd"); let currency = invoice["currency"].as_str().unwrap_or("usd");
match state.api.billing.create_bolt11(amount_due, currency).await { match state
.api
.billing
.get_or_create_manual_lightning_bolt11(&id, &tenant.pubkey, amount_due, currency)
.await
{
Ok(bolt11) => Ok(ok(StatusCode::OK, serde_json::json!({ "bolt11": bolt11 }))), Ok(bolt11) => Ok(ok(StatusCode::OK, serde_json::json!({ "bolt11": bolt11 }))),
Err(e) => Ok(err( Err(e) => Ok(err(
StatusCode::INTERNAL_SERVER_ERROR, StatusCode::INTERNAL_SERVER_ERROR,
@@ -1103,7 +1133,7 @@ async fn update_tenant(
} }
}); });
} }
Ok(ok(StatusCode::OK, tenant)) Ok(ok(StatusCode::OK, scrub_tenant_for_response(tenant)))
} }
Err(e) => Ok(err( Err(e) => Ok(err(
StatusCode::INTERNAL_SERVER_ERROR, StatusCode::INTERNAL_SERVER_ERROR,
@@ -1112,3 +1142,19 @@ async fn update_tenant(
)), )),
} }
} }
fn scrub_tenant_for_response(tenant: Tenant) -> TenantResponse {
TenantResponse {
pubkey: tenant.pubkey,
nwc_configured: !tenant.nwc_url.is_empty(),
nwc_error: tenant.nwc_error,
created_at: tenant.created_at,
stripe_customer_id: tenant.stripe_customer_id,
stripe_subscription_id: tenant.stripe_subscription_id,
past_due_at: tenant.past_due_at,
}
}
fn scrub_tenants_for_response(tenants: Vec<Tenant>) -> Vec<TenantResponse> {
tenants.into_iter().map(scrub_tenant_for_response).collect()
}
backend/src/billing.rs
+119 -5
View File
@@ -1,7 +1,8 @@
use anyhow::{Result, anyhow}; use anyhow::{Result, anyhow};
use hmac::{Hmac, Mac}; use hmac::{Hmac, Mac};
use nwc::prelude::{ use nwc::prelude::{
MakeInvoiceRequest, NWC, NostrWalletConnectURI, PayInvoiceRequest as NwcPayInvoiceRequest, LookupInvoiceRequest, LookupInvoiceResponse, MakeInvoiceRequest, NWC, NostrWalletConnectURI,
PayInvoiceRequest as NwcPayInvoiceRequest, TransactionState,
}; };
use sha2::Sha256; use sha2::Sha256;
@@ -150,7 +151,11 @@ impl Billing {
return Ok(()); return Ok(());
} }
tracing::info!(source, relay_count = relays.len(), "reconciling relay billing state"); tracing::info!(
source,
relay_count = relays.len(),
"reconciling relay billing state"
);
for relay in relays { for relay in relays {
if let Err(error) = self.sync_relay_subscription_for_relay(&relay).await { if let Err(error) = self.sync_relay_subscription_for_relay(&relay).await {
@@ -718,6 +723,50 @@ impl Billing {
Ok((invoice, tenant)) Ok((invoice, tenant))
} }
pub async fn reconcile_manual_lightning_invoice(
&self,
invoice_id: &str,
invoice: &serde_json::Value,
) -> std::result::Result<serde_json::Value, InvoiceLookupError> {
self.reconcile_manual_lightning_invoice_if_settled(invoice_id, invoice)
.await
}
pub async fn get_or_create_manual_lightning_bolt11(
&self,
invoice_id: &str,
tenant_pubkey: &str,
amount_due_minor: i64,
currency: &str,
) -> Result<String> {
if let Some(existing_bolt11) = self
.query
.get_invoice_manual_lightning_bolt11(invoice_id)
.await?
{
return Ok(existing_bolt11);
}
let bolt11 = self.create_bolt11(amount_due_minor, currency).await?;
if self
.command
.insert_manual_lightning_invoice_payment(invoice_id, tenant_pubkey, &bolt11)
.await?
