forked from coracle/caravel
Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 userAdityaa
|
f23ba5ee00 |
@@ -28,6 +28,6 @@ LIVEKIT_API_SECRET=
|
||||
|
||||
# Billing
|
||||
NWC_URL= # Nostr Wallet Connect URL for generating Lightning invoices
|
||||
ENCRYPTION_SECRET= # Nostr secret key (hex or nsec) used to encrypt tenant NWC URLs at rest
|
||||
ENCRYPTION_SECRET= # Nostr secret key (hex or nsec) used for NIP-44 encryption of tenant nwc_url at rest
|
||||
STRIPE_SECRET_KEY= # Required Stripe API secret key (sk_...)
|
||||
STRIPE_WEBHOOK_SECRET=whsec_test_00000000000000000000000000 # Webhook signing secret (use real value in production)
|
||||
|
||||
+24
-24
@@ -30,30 +30,30 @@ backend/
|
||||
|
||||
Environment variables:
|
||||
|
||||
| Variable | Description | Default |
|
||||
| ------------------------ | ----------------------------------------------------------------------- | ------------------------------------ |
|
||||
| `DATABASE_URL` | SQLite URL. Relative paths are resolved under `backend/`. | `sqlite://<backend>/data/caravel.db` |
|
||||
| `HOST` | API bind host (also used for NIP-98 `u` host check) | `127.0.0.1` |
|
||||
| `PORT` | API bind port | `2892` |
|
||||
| `ADMINS` | Comma-separated admin pubkeys (hex) | _optional_ |
|
||||
| `ALLOW_ORIGINS` | Comma-separated CORS origins. If empty, CORS is permissive. | _optional_ |
|
||||
| `ZOOID_API_URL` | Zooid API base URL used by infra worker | _required for infra sync_ |
|
||||
| `ZOOID_API_SECRET` | Nostr secret key used for authentication of requests to the zooid API | _required_ |
|
||||
| `RELAY_DOMAIN` | Base domain appended to relay subdomains | empty |
|
||||
| `LIVEKIT_URL` | LiveKit URL sent to zooid when relay livekit is enabled | _optional_ |
|
||||
| `LIVEKIT_API_KEY` | LiveKit API key sent to zooid | _optional_ |
|
||||
| `LIVEKIT_API_SECRET` | LiveKit API secret sent to zooid | _optional_ |
|
||||
| `NWC_URL` | Platform NWC URL used to generate BOLT11 invoices | _required for invoice generation_ |
|
||||
| `ENCRYPTION_SECRET` | Nostr secret key (hex or nsec) used to encrypt tenant NWC URLs at rest | _required_ |
|
||||
| `STRIPE_SECRET_KEY` | Stripe API secret key used for billing API operations | _required_ |
|
||||
| `STRIPE_WEBHOOK_SECRET` | Stripe webhook signing secret used to verify `Stripe-Signature` headers | _required_ |
|
||||
| `ROBOT_SECRET` | Robot Nostr secret key | _required_ |
|
||||
| `ROBOT_NAME` | Robot display name (kind `0`) | _optional_ |
|
||||
| `ROBOT_DESCRIPTION` | Robot description (kind `0`) | _optional_ |
|
||||
| `ROBOT_PICTURE` | Robot picture URL (kind `0`) | _optional_ |
|
||||
| `ROBOT_OUTBOX_RELAYS` | Comma-separated relays published as kind `10002` | _required_ |
|
||||
| `ROBOT_INDEXER_RELAYS` | Comma-separated relays used for recipient relay discovery | _required_ |
|
||||
| `ROBOT_MESSAGING_RELAYS` | Comma-separated relays published as kind `10050` | _required_ |
|
||||
| Variable | Description | Default |
|
||||
| ------------------------ | --------------------------------------------------------------------------------------- | ---------------------------------------- |
|
||||
| `DATABASE_URL` | SQLite URL. Relative paths are resolved under `backend/`. | `sqlite://<backend>/data/caravel.db` |
|
||||
| `HOST` | API bind host (also used for NIP-98 `u` host check) | `127.0.0.1` |
|
||||
| `PORT` | API bind port | `2892` |
|
||||
| `ADMINS` | Comma-separated admin pubkeys (hex) | _optional_ |
|
||||
| `ALLOW_ORIGINS` | Comma-separated CORS origins. If empty, CORS is permissive. | _optional_ |
|
||||
| `ZOOID_API_URL` | Zooid API base URL used by infra worker | _required for infra sync_ |
