Store tonce for each user by redis

Alladin9393 · Alladin9393 · commit 3d135eba3a47 · 2022-06-17T16:49:00.000+03:00
- Tonce for each user
- Change login_type from `m.login.vaccount` to `com.bitorbit.login.vaccount`
diff --git a/synapse/handlers/vaccount_auth/auth_provider.py b/synapse/handlers/vaccount_auth/auth_provider.py
@@ -26,6 +26,7 @@
 from solana.publickey import PublicKey
 from nacl.signing import VerifyKey
 from nacl.exceptions import BadSignatureError
+from redis import Redis
 
 import logging
 
@@ -47,12 +48,12 @@ class VaccountAuthProvider:
     def __init__(self, config, account_handler: ModuleApi):
         self.account_handler = account_handler
         self.store: DataStore = account_handler._hs.get_datastore()
-        self.last_tonce = int(account_handler._hs.get_clock().time())
+        self.redis = Redis()
 
     @staticmethod
     def get_supported_login_types():
         supported_login_types = {
-            'm.login.vaccount': (
+            'com.bitorbit.login.vaccount': (
                 'vaccount_address',
                 'signature',
                 'signer',
@@ -69,7 +70,7 @@ async def check_auth(self, evm_vaccount_address, login_type, login_dict):
         Args:
             evm_vaccount_address: ethereum based interpretation of the Vaccount address
             login_type: type of authentication
-            login_dict: authentication parameters `supported_login_types
+            login_dict: authentication parameters `supported_login_types`
 
         Returns:
             Canonical user ID if authentication was successful
@@ -84,9 +85,6 @@ async def check_auth(self, evm_vaccount_address, login_type, login_dict):
         if not signature or not signer_key or not signed_timestamp or not vaccount_address or not signer_type:
             return False
 
-        if not self._is_valid_sign_timestamp(signed_timestamp):
-            return False
-
         if evm_vaccount_address.startswith("@") and ":" in evm_vaccount_address:
             # username is of the form @V4Bw2..:bar.com
             evm_vaccount_address = evm_vaccount_address.split(":", 1)[0][1:]
@@ -115,6 +113,9 @@ async def check_auth(self, evm_vaccount_address, login_type, login_dict):
         if not is_valid_signature or not is_active_vaccount or not is_valid_evm_address:
             return False
 
+        if not self._is_valid_sign_timestamp(evm_vaccount_address, signed_timestamp):
+            return False
+
         user_id = self.account_handler.get_qualified_user_id(username=evm_vaccount_address)
 
         if await self.account_handler.check_user_exists(user_id):
@@ -151,7 +152,7 @@ async def check_auth(self, evm_vaccount_address, login_type, login_dict):
         # await self.store.set_e2e_cross_signing_key(
         #     user_id, "master", vaccount_signing_key
         # )
-        self.last_tonce = signed_timestamp
+        self._commit_last_sign_timestamp(evm_vaccount_address, signed_timestamp)
 
         return user_id
 
@@ -167,16 +168,19 @@ def _is_valid_signature(signature, signer_key, signed_msg) -> bool:
 
         return True
 
-    def _is_valid_sign_timestamp(self, signed_timestamp: int):
+    def _is_valid_sign_timestamp(self, evm_vaccount_address: str, signed_timestamp: int):
         """Check if signed timestamp is valid
         Args:
-           signed_tonce: signed timestamp
+            evm_vaccount_address: ethereum representing of the VA address
+            signed_timestamp: last signed timestamp by VA key
         Returns:
             True if timestamp is greater than last signed timestamp
         """
         current_timestamp = int(self.account_handler._hs.get_clock().time())
-        ts_window = current_timestamp - signed_timestamp 
-        if signed_timestamp >= self.last_tonce and ts_window <= SIGN_TIMESTAMP_TOLERANCE:
+        ts_window = current_timestamp - signed_timestamp
+        last_signed_timestamp = self.redis.get(evm_vaccount_address) or signed_timestamp
+
+        if signed_timestamp >= int(last_signed_timestamp) and ts_window <= SIGN_TIMESTAMP_TOLERANCE:
             return True
 
         return False
@@ -201,7 +205,7 @@ async def register_user(self, localpart, displayname):
             displayname=displayname,
         )
 
-        logger.info(f"Registration was successful: {user_id}, timestamp: {self.last_tonce}")
+        logger.info(f"Registration was successful: {user_id}")
         return user_id
 
     async def _is_active_vaccount(self, vaccount_address: PublicKey, signer: PublicKey, signer_type: str) -> bool:
@@ -251,6 +255,15 @@ async def _get_parsed_account_info(self, account_address):
 
         return account_data
 
+    def _commit_last_sign_timestamp(self, evm_vaccount_address, last_timestamp):
+        is_commit = self.redis.set(
+            name=evm_vaccount_address,
+            value=last_timestamp,
+            # ex=SIGN_TIMESTAMP_TOLERANCE,
+        )
+
+        return is_commit
+
     @staticmethod
     def parse_config(config):
         return config
diff --git a/synapse/handlers/vaccount_auth/test.py b/synapse/handlers/vaccount_auth/test.py
@@ -46,7 +46,7 @@ def register_account(homeserver_api_url):
     evm_address = get_vaccount_evm_address(vaccount)
 
     payload = {
-        'type': 'm.login.vaccount',
+        'type': 'com.bitorbit.login.vaccount',
         'user': '@' + evm_address + ':my.domain.name',
         'vaccount_address': vaccount.to_base58().decode(),
         'signature': signature.signature.hex(),
diff --git a/synapse/python_dependencies.py b/synapse/python_dependencies.py
@@ -83,6 +83,7 @@
     "netaddr>=0.7.18",
     "Jinja2==3.0.3",
     "solana==0.20.0",
+    "redis>=4.3.3",
     "borsh-construct==0.1.0",
     "pysha3==1.0.2",
     "bleach>=1.4.3",
