From 954074301c0e67bfab958e06cae51185b5a9406b Mon Sep 17 00:00:00 2001 From: Nicolas Burtey Date: Sat, 23 Sep 2023 11:46:08 +0100 Subject: [PATCH] chore: create cardId earlier in the flow --- apps/boltcard/app/api/activate/route.ts | 2 +- apps/boltcard/app/api/create/route.ts | 41 +++++++++++++++++++++++++ apps/boltcard/app/api/ln/route.ts | 40 +----------------------- apps/boltcard/bats/e2e-test.bats | 7 +++++ apps/boltcard/services/db/card-init.ts | 4 ++- apps/boltcard/services/db/schema.ts | 5 ++- 6 files changed, 57 insertions(+), 42 deletions(-) diff --git a/apps/boltcard/app/api/activate/route.ts b/apps/boltcard/app/api/activate/route.ts index f5cb5eccdf3..763a2272dce 100644 --- a/apps/boltcard/app/api/activate/route.ts +++ b/apps/boltcard/app/api/activate/route.ts @@ -53,7 +53,7 @@ export async function GET(req: NextRequest) { warning: warningReusedCode, protocol_name: "create_bolt_card_response", protocol_version: 2, - card_name: "", + card_name: cardKeysSetup.cardId, lnurlw_base: lnurlwBase, k0: cardKeysSetup.k0AuthKey, k1: k1DecryptKey, diff --git a/apps/boltcard/app/api/create/route.ts b/apps/boltcard/app/api/create/route.ts index 8f18a75105e..53afa2dd148 100644 --- a/apps/boltcard/app/api/create/route.ts +++ b/apps/boltcard/app/api/create/route.ts @@ -7,6 +7,44 @@ import { serverUrl } from "@/services/config" const randomHex = (): string => randomBytes(16).toString("hex") +function generateReadableCode(numDigits: number, separator: number = 4): string { + const allowedNumbers = ["3", "4", "6", "7", "9"] + const allowedLetters = [ + "A", + "C", + "D", + "E", + "F", + "G", + "H", + "J", + "K", + "M", + "N", + "P", + "Q", + "R", + "T", + "U", + "V", + "W", + "X", + "Y", + ] + + const allowedChars = [...allowedNumbers, ...allowedLetters] + let code = "" + for (let i = 0; i < numDigits; i++) { + if (i > 0 && i % separator === 0) { + code += "_" + } + const randomIndex = Math.floor(Math.random() * allowedChars.length) + code += allowedChars[randomIndex] + } + + return code +} + export async function GET(req: NextRequest) { // should be pass with POST? not sure if this would be compatible // with the wallet that can create cards @@ -29,6 +67,8 @@ export async function GET(req: NextRequest) { const k3 = randomHex() const k4 = randomHex() + const cardId = generateReadableCode(12) + const result = await createCardKeysSetup({ oneTimeCode, k0AuthKey, @@ -36,6 +76,7 @@ export async function GET(req: NextRequest) { k3, k4, token, + cardId, }) if (result instanceof Error) { diff --git a/apps/boltcard/app/api/ln/route.ts b/apps/boltcard/app/api/ln/route.ts index 7905225b6ae..7b1791cbb2d 100644 --- a/apps/boltcard/app/api/ln/route.ts +++ b/apps/boltcard/app/api/ln/route.ts @@ -64,44 +64,6 @@ gql` } ` -function generateReadableCode(numDigits: number, separator: number = 4): string { - const allowedNumbers = ["3", "4", "6", "7", "9"] - const allowedLetters = [ - "A", - "C", - "D", - "E", - "F", - "G", - "H", - "J", - "K", - "M", - "N", - "P", - "Q", - "R", - "T", - "U", - "V", - "W", - "X", - "Y", - ] - - const allowedChars = [...allowedNumbers, ...allowedLetters] - let code = "" - for (let i = 0; i < numDigits; i++) { - if (i > 0 && i % separator === 0) { - code += "_" - } - const randomIndex = Math.floor(Math.random() * allowedChars.length) - code += allowedChars[randomIndex] - } - - return code -} - function generateSecureRandomString(length: number): string { return randomBytes(Math.ceil(length / 2)) .toString("hex") @@ -208,7 +170,7 @@ const setupCard = async ({ ) } - const id = generateReadableCode(12) + const id = cardKeysSetup.cardId const username = `card_${id}` console.log({ id, username }, "activate card id") diff --git a/apps/boltcard/bats/e2e-test.bats b/apps/boltcard/bats/e2e-test.bats index 587cbe58e3a..c9ef62f400c 100644 --- a/apps/boltcard/bats/e2e-test.bats +++ b/apps/boltcard/bats/e2e-test.bats @@ -17,6 +17,13 @@ random_phone() { CALLBACK_API_URL=$(echo $RESPONSE | jq -r '.apiActivationUrl') CALLBACK_UI_URL=$(echo $RESPONSE | jq -r '.uiActivationUrl') + echo "RESPONSE: $RESPONSE" + echo "CALLBACK_API_URL: $CALLBACK_API_URL" + echo "CALLBACK_UI_URL: $CALLBACK_UI_URL" + + [[ $(echo $CALLBACK_API_URL) != "null" ]] || exit 1 + [[ $(echo $CALLBACK_UI_URL) != "null" ]] || exit 1 + # TODO: test CALLBACK_UI_URL # Making the follow-up curl request diff --git a/apps/boltcard/services/db/card-init.ts b/apps/boltcard/services/db/card-init.ts index ffe94509276..0cbecd3b8f9 100644 --- a/apps/boltcard/services/db/card-init.ts +++ b/apps/boltcard/services/db/card-init.ts @@ -7,11 +7,12 @@ export interface CardKeysSetupInput { k3: string k4: string token: string + cardId: string } export async function createCardKeysSetup(cardData: CardKeysSetupInput) { try { - const { oneTimeCode, k0AuthKey, k2CmacKey, k3, k4, token } = cardData + const { oneTimeCode, k0AuthKey, k2CmacKey, k3, k4, token, cardId } = cardData const result = await knex("CardKeysSetup").insert({ oneTimeCode, @@ -20,6 +21,7 @@ export async function createCardKeysSetup(cardData: CardKeysSetupInput) { k3, k4, token, + cardId, }) return result diff --git a/apps/boltcard/services/db/schema.ts b/apps/boltcard/services/db/schema.ts index 6826e9e103c..7dc5cf5b956 100644 --- a/apps/boltcard/services/db/schema.ts +++ b/apps/boltcard/services/db/schema.ts @@ -56,13 +56,16 @@ async function createTables() { if (!hasCardKeysSetupTable) { await knex.schema.createTable("CardKeysSetup", (table) => { table.string("oneTimeCode").notNullable().index().unique() + table.timestamp("created_at").defaultTo(knex.fn.now()) table.string("status").defaultTo("init") // init, fetched, used table.string("token").notNullable() + table.string("cardId").notNullable().unique() + table.string("k0AuthKey").notNullable() - table.string("k2CmacKey").notNullable().index() // .unique() enforcing uniqueness would ensure there is no reusage of keys + table.string("k2CmacKey").notNullable().unique() table.string("k3").notNullable() table.string("k4").notNullable() })