|
||||
| `ZOOID_API_SECRET` | Nostr secret key used for authentication of requests to the zooid API | _required_ |
|
||||
| `RELAY_DOMAIN` | Base domain appended to relay subdomains | empty |
|
||||
| `LIVEKIT_URL` | LiveKit URL sent to zooid when relay livekit is enabled | _optional_ |
|
||||
| `LIVEKIT_API_KEY` | LiveKit API key sent to zooid | _optional_ |
|
||||
| `LIVEKIT_API_SECRET` | LiveKit API secret sent to zooid | _optional_ |
|
||||
| `NWC_URL` | Platform NWC URL used to generate BOLT11 invoices | _required for invoice generation_ |
|
||||
| `ENCRYPTION_SECRET` | Nostr secret key (hex or `nsec`) used for NIP-44 encryption of tenant `nwc_url` at rest | _required when tenant `nwc_url` is used_ |
|
||||
| `STRIPE_SECRET_KEY` | Stripe API secret key used for billing API operations | _required_ |
|
||||
| `STRIPE_WEBHOOK_SECRET` | Stripe webhook signing secret used to verify `Stripe-Signature` headers | _required_ |
|
||||
| `ROBOT_SECRET` | Robot Nostr secret key | _required_ |
|
||||
| `ROBOT_NAME` | Robot display name (kind `0`) | _optional_ |
|
||||
| `ROBOT_DESCRIPTION` | Robot description (kind `0`) | _optional_ |
|
||||
| `ROBOT_PICTURE` | Robot picture URL (kind `0`) | _optional_ |
|
||||
| `ROBOT_OUTBOX_RELAYS` | Comma-separated relays published as kind `10002` | _required_ |
|
||||
| `ROBOT_INDEXER_RELAYS` | Comma-separated relays used for recipient relay discovery | _required_ |
|
||||
| `ROBOT_MESSAGING_RELAYS` | Comma-separated relays published as kind `10050` | _required_ |
|
||||
|
||||
Relay list env vars are comma-separated and trimmed. If a relay has no `ws://` or `wss://` scheme, `wss://` is prepended.
|
||||
|
||||
|
||||
+4
-5
@@ -57,7 +57,7 @@ Notes:
|
||||
|
||||
- Serves `GET /tenants`
|
||||
- Authorizes admin only
|
||||
- Return `data` is a list of `TenantResponse` structs (contains `nwc_is_set: bool` instead of `nwc_url`)
|
||||
- Return `data` is a list of tenant structs from `query.list_tenants`
|
||||
|
||||
## `async fn create_tenant(...) -> Response`
|
||||
|
||||
@@ -69,21 +69,20 @@ Notes:
|
||||
- On unique-constraint race (`pubkey-exists`), re-fetch and return the existing tenant
|
||||
- If Stripe customer creation fails, return `code=stripe-customer-create-failed`
|
||||
- Always returns `200` (create-or-get is uniform)
|
||||
- Return `data` is a single `TenantResponse` struct (contains `nwc_is_set: bool` instead of `nwc_url`)
|
||||
- Return `data` is a single `Tenant` struct
|
||||
|
||||
## `async fn get_tenant(...) -> Response`
|
||||
|
||||
- Serves `GET /tenants/:pubkey`
|
||||
- Authorizes admin or matching tenant
|
||||
- Return `data` is a single `TenantResponse` struct (contains `nwc_is_set: bool` instead of `nwc_url`)
|
||||
- Return `data` is a single tenant struct from `query.get_tenant`
|
||||
|
||||
## `async fn update_tenant(...) -> Response`
|
||||
|
||||
- Serves `PUT /tenants/:pubkey`
|
||||
- Authorizes admin or matching tenant
|
||||
- Accepts `nwc_url` in the request body; encrypts it before storage using `cipher::encrypt`
|
||||
- Updates tenant using `command.update_tenant`
|
||||
- Return `data` is the updated `TenantResponse` struct (contains `nwc_is_set: bool` instead of `nwc_url`)
|
||||
- Return `data` is the updated tenant struct
|
||||
|
||||
## `async fn list_tenant_relays(...) -> Response`
|
||||
|
||||
|
||||
@@ -52,7 +52,7 @@ There are three plans available:
|
||||
Tenants are customers of the service, identified by a nostr `pubkey`. Public metadata like name etc are pulled from the nostr network. They also have associated billing information.