{
return Ok(bolt11);
}
self.query
.get_invoice_manual_lightning_bolt11(invoice_id)
.await?
.ok_or_else(|| {
anyhow!(
"manual lightning payment row missing after insert race for invoice {invoice_id}"
)
})
}
pub async fn stripe_create_customer(&self, tenant_pubkey: &str) -> Result<String> { pub async fn stripe_create_customer(&self, tenant_pubkey: &str) -> Result<String> {
let short_pubkey: String = tenant_pubkey.chars().take(12).collect(); let short_pubkey: String = tenant_pubkey.chars().take(12).collect();
let display_name = format!("Caravel tenant {short_pubkey}"); let display_name = format!("Caravel tenant {short_pubkey}");
@@ -950,8 +999,7 @@ impl Billing {
customer_id: &str, customer_id: &str,
price_id: &str, price_id: &str,
) -> Result<(String, String)> { ) -> Result<(String, String)> {
let idempotency_key = let idempotency_key = self.idempotency_key(&["create_subscription", customer_id, price_id]);
self.idempotency_key(&["create_subscription", customer_id, price_id]);
let resp = self let resp = self
.http .http
.post(format!("{STRIPE_API}/subscriptions")) .post(format!("{STRIPE_API}/subscriptions"))
@@ -1138,6 +1186,72 @@ impl Billing {
Ok(()) Ok(())
} }
async fn reconcile_manual_lightning_invoice_if_settled(
&self,
invoice_id: &str,
invoice: &serde_json::Value,
) -> std::result::Result<serde_json::Value, InvoiceLookupError> {
if invoice["status"].as_str().unwrap_or_default() != "open" {
return Ok(invoice.clone());
}
let Some(bolt11) = self
.query
.get_invoice_manual_lightning_bolt11(invoice_id)
.await?
else {
return Ok(invoice.clone());
};
let settled = match self.is_manual_lightning_invoice_settled(&bolt11).await {
Ok(settled) => settled,
Err(error) => {
tracing::warn!(
error = %error,
invoice_id,
"failed to lookup manual lightning invoice settlement"
);
return Ok(invoice.clone());
}
};
if !settled {
return Ok(invoice.clone());
}
if let Err(error) = self.stripe_pay_invoice_out_of_band(invoice_id).await {
tracing::warn!(
error = %error,
invoice_id,
"failed to mark settled manual lightning invoice as paid_out_of_band"
);
}
self.stripe_get_invoice(invoice_id).await
}
async fn is_manual_lightning_invoice_settled(&self, bolt11: &str) -> Result<bool> {
let system_uri = Self::parse_nwc_uri(&self.nwc_url, "system")?;
let system_nwc = NWC::new(system_uri);
let lookup_req = LookupInvoiceRequest {
payment_hash: None,
invoice: Some(bolt11.to_string()),
};
let lookup_result = system_nwc.lookup_invoice(lookup_req).await;
system_nwc.shutdown().await;
let lookup_response =
lookup_result.map_err(|error| anyhow!("failed to lookup invoice: {error}"))?;
Ok(Self::lookup_invoice_response_is_settled(&lookup_response))
}
fn lookup_invoice_response_is_settled(response: &LookupInvoiceResponse) -> bool {
response.state == Some(TransactionState::Settled) || response.settled_at.is_some()
}
fn parse_nwc_uri(nwc_url: &str, role: &str) -> Result<NostrWalletConnectURI> { fn parse_nwc_uri(nwc_url: &str, role: &str) -> Result<NostrWalletConnectURI> {
