Merge branch 'feature/encryption'

- bot: encrypt access_key with cryptography.fernet library

1 files changed, 3 insertions, 2 deletions

diff --git a/bot.py b/bot.py
index 45b2af7..7d10ddd 100644
--- a/bot.py
+++ b/bot.py
@@ -4,7 +4,7 @@ import asyncio
 import logging
 from dataclasses import dataclass
 from http import HTTPStatus
-from config import BOT_TOKEN, TELEGRAM_WEBHOOK_URL, HEALTHCHECK_URL, FEDI_LOGIN_CALLBACK_URL, BOT_DOMAIN, BOT_PORT
+from config import BOT_TOKEN, TELEGRAM_WEBHOOK_URL, HEALTHCHECK_URL, FEDI_LOGIN_CALLBACK_URL, BOT_DOMAIN, BOT_PORT, ENCRYPT_KEY
 import uvicorn
 from starlette.applications import Starlette
 from starlette.requests import Request
@@ -61,6 +61,7 @@ from config import (
 from prompt.string import PROMPT_CHOOSE_ACTION
 from mastodon import Mastodon
 from dbstore.peewee_store import db, User, get_user_by_state
+from util import encrypt, decrypt
 
 logging.basicConfig(
     format="%(asctime)s - %(name)s - %(levelname)s - %(message)s", level=logging.INFO
@@ -104,7 +105,7 @@ async def process_oauth_login_callback(update: FediLoginCallbackUpdate, context:
                 redirect_uri="{}{}".format(BOT_DOMAIN, FEDI_LOGIN_CALLBACK_URL),
                 scopes=BOT_SCOPE
             )
-            user.access_key = access_token
+            user.access_key = encrypt(access_token, ENCRYPT_KEY)
             user.save()
 
         text = "You have successfully logged in to your Mastodon account!"