From b76252d6ef240d3f5694b4ffdb8ab846232dab49 Mon Sep 17 00:00:00 2001
From: Peter Rounce <peter@rounce.me.uk>
Date: Thu, 29 Jun 2023 19:34:18 +0000
Subject: [PATCH] create & update card pin details

---
 db/db.go                      | 29 +++++++++++++++++++++--------
 internalapi/createboltcard.go | 25 +++++++++++++++++++++++--
 internalapi/updateboltcard.go | 25 +++++++++++++++++++++++--
 script/s_create_db            |  2 +-
 sql/create_db.sql             |  3 +++
 5 files changed, 71 insertions(+), 13 deletions(-)

diff --git a/db/db.go b/db/db.go
index fb5e8ca..41a7d29 100644
--- a/db/db.go
+++ b/db/db.go
@@ -773,7 +773,7 @@ func Get_card_name_count(card_name string) (card_count int, err error) {
 
 func Insert_card(one_time_code string, k0_auth_key string, k2_cmac_key string, k3 string, k4 string,
 	tx_limit_sats int, day_limit_sats int, lnurlw_enable bool, card_name string, uid_privacy bool,
-	allow_neg_bal_ptr bool) error {
+	allow_neg_bal_ptr bool, pin_enable bool, pin_number string, pin_limit_sats int) error {
 
 	lnurlw_enable_yn := "N"
 	if lnurlw_enable {
@@ -790,6 +790,11 @@ func Insert_card(one_time_code string, k0_auth_key string, k2_cmac_key string, k
 		allow_neg_bal_yn = "Y"
 	}
 
+	pin_enable_yn := "N"
+	if pin_enable {
+		pin_enable_yn = "Y"
+	}
+
 	db, err := open()
 	if err != nil {
 		return err
@@ -811,11 +816,12 @@ func Insert_card(one_time_code string, k0_auth_key string, k2_cmac_key string, k
 	sqlStatement = `INSERT INTO cards` +
 		` (one_time_code, k0_auth_key, k2_cmac_key, k3, k4, uid, last_counter_value,` +
 		` lnurlw_request_timeout_sec, tx_limit_sats, day_limit_sats, lnurlw_enable,` +
-		` one_time_code_used, card_name, uid_privacy, allow_negative_balance)` +
-		` VALUES ($1, $2, $3, $4, $5, '', 0, 60, $6, $7, $8, 'N', $9, $10, $11);`
+		` one_time_code_used, card_name, uid_privacy, allow_negative_balance,` +
+		` pin_enable, pin_number, pin_limit_sats)` +
+		` VALUES ($1, $2, $3, $4, $5, '', 0, 60, $6, $7, $8, 'N', $9, $10, $11, $12, $13, $14);`
 	res, err = db.Exec(sqlStatement, one_time_code, k0_auth_key, k2_cmac_key, k3, k4,
 		tx_limit_sats, day_limit_sats, lnurlw_enable_yn, card_name, uid_privacy_yn,
-		allow_neg_bal_yn)
+		allow_neg_bal_yn, pin_enable_yn, pin_number, pin_limit_sats)
 	if err != nil {
 		return err
 	}
@@ -871,13 +877,19 @@ func Wipe_card(card_name string) (*Card_wipe_info, error) {
 	return &card_wipe_info, nil
 }
 
-func Update_card(card_name string, lnurlw_enable bool, tx_limit_sats int, day_limit_sats int) error {
+func Update_card(card_name string, lnurlw_enable bool, tx_limit_sats int, day_limit_sats int,
+	pin_enable bool, pin_number string, pin_limit_sats int) error {
 
 	lnurlw_enable_yn := "N"
 	if lnurlw_enable {
 		lnurlw_enable_yn = "Y"
 	}
 
+	pin_enable_yn := "N"
+	if pin_enable {
+		pin_enable_yn = "Y"
+	}
+
 	db, err := open()
 
 	if err != nil {
@@ -886,10 +898,11 @@ func Update_card(card_name string, lnurlw_enable bool, tx_limit_sats int, day_li
 
 	defer db.Close()
 
-	sqlStatement := `UPDATE cards SET lnurlw_enable = $2, tx_limit_sats = $3, day_limit_sats = $4 ` +
-		`WHERE card_name = $1 AND wiped = 'N';`
+	sqlStatement := `UPDATE cards SET lnurlw_enable = $2, tx_limit_sats = $3, day_limit_sats = $4, ` +
+		`pin_enable = $5, pin_number = $6, pin_limit_sats = $7 WHERE card_name = $1 AND wiped = 'N';`
 
