The Damus API backend for Damus Purple and other functionality.
DB_PATH
: Path to the folder where to save mdb files.TESTFLIGHT_URL
: URL for the TestFlight app (optional)
TRANSLATION_PROVIDER
: The translation provider to use, can be:mock
,deepl
,noswhere
DEEPL_KEY
: The DeepL key to use for DeepL translations if enabled.NOSWHERE_KEY
: The Noswhere key to use for Noswhere translations if enabled.
ENABLE_IAP_PAYMENTS
: Set to"true"
to enable Apple In-App Purchase payment endpoints.MOCK_VERIFY_RECEIPT
: Set to"true"
to mock the receipt verification process (for testing only)IAP_ISSUER_ID
: Apple issuer ID for the IAP key (can be found in the Apple Developer console)IAP_KEY_ID
: Apple key ID for the IAP key generated (can be found in the Apple Developer console, beside the key which was generated)IAP_BUNDLE_ID
: The bundle ID of the app (Can be found in Xcode project settings) (e.g.com.organization.app-name
)IAP_PRIVATE_KEY_PATH
: Path to the private key file for the IAP key (e.g../SubscriptionKey_ABCDEF12345.p8
. Can be generated in the Apple Developer console)IAP_ENVIRONMENT
: Set to"Sandbox"
for testing, or"Production"
for productionIAP_ROOT_CA_DIR
: Path to a directory containing all of Apple's Root Certificates. Defaults to./apple-root-ca
. You can download the certificates from Apple's website
LN_NODE_ADDRESS
: The public address of the Lightning Network nodeLN_WS_PROXY
: The public address of the Lightning Network Websocket proxyLN_NODE_ID
: The public node ID of the Lightning Network node in hex formatLN_RUNE
: The public node ID of the Lightning Network nodeTEST_PRODUCTS
: Set to"true"
to enable test products for Lightning Network payments with a value of 1 satoshi (for testing only)
OTP_MAX_TRIES
: The maximum number of OTP tries allowed before locking the user out. Defaults to 10.SESSION_EXPIRY
: The time in seconds before a session expires. Defaults to 1 week.OTP_EXPIRY
: The time in seconds before an OTP expires. Defaults to 5 minutes.
CORS_ALLOWED_ORIGINS
(optional): Comma separated list of allowed origins for CORS. Generally only needed for testing or staging.ALLOW_HTTP_AUTH
: Set to"true"
to enable HTTP basic auth for all endpoints. (Useful for testing locally, otherwise it forces HTTPS)ADMIN_PASSWORD
: Password for admin API endpoints (optional, leaving this blank will disable admin endpoints)LN_INVOICE_CHECK_TIMEOUT_MS
: Timeout in milliseconds for checking the status of a Lightning Network invoice. Defaults to 60000 (60 seconds), and shorter for testsENABLE_DEBUG_ENDPOINTS
: Set to"true"
to enable debug endpoints (for testing or staging only). This includes endpoints to delete users or force UUIDs.
npm run dev
: Start the server in development mode and mock the DeepL translation servicenpm start
: Start the server in production modenpm test
: Run the unit testsnpm run type-check
: Run a type check on all files in the projectnpm run type-check-path -- <path>
: Run a type check on a specific file or directory
- Run the server with
DEBUG=iap
to see verbose debug logs for the IAP receipt verification process. You can also use those logs to find which UUID an IAP is associated with. - If you need to force a specific UUID for a user (e.g. when you reset the db but can't reset your Sandbox IAP history), you can enable the
ENABLE_DEBUG_ENDPOINTS
environment variable and use this debug endpoint to force a UUID for a user:
curl -X PUT http://<HOST_AND_PORT>/admin/users/<PUBKEY_HEX_FORMAT>/account-uuid \
-H "Content-Type: application/json" \
-d '{"admin_password": "<ADMIN_PASSWORD_SET_ON_THE_RESPECTIVE_ENV_VARIABLE>", "account_uuid": "<UUID_FOUND_ON_IAP_TRANSACTION>"}'
Ensure you are running Node.js v18.x. Preferably, use the provided nix-shell environment to ensure you are using the correct version of Node.js.
There is a known issue with Node.js v22.x where the ln.connect_and_init
call does not work with the way things are setup.