Bytemalte/marstemedia
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 4 Wiki Activity

security: remove hardcoded secret key and improve key handling

Browse Source
This commit is contained in:
Bytemalte
2026-01-30 22:39:13 +01:00
parent 88e7d0cf6b
commit fc074d65b4
2 changed files with 17 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src-tauri/Cargo.toml
View File

@@ -21,6 +21,7 @@ easy-nostr = { path = "./easy-nostr" }
tokio = { version = "1", features = ["full"] } tokio = { version = "1", features = ["full"] }
feed-rs = "2.3.1" feed-rs = "2.3.1"
ron = "0.8" ron = "0.8"
nostr-sdk = "0.44.1"
# FIX: default-features entfernt und rustls-tls hinzugefügt # FIX: default-features entfernt und rustls-tls hinzugefügt
reqwest = { version = "0.12", default-features = false, features = ["json", "rustls-tls"] } reqwest = { version = "0.12", default-features = false, features = ["json", "rustls-tls"] }

23
src-tauri/src/home.rs
View File

@@ -1,5 +1,6 @@
use easy_nostr::EasyNostr; use easy_nostr::EasyNostr;
use serde::Serialize; use nostr_sdk::prelude::{Keys, ToBech32};
use serde::Serialize; // Import für die Schlüssel-Generierung
// Diese Struktur ist für den Transport zum Frontend (JSON) // Diese Struktur ist für den Transport zum Frontend (JSON)
#[derive(Serialize)] #[derive(Serialize)]
@@ -11,12 +12,20 @@ pub struct LocalPost {
#[tauri::command] #[tauri::command]
pub async fn fetch_nostr_posts() -> Result<Vec<LocalPost>, String> { pub async fn fetch_nostr_posts() -> Result<Vec<LocalPost>, String> {
// 1. Verbindung aufbauen // 1. Temporären Einweg-Schlüssel generieren
let easy = EasyNostr::new("nsec1fkhszd5sv8yp6g966qdh5kuph25g4nn9pa2k5rwpuglt6rde8u8qwr3r87") // Das erzeugt ein Schlüsselpaar im RAM, das nach dem Funktionsaufruf verschwindet.
let random_keys = Keys::generate();
let temp_nsec = random_keys
.secret_key()
.to_bech32()
.map_err(|e| format!("Fehler beim Generieren des Keys: {}", e))?;
// 2. Verbindung mit dem temporären Key aufbauen
let easy = EasyNostr::new(&temp_nsec)
.await .await
.map_err(|e| e.to_string())?; .map_err(|e| e.to_string())?;
// 2. Relays hinzufügen // 3. Relays hinzufügen
easy.add_relays(vec![ easy.add_relays(vec![
"wss://relay.damus.io", "wss://relay.damus.io",
"wss://nos.lol", "wss://nos.lol",
@@ -25,16 +34,16 @@ pub async fn fetch_nostr_posts() -> Result<Vec<LocalPost>, String> {
.await .await
.map_err(|e| e.to_string())?; .map_err(|e| e.to_string())?;
// 3. Posts von der Library holen // 4. Posts von der Library holen
let raw_posts = easy.get_random_posts().await.map_err(|e| e.to_string())?; let raw_posts = easy.get_random_posts().await.map_err(|e| e.to_string())?;
// 4. Mappen: Library-Typ -> Unser serialisierbarer Typ // 5. Mappen: Library-Typ -> Unser serialisierbarer Typ
let mapped_posts = raw_posts let mapped_posts = raw_posts
.into_iter() .into_iter()
.map(|p| LocalPost { .map(|p| LocalPost {
content: p.content, content: p.content,
author: p.author.to_string(), author: p.author.to_string(),
created_at: p.created_at.as_secs(), // Hier geändert von as_u64() created_at: p.created_at.as_secs(),
}) })
.collect(); .collect();