From c129f86ba10c5c95d2539aebdc40373163e09180 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=B4=9B=E6=B0=B4=E5=B1=85=E5=AE=A4?= Date: Sat, 26 Aug 2023 17:21:29 +0800 Subject: [PATCH 1/6] :sparkles: Mask sensitive information in player id --- core/services/wiki/services.py | 7 ++----- modules/gacha_log/log.py | 3 ++- modules/pay_log/log.py | 3 ++- plugins/genshin/abyss.py | 3 ++- plugins/genshin/avatar_list.py | 3 ++- plugins/genshin/daily/material.py | 4 ++-- plugins/genshin/daily_note.py | 3 ++- plugins/genshin/ledger.py | 3 ++- plugins/genshin/player_cards.py | 3 ++- plugins/genshin/sign.py | 2 +- plugins/genshin/stats.py | 3 ++- plugins/tools/sign.py | 29 +++++++++++++++++++---------- utils/uid.py | 10 ++++++++++ 13 files changed, 50 insertions(+), 26 deletions(-) create mode 100644 utils/uid.py diff --git a/core/services/wiki/services.py b/core/services/wiki/services.py index b8758d66..28e3a6d1 100644 --- a/core/services/wiki/services.py +++ b/core/services/wiki/services.py @@ -58,12 +58,9 @@ async def refresh_wiki(self) -> NoReturn: 用于把Redis的缓存全部加载进Python :return: """ - logger.info("正在重新获取Wiki") - logger.info("正在重新获取武器信息") - await self.refresh_weapon() - logger.info("正在重新获取角色信息") + await self.refresh_characters() - logger.info("刷新成功") + async def init(self) -> NoReturn: """ diff --git a/modules/gacha_log/log.py b/modules/gacha_log/log.py index ec900f80..01712e80 100644 --- a/modules/gacha_log/log.py +++ b/modules/gacha_log/log.py @@ -41,6 +41,7 @@ UIGFModel, ) from utils.const import PROJECT_ROOT +from utils.uid import mask_number if TYPE_CHECKING: from core.dependence.assets import AssetsService @@ -533,7 +534,7 @@ async def get_analysis(self, user_id: int, player_id: int, pool: BannerType, ass last_time = data[0].time.strftime("%Y-%m-%d %H:%M") first_time = data[-1].time.strftime("%Y-%m-%d %H:%M") return { - "uid": player_id, + "uid": mask_number(player_id), "allNum": total, "type": pool.value, "typeName": pool_name, diff --git a/modules/pay_log/log.py b/modules/pay_log/log.py index 108d9af0..6e3b4665 100644 --- a/modules/pay_log/log.py +++ b/modules/pay_log/log.py @@ -11,6 +11,7 @@ from modules.pay_log.error import PayLogAuthkeyTimeout, PayLogInvalidAuthkey, PayLogNotFound from modules.pay_log.models import PayLog as PayLogModel, BaseInfo from utils.const import PROJECT_ROOT +from utils.uid import mask_number try: import ujson as jsonlib @@ -240,7 +241,7 @@ async def get_analysis(self, user_id: int, player_id: int): if price_data[i]["count"] > 0 ] return { - "uid": player_id, + "uid": mask_number(player_id), "datas": datas, "bar_data": month_datas, "pie_data": pie_datas, diff --git a/plugins/genshin/abyss.py b/plugins/genshin/abyss.py index 6a12fe14..4173b83c 100644 --- a/plugins/genshin/abyss.py +++ b/plugins/genshin/abyss.py @@ -20,6 +20,7 @@ from core.services.template.services import TemplateService from plugins.tools.genshin import CookiesNotFoundError, GenshinHelper from utils.log import logger +from utils.uid import mask_number try: import ujson as jsonlib @@ -220,7 +221,7 @@ def json_encoder(value): render_data["time"] = time render_data["stars"] = total_stars - render_data["uid"] = uid + render_data["uid"] = mask_number(uid) render_data["floor_colors"] = { 1: "#374952", 2: "#374952", diff --git a/plugins/genshin/avatar_list.py b/plugins/genshin/avatar_list.py index ba3e74ae..abf38dee 100644 --- a/plugins/genshin/avatar_list.py +++ b/plugins/genshin/avatar_list.py @@ -20,6 +20,7 @@ from modules.wiki.base import Model from plugins.tools.genshin import CharacterDetails, GenshinHelper from utils.log import logger +from utils.uid import mask_number if TYPE_CHECKING: from telegram import Update @@ -183,7 +184,7 @@ async def avatar_list(self, update: "Update", _: "ContextTypes.DEFAULT_TYPE"): name_card, avatar, nickname, rarity = await self.get_final_data(client.player_id, user) render_data = { - "uid": client.player_id, # 玩家uid + "uid": mask_number(client.player_id), # 玩家uid "nickname": nickname, # 玩家昵称 "avatar": avatar, # 玩家头像 "rarity": rarity, # 玩家头像对应的角色星级 diff --git a/plugins/genshin/daily/material.py b/plugins/genshin/daily/material.py index 265a8186..56ac115c 100644 --- a/plugins/genshin/daily/material.py +++ b/plugins/genshin/daily/material.py @@ -480,9 +480,9 @@ async def task(item_id, name, item_type): results = await asyncio.gather(*task_list, return_exceptions=True) # 等待所有任务执行完成 for result in results: if isinstance(result, TimeoutException): - notice_text = f"{result.__class__.__name__} 图标素材下载过程中请求超时.\n有关详细信息,请查看日志" + notice_text = "图标素材下载过程中请求超时\n有关详细信息,请查看日志" elif isinstance(result, Exception): - notice_text = f"{result.__class__.__name__} 图标素材下载过程中发生异常.\n有关详细信息,请查看日志" + notice_text = "图标素材下载过程中发生异常\n有关详细信息,请查看日志" break try: await message.edit_text(notice_text) diff --git a/plugins/genshin/daily_note.py b/plugins/genshin/daily_note.py index f88ba74d..ea517554 100644 --- a/plugins/genshin/daily_note.py +++ b/plugins/genshin/daily_note.py @@ -11,6 +11,7 @@ from core.services.template.services import TemplateService from plugins.tools.genshin import GenshinHelper from utils.log import logger +from utils.uid import mask_number if TYPE_CHECKING: from simnet import GenshinClient @@ -62,7 +63,7 @@ async def _get_daily_note(self, client: "GenshinClient") -> RenderResult: transformer_recovery_time = daily_info.transformer_recovery_time.strftime("%m-%d %H:%M") render_data = { - "uid": client.player_id, + "uid": mask_number(client.player_id), "day": day, "resin_recovery_time": resin_recovery_time, "current_resin": daily_info.current_resin, diff --git a/plugins/genshin/ledger.py b/plugins/genshin/ledger.py index fda6b2b2..390eb626 100644 --- a/plugins/genshin/ledger.py +++ b/plugins/genshin/ledger.py @@ -13,6 +13,7 @@ from core.services.template.services import TemplateService from plugins.tools.genshin import GenshinHelper from utils.log import logger +from utils.uid import mask_number if TYPE_CHECKING: from telegram import Update @@ -55,7 +56,7 @@ def format_amount(amount: int) -> str: return f"{round(amount / 10000, 2)}w" if amount >= 10000 else amount ledger_data = { - "uid": client.player_id, + "uid": mask_number(client.player_id), "day": diary_info.month, "current_primogems": format_amount(diary_info.month_data.current_primogems), "gacha": int(diary_info.month_data.current_primogems / 160), diff --git a/plugins/genshin/player_cards.py b/plugins/genshin/player_cards.py index d1df1732..19ad123c 100644 --- a/plugins/genshin/player_cards.py +++ b/plugins/genshin/player_cards.py @@ -37,6 +37,7 @@ from utils.helpers import download_resource from utils.log import logger from utils.patch.aiohttp import AioHttpTimeoutException +from utils.uid import mask_number if TYPE_CHECKING: from enkanetwork import CharacterInfo, EquipmentsStats @@ -486,7 +487,7 @@ async def render(self): artifact_total_score_label = r[0] data = { - "uid": self.uid, + "uid": mask_number(self.uid), "character": self.character, "stats": await self.de_stats(), "weapon": self.find_weapon(), diff --git a/plugins/genshin/sign.py b/plugins/genshin/sign.py index f8d25751..0a8e7b29 100644 --- a/plugins/genshin/sign.py +++ b/plugins/genshin/sign.py @@ -122,7 +122,7 @@ async def command_start(self, update: Update, context: CallbackContext) -> None: not filters.ChatType.PRIVATE.filter(message), ) reply_message = await message.reply_text( - f"UID {exc.uid} 签到失败,触发验证码风控,请尝试点击下方按钮重新签到", allow_sending_without_reply=True, reply_markup=button + "签到失败,触发验证码风控,请尝试点击下方按钮重新签到", allow_sending_without_reply=True, reply_markup=button ) if filters.ChatType.GROUPS.filter(reply_message): self.add_delete_message_job(reply_message) diff --git a/plugins/genshin/stats.py b/plugins/genshin/stats.py index e7931459..83a389ff 100644 --- a/plugins/genshin/stats.py +++ b/plugins/genshin/stats.py @@ -11,6 +11,7 @@ from core.services.template.services import TemplateService from plugins.tools.genshin import CookiesNotFoundError, GenshinHelper from utils.log import logger +from utils.uid import mask_number if TYPE_CHECKING: from telegram import Update @@ -77,7 +78,7 @@ async def render(self, client: "GenshinClient", uid: Optional[int] = None) -> Re user_info = user_info.copy(deep=True) data = { - "uid": uid, + "uid": mask_number(uid), "info": user_info.info, "stats": user_info.stats, "explorations": user_info.explorations, diff --git a/plugins/tools/sign.py b/plugins/tools/sign.py index d3fe6bca..50bef744 100644 --- a/plugins/tools/sign.py +++ b/plugins/tools/sign.py @@ -6,7 +6,7 @@ from typing import Optional, Tuple, List, TYPE_CHECKING from httpx import TimeoutException -from simnet import Game +from simnet import Game, Region from simnet.errors import BadRequest as SimnetBadRequest, AlreadyClaimed, InvalidCookies, TimedOut as SimnetTimedOut from simnet.utils.player import recognize_genshin_server from sqlalchemy.orm.exc import StaleDataError @@ -136,14 +136,23 @@ async def start_sign( try: if validate: logger.info("UID[%s] 正在尝试通过验证码\nchallenge[%s]\nvalidate[%s]", client.player_id, challenge, validate) - request_daily_reward = await client.request_daily_reward( - "sign", - method="POST", - game=Game.GENSHIN, - lang="zh-cn", - challenge=challenge, - validate=validate, - ) + if client.region == Region.OVERSEAS: + request_daily_reward = await client.request_daily_reward( + "sign", + method="POST", + challenge="9a7e3af0ef6ae8afcb37f091b4224fb0", + game=Game.GENSHIN, + lang="zh-cn", + ) + else: + request_daily_reward = await client.request_daily_reward( + "sign", + method="POST", + game=Game.GENSHIN, + lang="zh-cn", + challenge=challenge, + validate=validate, + ) logger.debug("request_daily_reward 返回 %s", request_daily_reward) if request_daily_reward and request_daily_reward.get("success", 0) == 1: # 尝试通过 ajax 请求绕过签到 @@ -336,4 +345,4 @@ async def