Reviewers and testers wanted for OpenSats funded OSS Lightning project!

3918 sats \ 12 comments \ @jowo 18 Dec 2023 bitcoin

Reviewers and testers wanted

This project has just moved out of alpha and into beta. It's time to polish things up and prepare the project for a stable release! Help wanted to get things across the line.

About the project:

A light-weight Lightning auth provider for your Next.js app that's entirely self-hosted and plugs seamlessly into the next-auth framework.

You can find the project on npm and GitHub

If you're a JavaScript or TypeScript engineer, or have an understanding of React, OAuth, lnurl-auth, Next.js, next-auth or OSS in general, you can help by taking a look at the codebase and leaving your thoughts on:

In order of importance:

Security - are there any security concerns that I've overlooked?
Installation - do you have a Next.js app that uses next-auth? Install this package and let me know how it goes!
Use-cases - are there any use cases or scenarios that I should add support for?
Implementation - would you implement things differently in the codebase and why?
Any other suggestions

Avoid

At this late stage in the project development, please avoid small syntactical suggestions or opinionated coding style suggestions. No nit-picking please :)

Non-technical review

If you're not a coder, you can still help out.

Documentation

There are various README.md documents that need sense checking. Any typos that I've overlooked also need catching!

Here's a list of all the README.md files in the project.

Code comments

There are also many code comments dotted around the codebase. You can search for them on GitHub:

https://github.com/search?q=repo%3Ajowo-io%2Fnext-auth-lightning-provider+%28%22%2F%2F+%22+OR+%22%2F%2F++%22%29+%28path%3A.js+OR+path%3A*.ts+OR+path%3A*.jsx+OR+path%3A*.tsx%29&type=code

NOTE: you'll need a GitHub account to use the above link.

Rewards

All reviewers and testers will receive a shout out in the project's main README.md file. And of course, in the spirit of SN, you'll stack some sats!

Sats will be rewarded at my discretion, ranging from 1,000 up to 200,000+ depending on your level of contribution. Quality, not necessarily quantity, will also be considered. For example, if you find a high-severity bug that takes one line of code to fix you'll be rewarded based on the level of impact.

Leaving a review

I'd suggest opening an issue on GitHub before opening a PR, so feel free. Otherwise you can simply leave comments on here on SN.

view all related items

100 sats \ 0 replies \ @jowo OP 18 Dec 2023

There are also some URLs here for testing the project UI, but they may stop working once the free tier Vercel KV rate limit is hit so I'm posting them here in a comment instead of the main description:

Pages router with generic UI screens:

https://example-next-auth-lightning-provider-git-pr-generic-jowo.vercel.app/

App router with generic UI screens:

https://example-next-auth-lightning-provider-git-ar-generic-jowo.vercel.app/

Pages router with custom UI screens:

https://example-next-auth-lightning-provider-git-pr-custom-jowo.vercel.app/

App router with custom UI screens:

https://example-next-auth-lightning-provider-git-ar-custom-jowo.vercel.app/

60k sats \ 5 replies \ @WeAreAllSatoshi 19 Dec 2023

status: 410, // return a 410 status so the client knows the session no longer exists

TIL, I don't think I've ever seen HTTP 410 used anywhere. Source

const lnurlEncode = //

This is an interesting approach to importing. Is it just for smaller bundles? Isn't this code executed server-side? Source

          copy.innerHTML = session.lnurl;

This seems unnecessarily risky. Any reason not to use textContent? Source

Just a general comment - for being a TS project, I see a lot of typeof checks, any, type-casting, etc. I know you said no nit-picking, but I guess I can't help myself.

0 sats \ 3 replies \ @jowo OP 25 Dec 2023

thanks again for your review, I'll be implementing some changes based off of your feedback over the holidays, and I've just boosted you 60k sats on this comment. many thanks and Happy Christmas!

0 sats \ 2 replies \ @WeAreAllSatoshi 26 Dec 2023

Thank you for the sats, and you’re welcome for the review! Merry Christmas!

0 sats \ 1 reply \ @hisatoshi 26 Dec 2023

Merry Christmas

0 sats \ 0 replies \ @elysia 26 Dec 2023

deleted by author

0 sats \ 0 replies \ @jowo OP 19 Dec 2023

great thanks for your feedback. I'll take a deeper look into the points you've made in the next few days and get back to you!

You've made a bunch of good point and I'll be making some amendments to the code based off the back of your feedback.

I'll post back here once I've done so and give a little more context on the changes and on your questions/points :)

10 sats \ 0 replies \ @Rsync25 18 Dec 2023

I saw this project days ago. It is awesome!

Auth with LN.

0 sats \ 1 reply \ @WeAreAllSatoshi 19 Dec 2023

Code comments There are also many code comments dotted around the codebase. You can search for them on GitHub:

What do you want people to do with these?

0 sats \ 0 replies \ @jowo OP 19 Dec 2023

Code comments There are also many code comments dotted around the codebase. You can search for them on GitHub:

What do you want people to do with these?

just to sense check them and spot any typos. but tbh there aren't actually that many code comments, so it's not that important. however, i may go through the code and add additional comments to give context on some parts of the code

0 sats \ 1 reply \ @WeAreAllSatoshi 19 Dec 2023 freebie

In NextAuthLightningConfig.storage, what is the difference between set and update? They both seem to accept the same arguments and do the same thing. Semantically they might be different in that update should be used to replace an existing value, but does it throw if there isn't already an entry for k1? Is it supposed to? These two methods feel a bit redundant to me. Perhaps I am missing something, though.