|
||||
|
||||
- `pubkey` is the nostr public key identifying the tenant
|
||||
- `nwc_url` (private) a nostr wallet connect URL used for **paying** invoices generated by the system on the tenant's behalf; stored encrypted at rest using NIP-44 via `ENCRYPTION_SECRET`; never serialized to API responses — tenant API endpoints expose `nwc_is_set: bool` instead
|
||||
- `nwc_url` (private) a nostr wallet connect URL used for **paying** invoices generated by the system on the tenant's behalf
|
||||
- `nwc_error` (private) a string indicating the most recent NWC payment error, if any. Cleared on successful NWC payment.
|
||||
- `created_at` unix timestamp identifying tenant creation time
|
||||
- `stripe_customer_id` a string identifying the associated stripe customer
|
||||
|
||||
+24
-33
@@ -448,7 +448,7 @@ struct IdentityResponse {
|
||||
#[derive(Serialize)]
|
||||
struct TenantResponse {
|
||||
pubkey: String,
|
||||
nwc_is_set: bool,
|
||||
nwc_configured: bool,
|
||||
nwc_error: Option<String>,
|
||||
created_at: i64,
|
||||
stripe_customer_id: String,
|
||||
@@ -456,20 +456,6 @@ struct TenantResponse {
|
||||
past_due_at: Option<i64>,
|
||||
}
|
||||
|
||||
impl From<Tenant> for TenantResponse {
|
||||
fn from(t: Tenant) -> Self {
|
||||
TenantResponse {
|
||||
nwc_is_set: !t.nwc_url.is_empty(),
|
||||
pubkey: t.pubkey,
|
||||
nwc_error: t.nwc_error,
|
||||
created_at: t.created_at,
|
||||
stripe_customer_id: t.stripe_customer_id,
|
||||
stripe_subscription_id: t.stripe_subscription_id,
|
||||
past_due_at: t.past_due_at,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Deserialize)]
|
||||
struct CreateRelayRequest {
|
||||
tenant: String,
|
||||
@@ -511,13 +497,7 @@ async fn list_tenants(
|
||||
state.api.require_admin(&pubkey)?;
|
||||
|
||||
match state.api.query.list_tenants().await {
|
||||
Ok(tenants) => Ok(ok(
|
||||
StatusCode::OK,
|
||||
tenants
|
||||
.into_iter()
|
||||
.map(TenantResponse::from)
|
||||
.collect::<Vec<_>>(),
|
||||
)),
|
||||
Ok(tenants) => Ok(ok(StatusCode::OK, scrub_tenants_for_response(tenants))),
|
||||
Err(e) => Ok(err(
|
||||
StatusCode::INTERNAL_SERVER_ERROR,
|
||||
"internal",
|
||||
@@ -546,7 +526,7 @@ async fn create_tenant(
|
||||
let pubkey = state.api.extract_auth_pubkey(&headers)?;
|
||||
|
||||
match state.api.query.get_tenant(&pubkey).await {
|
||||
Ok(Some(t)) => Ok(ok(StatusCode::OK, TenantResponse::from(t))),
|
||||
Ok(Some(t)) => Ok(ok(StatusCode::OK, scrub_tenant_for_response(t))),
|
||||
Ok(None) => {
|
||||
let stripe_customer_id = match state.api.billing.stripe_create_customer(&pubkey).await {
|
||||
Ok(id) => id,
|
||||
@@ -570,10 +550,10 @@ async fn create_tenant(
|
||||
};
|
||||
|
||||
match state.api.command.create_tenant(&tenant).await {
|
||||
Ok(()) => Ok(ok(StatusCode::OK, TenantResponse::from(tenant))),
|
||||
Ok(()) => Ok(ok(StatusCode::OK, scrub_tenant_for_response(tenant))),
|
||||
Err(e) if matches!(map_unique_error(&e), Some("pubkey-exists")) => {
|
||||
match state.api.query.get_tenant(&pubkey).await {
|
||||
Ok(Some(t)) => Ok(ok(StatusCode::OK, TenantResponse::from(t))),
|
||||
Ok(Some(t)) => Ok(ok(StatusCode::OK, scrub_tenant_for_response(t))),
|
||||
Ok(None) => Ok(err(
|
||||
StatusCode::INTERNAL_SERVER_ERROR,
|
||||
"internal",
|
||||
@@ -616,7 +596,7 @@ async fn get_tenant(
|
||||
let auth = state.api.extract_auth_pubkey(&headers)?;
|
||||
state.api.require_admin_or_tenant(&auth, &pubkey)?;
|
||||
let tenant = state.api.get_tenant_or_404(&pubkey).await?;
|
||||
Ok(ok(StatusCode::OK, TenantResponse::from(tenant)))
|
||||
Ok(ok(StatusCode::OK, scrub_tenant_for_response(tenant)))
|
||||
}
|
||||
|
||||
async fn list_relays(
|
||||
@@ -1134,12 +1114,7 @@ async fn update_tenant(
|
||||
|
||||
let nwc_previously_empty = tenant.nwc_url.is_empty();
|
||||
if let Some(nwc_url) = payload.nwc_url {
|
||||
if nwc_url.is_empty() {
|
||||
tenant.nwc_url = String::new();
|
||||
} else {
|
||||
tenant.nwc_url =
|
||||
crate::cipher::encrypt(&nwc_url).map_err(|e| ApiError::Internal(e.to_string()))?;
|
||||
}
|
||||
tenant.nwc_url = nwc_url;
|
||||
}
|
||||
|
||||
match state.api.command.update_tenant(&tenant).await {
|
||||
@@ -1158,7 +1133,7 @@ async fn update_tenant(
|
||||
}
|
||||
});
|
||||
}
|
||||
Ok(ok(StatusCode::OK, TenantResponse::from(tenant)))
|
||||
Ok(ok(StatusCode::OK, scrub_tenant_for_response(tenant)))
|
||||
}
|
||||
Err(e) => Ok(err(
|
||||
StatusCode::INTERNAL_SERVER_ERROR,
|
||||
@@ -1167,3 +1142,19 @@ async fn update_tenant(
|
||||
)),
|
||||
}
|
||||
}
|
||||
|
||||
fn scrub_tenant_for_response(tenant: Tenant) -> TenantResponse {
|
||||
TenantResponse {
|
||||
pubkey: tenant.pubkey,
|
||||
nwc_configured: !tenant.nwc_url.is_empty(),
|
||||
nwc_error: tenant.nwc_error,
|
||||
created_at: tenant.created_at,
|
||||
stripe_customer_id: tenant.stripe_customer_id,
|
||||
stripe_subscription_id: tenant.stripe_subscription_id,
|
||||
past_due_at: tenant.past_due_at,
|
||||
}
|
||||
}
|
||||
|
||||
fn scrub_tenants_for_response(tenants: Vec<Tenant>) -> Vec<TenantResponse> {
|
||||
tenants.into_iter().map(scrub_tenant_for_response).collect()
|
||||
}
|
||||
|
||||
@@ -151,7 +151,11 @@ impl Billing {
|
||||
return Ok(());
|
||||
}
|
||||
|
||||
tracing::info!(source, relay_count = relays.len(), "reconciling relay billing state");
|
||||
tracing::info!(
|
||||
source,
|
||||
relay_count = relays.len(),
|
||||
"reconciling relay billing state"
|
||||
);
|
||||
|
||||
for relay in relays {
|
||||
if let Err(error) = self.sync_relay_subscription_for_relay(&relay).await {
|
||||
@@ -422,14 +426,13 @@ impl Billing {
|
||||
|
||||
// 1. NWC auto-pay: if the tenant has a nwc_url
|
||||
if !tenant.nwc_url.is_empty() {
|
||||
let plain_nwc_url = crate::cipher::decrypt(&tenant.nwc_url)?;
|
||||
match self
|
||||
.nwc_pay_invoice(
|
||||
invoice_id,
|
||||
&tenant.pubkey,
|
||||
amount_due,
|
||||
currency,
|
||||
&plain_nwc_url,
|
||||
&tenant.nwc_url,
|
||||
)
|
||||
.await?
