hash username and pass it to redlight server too, allows locking access to API on a per-user level.

2023-08-12 18:09:42 +08:00 · 2023-08-12 18:09:42 +08:00 · c46e73865f
commit c46e73865f
parent f52b0c39dc
3 changed files with 17 additions and 12 deletions
--- a/redlight_client_module.py
+++ b/redlight_client_module.py
@ -44,6 +44,10 @@ class RedlightClientModule:
        hashed_room_id = self.double_hash_sha256(room)
        logger.info(f"Double hashed room ID: {hashed_room_id}")

+        # Double hash the username
+        hashed_user_id = self.double_hash_sha256(user)
+        logger.info(f"Double hashed user ID: {hashed_user_id}")
+
        # Log the desired message
        logger.info("Hello World!")

--- a/redlight_server_module.py
+++ b/redlight_server_module.py
@ -59,12 +59,13 @@ class RedlightServerResource:
            # Log the request to Synapse's log
            logger.info(f"Received abuse lookup request: {content}")

-            # Extract room_id from the content
+            # Extract room_id_hash and user_id_hash from the content
            data = json.loads(content)
-            room_id = data["room_id"]
+            room_id_hash = data["room_id_hash"]
+            user_id_hash = data["user_id_hash"]

-            # TODO: Check the room_id against your list/database
-            is_abuse = room_id == "!OEedGOAXDBahPyWMSQ:example.com"
+            # Check the room_id_hash against your list/database or hardcoded value
+            is_abuse = room_id_hash == "5dd9968ad279b8d918b1340dde1923ed0b99f59337f4905188955bf0f1d51d9f"

            if is_abuse:
                request.setResponseCode(http.OK)
@ -81,7 +82,6 @@ class RedlightServerResource:
            request.setResponseCode(400)
            defer.returnValue(json.dumps({"error": "Bad Request"}).encode("utf-8"))

-
    def on_GET(self, request):
        return self.method_not_allowed(request)

--- a/technical_spec.md
+++ b/technical_spec.md
@ -6,11 +6,11 @@ This document gives a detailed summary about how Redlight will work.

 ## Definitions

-Redlight List - A comprehensive list of abusive rooms on the Matrix network, abusive rooms are assigned a 'report_id' for identification as well as multiple 'tags' that describe the infringing content in said room.
+Source List - A comprehensive list of abusive rooms on the Matrix network, abusive rooms are assigned a 'report_id' for identification as well as multiple 'tags' that describe the infringing content in said room.

 Tags - Content tags that describe the type of abusive material found in a room, for example 'csam', 'lolicon' or 'terrorism'.

-Redlight Server - Will be trusted homeservers that are modified, they'll cache the Redlight list in memory while providing an API interface to "Redlight clients". Redlight servers will pick their own "content tags" that they are filtering, which by extension will allow clients to pick a level of filtering that suits them.
+Redlight Server - Will be trusted homeservers that are modified, they'll cache the source list in memory while providing an API interface to "Redlight clients". Redlight servers will pick their own "content tags" that they are filtering, which by extension will allow clients to pick a level of filtering that suits them.

 Redlight Client - Will be untrusted homeservers that are whitelisted by their desired Redlight server. When a user on a client homeserver attempts to join a room, the hash of the room_id will be sent to the redlight server, which will confirm or deny if the room is abusive, the client then denies the user entry to that room if it is flagged.

@ -35,13 +35,13 @@ With Redlight only trusted parties will be allowed to run "redlight servers" and
 This creates a chain of trust where each party using this system must be accountable and can have their access revoked by the party "above" them if foul play is detected.


-## Securing the Redlight List
+## Securing the Source List

-The following methods will be used to secure the redlight list:
+The following methods will be used to secure the source list:

- Avoid writing the redlight list to disk, redlight servers will simply pull the latest copy and store it in memory only.
+- Avoid writing the source list to disk, redlight servers will simply pull the latest copy and store it in memory only.
 - Whitelisting clients, redlight servers will only serve approved clients.
- Ratelimiting the amount of requests, if a client is requesting too many rooms in a specified timeframe their access will be automatically cut-off, forcing them to ask their redlight server to re-enable them.
+- Ratelimiting the amount of requests, if a client homeservers user is finding too many rooms they could be limited?
 - Ratelimiting the amount of hits, if a client is finding too many abusive rooms in a specified timeframe their access will be automatically cut-off, forcing them to ask their redlight server to re-enable them.


@ -69,7 +69,8 @@ return either `200 OK` to signify a match or `204 No Content` to signify no matc

 ```js
 {
-    "room_id_hash": "962c56a12d861d1921073916db9a1fb47ccc7887d3199690f1de156e57cac709"
+    "room_id_hash": "5dd9968ad279b8d918b1340dde1923ed0b99f59337f4905188955bf0f1d51d9f",
+    "user_id_hash": "6123512760887c37bb7b550a1a3caa8b8cd954706f4cc7fe934cb42611132627"
 }
 ```