From c46e73865ffa79adb0bd6b2dde2d56b7f3b991c9 Mon Sep 17 00:00:00 2001
From: PC-Admin <perthchat@protonmail.com>
Date: Sat, 12 Aug 2023 18:09:42 +0800
Subject: [PATCH] hash username and pass it to redlight server too, allows
 locking access to API on a per-user level.

---
 redlight_client_module.py |  4 ++++
 redlight_server_module.py | 10 +++++-----
 technical_spec.md         | 15 ++++++++-------
 3 files changed, 17 insertions(+), 12 deletions(-)

diff --git a/redlight_client_module.py b/redlight_client_module.py
index 03519de..6d8af9b 100755
--- a/redlight_client_module.py
+++ b/redlight_client_module.py
@@ -44,6 +44,10 @@ class RedlightClientModule:
         hashed_room_id = self.double_hash_sha256(room)
         logger.info(f"Double hashed room ID: {hashed_room_id}")
 
+        # Double hash the username
+        hashed_user_id = self.double_hash_sha256(user)
+        logger.info(f"Double hashed user ID: {hashed_user_id}")
+
         # Log the desired message
         logger.info("Hello World!")
 
diff --git a/redlight_server_module.py b/redlight_server_module.py
index c5539da..ec205f2 100755
--- a/redlight_server_module.py
+++ b/redlight_server_module.py
@@ -59,12 +59,13 @@ class RedlightServerResource:
             # Log the request to Synapse's log
             logger.info(f"Received abuse lookup request: {content}")
 
-            # Extract room_id from the content
+            # Extract room_id_hash and user_id_hash from the content
             data = json.loads(content)
-            room_id = data["room_id"]
+            room_id_hash = data["room_id_hash"]
+            user_id_hash = data["user_id_hash"]
 
-            # TODO: Check the room_id against your list/database
-            is_abuse = room_id == "!OEedGOAXDBahPyWMSQ:example.com"
+            # Check the room_id_hash against your list/database or hardcoded value
+            is_abuse = room_id_hash == "5dd9968ad279b8d918b1340dde1923ed0b99f59337f4905188955bf0f1d51d9f"
 
             if is_abuse:
                 request.setResponseCode(http.OK)
@@ -81,7 +82,6 @@ class RedlightServerResource:
             request.setResponseCode(400)
             defer.returnValue(json.dumps({"error": "Bad Request"}).encode("utf-8"))
 
-
     def on_GET(self, request):
         return self.method_not_allowed(request)
 
diff --git a/technical_spec.md b/technical_spec.md
index e6ca57c..4e3752e 100644
--- a/technical_spec.md
+++ b/technical_spec.md
@@ -6,11 +6,11 @@ This document gives a detailed summary about how Redlight will work.
 
 ## Definitions
 
-Redlight List - A comprehensive list of abusive rooms on the Matrix network, abusive rooms are assigned a 'report_id' for identification as well as multiple 'tags' that describe the infringing content in said room.
+Source List - A comprehensive list of abusive rooms on the Matrix network, abusive rooms are assigned a 'report_id' for identification as well as multiple 'tags' that describe the infringing content in said room.
 
 Tags - Content tags that describe the type of abusive material found in a room, for example 'csam', 'lolicon' or 'terrorism'.
 
-Redlight Server - Will be trusted homeservers that are modified, they'll cache the Redlight list in memory while providing an API interface to "Redlight clients". Redlight servers will pick their own "content tags" that they are filtering, which by extension will allow clients to pick a level of filtering that suits them.
+Redlight Server - Will be trusted homeservers that are modified, they'll cache the source list in memory while providing an API interface to "Redlight clients". Redlight servers will pick their own "content tags" that they are filtering, which by extension will allow clients to pick a level of filtering that suits them.
 
 Redlight Client - Will be untrusted homeservers that are whitelisted by their desired Redlight server. When a user on a client homeserver attempts to join a room, the hash of the room_id will be sent to the redlight server, which will confirm or deny if the room is abusive, the client then denies the user entry to that room if it is flagged.
 
@@ -35,13 +35,13 @@ With Redlight only trusted parties will be allowed to run "redlight servers" and
 This creates a chain of trust where each party using this system must be accountable and can have their access revoked by the party "above" them if foul play is detected.
 
 
-## Securing the Redlight List
+## Securing the Source List
 
-The following methods will be used to secure the redlight list:
+The following methods will be used to secure the source list:
 
-- Avoid writing the redlight list to disk, redlight servers will simply pull the latest copy and store it in memory only.
+- Avoid writing the source list to disk, redlight servers will simply pull the latest copy and store it in memory only.
 - Whitelisting clients, redlight servers will only serve approved clients.
-- Ratelimiting the amount of requests, if a client is requesting too many rooms in a specified timeframe their access will be automatically cut-off, forcing them to ask their redlight server to re-enable them.
+- Ratelimiting the amount of requests, if a client homeservers user is finding too many rooms they could be limited?
 - Ratelimiting the amount of hits, if a client is finding too many abusive rooms in a specified timeframe their access will be automatically cut-off, forcing them to ask their redlight server to re-enable them.
 
 
@@ -69,7 +69,8 @@ return either `200 OK` to signify a match or `204 No Content` to signify no matc
 
 ```js
 {
-    "room_id_hash": "962c56a12d861d1921073916db9a1fb47ccc7887d3199690f1de156e57cac709"
+    "room_id_hash": "5dd9968ad279b8d918b1340dde1923ed0b99f59337f4905188955bf0f1d51d9f",
+    "user_id_hash": "6123512760887c37bb7b550a1a3caa8b8cd954706f4cc7fe934cb42611132627"
 }
 ```