|
||||
{
|
||||
@@ -858,8 +861,6 @@ impl Billing {
|
||||
return Ok(());
|
||||
}
|
||||
|
||||
let plain_nwc_url = crate::cipher::decrypt(&tenant.nwc_url)?;
|
||||
|
||||
let invoices = self
|
||||
.stripe_list_invoices(&tenant.stripe_customer_id)
|
||||
.await?;
|
||||
@@ -881,7 +882,7 @@ impl Billing {
|
||||
&tenant.pubkey,
|
||||
amount_due,
|
||||
currency,
|
||||
&plain_nwc_url,
|
||||
&tenant.nwc_url,
|
||||
)
|
||||
.await?
|
||||
{
|
||||
@@ -998,8 +999,7 @@ impl Billing {
|
||||
customer_id: &str,
|
||||
price_id: &str,
|
||||
) -> Result<(String, String)> {
|
||||
let idempotency_key =
|
||||
self.idempotency_key(&["create_subscription", customer_id, price_id]);
|
||||
let idempotency_key = self.idempotency_key(&["create_subscription", customer_id, price_id]);
|
||||
let resp = self
|
||||
.http
|
||||
.post(format!("{STRIPE_API}/subscriptions"))
|
||||
@@ -1726,5 +1726,5 @@ mod tests {
|
||||
assert_eq!(billing.stripe_secret_key, "sk_test_dummy");
|
||||
assert_eq!(billing.stripe_webhook_secret, "whsec_test_dummy");
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
@@ -1,28 +0,0 @@
|
||||
use anyhow::{Result, anyhow};
|
||||
use nostr_sdk::prelude::*;
|
||||
|
||||
pub fn encrypt(plaintext: &str) -> Result<String> {
|
||||
let keys = load_key()?;
|
||||
nip44::encrypt(
|
||||
keys.secret_key(),
|
||||
&keys.public_key(),
|
||||
plaintext,
|
||||
nip44::Version::V2,
|
||||
)
|
||||
.map_err(|e| anyhow!("encryption failed: {e}"))
|
||||
}
|
||||
|
||||
pub fn decrypt(ciphertext: &str) -> Result<String> {
|
||||
let keys = load_key()?;
|
||||
nip44::decrypt(keys.secret_key(), &keys.public_key(), ciphertext)
|
||||
.map_err(|e| anyhow!("decryption failed: {e}"))
|
||||
}
|
||||
|
||||
fn load_key() -> Result<Keys> {
|
||||
let secret = std::env::var("ENCRYPTION_SECRET")
|
||||
.map_err(|_| anyhow!("missing ENCRYPTION_SECRET environment variable"))?;
|
||||
if secret.trim().is_empty() {
|
||||
return Err(anyhow!("ENCRYPTION_SECRET is empty"));
|
||||
}
|
||||
Keys::parse(&secret).map_err(|e| anyhow!("invalid ENCRYPTION_SECRET: {e}"))
|
||||
}
|
||||
@@ -2,6 +2,7 @@ use anyhow::Result;
|
||||
use sqlx::{Sqlite, SqlitePool, Transaction};
|
||||
use tokio::sync::broadcast;
|
||||
|
||||
use crate::crypto;
|
||||
use crate::models::{
|
||||
Activity, RELAY_STATUS_ACTIVE, RELAY_STATUS_DELINQUENT, RELAY_STATUS_INACTIVE, Relay, Tenant,
|
||||
};
|
||||
@@ -70,6 +71,7 @@ impl Command {
|
||||
anyhow::bail!("stripe_customer_id is required");
|
||||
}
|
||||
|
||||
let encrypted_nwc_url = crypto::encrypt(&tenant.nwc_url)?;
|
||||
let mut tx = self.pool.begin().await?;
|
||||
|
||||
sqlx::query(
|
||||
@@ -77,7 +79,7 @@ impl Command {
|
||||
VALUES (?, ?, ?, ?)",
|
||||
)
|
||||
.bind(&tenant.pubkey)
|
||||
.bind(&tenant.nwc_url)
|
||||
.bind(&encrypted_nwc_url)
|
||||
.bind(tenant.created_at)
|
||||
.bind(&tenant.stripe_customer_id)
|
||||
.execute(&mut *tx)
|
||||
@@ -92,10 +94,11 @@ impl Command {
|
||||
}
|
||||
|
||||
pub async fn update_tenant(&self, tenant: &Tenant) -> Result<()> {
|
||||
let encrypted_nwc_url = crypto::encrypt(&tenant.nwc_url)?;
|
||||
let mut tx = self.pool.begin().await?;
|
||||
|
||||
sqlx::query("UPDATE tenant SET nwc_url = ? WHERE pubkey = ?")
