Adds masking to all IDs

README.md

@@ -33,6 +33,10 @@ cat env-example > .env
 
 Open the `.env` file and follow the [link](https://generate-random.org/api-token-generator) to create the `APPCHECK_TOKEN` env variable.
 
+**Ensure you have the correct 16-byte `MASK_SECRET` in the `.env` file.**
+
+An example is provided in the `env-example`, but obviously generate your own for prod.
+
 **Add your AWS data to the `.env` file.**
 
 Specifically what IAM roles are needed will be determined in the future. Currently, a general admin user suffices.

docker-compose.yml

@@ -36,6 +36,7 @@ services:
       AWS_ACCESS_KEY_ID:
       AWS_SECRET_ACCESS_KEY:
       AWS_REGION:
+      MASK_SECRET:
 
   redis:
       image: redis:alpine

env-example

@@ -10,6 +10,9 @@ APPCHECK_TOKEN="kXfeSRgYTnoUztu6MO8FndqiRayoBaJqyDKQmoqvX3V9sZVlep/cm7cP!mgd-B9H
 # either 16, 24, or 32 bytes to select AES-128, AES-192, or AES-256
 HKDF_SECRET="some-secret-string"
 
+# a 16-byte key
+MASK_SECRET="your_16_byte_key"
+
 # to generate a new nonce for production:
 # go run ./scripts/main.go --new-nonce
 CIPHER_NONCE="47363bcf91a1545668f0fd7a"

features/admin/feedback_by_id.go

@@ -2,10 +2,10 @@ package admin
 
 import (
 	"confesi/db"
+	"confesi/lib/encryption"
 	"confesi/lib/response"
 	"errors"
 	"net/http"
-	"strconv"
 
 	"github.com/gin-gonic/gin"
 	"gorm.io/gorm"
@@ -14,13 +14,14 @@ import (
 func (h *handler) handleFeedbackID(c *gin.Context) {
 	feedbackID := c.Param("feedbackID")
 
-	_, err := strconv.ParseInt(feedbackID, 10, 64)
+	unmaskedFeedbackId, err := encryption.Unmask(feedbackID)
 	if err != nil {
 		response.New(http.StatusBadRequest).Err("invalid feedback id").Send(c)
 		return
 	}
+
 	feedback := db.Feedback{}
-	err = h.db.Model(&db.Feedback{}).Where("id = ?", feedbackID).First(&feedback).Error
+	err = h.db.Model(&db.Feedback{}).Where("id = ?", unmaskedFeedbackId).First(&feedback).Error
 	if err != nil && !errors.Is(err, gorm.ErrRecordNotFound) {
 		response.New(http.StatusInternalServerError).Err("server error").Send(c)
 	} else if errors.Is(err, gorm.ErrRecordNotFound) {

features/admin/fetch_reports_for_comment_by_id.go

@@ -2,6 +2,7 @@ package admin
 
 import (
 	"confesi/config"
+	"confesi/lib/encryption"
 	"confesi/lib/response"
 	"confesi/lib/utils"
 	"confesi/lib/validation"
@@ -18,12 +19,19 @@ func (h *handler) handleFetchReportForCommentById(c *gin.Context) {
 		return
 	}
 
+	unmaskedId, err := encryption.Unmask(req.CommentID)
+	if err != nil {
+		response.New(http.StatusBadRequest).Err(invalidValue.Error()).Send(c)
+		return
+	}
+
 	fetchResults := fetchResults{}
 
 	err = h.db.
 		Preload("ReportType").
 		Where(req.Next.Cursor("created_at >")).
 		Where("comment_id IS NOT NULL").
+		Where("comment_id = ?", unmaskedId).
 		Order("created_at ASC").
 		Find(&fetchResults.Reports).
 		Limit(config.AdminViewAllReportsPerCommentId).

features/admin/fetch_reports_for_post_by_id.go

@@ -2,6 +2,7 @@ package admin
 
 import (
 	"confesi/config"
+	"confesi/lib/encryption"
 	"confesi/lib/response"
 	"confesi/lib/utils"
 	"confesi/lib/validation"
@@ -18,12 +19,19 @@ func (h *handler) handleFetchReportForPostById(c *gin.Context) {
 		return
 	}
 
+	unmaskedId, err := encryption.Unmask(req.PostID)
+	if err != nil {
+		response.New(http.StatusBadRequest).Err(invalidValue.Error()).Send(c)
+		return
+	}
+
 	fetchResults := fetchResults{}
 
 	err = h.db.
 		Preload("ReportType").
 		Where(req.Next.Cursor("created_at >")).
 		Where("post_id IS NOT NULL").
+		Where("post_id = ?", unmaskedId).
 		Order("created_at ASC").
 		Find(&fetchResults.Reports).
 		Limit(config.AdminViewAllReportsPerPostId).

features/admin/get_report_by_id.go

@@ -2,11 +2,11 @@ package admin
 
 import (
 	"confesi/db"
+	"confesi/lib/encryption"
 	"confesi/lib/response"
 	"confesi/lib/utils"
 	"errors"
 	"net/http"
-	"strconv"
 
 	"github.com/gin-gonic/gin"
 	"gorm.io/gorm"
@@ -16,7 +16,7 @@ func (h *handler) handleGetReportById(c *gin.Context) {
 	// get id from query param id
 	id := c.Query("id")
 
-	idNumeric, err := strconv.Atoi(id)
+	unmaskedId, err := encryption.Unmask(id)
 	if err != nil {
 		response.New(http.StatusBadRequest).Err("invalid id").Send(c)
 		return
@@ -25,7 +25,7 @@ func (h *handler) handleGetReportById(c *gin.Context) {
 	report := db.Report{}
 	err = h.db.
 		Preload("ReportType"). // preload the ReportType field of the Report
-		Where("id = ?", idNumeric).
+		Where("id = ?", unmaskedId).
 		First(&report).
 		Error
 	if err != nil {

features/admin/hide.go

@@ -3,6 +3,7 @@ package admin
 import (
 	"confesi/config/builders"
 	"confesi/db"
+	"confesi/lib/encryption"
 	"confesi/lib/logger"
 	"confesi/lib/response"
 	"confesi/lib/utils"
@@ -34,17 +35,23 @@ func (h *handler) handleHideContent(c *gin.Context) {
 		return
 	}
 
+	unmaskedContentId, err := encryption.Unmask(req.ContentID)
+	if err != nil {
+		response.New(http.StatusBadRequest).Err(invalidValue.Error()).Send(c)
+		return
+	}
+
 	hideLogEntry := db.HideLog{}
 	var commentOrPostIdMatcher string
 
 	var table string
 	if req.ContentType == "comment" {
 		table = "comments"
-		hideLogEntry.CommentID = &req.ContentID
+		hideLogEntry.CommentID = &db.EncryptedID{Val: unmaskedContentId}
 		commentOrPostIdMatcher = "comment_id"
 	} else if req.ContentType == "post" {
 		table = "posts"
-		hideLogEntry.PostID = &req.ContentID
+		hideLogEntry.PostID = &db.EncryptedID{Val: unmaskedContentId}
 		commentOrPostIdMatcher = "post_id"
 	} else {
 		response.New(http.StatusBadRequest).Err(invalidValue.Error()).Send(c)
@@ -180,7 +187,7 @@ func (h *handler) handleHideContent(c *gin.Context) {
 	} else if len(offenders) > 0 {
 		for _, tokenWithOffenderID := range offenders {
 			go fcm.New(h.fb.MsgClient).
-				ToTokens([]string{"tokenWithOffenderID.Token"}).
+				ToTokens([]string{tokenWithOffenderID.Token}).
 				WithMsg(builders.HideOffendingUserNoti()).
 				WithData(builders.HideOffendingUserData(tokenWithOffenderID.HideLogID)).
 				Send(*h.db)