From 4cee8500a51aff6d0a445a3a6259cafed92d4845 Mon Sep 17 00:00:00 2001
From: clarkzjw <i@jinwei.me>
Date: Thu, 23 Feb 2023 15:37:48 -0800
Subject: bot: encrypt access_key with cryptography.fernet library

---
 bot.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'bot.py')

diff --git a/bot.py b/bot.py
index 45b2af7..7d10ddd 100644
--- a/bot.py
+++ b/bot.py
@@ -4,7 +4,7 @@ import asyncio
 import logging
 from dataclasses import dataclass
 from http import HTTPStatus
-from config import BOT_TOKEN, TELEGRAM_WEBHOOK_URL, HEALTHCHECK_URL, FEDI_LOGIN_CALLBACK_URL, BOT_DOMAIN, BOT_PORT
+from config import BOT_TOKEN, TELEGRAM_WEBHOOK_URL, HEALTHCHECK_URL, FEDI_LOGIN_CALLBACK_URL, BOT_DOMAIN, BOT_PORT, ENCRYPT_KEY
 import uvicorn
 from starlette.applications import Starlette
 from starlette.requests import Request
@@ -61,6 +61,7 @@ from config import (
 from prompt.string import PROMPT_CHOOSE_ACTION
 from mastodon import Mastodon
 from dbstore.peewee_store import db, User, get_user_by_state
+from util import encrypt, decrypt
 
 logging.basicConfig(
     format="%(asctime)s - %(name)s - %(levelname)s - %(message)s", level=logging.INFO
@@ -104,7 +105,7 @@ async def process_oauth_login_callback(update: FediLoginCallbackUpdate, context:
                 redirect_uri="{}{}".format(BOT_DOMAIN, FEDI_LOGIN_CALLBACK_URL),
                 scopes=BOT_SCOPE
             )
-            user.access_key = access_token
+            user.access_key = encrypt(access_token, ENCRYPT_KEY)
             user.save()
 
         text = "You have successfully logged in to your Mastodon account!"
-- 
cgit v1.2.3