|
||||
.bind(&tenant.nwc_url)
|
||||
.bind(&encrypted_nwc_url)
|
||||
.bind(&tenant.pubkey)
|
||||
.execute(&mut *tx)
|
||||
.await?;
|
||||
|
||||
@@ -0,0 +1,49 @@
|
||||
use anyhow::{Result, anyhow};
|
||||
use nostr_sdk::prelude::{Keys, nip44};
|
||||
|
||||
const ENVELOPE_PREFIX: &str = "enc:nip44:v2:";
|
||||
|
||||
pub fn encrypt(value: &str) -> Result<String> {
|
||||
if value.is_empty() {
|
||||
return Ok(String::new());
|
||||
}
|
||||
|
||||
let keys = parse_encryption_keys()?;
|
||||
let payload = nip44::encrypt(
|
||||
keys.secret_key(),
|
||||
&keys.public_key(),
|
||||
value,
|
||||
nip44::Version::V2,
|
||||
)
|
||||
.map_err(|e| anyhow!("encrypt failed: {e}"))?;
|
||||
|
||||
Ok(format!("{ENVELOPE_PREFIX}{payload}"))
|
||||
}
|
||||
|
||||
pub fn decrypt(value: &str) -> Result<String> {
|
||||
if value.is_empty() {
|
||||
return Ok(String::new());
|
||||
}
|
||||
|
||||
let Some(payload) = value.strip_prefix(ENVELOPE_PREFIX) else {
|
||||
return Ok(value.to_string());
|
||||
};
|
||||
|
||||
let keys = parse_encryption_keys()?;
|
||||
nip44::decrypt(keys.secret_key(), &keys.public_key(), payload)
|
||||
.map_err(|e| anyhow!("decrypt failed: {e}"))
|
||||
}
|
||||
|
||||
fn parse_encryption_keys() -> Result<Keys> {
|
||||
let raw = std::env::var("ENCRYPTION_SECRET")
|
||||
.map_err(|_| anyhow!("missing ENCRYPTION_SECRET environment variable"))?;
|
||||
let trimmed = raw.trim();
|
||||
|
||||
if trimmed.is_empty() {
|
||||
return Err(anyhow!("missing ENCRYPTION_SECRET environment variable"));
|
||||
}
|
||||
|
||||
Keys::parse(trimmed).map_err(|e| {
|
||||
anyhow!("ENCRYPTION_SECRET must be a valid nostr secret key (hex or nsec): {e}")
|
||||
})
|
||||
}
|
||||
@@ -106,7 +106,11 @@ impl Infra {
|
||||
return Ok(());
|
||||
}
|
||||
|
||||
tracing::info!(source, relay_count = relays.len(), "reconciling pending relay state");
|
||||
tracing::info!(
|
||||
source,
|
||||
relay_count = relays.len(),
|
||||
"reconciling pending relay state"
|
||||
);
|
||||
|
||||
for relay in relays {
|
||||
if relay.sync_error.trim().is_empty() {
|
||||
|
||||
+1
-1
@@ -1,7 +1,7 @@
|
||||
pub mod api;
|
||||
pub mod billing;
|
||||
pub mod cipher;
|
||||
pub mod command;
|
||||
pub mod crypto;
|
||||
pub mod infra;
|
||||
pub mod models;
|
||||
pub mod pool;
|
||||
|
||||
+1
-1
@@ -1,7 +1,7 @@
|
||||
mod api;
|
||||
mod billing;
|
||||
mod cipher;
|
||||
mod command;
|
||||
mod crypto;
|
||||
mod infra;
|
||||
mod models;
|
||||
mod pool;
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
use anyhow::Result;
|
||||
use sqlx::SqlitePool;
|
||||
|
||||
use crate::crypto;
|
||||
use crate::models::{Activity, Plan, Relay, Tenant};
|
||||
|
||||
#[derive(Clone)]
|
||||
@@ -21,7 +22,7 @@ impl Query {
|
||||
)
|
||||
.fetch_all(&self.pool)
|
||||
.await?;
|
||||
Ok(rows)
|
||||
