diff --git a/config.yaml.example b/config.yaml.example index a9f0b0a..d603893 100644 --- a/config.yaml.example +++ b/config.yaml.example @@ -5,6 +5,11 @@ bot_token: "BOT_TOKEN_HERE" # both take a single argument which is the database file path database: [sqlite, "secretlounge.sqlite"] +# salt used for obfuscating user IDs (optional) +# Needs to be a hexadecimal string, use e.g. `openssl rand -hex 6` to generate. +# It is recommended to set this. Reusing it between different bots is allowed. +#secret_salt: "" + # relay contacts allow_contacts: false # relay arbitrary documents/files (GIFs always work) diff --git a/secretlounge_ng/core.py b/secretlounge_ng/core.py index b054717..5d03402 100644 --- a/secretlounge_ng/core.py +++ b/secretlounge_ng/core.py @@ -48,6 +48,9 @@ def init(config: dict, _db, _ch): if config.get("locale"): rp.localization = import_module("..replies_" + config["locale"], __name__).localization + if config.get("secret_salt"): + User.setSalt(bytes.fromhex(config["secret_salt"])) + # initialize db if empty if db.getSystemConfig() is None: c = SystemConfig() diff --git a/secretlounge_ng/database.py b/secretlounge_ng/database.py index 826660f..544d2f9 100644 --- a/secretlounge_ng/database.py +++ b/secretlounge_ng/database.py @@ -28,6 +28,8 @@ def defaults(self): class User(): __slots__ = USER_PROPS + global_salt = b"" + id: int username: Optional[str] realname: str @@ -43,6 +45,11 @@ class User(): hideKarma: bool debugEnabled: bool tripcode: Optional[str] + + @staticmethod + def setSalt(salt): + assert all(isinstance(v, int) for v in salt) + User.global_salt = salt def __init__(self): for k in USER_PROPS: setattr(self, k, None) @@ -68,7 +75,7 @@ def isBlacklisted(self): return self.rank < 0 def getObfuscatedId(self): salt = date.today().toordinal() - value = fnv32a([self.id, salt], []) + value = fnv32a([self.id, salt], [User.global_salt]) # stringify 20 bits return ''.join(ID_ALPHA[n%32] for n in (value, value>>5, value>>10, value>>15)) def getObfuscatedKarma(self):