-	res, err := db.Exec(sqlStatement, card_name, lnurlw_enable_yn, tx_limit_sats, day_limit_sats)
+	res, err := db.Exec(sqlStatement, card_name, lnurlw_enable_yn, tx_limit_sats, day_limit_sats,
+		pin_enable_yn, pin_number, pin_limit_sats)
 
 	if err != nil {
 		return err
diff --git a/internalapi/createboltcard.go b/internalapi/createboltcard.go
index ec4834a..ea9f913 100644
--- a/internalapi/createboltcard.go
+++ b/internalapi/createboltcard.go
@@ -83,12 +83,33 @@ func Createboltcard(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	pin_enable_flag_str := r.URL.Query().Get("enable_pin")
+	pin_enable_flag, err := strconv.ParseBool(pin_enable_flag_str)
+	if err != nil {
+		msg := "updateboltcard: enable_pin is not a valid boolean"
+		log.Warn(msg)
+		resp_err.Write_message(w, msg)
+		return
+	}
+
+	pin_number := r.URL.Query().Get("pin_number")
+
+	pin_limit_sats_str := r.URL.Query().Get("pin_limit_sats")
+	pin_limit_sats, err := strconv.Atoi(pin_limit_sats_str)
+	if err != nil {
+		msg := "updateboltcard: pin_limit_sats is not a valid integer"
+		log.Warn(msg)
+		resp_err.Write_message(w, msg)
+		return
+	}
+
 	// log the request
 
 	log.WithFields(log.Fields{
 		"card_name": card_name, "tx_max": tx_max, "day_max": day_max,
 		"enable": enable_flag, "uid_privacy": uid_privacy_flag,
-		"allow_neg_bal": allow_neg_bal_flag}).Info("createboltcard API request")
+		"allow_neg_bal": allow_neg_bal_flag, "enable_pin": pin_enable_flag,
+		"pin_number": pin_number, "pin_limit_sats": pin_limit_sats}).Info("createboltcard API request")
 
 	// create the keys
 
@@ -102,7 +123,7 @@ func Createboltcard(w http.ResponseWriter, r *http.Request) {
 
 	err = db.Insert_card(one_time_code, k0_auth_key, k2_cmac_key, k3, k4,
 		tx_max, day_max, enable_flag, card_name,
-		uid_privacy_flag, allow_neg_bal_flag)
+		uid_privacy_flag, allow_neg_bal_flag, pin_enable_flag, pin_number, pin_limit_sats)
 	if err != nil {
 		log.Warn(err.Error())
 		return
diff --git a/internalapi/updateboltcard.go b/internalapi/updateboltcard.go
index ae6ea20..ecc4f2b 100644
--- a/internalapi/updateboltcard.go
+++ b/internalapi/updateboltcard.go
@@ -43,6 +43,26 @@ func Updateboltcard(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	pin_enable_flag_str := r.URL.Query().Get("enable_pin")
+	pin_enable_flag, err := strconv.ParseBool(pin_enable_flag_str)
+	if err != nil {
+		msg := "updateboltcard: enable_pin is not a valid boolean"
+		log.Warn(msg)
+		resp_err.Write_message(w, msg)
+		return
+	}
+
+	pin_number := r.URL.Query().Get("pin_number")
+
+	pin_limit_sats_str := r.URL.Query().Get("pin_limit_sats")
+	pin_limit_sats, err := strconv.Atoi(pin_limit_sats_str)
+	if err != nil {
+		msg := "updateboltcard: pin_limit_sats is not a valid integer"
+		log.Warn(msg)
+		resp_err.Write_message(w, msg)
+		return
+	}
+
 	card_name := r.URL.Query().Get("card_name")
 
 	// check if card_name exists
@@ -64,11 +84,12 @@ func Updateboltcard(w http.ResponseWriter, r *http.Request) {
 
 	log.WithFields(log.Fields{
 		"card_name": card_name, "tx_max": tx_max, "day_max": day_max,
-		"enable": enable_flag}).Info("updateboltcard API request")
+		"enable": enable_flag, "enable_pin": pin_enable_flag,
+		"pin_number": pin_number, "pin_limit_sats": pin_limit_sats}).Info("updateboltcard API request")
 
 	// update the card record
 
-	err = db.Update_card(card_name, enable_flag, tx_max, day_max)
+	err = db.Update_card(card_name, enable_flag, tx_max, day_max, pin_enable_flag, pin_number, pin_limit_sats)
 	if err != nil {
 		log.Warn(err.Error())
 		return
diff --git a/script/s_create_db b/script/s_create_db
index 1e0b7d8..aecb7b6 100755
--- a/script/s_create_db
+++ b/script/s_create_db
@@ -15,7 +15,7 @@ if [ "$x" = "y" ]; then
 	psql postgres -f sql/create_db_init.sql
 	psql postgres -f sql/create_db.sql
 	psql postgres -f sql/create_db_user.sql
-	psql postgres -f sql/settings.sql
+	psql postgres -f sql/settings.sql.secret
 	echo Database created
 else
 	echo No action
diff --git a/sql/create_db.sql b/sql/create_db.sql
index 03c80f7..6021a33 100644
--- a/sql/create_db.sql
+++ b/sql/create_db.sql
@@ -28,6 +28,9 @@ CREATE TABLE cards (
 	one_time_code_expiry TIMESTAMPTZ DEFAULT NOW() + INTERVAL '1 DAY',
 	one_time_code_used CHAR(1) NOT NULL DEFAULT 'Y',
 	allow_negative_balance CHAR(1) NOT NULL DEFAULT 'N',
+	pin_enable CHAR(1) NOT NULL DEFAULT 'N',
+	pin_number CHAR(4) NOT NULL DEFAULT '0000',
+	pin_limit_sats INT NOT NULL,
 	wiped CHAR(1) NOT NULL DEFAULT 'N',
 	PRIMARY KEY(card_id)
 );