rows.into_iter().map(decrypt_tenant_nwc_url).collect()
|
||||
}
|
||||
|
||||
pub async fn get_tenant(&self, pubkey: &str) -> Result<Option<Tenant>> {
|
||||
@@ -33,7 +34,7 @@ impl Query {
|
||||
.bind(pubkey)
|
||||
.fetch_optional(&self.pool)
|
||||
.await?;
|
||||
Ok(row)
|
||||
row.map(decrypt_tenant_nwc_url).transpose()
|
||||
}
|
||||
|
||||
pub fn list_plans() -> Vec<Plan> {
|
||||
@@ -158,7 +159,7 @@ impl Query {
|
||||
.bind(stripe_customer_id)
|
||||
.fetch_optional(&self.pool)
|
||||
.await?;
|
||||
Ok(row)
|
||||
row.map(decrypt_tenant_nwc_url).transpose()
|
||||
}
|
||||
|
||||
pub async fn get_invoice_nwc_payment_state(&self, invoice_id: &str) -> Result<Option<String>> {
|
||||
@@ -224,3 +225,8 @@ impl Query {
|
||||
Ok(found.is_some())
|
||||
}
|
||||
}
|
||||
|
||||
fn decrypt_tenant_nwc_url(mut tenant: Tenant) -> Result<Tenant> {
|
||||
tenant.nwc_url = crypto::decrypt(&tenant.nwc_url)?;
|
||||
Ok(tenant)
|
||||
}
|
||||
|
||||
@@ -99,6 +99,7 @@ export type UpdateRelayInput = {
|
||||
export type Tenant = {
|
||||
pubkey: string
|
||||
nwc_url: string
|
||||
nwc_configured: boolean
|
||||
created_at: number
|
||||
stripe_customer_id: string
|
||||
stripe_subscription_id: string | null
|
||||
|
||||
@@ -135,7 +135,7 @@ export const reactivateRelayById = (id: string) => reactivateRelay(id)
|
||||
|
||||
export async function tenantNeedsPaymentSetup(): Promise<boolean> {
|
||||
const tenant = await getTenant(account()!.pubkey)
|
||||
return !tenant.nwc_url && !tenant.stripe_subscription_id
|
||||
return !tenant.nwc_configured && !tenant.stripe_subscription_id
|
||||
}
|
||||
|
||||
export async function getLatestOpenInvoice(): Promise<Invoice | null> {
|
||||
|
||||
@@ -18,9 +18,9 @@ export default function Account() {
|
||||
const invoicesLoading = useMinLoading(() => invoices.loading)
|
||||
|
||||
const hasBillingChanges = createMemo(() => {
|
||||
const current = tenant()?.nwc_url?.trim() ?? ""
|
||||
const next = nwcUrl().trim()
|
||||
return current !== next
|
||||
if (next) return true
|
||||
return tenant()?.nwc_configured ?? false
|
||||
})
|
||||
|
||||
createEffect(() => {
|
||||
@@ -169,7 +169,7 @@ export default function Account() {
|
||||
<p class="text-xs text-gray-500 mt-0.5">{periodLabel()}</p>
|
||||
</Show>
|
||||
</div>
|
||||
<div class="flex items-center gap-2 flex-shrink-0">
|
||||
<div class="flex items-center gap-2 shrink-0">
|
||||
<Show when={isOpen()}>
|
||||
<span class="text-xs text-blue-600 font-medium">Pay now</span>
|
||||
</Show>
|
||||
|
||||
@@ -52,7 +52,7 @@ export default function RelayDetail() {
|
||||
if (!isPaidRelay()) return false
|
||||
const t = tenant()
|
||||
if (!t) return false
|
||||
return !t.nwc_url
|
||||
return !t.nwc_configured
|
||||
})
|
||||
|
||||
return (
|
||||
|
||||
Reference in New Issue
Block a user