feat: Implement user ID encryption and caching in UserService

- Added `apiKeyUserCache` to cache users by their API keys in UserService.
- Modified UserService constructor to populate the cache with users from the database.
- Introduced `encryptUserId` and `decryptUserId` functions for secure user ID handling.
- Updated `authenticateUser` method to utilize the new decryption logic for API keys.
- Refactored user fetching methods to improve readability and maintainability.

Author: fox3000foxy

dist/services/UserService.d.ts

@@ -38,6 +38,7 @@ export interface IUserService {
 }
 export declare class UserService implements IUserService {
     private databaseService;
+    private apiKeyUserCache;
     constructor(databaseService: IDatabaseService);
     private static getIdWhereClause;
     private fetchUserByAnyId;

dist/services/UserService.js

@@ -60,6 +60,13 @@ function slugify(str) {
 let UserService = UserService_1 = class UserService {
     constructor(databaseService) {
         this.databaseService = databaseService;
+        this.apiKeyUserCache = new Map();
+        this.getAllUsersWithDisabled().then((users) => {
+            for (const user of users) {
+                const key = (0, GenKey_1.genKey)(user.user_id);
+                this.apiKeyUserCache.set(key, user);
+            }
+        });
     }
     static getIdWhereClause(includeDisabled = false) {
         const base = "(user_id = ? OR discord_id = ? OR google_id = ? OR steam_id = ?)";
@@ -208,26 +215,21 @@ let UserService = UserService_1 = class UserService {
         return token;
     }
     async deleteUser(user_id) {
-        await this.databaseService.request("DELETE FROM users WHERE user_id = ?", [user_id]);
+        await this.databaseService.request("DELETE FROM users WHERE user_id = ?", [
+            user_id,
+        ]);
     }
     async authenticateUser(tokenOrApiKey) {
-        // Essaye de décoder comme JWT
         const jwtPayload = (0, Jwt_1.verifyUserJwt)(tokenOrApiKey);
-        let apiKey = tokenOrApiKey;
         if (jwtPayload && jwtPayload.apiKey) {
-            apiKey = jwtPayload.apiKey;
+            return this.getUser(jwtPayload.user_id);
         }
-        // Recherche l'utilisateur par apiKey (clé API)
-        const users = await this.getAllUsersWithDisabled();
-        if (!users) {
-            console.error("Error fetching users", users);
+        const apiKey = tokenOrApiKey;
+        // Déchiffre l'user_id depuis la clé API
+        const userId = (0, GenKey_1.decryptUserId)(apiKey);
+        if (!userId)
             return null;
-        }
-        const user = users.find((user) => (0, GenKey_1.genKey)(user.user_id) === apiKey) || null;
-        if (!user) {
-            return null;
-        }
-        return user;
+        return this.getUser(userId);
     }
     async updateWebauthnChallenge(user_id, challenge) {
         await this.databaseService.request("UPDATE users SET webauthn_challenge = ? WHERE user_id = ?", [challenge, user_id]);
@@ -377,7 +379,7 @@ let UserService = UserService_1 = class UserService {
             isStudio: user.isStudio,
             admin: user.admin,
             beta_user: user.beta_user,
-            badges: user.badges
+            badges: user.badges,
         };
         return publicProfile;
     }
@@ -393,7 +395,7 @@ let UserService = UserService_1 = class UserService {
             admin: user.admin,
             beta_user: user.beta_user,
             badges: user.badges,
-            disabled: user.disabled
+            disabled: user.disabled,
         };
         return publicProfile;
     }

dist/utils/GenKey.d.ts

@@ -1,2 +1,4 @@
+export declare function encryptUserId(userId: string): string;
+export declare function decryptUserId(apiKey: string): string | null;
 export declare function genKey(userId: string): string;
 export declare function genVerificationKey(userId: string): string;

dist/utils/GenKey.js

@@ -3,11 +3,39 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.genVerificationKey = exports.genKey = void 0;
+exports.genVerificationKey = exports.genKey = exports.decryptUserId = exports.encryptUserId = void 0;
 const crypto_1 = __importDefault(require("crypto"));
 const dotenv_1 = __importDefault(require("dotenv"));
 const path_1 = __importDefault(require("path"));
 dotenv_1.default.config({ path: path_1.default.join(__dirname, "..", ".env") });
+const ALGO = "aes-256-cbc";
+const IV_LENGTH = 16;
+function encryptUserId(userId) {
+    const SECRET = process.env.HASH_SECRET;
+    const iv = crypto_1.default.randomBytes(IV_LENGTH);
+    const key = crypto_1.default.createHash("sha256").update(SECRET).digest(); // 32 bytes
+    const cipher = crypto_1.default.createCipheriv(ALGO, key, iv);
+    let encrypted = cipher.update(userId, "utf8", "hex");
+    encrypted += cipher.final("hex");
+    return iv.toString("hex") + ":" + encrypted;
+}
+exports.encryptUserId = encryptUserId;
+function decryptUserId(apiKey) {
+    try {
+        const SECRET = process.env.HASH_SECRET;
+        const [ivHex, encrypted] = apiKey.split(":");
+        const iv = Buffer.from(ivHex, "hex");
+        const key = crypto_1.default.createHash("sha256").update(SECRET).digest(); // 32 bytes
+        const decipher = crypto_1.default.createDecipheriv(ALGO, key, iv);
+        let decrypted = decipher.update(encrypted, "hex", "utf8");
+        decrypted += decipher.final("utf8");
+        return decrypted;
+    }
+    catch {
+        return null;
+    }
+}
+exports.decryptUserId = decryptUserId;
 function createHash(userId, secret) {
     if (!userId)
         throw new Error("userId is required for key generation");
@@ -19,7 +47,9 @@ function createHash(userId, secret) {
         .digest("hex");
 }
 function genKey(userId) {
-    return createHash(userId, process.env.HASH_SECRET);
+    // return createHash(userId, process.env.HASH_SECRET);
+    const encryptedUserId = encryptUserId(userId);
+    return encryptedUserId;
 }
 exports.genKey = genKey;
 function genVerificationKey(userId) {