nwc_url nwc_url
.parse::<NostrWalletConnectURI>() .parse::<NostrWalletConnectURI>()
@@ -1612,5 +1726,5 @@ mod tests {
assert_eq!(billing.stripe_secret_key, "sk_test_dummy"); assert_eq!(billing.stripe_secret_key, "sk_test_dummy");
assert_eq!(billing.stripe_webhook_secret, "whsec_test_dummy"); assert_eq!(billing.stripe_webhook_secret, "whsec_test_dummy");
} }
} }
backend/src/command.rs
+29 -2
View File
@@ -2,6 +2,7 @@ use anyhow::Result;
use sqlx::{Sqlite, SqlitePool, Transaction}; use sqlx::{Sqlite, SqlitePool, Transaction};
use tokio::sync::broadcast; use tokio::sync::broadcast;
use crate::crypto;
use crate::models::{ use crate::models::{
Activity, RELAY_STATUS_ACTIVE, RELAY_STATUS_DELINQUENT, RELAY_STATUS_INACTIVE, Relay, Tenant, Activity, RELAY_STATUS_ACTIVE, RELAY_STATUS_DELINQUENT, RELAY_STATUS_INACTIVE, Relay, Tenant,
}; };
@@ -70,6 +71,7 @@ impl Command {
anyhow::bail!("stripe_customer_id is required"); anyhow::bail!("stripe_customer_id is required");
} }
let encrypted_nwc_url = crypto::encrypt(&tenant.nwc_url)?;
let mut tx = self.pool.begin().await?; let mut tx = self.pool.begin().await?;
sqlx::query( sqlx::query(
@@ -77,7 +79,7 @@ impl Command {
VALUES (?, ?, ?, ?)", VALUES (?, ?, ?, ?)",
) )
.bind(&tenant.pubkey) .bind(&tenant.pubkey)
.bind(&tenant.nwc_url) .bind(&encrypted_nwc_url)
.bind(tenant.created_at) .bind(tenant.created_at)
.bind(&tenant.stripe_customer_id) .bind(&tenant.stripe_customer_id)
.execute(&mut *tx) .execute(&mut *tx)
@@ -92,10 +94,11 @@ impl Command {
} }
pub async fn update_tenant(&self, tenant: &Tenant) -> Result<()> { pub async fn update_tenant(&self, tenant: &Tenant) -> Result<()> {
let encrypted_nwc_url = crypto::encrypt(&tenant.nwc_url)?;
let mut tx = self.pool.begin().await?; let mut tx = self.pool.begin().await?;
sqlx::query("UPDATE tenant SET nwc_url = ? WHERE pubkey = ?") sqlx::query("UPDATE tenant SET nwc_url = ? WHERE pubkey = ?")
.bind(&tenant.nwc_url) .bind(&encrypted_nwc_url)
.bind(&tenant.pubkey) .bind(&tenant.pubkey)
.execute(&mut *tx) .execute(&mut *tx)
.await?; .await?;
@@ -353,6 +356,30 @@ impl Command {
Ok(()) Ok(())
} }
pub async fn insert_manual_lightning_invoice_payment(
&self,
invoice_id: &str,
tenant_pubkey: &str,
bolt11: &str,
) -> Result<bool> {
let now = chrono::Utc::now().timestamp();
let result = sqlx::query(
"INSERT INTO invoice_manual_lightning_payment
(invoice_id, tenant_pubkey, bolt11, created_at, updated_at)
VALUES (?, ?, ?, ?, ?)
ON CONFLICT(invoice_id) DO NOTHING",
)
.bind(invoice_id)
.bind(tenant_pubkey)
.bind(bolt11)
.bind(now)
.bind(now)
.execute(&self.pool)
.await?;
Ok(result.rows_affected() > 0)
}
pub async fn set_tenant_past_due(&self, pubkey: &str) -> Result<()> { pub async fn set_tenant_past_due(&self, pubkey: &str) -> Result<()> {
let now = chrono::Utc::now().timestamp(); let now = chrono::Utc::now().timestamp();
sqlx::query("UPDATE tenant SET past_due_at = ? WHERE pubkey = ?") sqlx::query("UPDATE tenant SET past_due_at = ? WHERE pubkey = ?")
backend/src/crypto.rs
+49
View File
@@ -0,0 +1,49 @@
use anyhow::{Result, anyhow};
use nostr_sdk::prelude::{Keys, nip44};
const ENVELOPE_PREFIX: &str = "enc:nip44:v2:";
pub fn encrypt(value: &str) -> Result<String> {
if value.is_empty() {
return Ok(String::new());
}
let keys = parse_encryption_keys()?;
let payload = nip44::encrypt(
keys.secret_key(),
&keys.public_key(),
value,
nip44::Version::V2,
)
.map_err(|e| anyhow!("encrypt failed: {e}"))?;
Ok(format!("{ENVELOPE_PREFIX}{payload}"))
}
pub fn decrypt(value: &str) -> Result<String> {
if value.is_empty() {
return Ok(String::new());
}
let Some(payload) = value.strip_prefix(ENVELOPE_PREFIX) else {
return Ok(value.to_string());
};
let keys = parse_encryption_keys()?;
nip44::decrypt(keys.secret_key(), &keys.public_key(), payload)
.map_err(|e| anyhow!("decrypt failed: {e}"))
}
fn parse_encryption_keys() -> Result<Keys> {
let raw = std::env::var("ENCRYPTION_SECRET")
.map_err(|_| anyhow!("missing ENCRYPTION_SECRET environment variable"))?;
let trimmed = raw.trim();
if trimmed.is_empty() {
return Err(anyhow!("missing ENCRYPTION_SECRET environment variable"));
}
Keys::parse(trimmed).map_err(|e| {
anyhow!("ENCRYPTION_SECRET must be a valid nostr secret key (hex or nsec): {e}")
})
}
backend/src/infra.rs
+5 -1
View File
@@ -106,7 +106,11 @@ impl Infra {
return Ok(()); return Ok(());
} }
tracing::info!(source, relay_count = relays.len(), "reconciling pending relay state"); tracing::info!(
source,
relay_count = relays.len(),
"reconciling pending relay state"
);
for relay in relays { for relay in relays {
if relay.sync_error.trim().is_empty() { if relay.sync_error.trim().is_empty() {
backend/src/lib.rs
+1
View File
@@ -1,6 +1,7 @@
pub mod api; pub mod api;
pub mod billing; pub mod billing;
pub mod command; pub mod command;
pub mod crypto;
pub mod infra; pub mod infra;
pub mod models; pub mod models;
pub mod pool; pub mod pool;
backend/src/main.rs
+1
View File
@@ -1,6 +1,7 @@
mod api; mod api;
mod billing; mod billing;
mod command; mod command;
mod crypto;
mod infra; mod infra;
mod models; mod models;
mod pool; mod pool;
backend/src/query.rs
+22 -3
View File
@@ -1,6 +1,7 @@
use anyhow::Result; use anyhow::Result;
use sqlx::SqlitePool; use sqlx::SqlitePool;
use crate::crypto;
use crate::models::{Activity, Plan, Relay, Tenant}; use crate::models::{Activity, Plan, Relay, Tenant};
#[derive(Clone)] #[derive(Clone)]
@@ -21,7 +22,7 @@ impl Query {
) )
.fetch_all(&self.pool) .fetch_all(&self.pool)
.await?; .await?;
Ok(rows) rows.into_iter().map(decrypt_tenant_nwc_url).collect()
} }
pub async fn get_tenant(&self, pubkey: &str) -> Result<Option<Tenant>> { pub async fn get_tenant(&self, pubkey: &str) -> Result<Option<Tenant>> {
@@ -33,7 +34,7 @@ impl Query {
.bind(pubkey) .bind(pubkey)
.fetch_optional(&self.pool) .fetch_optional(&self.pool)
.await?; .await?;
Ok(row) row.map(decrypt_tenant_nwc_url).transpose()
} }
pub fn list_plans() -> Vec<Plan> { pub fn list_plans() -> Vec<Plan> {
@@ -158,7 +159,7 @@ impl Query {
.bind(stripe_customer_id) .bind(stripe_customer_id)
.fetch_optional(&self.pool) .fetch_optional(&self.pool)
.await?; .await?;
Ok(row) row.map(decrypt_tenant_nwc_url).transpose()
} }
pub async fn get_invoice_nwc_payment_state(&self, invoice_id: &str) -> Result<Option<String>> { pub async fn get_invoice_nwc_payment_state(&self, invoice_id: &str) -> Result<Option<String>> {
