check pin in payment rules
This commit is contained in:
Peter Rounce
parent
87306ca6db
commit
6c03c1c3d9
1 changed files with 23 additions and 8 deletions
|
|
@ -225,17 +225,15 @@ func Callback(w http.ResponseWriter, req *http.Request) {
|
||||||
url := req.URL.RequestURI()
|
url := req.URL.RequestURI()
|
||||||
log.WithFields(log.Fields{"url": url}).Debug("cb request")
|
log.WithFields(log.Fields{"url": url}).Debug("cb request")
|
||||||
|
|
||||||
// check k1 value
|
// get k1 value
|
||||||
params_k1, ok := req.URL.Query()["k1"]
|
param_k1 := req.URL.Query().Get("k1")
|
||||||
|
|
||||||
if !ok || len(params_k1[0]) < 1 {
|
if param_k1 == "" {
|
||||||
log.WithFields(log.Fields{"url": url}).Debug("k1 not found")
|
log.WithFields(log.Fields{"url": url}).Debug("k1 not found")
|
||||||
resp_err.Write(w)
|
resp_err.Write(w)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
param_k1 := params_k1[0]
|
|
||||||
|
|
||||||
p, err := db.Get_payment_k1(param_k1)
|
p, err := db.Get_payment_k1(param_k1)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.WithFields(log.Fields{"url": url, "k1": param_k1}).Warn(err)
|
log.WithFields(log.Fields{"url": url, "k1": param_k1}).Warn(err)
|
||||||
|
|
@ -263,14 +261,14 @@ func Callback(w http.ResponseWriter, req *http.Request) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
params_pr, ok := req.URL.Query()["pr"]
|
// get the payment request
|
||||||
if !ok || len(params_pr[0]) < 1 {
|
param_pr := req.URL.Query().Get("pr")
|
||||||
|
if param_pr == "" {
|
||||||
log.WithFields(log.Fields{"card_payment_id": p.Card_payment_id}).Warn("pr field not found")
|
log.WithFields(log.Fields{"card_payment_id": p.Card_payment_id}).Warn("pr field not found")
|
||||||
resp_err.Write(w)
|
resp_err.Write(w)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
param_pr := params_pr[0]
|
|
||||||
bolt11, _ := decodepay.Decodepay(param_pr)
|
bolt11, _ := decodepay.Decodepay(param_pr)
|
||||||
|
|
||||||
// record the lightning invoice
|
// record the lightning invoice
|
||||||
|
|
@ -283,6 +281,23 @@ func Callback(w http.ResponseWriter, req *http.Request) {
|
||||||
|
|
||||||
log.WithFields(log.Fields{"card_payment_id": p.Card_payment_id}).Debug("checking payment rules")
|
log.WithFields(log.Fields{"card_payment_id": p.Card_payment_id}).Debug("checking payment rules")
|
||||||
|
|
||||||
|
// get the pin if it has been passed in
|
||||||
|
param_pin := req.URL.Query().Get("pin")
|
||||||
|
|
||||||
|
c, err := db.Get_card_from_card_id(p.Card_id)
|
||||||
|
if err != nil {
|
||||||
|
log.WithFields(log.Fields{"card_payment_id": p.Card_payment_id}).Warn(err)
|
||||||
|
resp_err.Write(w)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// check the pin if needed
|
||||||
|
if c.Pin_enable == "Y" && int(bolt11.MSatoshi/1000) >= c.Pin_limit_sats && c.Pin_number != param_pin {
|
||||||
|
log.WithFields(log.Fields{"card_payment_id": p.Card_payment_id}).Warn("incorrect pin provided")
|
||||||
|
resp_err.Write(w)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
// check if we are only sending funds to a defined test node
|
// check if we are only sending funds to a defined test node
|
||||||
testnode := db.Get_setting("LN_TESTNODE")
|
testnode := db.Get_setting("LN_TESTNODE")
|
||||||
if testnode != "" && bolt11.Payee != testnode {
|
if testnode != "" && bolt11.Payee != testnode {
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue