terminal: separate session RPC server init & start

ViktorTigerstrom · ViktorTigerstrom · commit 33824a24c63e · 2025-08-08T12:17:59.000+02:00
Similar to how the previous commit separated the initialization and
starting of the account RPC server, this commit separates the
initialization and starting of the sessions RPC server.
diff --git a/session_rpcserver.go b/session_rpcserver.go
@@ -8,6 +8,7 @@ import (
 	"fmt"
 	"strings"
 	"sync"
+	"sync/atomic"
 	"time"
 
 	"github.com/btcsuite/btcd/btcec/v2"
@@ -40,8 +41,17 @@ import (
 // other special cases.
 const readOnlyAction = "***readonly***"
 
+var (
+	// ErrServerNotActive indicates that the server has started but hasn't
+	// fully finished the startup process.
+	ErrServerNotActive = errors.New("session server is still in the " +
+		"process of starting")
+)
+
 // sessionRpcServer is the gRPC server for the Session RPC interface.
 type sessionRpcServer struct {
+	active atomic.Bool
+
 	litrpc.UnimplementedSessionsServer
 	litrpc.UnimplementedFirewallServer
 	litrpc.UnimplementedAutopilotServer
@@ -70,41 +80,10 @@ type sessionRpcServerConfig struct {
 	privMap                 firewalldb.PrivacyMapper
 }
 
-// newSessionRPCServer creates a new sessionRpcServer using the passed config.
-func newSessionRPCServer(cfg *sessionRpcServerConfig) (*sessionRpcServer,
-	error) {
-
-	// Create the gRPC server that handles adding/removing sessions and the
-	// actual mailbox server that spins up the Terminal Connect server
-	// interface.
-	server := session.NewServer(
-		func(id session.ID, opts ...grpc.ServerOption) *grpc.Server {
-			// Add the session ID injector interceptors first so
-			// that the session ID is available in the context of
-			// all interceptors that come after.
-			allOpts := []grpc.ServerOption{
-				addSessionIDToStreamCtx(id),
-				addSessionIDToUnaryCtx(id),
-			}
-
-			allOpts = append(allOpts, cfg.grpcOptions...)
-			allOpts = append(allOpts, opts...)
-
-			// Construct the gRPC server with the options.
-			grpcServer := grpc.NewServer(allOpts...)
-
-			// Register various grpc servers with the LNC session
-			// server.
-			cfg.registerGrpcServers(grpcServer)
-
-			return grpcServer
-		},
-	)
-
+// newSessionRPCServer creates a new sessionRpcServer.
+func newSessionRPCServer() (*sessionRpcServer, error) {
 	return &sessionRpcServer{
-		cfg:           cfg,
-		sessionServer: server,
-		quit:          make(chan struct{}),
+		quit: make(chan struct{}),
 	}, nil
 }
 
@@ -164,9 +143,52 @@ func addSessionIDToUnaryCtx(id session.ID) grpc.ServerOption {
 	})
 }
 
-// start all the components necessary for the sessionRpcServer to start serving
-// requests. This includes resuming all non-revoked sessions.
-func (s *sessionRpcServer) start(ctx context.Context) error {
+// started returns true if the server has been started, and false otherwise.
+// NOTE: This function is safe for concurrent access.
+func (s *sessionRpcServer) started() bool {
+	return s.active.Load()
+}
+
+// start starts a new sessionRpcServer using the passed config, and adds all
+// components necessary for the sessionRpcServer to start serving requests. This
+// includes resuming all non-revoked sessions.
+func (s *sessionRpcServer) start(ctx context.Context,
+	cfg *sessionRpcServerConfig) error {
+
+	if s.active.Swap(true) {
+		return errors.New("session rpc server is already started")
+	}
+
+	// Create the gRPC server that handles adding/removing sessions and the
+	// actual mailbox server that spins up the Terminal Connect server
+	// interface.
+	server := session.NewServer(
+		func(id session.ID, opts ...grpc.ServerOption) *grpc.Server {
+			// Add the session ID injector interceptors first so
+			// that the session ID is available in the context of
+			// all interceptors that come after.
+			allOpts := []grpc.ServerOption{
+				addSessionIDToStreamCtx(id),
+				addSessionIDToUnaryCtx(id),
+			}
+
+			allOpts = append(allOpts, cfg.grpcOptions...)
+			allOpts = append(allOpts, opts...)
+
+			// Construct the gRPC server with the options.
+			grpcServer := grpc.NewServer(allOpts...)
+
+			// Register various grpc servers with the LNC session
+			// server.
+			cfg.registerGrpcServers(grpcServer)
+
+			return grpcServer
+		},
+	)
+
+	s.cfg = cfg
+	s.sessionServer = server
+
 	// Delete all sessions in the Reserved state.
 	err := s.cfg.db.DeleteReservedSessions(ctx)
 	if err != nil {
@@ -255,7 +277,9 @@ func (s *sessionRpcServer) start(ctx context.Context) error {
 func (s *sessionRpcServer) stop() error {
 	var returnErr error
 	s.stopOnce.Do(func() {
-		s.sessionServer.Stop()
+		if s.sessionServer != nil {
+			s.sessionServer.Stop()
+		}
 
 		close(s.quit)
 		s.wg.Wait()
@@ -268,6 +292,10 @@ func (s *sessionRpcServer) stop() error {
 func (s *sessionRpcServer) AddSession(ctx context.Context,
 	req *litrpc.AddSessionRequest) (*litrpc.AddSessionResponse, error) {
 
+	if !s.started() {
+		return nil, ErrServerNotActive
+	}
+
 	expiry := time.Unix(int64(req.ExpiryTimestampSeconds), 0)
 	if time.Now().After(expiry) {
 		return nil, fmt.Errorf("expiry must be in the future")
@@ -618,6 +646,10 @@ func (s *sessionRpcServer) resumeSession(ctx context.Context,
 func (s *sessionRpcServer) ListSessions(ctx context.Context,
 	_ *litrpc.ListSessionsRequest) (*litrpc.ListSessionsResponse, error) {
 
+	if !s.started() {
+		return nil, ErrServerNotActive
+	}
+
 	sessions, err := s.cfg.db.ListAllSessions(ctx)
 	if err != nil {
 		return nil, fmt.Errorf("error fetching sessions: %v", err)
@@ -642,6 +674,10 @@ func (s *sessionRpcServer) ListSessions(ctx context.Context,
 func (s *sessionRpcServer) RevokeSession(ctx context.Context,
 	req *litrpc.RevokeSessionRequest) (*litrpc.RevokeSessionResponse, error) {
 
+	if !s.started() {
+		return nil, ErrServerNotActive
+	}
+
 	pubKey, err := btcec.ParsePubKey(req.LocalPublicKey)
 	if err != nil {
 		return nil, fmt.Errorf("error parsing public key: %v", err)
@@ -676,6 +712,10 @@ func (s *sessionRpcServer) PrivacyMapConversion(ctx context.Context,
 	req *litrpc.PrivacyMapConversionRequest) (
 	*litrpc.PrivacyMapConversionResponse, error) {
 
+	if !s.started() {
+		return nil, ErrServerNotActive
+	}
+
 	var (
 		groupID session.ID
 		err     error
@@ -733,6 +773,10 @@ func (s *sessionRpcServer) PrivacyMapConversion(ctx context.Context,
 func (s *sessionRpcServer) ListActions(ctx context.Context,
 	req *litrpc.ListActionsRequest) (*litrpc.ListActionsResponse, error) {
 
+	if !s.started() {
+		return nil, ErrServerNotActive
+	}
+
 	// If no maximum number of actions is given, use a default of 100.
 	if req.MaxNumActions == 0 {
 		req.MaxNumActions = 100
@@ -841,6 +885,10 @@ func (s *sessionRpcServer) ListAutopilotFeatures(ctx context.Context,
 	_ *litrpc.ListAutopilotFeaturesRequest) (
 	*litrpc.ListAutopilotFeaturesResponse, error) {
 
+	if !s.started() {
+		return nil, ErrServerNotActive
+	}
+
 	fs, err := s.cfg.autopilot.ListFeatures(ctx)
 	if err != nil {
 		return nil, err
@@ -884,6 +932,10 @@ func (s *sessionRpcServer) AddAutopilotSession(ctx context.Context,
 	req *litrpc.AddAutopilotSessionRequest) (
 	*litrpc.AddAutopilotSessionResponse, error) {
 
+	if !s.started() {
+		return nil, ErrServerNotActive
+	}
+
 	if len(req.Features) == 0 {
 		return nil, fmt.Errorf("must include at least one feature")
 	}
@@ -1325,6 +1377,10 @@ func (s *sessionRpcServer) ListAutopilotSessions(ctx context.Context,
 	_ *litrpc.ListAutopilotSessionsRequest) (
 	*litrpc.ListAutopilotSessionsResponse, error) {
 
+	if !s.started() {
+		return nil, ErrServerNotActive
+	}
+
 	sessions, err := s.cfg.db.ListSessionsByType(ctx, session.TypeAutopilot)
 	if err != nil {
 		return nil, fmt.Errorf("error fetching sessions: %v", err)
@@ -1349,6 +1405,10 @@ func (s *sessionRpcServer) RevokeAutopilotSession(ctx context.Context,
 	req *litrpc.RevokeAutopilotSessionRequest) (
 	*litrpc.RevokeAutopilotSessionResponse, error) {
 
+	if !s.started() {
+		return nil, ErrServerNotActive
+	}
+
 	pubKey, err := btcec.ParsePubKey(req.LocalPublicKey)
 	if err != nil {
 		return nil, fmt.Errorf("error parsing public key: %v", err)
diff --git a/terminal.go b/terminal.go
@@ -463,14 +463,6 @@ func (g *LightningTerminal) start(ctx context.Context) error {
 		return fmt.Errorf("error creating account service: %v", err)
 	}
 
-	superMacBaker := func(ctx context.Context, rootKeyID uint64,
-		perms []bakery.Op, caveats []macaroon.Caveat) (string, error) {
-
-		return litmac.BakeSuperMacaroon(
-			ctx, g.basicClient, rootKeyID, perms, caveats,
-		)
-	}
-
 	g.accountRpcServer = accounts.NewRPCServer()
 
 	g.ruleMgrs = rules.NewRuleManagerSet()
@@ -504,35 +496,7 @@ func (g *LightningTerminal) start(ctx context.Context) error {
 		}
 	}
 
-	g.sessionRpcServer, err = newSessionRPCServer(&sessionRpcServerConfig{
-		db:        g.stores.sessions,
-		basicAuth: g.rpcProxy.basicAuth,
-		grpcOptions: []grpc.ServerOption{
-			grpc.CustomCodec(grpcProxy.Codec()), // nolint: staticcheck,
-			grpc.ChainStreamInterceptor(
-				g.rpcProxy.StreamServerInterceptor,
-			),
-			grpc.ChainUnaryInterceptor(
-				g.rpcProxy.UnaryServerInterceptor,
-			),
-			grpc.UnknownServiceHandler(
-				grpcProxy.TransparentHandler(
-					// Don't allow calls to litrpc.
-					g.rpcProxy.makeDirector(false),
-				),
-			),
-		},
-		registerGrpcServers: func(server *grpc.Server) {
-			g.registerSubDaemonGrpcServers(server, true)
-		},
-		superMacBaker:           superMacBaker,
-		firstConnectionDeadline: g.cfg.FirstLNCConnDeadline,
-		permMgr:                 g.permsMgr,
-		actionsDB:               g.stores.firewall,
-		autopilot:               g.autopilotClient,
-		ruleMgrs:                g.ruleMgrs,
-		privMap:                 g.stores.firewall,
-	})
+	g.sessionRpcServer, err = newSessionRPCServer()
 	if err != nil {
 		return fmt.Errorf("could not create new session rpc "+
 			"server: %v", err)
@@ -1055,7 +1019,38 @@ func (g *LightningTerminal) startInternalSubServers(ctx context.Context,
 	}
 
 	log.Infof("Starting LiT session server")
-	if err = g.sessionRpcServer.start(ctx); err != nil {
+
+	sessionCfg := &sessionRpcServerConfig{
+		db:        g.stores.sessions,
+		basicAuth: g.rpcProxy.basicAuth,
+		grpcOptions: []grpc.ServerOption{
+			grpc.CustomCodec(grpcProxy.Codec()), // nolint: staticcheck,
+			grpc.ChainStreamInterceptor(
+				g.rpcProxy.StreamServerInterceptor,
+			),
+			grpc.ChainUnaryInterceptor(
+				g.rpcProxy.UnaryServerInterceptor,
+			),
+			grpc.UnknownServiceHandler(
+				grpcProxy.TransparentHandler(
+					// Don't allow calls to litrpc.
+					g.rpcProxy.makeDirector(false),
+				),
+			),
+		},
+		registerGrpcServers: func(server *grpc.Server) {
+			g.registerSubDaemonGrpcServers(server, true)
+		},
+		superMacBaker:           superMacBaker,
+		firstConnectionDeadline: g.cfg.FirstLNCConnDeadline,
+		permMgr:                 g.permsMgr,
+		actionsDB:               g.stores.firewall,
+		autopilot:               g.autopilotClient,
+		ruleMgrs:                g.ruleMgrs,
+		privMap:                 g.stores.firewall,
+	}
+
+	if err = g.sessionRpcServer.start(ctx, sessionCfg); err != nil {
 		return err
 	}
 	g.sessionRpcServerStarted = true