do_sign_job(self, context: "ContextTypes.DEFAULT_TYPE", job_type: Sign try: await self.sign_service.update(sign_db) except StaleDataError: - logger.warning("用户 user_id[%s] 自动签到数据过期,跳过更新数据", user_id) + logger.warning("用户 user_id[%s] 自动签到数据过期,跳过更新数据", user_id) \ No newline at end of file diff --git a/utils/uid.py b/utils/uid.py new file mode 100644 index 00000000..9be253cd --- /dev/null +++ b/utils/uid.py @@ -0,0 +1,10 @@ +import re + + +def mask_number(number): + number_str = str(number) + if len(number_str) == 9: + masked_number = re.sub(r"(\d{2})(\d{4})(\d{3})", r"\1****\3", number_str) + return masked_number + else: + return "Invalid input" From 2e43f6cda3fb4d6c008bcda81a504943080cb491 Mon Sep 17 00:00:00 2001 From: "deepsource-autofix[bot]" <62050782+deepsource-autofix[bot]@users.noreply.github.com> Date: Sat, 26 Aug 2023 09:22:03 +0000 Subject: [PATCH 2/6] style: Format code with black --- core/services/wiki/services.py | 1 - plugins/tools/sign.py | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/core/services/wiki/services.py b/core/services/wiki/services.py index 28e3a6d1..7602ca22 100644 --- a/core/services/wiki/services.py +++ b/core/services/wiki/services.py @@ -61,7 +61,6 @@ async def refresh_wiki(self) -> NoReturn: await self.refresh_characters() - async def init(self) -> NoReturn: """ 用于把Redis的缓存全部加载进Python diff --git a/plugins/tools/sign.py b/plugins/tools/sign.py index 50bef744..f629ec81 100644 --- a/plugins/tools/sign.py +++ b/plugins/tools/sign.py @@ -345,4 +345,4 @@ async def do_sign_job(self, context: "ContextTypes.DEFAULT_TYPE", job_type: Sign try: await self.sign_service.update(sign_db) except StaleDataError: - logger.warning("用户 user_id[%s] 自动签到数据过期,跳过更新数据", user_id) \ No newline at end of file + logger.warning("用户 user_id[%s] 自动签到数据过期,跳过更新数据", user_id) From 88e1687d96efe3047f65af2a16a6a05a3026ff36 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=B4=9B=E6=B0=B4=E5=B1=85=E5=AE=A4?= Date: Sat, 26 Aug 2023 17:25:31 +0800 Subject: [PATCH 3/6] :rewind: re --- core/services/wiki/services.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/core/services/wiki/services.py b/core/services/wiki/services.py index 7602ca22..b8758d66 100644 --- a/core/services/wiki/services.py +++ b/core/services/wiki/services.py @@ -58,8 +58,12 @@ async def refresh_wiki(self) -> NoReturn: 用于把Redis的缓存全部加载进Python :return: """ - + logger.info("正在重新获取Wiki") + logger.info("正在重新获取武器信息") + await self.refresh_weapon() + logger.info("正在重新获取角色信息") await self.refresh_characters() + logger.info("刷新成功") async def init(self) -> NoReturn: """ From 4b8bff6a9b543849343781277ee7b61c484c4e73 Mon Sep 17 00:00:00 2001 From: "deepsource-autofix[bot]" <62050782+deepsource-autofix[bot]@users.noreply.github.com> Date: Sat, 26 Aug 2023 09:26:18 +0000 Subject: [PATCH 4/6] refactor: autofix issues in 1 file Resolved issues in utils/uid.py with DeepSource Autofix --- utils/uid.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/utils/uid.py b/utils/uid.py index 9be253cd..75a91b27 100644 --- a/utils/uid.py +++ b/utils/uid.py @@ -6,5 +6,4 @@ def mask_number(number): if len(number_str) == 9: masked_number = re.sub(r"(\d{2})(\d{4})(\d{3})", r"\1****\3", number_str) return masked_number - else: - return "Invalid input" + return "Invalid input" From eb3694c3dfcc087e8d116e3650938b2ade943682 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=B4=9B=E6=B0=B4=E5=B1=85=E5=AE=A4?