From 8704dd1a07c8456a023891cd0b8884e637204371 Mon Sep 17 00:00:00 2001 From: Michael Bumann Date: Sat, 6 Apr 2024 20:58:58 +0200 Subject: [PATCH 1/3] Add logs to outgoing/incoming limit checks this helps debugging potential issues --- lib/service/user.go | 49 ++++++++++++++++++++++++++++++++++++--------- 1 file changed, 39 insertions(+), 10 deletions(-) diff --git a/lib/service/user.go b/lib/service/user.go index 6b21bd81..1153a9d6 100644 --- a/lib/service/user.go +++ b/lib/service/user.go @@ -12,7 +12,6 @@ import ( "github.com/getAlby/lndhub.go/lib/responses" "github.com/getAlby/lndhub.go/lib/security" "github.com/getAlby/lndhub.go/lnd" - "github.com/getsentry/sentry-go" "github.com/labstack/echo/v4" "github.com/labstack/gommon/log" "github.com/uptrace/bun" @@ -138,7 +137,15 @@ func (svc *LndhubService) CheckOutgoingPaymentAllowed(c echo.Context, lnpayReq * limits := svc.GetLimits(c) if limits.MaxSendAmount >= 0 { if lnpayReq.PayReq.NumSatoshis > limits.MaxSendAmount { - svc.Logger.Errorf("Max send amount exceeded for user_id %v (amount:%v)", userId, lnpayReq.PayReq.NumSatoshis) + svc.Logger.Warnj( + log.JSON{ + "message": "max send amount exceeded", + "user_id": userId, + "lndhub_user_id": userId, + "amount": lnpayReq.PayReq.NumSatoshis, + "limit": limits.MaxSendAmount, + }, + ) return &responses.SendExceededError, nil } } @@ -156,13 +163,14 @@ func (svc *LndhubService) CheckOutgoingPaymentAllowed(c echo.Context, lnpayReq * return nil, err } if volume > limits.MaxSendVolume { - svc.Logger.Errorj( + svc.Logger.Warnj( log.JSON{ - "message": "transaction volume exceeded", - "lndhub_user_id": userId, + "message": "max send volume exceeded", + "lndhub_user_id": userId, + "volume": volume, + "limit": limits.MaxSendVolume, }, ) - sentry.CaptureMessage(fmt.Sprintf("transaction volume exceeded for user %d", userId)) return &responses.TooMuchVolumeError, nil } } @@ -197,7 +205,15 @@ func (svc *LndhubService) CheckIncomingPaymentAllowed(c echo.Context, amount, us limits := svc.GetLimits(c) if limits.MaxReceiveAmount >= 0 { if amount > limits.MaxReceiveAmount { - svc.Logger.Errorf("Max receive amount exceeded for user_id %d", userId) + svc.Logger.Warnj( + log.JSON{ + "message": "max receive amount exceeded", + "user_id": userId, + "lndhub_user_id": userId, + "amount": amount, + "limit": limits.MaxReceiveAmount, + }, + ) return &responses.ReceiveExceededError, nil } } @@ -215,8 +231,14 @@ func (svc *LndhubService) CheckIncomingPaymentAllowed(c echo.Context, amount, us return nil, err } if volume > limits.MaxReceiveVolume { - svc.Logger.Errorf("Transaction volume exceeded for user_id %d", userId) - sentry.CaptureMessage(fmt.Sprintf("transaction volume exceeded for user %d", userId)) + svc.Logger.Warnj( + log.JSON{ + "message": "max receive volume exceeded", + "lndhub_user_id": userId, + "volume": volume, + "limit": limits.MaxReceiveVolume, + }, + ) return &responses.TooMuchVolumeError, nil } } @@ -234,7 +256,14 @@ func (svc *LndhubService) CheckIncomingPaymentAllowed(c echo.Context, amount, us return nil, err } if currentBalance+amount > limits.MaxAccountBalance { - svc.Logger.Errorf("Max account balance exceeded for user_id %d", userId) + svc.Logger.Warnj( + log.JSON{ + "message": "max balance exceeded", + "lndhub_user_id": userId, + "new_balance": currentBalance + amount, + "limit": limits.MaxAccountBalance, + }, + ) return &responses.BalanceExceededError, nil } } From a239f23749c6f2097acc3dea987a18e453ec4a4b Mon Sep 17 00:00:00 2001 From: Michael Bumann Date: Sat, 6 Apr 2024 22:00:45 +0200 Subject: [PATCH 2/3] Log JWT details --- lib/tokens/jwt.go | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/lib/tokens/jwt.go b/lib/tokens/jwt.go index bf92b13b..ce207838 100644 --- a/lib/tokens/jwt.go +++ b/lib/tokens/jwt.go @@ -12,6 +12,7 @@ import ( "github.com/golang-jwt/jwt" "github.com/labstack/echo/v4" "github.com/labstack/echo/v4/middleware" + "github.com/labstack/gommon/log" ) type jwtCustomClaims struct { @@ -42,6 +43,15 @@ func Middleware(secret []byte) echo.MiddlewareFunc { config.SuccessHandler = func(c echo.Context) { token := c.Get("UserJwt").(*jwt.Token) claims := token.Claims.(*jwtCustomClaims) + c.Logger().Warnj(log.JSON{ + "msg": "JWT details", + "UserID": claims.ID, + "MaxSendVolume": claims.MaxSendVolume, + "MaxSendAmount": claims.MaxSendAmount, + "MaxReceiveVolume": claims.MaxReceiveVolume, + "MaxReceiveAmount": claims.MaxReceiveAmount, + "MaxAccountBalance": claims.MaxAccountBalance, + }) c.Set("UserID", claims.ID) c.Set("MaxSendVolume", claims.MaxSendVolume) c.Set("MaxSendAmount", claims.MaxSendAmount) From 806e8477b13c0eb686c6995b006f32d31057803f Mon Sep 17 00:00:00 2001 From: Michael Bumann Date: Sun, 7 Apr 2024 01:51:12 +0200 Subject: [PATCH 3/3] tmp fix for alby limits --- lib/tokens/jwt.go | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/lib/tokens/jwt.go b/lib/tokens/jwt.go index ce207838..0baf4638 100644 --- a/lib/tokens/jwt.go +++ b/lib/tokens/jwt.go @@ -53,11 +53,15 @@ func Middleware(secret []byte) echo.MiddlewareFunc { "MaxAccountBalance": claims.MaxAccountBalance, }) c.Set("UserID", claims.ID) - c.Set("MaxSendVolume", claims.MaxSendVolume) - c.Set("MaxSendAmount", claims.MaxSendAmount) - c.Set("MaxReceiveVolume", claims.MaxReceiveVolume) - c.Set("MaxReceiveAmount", claims.MaxReceiveAmount) - c.Set("MaxAccountBalance", claims.MaxAccountBalance) + // enable it only for getalbycom calls + // there might still be old tokens out there that have these set to 0 (which meant disabled) + if claims.Issuer == "getalbycom" { + c.Set("MaxSendVolume", claims.MaxSendVolume) + c.Set("MaxSendAmount", claims.MaxSendAmount) + c.Set("MaxReceiveVolume", claims.MaxReceiveVolume) + c.Set("MaxReceiveAmount", claims.MaxReceiveAmount) + c.Set("MaxAccountBalance", claims.MaxAccountBalance) + } // pass UserID to sentry for exception notifications if hub := sentryecho.GetHubFromContext(c); hub != nil { hub.Scope().SetUser(sentry.User{ID: strconv.FormatInt(claims.ID, 10)})