Merge pull request #2293 from mkmccarty/mm-branch-3

mkmccarty · web-flow · commit 159700fd3622 · 2026-03-30T12:34:18.000-07:00
✨refactor: remove userID, add external secure hasher to Auth API call
diff --git a/src/ei/ei_api.go b/src/ei/ei_api.go
@@ -12,6 +12,7 @@ import (
 	"net/http"
 	"net/url"
 	"os"
+	"os/exec"
 	"strings"
 	"time"
 
@@ -507,8 +508,36 @@ func APICall(reqURL string, request proto.Message) []byte {
 	return decodedAuthBuf.Message
 }
 
+func getSecureHash(data []byte) (string, error) {
+	binaryPath := "./secure_hasher"
+	info, err := os.Stat(binaryPath)
+	if err != nil {
+		if os.IsNotExist(err) {
+			return "", fmt.Errorf("secure hasher binary not found at %s", binaryPath)
+		}
+		return "", fmt.Errorf("failed to stat secure hasher binary: %w", err)
+	}
+	if info.IsDir() {
+		return "", fmt.Errorf("secure hasher path is a directory: %s", binaryPath)
+	}
+
+	cmd := exec.Command(binaryPath)
+
+	// Pipe the raw bytes into the binary's stdin
+	cmd.Stdin = bytes.NewReader(data)
+
+	var out bytes.Buffer
+	cmd.Stdout = &out
+
+	if err := cmd.Run(); err != nil {
+		return "", fmt.Errorf("failed to execute hasher: %w", err)
+	}
+
+	return strings.TrimSpace(out.String()), nil
+}
+
 // APIAuthenticatedCall wraps the request in an AuthenticatedMessage before sending, then decodes the response the same way as APICall.
-func APIAuthenticatedCall(reqURL string, userID string, request proto.Message) []byte {
+func APIAuthenticatedCall(reqURL string, request proto.Message) []byte {
 	enc := base64.StdEncoding
 
 	innerBin, err := proto.Marshal(request)
@@ -517,9 +546,15 @@ func APIAuthenticatedCall(reqURL string, userID string, request proto.Message) [
 		return nil
 	}
 
+	secureHash, err := getSecureHash(innerBin)
+	if err != nil {
+		log.Print(err)
+		return nil
+	}
+
 	authMsg := &AuthenticatedMessage{
-		Message: []byte(enc.EncodeToString(innerBin)),
-		UserId:  &userID,
+		Message: innerBin,
+		Code:    &secureHash,
 	}
 
 	reqBin, err := proto.Marshal(authMsg)
@@ -578,9 +613,5 @@ func APIAuthenticatedCall(reqURL string, userID string, request proto.Message) [
 		decodedAuthBuf.Message = buf.Bytes()
 	}
 
-	if decodedAuthBuf.GetMessage() == nil {
-		decodedAuthBuf.Message = []byte(decodedAuthBuf.GetCode())
-	}
-
 	return decodedAuthBuf.Message
 }
diff --git a/src/ei/ei_api_leaderboard.go b/src/ei/ei_api_leaderboard.go
@@ -37,7 +37,7 @@ func GetLeaderboardFromAPI(eggIncID string, scope string, grade Contract_PlayerG
 		Grade: &grade,
 	}
 
-	payload := APIAuthenticatedCall(reqURL, eiUserID, &leaderboardRequest)
+	payload := APIAuthenticatedCall(reqURL, &leaderboardRequest)
 	if payload == nil {
 		log.Print("GetLeaderboardFromAPI: APICall returned nil response")
 		return nil

Original file line number	Diff line number	Diff line change
`@@ -37,7 +37,7 @@ func GetLeaderboardFromAPI(eggIncID string, scope string, grade Contract_PlayerG`
`37`	`37`	`Grade: &grade,`
`38`	`38`	`}`
`39`	`39`
`40`		`- payload := APIAuthenticatedCall(reqURL, eiUserID, &leaderboardRequest)`
	`40`	`+ payload := APIAuthenticatedCall(reqURL, &leaderboardRequest)`
`41`	`41`	`if payload == nil {`
`42`	`42`	`log.Print("GetLeaderboardFromAPI: APICall returned nil response")`
`43`	`43`	`return nil`