From 4cee8500a51aff6d0a445a3a6259cafed92d4845 Mon Sep 17 00:00:00 2001
From: clarkzjw <i@jinwei.me>
Date: Thu, 23 Feb 2023 15:37:48 -0800
Subject: bot: encrypt access_key with cryptography.fernet library

---
 callback.py | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

(limited to 'callback.py')

diff --git a/callback.py b/callback.py
index d968523..a1b4b2d 100644
--- a/callback.py
+++ b/callback.py
@@ -9,10 +9,11 @@ from command import *
 from dbstore.peewee_store import get_poi_by_fsq_id
 from foursquare.poi import OSM_ENDPOINT
 from foursquare.poi import query_poi
-from config import BOT_SCOPE
+from config import BOT_SCOPE, ENCRYPT_KEY
 from dbstore.peewee_store import User, db, TOOT_VISIBILITY_PRIVATE, TOOT_VISIBILITY_PUBLIC, TOOT_VISIBILITY_UNLISTED
 import uuid
 from mastodon import Mastodon
+from util import decrypt
 
 
 def generate_uuid():
@@ -23,7 +24,7 @@ def get_mastodon_client(user_id: int):
     with db.connection_context():
         user = User.get(User.telegram_user_id == user_id)
         if user.home_instance and user.access_key:
-            return Mastodon(access_token=user.access_key, api_base_url=user.home_instance)
+            return Mastodon(access_token=decrypt(user.access_key, ENCRYPT_KEY), api_base_url=user.home_instance)
 
 
 def generate_toot_text(poi_name, poi_locality, poi_region, poi_lat, poi_lon):
@@ -85,21 +86,20 @@ async def callback_generate_fedi_login_url(update: Update, context: ContextTypes
     user_id = update.effective_user.id
     state = generate_uuid()
 
-    db.connect()
-    u = User.get_or_none(telegram_user_id=user_id)
-    if u is None:
-        u = User.create(telegram_user_id=user_id, access_key="", home_instance=home_instance,
-                        client_id=client_id, client_secret=client_secret, state=state)
-        u.save()
-    db.close()
+    with db.connection_context():
+        u = User.get_or_none(telegram_user_id=user_id)
+        if u is None:
+            u = User.create(telegram_user_id=user_id, access_key="", home_instance=home_instance,
+                            client_id=client_id, client_secret=client_secret, state=state)
+            u.save()
 
     oauth_url = m.auth_request_url(redirect_uris="{}{}".format(BOT_DOMAIN, FEDI_LOGIN_CALLBACK_URL),
                                                  scopes=BOT_SCOPE,
                                                  state=state)
 
     msg = await update.message.reply_text(PROMPT_FEDI_LOGIN,
-                                    reply_markup=InlineKeyboardMarkup([[InlineKeyboardButton("Login", url=oauth_url)]]),
-                                    parse_mode=ParseMode.MARKDOWN)
+                                          reply_markup=InlineKeyboardMarkup([[InlineKeyboardButton("Login", url=oauth_url)]]),
+                                          parse_mode=ParseMode.MARKDOWN)
 
     context.user_data[PROMPT_FEDI_LOGIN] = msg.message_id
     return FEDI_LOGIN
-- 
cgit v1.2.3