@@ -171,6 +172,19 @@ impl Query {
Ok(state) Ok(state)
} }
pub async fn get_invoice_manual_lightning_bolt11(
&self,
invoice_id: &str,
) -> Result<Option<String>> {
let bolt11 = sqlx::query_scalar::<_, String>(
"SELECT bolt11 FROM invoice_manual_lightning_payment WHERE invoice_id = ?",
)
.bind(invoice_id)
.fetch_optional(&self.pool)
.await?;
Ok(bolt11)
}
pub async fn has_active_paid_relays(&self, tenant_id: &str) -> Result<bool> { pub async fn has_active_paid_relays(&self, tenant_id: &str) -> Result<bool> {
let plans = sqlx::query_scalar::<_, String>( let plans = sqlx::query_scalar::<_, String>(
"SELECT plan FROM relay WHERE tenant = ? AND status = 'active'", "SELECT plan FROM relay WHERE tenant = ? AND status = 'active'",
@@ -211,3 +225,8 @@ impl Query {
Ok(found.is_some()) Ok(found.is_some())
} }
} }
fn decrypt_tenant_nwc_url(mut tenant: Tenant) -> Result<Tenant> {
tenant.nwc_url = crypto::decrypt(&tenant.nwc_url)?;
Ok(tenant)
}
frontend/src/lib/api.ts
+1
View File
@@ -99,6 +99,7 @@ export type UpdateRelayInput = {
export type Tenant = { export type Tenant = {
pubkey: string pubkey: string
nwc_url: string nwc_url: string
nwc_configured: boolean
created_at: number created_at: number
stripe_customer_id: string stripe_customer_id: string
stripe_subscription_id: string | null stripe_subscription_id: string | null
frontend/src/lib/hooks.ts
+1 -1
View File
@@ -135,7 +135,7 @@ export const reactivateRelayById = (id: string) => reactivateRelay(id)
export async function tenantNeedsPaymentSetup(): Promise<boolean> { export async function tenantNeedsPaymentSetup(): Promise<boolean> {
const tenant = await getTenant(account()!.pubkey) const tenant = await getTenant(account()!.pubkey)
return !tenant.nwc_url && !tenant.stripe_subscription_id return !tenant.nwc_configured && !tenant.stripe_subscription_id
} }
export async function getLatestOpenInvoice(): Promise<Invoice | null> { export async function getLatestOpenInvoice(): Promise<Invoice | null> {
frontend/src/pages/Account.tsx
+3 -3
View File
@@ -18,9 +18,9 @@ export default function Account() {
const invoicesLoading = useMinLoading(() => invoices.loading) const invoicesLoading = useMinLoading(() => invoices.loading)
const hasBillingChanges = createMemo(() => { const hasBillingChanges = createMemo(() => {
const current = tenant()?.nwc_url?.trim() ?? ""
const next = nwcUrl().trim() const next = nwcUrl().trim()
return current !== next if (next) return true
return tenant()?.nwc_configured ?? false
}) })
createEffect(() => { createEffect(() => {
@@ -169,7 +169,7 @@ export default function Account() {
<p class="text-xs text-gray-500 mt-0.5">{periodLabel()}</p> <p class="text-xs text-gray-500 mt-0.5">{periodLabel()}</p>
</Show> </Show>
</div> </div>
<div class="flex items-center gap-2 flex-shrink-0"> <div class="flex items-center gap-2 shrink-0">
<Show when={isOpen()}> <Show when={isOpen()}>
<span class="text-xs text-blue-600 font-medium">Pay now</span> <span class="text-xs text-blue-600 font-medium">Pay now</span>
</Show> </Show>
frontend/src/pages/relays/RelayDetail.tsx
+1 -1
View File
@@ -52,7 +52,7 @@ export default function RelayDetail() {
if (!isPaidRelay()) return false if (!isPaidRelay()) return false
const t = tenant() const t = tenant()
if (!t) return false if (!t) return false
return !t.nwc_url return !t.nwc_configured
}) })
return ( return (