= Date: Sat, 26 Aug 2023 17:28:05 +0800 Subject: [PATCH 5/6] :rewind: re --- plugins/tools/sign.py | 27 +++++++++------------------ 1 file changed, 9 insertions(+), 18 deletions(-) diff --git a/plugins/tools/sign.py b/plugins/tools/sign.py index f629ec81..d3fe6bca 100644 --- a/plugins/tools/sign.py +++ b/plugins/tools/sign.py @@ -6,7 +6,7 @@ from typing import Optional, Tuple, List, TYPE_CHECKING from httpx import TimeoutException -from simnet import Game, Region +from simnet import Game from simnet.errors import BadRequest as SimnetBadRequest, AlreadyClaimed, InvalidCookies, TimedOut as SimnetTimedOut from simnet.utils.player import recognize_genshin_server from sqlalchemy.orm.exc import StaleDataError @@ -136,23 +136,14 @@ async def start_sign( try: if validate: logger.info("UID[%s] 正在尝试通过验证码\nchallenge[%s]\nvalidate[%s]", client.player_id, challenge, validate) - if client.region == Region.OVERSEAS: - request_daily_reward = await client.request_daily_reward( - "sign", - method="POST", - challenge="9a7e3af0ef6ae8afcb37f091b4224fb0", - game=Game.GENSHIN, - lang="zh-cn", - ) - else: - request_daily_reward = await client.request_daily_reward( - "sign", - method="POST", - game=Game.GENSHIN, - lang="zh-cn", - challenge=challenge, - validate=validate, - ) + request_daily_reward = await client.request_daily_reward( + "sign", + method="POST", + game=Game.GENSHIN, + lang="zh-cn", + challenge=challenge, + validate=validate, + ) logger.debug("request_daily_reward 返回 %s", request_daily_reward) if request_daily_reward and request_daily_reward.get("success", 0) == 1: # 尝试通过 ajax 请求绕过签到 From 2d743d2aca7a721141d5bfc9f1bc91d6ddf92231 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=B4=9B=E6=B0=B4=E5=B1=85=E5=AE=A4?= Date: Sat, 26 Aug 2023 17:45:57 +0800 Subject: [PATCH 6/6] :art: Update code --- plugins/genshin/daily/material.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/plugins/genshin/daily/material.py b/plugins/genshin/daily/material.py index 56ac115c..89304e99 100644 --- a/plugins/genshin/daily/material.py +++ b/plugins/genshin/daily/material.py @@ -28,6 +28,7 @@ from metadata.genshin import AVATAR_DATA, HONEY_DATA from plugins.tools.genshin import CharacterDetails, PlayerNotFoundError, CookiesNotFoundError, GenshinHelper from utils.log import logger +from utils.uid import mask_number try: import ujson as jsonlib @@ -249,7 +250,7 @@ async def daily_material(self, update: "Update", context: "ContextTypes.DEFAULT_ client, user_data = await self._get_data_from_user(user) await message.reply_chat_action(ChatAction.TYPING) - render_data = RenderData(title=title, time=time, uid=client.player_id if client else client) + render_data = RenderData(title=title, time=time, uid=mask_number(client.player_id) if client else client) calculator_sync: bool = True # 默认养成计算器同步为开启 for type_ in ["avatar", "weapon"]: @@ -520,7 +521,7 @@ class AreaData(BaseModel): class RenderData(BaseModel): title: str # 页面标题,主要用于显示星期几 time: str # 页面时间 - uid: Optional[int] = None # 用户UID + uid: Optional[str] = None # 用户UID character: List[AreaData] = [] # 角色数据 weapon: List[AreaData] = [] # 武器数据