RTL requires wallet unlock despite wallet already being unlocked when SSO is used

Ride-The-Lightning / RTL

Ride The Lightning - A full function web browser app for LND, C-Lightning and Eclair

MIT License

745 stars 160 forks source link

RTL requires wallet unlock despite wallet already being unlocked when SSO is used #367

Open Kixunil opened 4 years ago

Kixunil commented 4 years ago

Describe the bug When set up with SSO and lnd is already initialized externally and unlocked (using lncli, because of #314 ), RTL shows "unlock wallet" page. After entering a password, it obviously fails.

To Reproduce Steps to reproduce the behavior:

Install and configure LND, including wallet initialization
Install RTL and configure SSO
Visit yourdomain/rtl/?access-key=yourkey

Screenshots RTL-wallet-unlock RTL-wallet-unlock-error

Your environment

Version of RTL: 0.7.1
Version of lnd: 0.10.0
Version of btcd, bitcoind, or other backend: irrelevant
Browser & browser version: Firefox Quantum 68.9.0esr
Operating system (uname -a on *Nix): Linux 4.19.0-9-amd64 #1 SMP Debian 4.19.118-2 (2020-04-29) x86_64 GNU/Linux

Additional context An easy way to reproduce this issue is just setting up a VM with cryptoanarchy deb repository and installing the packages ridetheln lncli, the access key is stored in /var/lib/ridetheln-system/sso/cookie

ShahanaFarooqui commented 4 years ago

@Kixunil, The unlock page proves that you are already able to unlock RTL with the SSO.

Now, let us discuss LND unlock screen. RTL does not have any API to check if the wallet is unlocked or not. So, whenever we are unable to fetch the getInfo response from lnd, we assume that the wallet is locked and redirect the user to the unlock screen.

In most of the cases, user unlocks the wallet and starts getting responses from LND. But, if the getInfo is failing due to any other reason, RTL will still assume that the wallet is locked, ask for the password and will obviously be unable to solve the issue.

In your scenario, lnd wallet is already unlocked from the lncli and RTL is still unable to get the information from LND. It can be due various reasons like, configured macaroon path is incorrect, provided macaroon is incorrect, the server does not have read access for the macaroon etc.

Please check if the configured macaroon path in the RTL-config is correct? If yes, a) share your rtl-config and RTL logs after masking sensitive information and b) confirm that the LND getInfo API is successfully returning the response with curl/postman with the same macaroon.

Kixunil commented 4 years ago

Oh, thanks for replying, it helped!

RTL does not have any API to check if the wallet is unlocked or not.

Does it mean LND doesn't provide such API or it's unimplemented on the server side? Would be very useful to implement it as not doing such is confusing for users and will likely generate more support tickets for you. If LND doesn't support distinguishing between the two, it'd be great to open an issue at LND and also adding a note to the unlock page that the reason the wallet appears locked may be misconfiguration.