From e6181a4e8f0be5024f42438f0d6fab692c131e1a Mon Sep 17 00:00:00 2001 From: Me Date: Sat, 28 Jun 2025 23:32:36 +0200 Subject: [PATCH 1/3] pin support according to lud21 --- crud.py | 20 +++++++- migrations.py | 85 ++++++++++++++++++++++++++++++++++ models.py | 8 ++++ templates/boltcards/index.html | 34 ++++++++++++++ views_lnurl.py | 18 +++++++ 5 files changed, 164 insertions(+), 1 deletion(-) diff --git a/crud.py b/crud.py index 9efa945..11c4795 100644 --- a/crud.py +++ b/crud.py @@ -24,6 +24,10 @@ async def create_card(data: CreateCardData, wallet_id: str) -> Card: counter, tx_limit, daily_limit, + pin_limit, + pin_try, + pin, + pin_enable, enable, k0, k1, @@ -32,7 +36,8 @@ async def create_card(data: CreateCardData, wallet_id: str) -> Card: ) VALUES ( :id, :uid, :external_id, :wallet, :card_name, :counter, - :tx_limit, :daily_limit, :enable, :k0, :k1, :k2, :otp + :tx_limit, :daily_limit, :pin_limit, :pin_try, :pin, :pin_enable, + :enable, :k0, :k1, :k2, :otp ) """, { @@ -44,6 +49,10 @@ async def create_card(data: CreateCardData, wallet_id: str) -> Card: "counter": data.counter, "tx_limit": data.tx_limit, "daily_limit": data.daily_limit, + "pin_limit": data.pin_limit, + "pin_try": 0, + "pin": data.pin, + "pin_enable": False, "enable": True, "k0": data.k0, "k1": data.k1, @@ -130,6 +139,8 @@ async def enable_disable_card(enable: bool, card_id: str) -> Card | None: "UPDATE boltcards.cards SET enable = :enable WHERE id = :id", {"enable": enable, "id": card_id}, ) + if enable: + update_card_pin_try(0, card_id) return await get_card(card_id) @@ -140,6 +151,13 @@ async def update_card_otp(otp: str, card_id: str): ) +async def update_card_pin_try(pin_try: int, card_id: str): + await db.execute( + "UPDATE boltcards.cards SET pin_try = :pin_try WHERE id = :id", + {"pin_try": pin_try, "id": card_id}, + ) + + async def get_hit(hit_id: str) -> Hit | None: return await db.fetchone( "SELECT * FROM boltcards.hits WHERE id = :id", diff --git a/migrations.py b/migrations.py index 8d8464f..45c5db3 100644 --- a/migrations.py +++ b/migrations.py @@ -128,3 +128,88 @@ async def m002_correct_typing(db): """ ) await db.execute("DROP TABLE boltcards.cards_m001;") + + +async def m003_add_pin(db): + await db.execute("ALTER TABLE boltcards.cards RENAME TO cards_m002;") + await db.execute( + f""" + CREATE TABLE boltcards.cards ( + id TEXT PRIMARY KEY UNIQUE, + wallet TEXT NOT NULL, + card_name TEXT NOT NULL, + uid TEXT NOT NULL UNIQUE, + external_id TEXT NOT NULL UNIQUE, + counter INT NOT NULL DEFAULT 0, + tx_limit INT NOT NULL, + daily_limit INT NOT NULL, + pin_limit INT NOT NULL DEFAULT 0, + pin_try INT NOT NULL DEFAULT 0, + pin TEXT NOT NULL DEFAULT '', + pin_enable BOOL NOT NULL DEFAULT FALSE, + enable BOOL NOT NULL, + k0 TEXT NOT NULL DEFAULT '00000000000000000000000000000000', + k1 TEXT NOT NULL DEFAULT '00000000000000000000000000000000', + k2 TEXT NOT NULL DEFAULT '00000000000000000000000000000000', + prev_k0 TEXT NOT NULL DEFAULT '00000000000000000000000000000000', + prev_k1 TEXT NOT NULL DEFAULT '00000000000000000000000000000000', + prev_k2 TEXT NOT NULL DEFAULT '00000000000000000000000000000000', + otp TEXT NOT NULL DEFAULT '', + time TIMESTAMP NOT NULL DEFAULT """ + + db.timestamp_now + + """ + ); + """ + ) + + await db.execute( + """ + INSERT INTO boltcards.cards ( + id, + wallet, + card_name, + uid, + external_id, + counter, + tx_limit, + daily_limit, + pin_limit, + pin_try, + pin, + pin_enable, + enable, + k0, + k1, + k2, + prev_k0, + prev_k1, + prev_k2, + otp, + time + ) + SELECT + id, + wallet, + card_name, + uid, + external_id, + counter, + tx_limit, + daily_limit, + 0, + 0, + '', + FALSE, + enable, + k0, + k1, + k2, + prev_k0, + prev_k1, + prev_k2, + otp, + time + FROM boltcards.cards_m002; + """ + ) + await db.execute("DROP TABLE boltcards.cards_m002;") diff --git a/models.py b/models.py index 5cbafa9..a5d302b 100644 --- a/models.py +++ b/models.py @@ -19,6 +19,10 @@ class Card(BaseModel): counter: int tx_limit: int daily_limit: int + pin_limit: int + pin_try: int + pin: str + pin_enable: bool enable: bool k0: str k1: str @@ -45,6 +49,10 @@ class CreateCardData(BaseModel): counter: int = Query(0) tx_limit: int = Query(0) daily_limit: int = Query(0) + pin_limit: int = Query(0) + pin_try: int = Query(0) + pin: str = Query('') + pin_enable: str = Query(False) enable: bool = Query(True) k0: str = Query(ZERO_KEY) k1: str = Query(ZERO_KEY) diff --git a/templates/boltcards/index.html b/templates/boltcards/index.html index cd63021..4b48c22 100644 --- a/templates/boltcards/index.html +++ b/templates/boltcards/index.html @@ -302,6 +302,40 @@
+ + +
+
+
+ +
+
+ +
+
+
+ + Date: Fri, 5 Sep 2025 08:20:12 +0200 Subject: [PATCH 2/3] forgot await --- crud.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crud.py b/crud.py index 11c4795..8883789 100644 --- a/crud.py +++ b/crud.py @@ -140,7 +140,7 @@ async def enable_disable_card(enable: bool, card_id: str) -> Card | None: {"enable": enable, "id": card_id}, ) if enable: - update_card_pin_try(0, card_id) + await update_card_pin_try(0, card_id) return await get_card(card_id) From 7ec05d63018d7c15502a6d1398248259610d4f10 Mon Sep 17 00:00:00 2001 From: Me Date: Sat, 6 Sep 2025 13:33:22 +0200 Subject: [PATCH 3/3] pin_limit is sat in DB --- views_lnurl.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/views_lnurl.py b/views_lnurl.py index ca661a0..8fa7e46 100644 --- a/views_lnurl.py +++ b/views_lnurl.py @@ -136,7 +136,7 @@ async def lnurl_callback( assert card assert invoice.amount_msat, "Invoice amount is missing" - if card.pin_enable and int(card.pin_limit) <= int(invoice.amount_msat) : + if card.pin_enable and int(card.pin_limit) * 1000 <= int(invoice.amount_msat) : if card.pin != pin: tries_left = 2 - card.pin_try if tries_left == 0: