Merge pull request #204 from VermiumSifell/201-fix-code-smells

Encryption

config.json.example

@@ -27,6 +27,7 @@
   "reputation": {
     "timeout": 86400000
   },
+  "secretKey": "SET A LONG RANDOM PASSWORD HERE, ITS FOR USE OF ENCRYPTION WITH LENGTH OF 32",
   "importToDB": false,
   "clearUnused": false
 }

src/commands/settings/guild/addons/pterodactyl.ts

@@ -9,6 +9,7 @@ import logger from "../../../../handlers/logger";
 
 // Models
 import apiSchema from "../../../../helpers/database/models/apiSchema";
+import encryption from "../../../../handlers/encryption";
 
 // Function
 export default async (interaction: CommandInteraction) => {
@@ -17,7 +18,7 @@ export default async (interaction: CommandInteraction) => {
 
   // Get options
   const url = options?.getString("url");
-  const token = options?.getString("token");
+  const token = encryption.encrypt(options?.getString("token"));
 
   // Update API credentials
   await apiSchema

src/commands/shop/modules/pterodactyl.ts

@@ -8,6 +8,7 @@ import config from "../../../../config.json";
 
 // Handlers
 import logger from "../../../handlers/logger";
+import encryption from "../../../handlers/encryption";
 
 // Helpers
 import creditNoun from "../../../helpers/creditNoun";
@@ -127,7 +128,9 @@ export default async (interaction: CommandInteraction) => {
   // Create a api instance
   const api = axios?.create({
     baseURL: apiCredentials?.url,
-    headers: { Authorization: `Bearer ${apiCredentials?.token}` },
+    headers: {
+      Authorization: `Bearer ${encryption.decrypt(apiCredentials?.token)}`,
+    },
   });
 
   // Get shop URL

src/handlers/encryption.ts

@@ -0,0 +1,36 @@
+import crypto from "crypto";
+import config from "../../config.json";
+
+const algorithm = "aes-256-ctr";
+const iv = crypto.randomBytes(16);
+
+const encrypt = (text: any) => {
+  const cipher = crypto.createCipheriv(algorithm, config.secretKey, iv);
+
+  const encrypted = Buffer.concat([cipher.update(text), cipher.final()]);
+
+  return {
+    iv: iv.toString("hex"),
+    content: encrypted.toString("hex"),
+  };
+};
+
+const decrypt = (hash: any) => {
+  const decipher = crypto.createDecipheriv(
+    algorithm,
+    config.secretKey,
+    Buffer.from(hash.iv, "hex")
+  );
+
+  const decrypted = Buffer.concat([
+    decipher.update(Buffer.from(hash.content, "hex")),
+    decipher.final(),
+  ]);
+
+  return decrypted.toString();
+};
+
+export default {
+  encrypt,
+  decrypt,
+};

src/helpers/database/models/apiSchema.ts

@@ -1,29 +1,38 @@
-import mongoose from 'mongoose';
-
-const apiSchema = new mongoose.Schema(
-  {
-    guildId: {
-      type: mongoose.SchemaTypes.Decimal128,
-      required: true,
-      unique: false,
-      index: true,
-    },
-    url: {
-      type: mongoose.SchemaTypes.String,
-      required: true,
-      unique: false,
-      index: true,
-      default: 'https://localhost/api/',
-    },
-    token: {
-      type: mongoose.SchemaTypes.String,
-      required: true,
-      unique: false,
-      index: true,
-      default: 'token',
-    },
-  },
-  { timestamps: true }
-);
-
-export default mongoose.model('api', apiSchema);
+import mongoose from "mongoose";
+
+const apiSchema = new mongoose.Schema(
+  {
+    guildId: {
+      type: mongoose.SchemaTypes.Decimal128,
+      required: true,
+      unique: false,
+      index: true,
+    },
+    url: {
+      type: mongoose.SchemaTypes.String,
+      required: true,
+      unique: false,
+      index: true,
+      default: "https://localhost/api/",
+    },
+    token: {
+      iv: {
+        type: mongoose.SchemaTypes.String,
+        required: true,
+        unique: false,
+        index: true,
+        default: "token",
+      },
+      content: {
+        type: mongoose.SchemaTypes.String,
+        required: true,
+        unique: false,
+        index: true,
+        default: "token",
+      },
+    },
+  },
+  { timestamps: true }
+);
+
+export default mongoose.model("api", apiSchema);