Direct Message

Question

Direct Message

Closed this issue 3 years ago · 3 comments

mreider commented 4 years ago

See design here:

https://drive.google.com/drive/folders/1GxXf1vp0gx9WpcllMd3AFQ9vW2irU5HZ

But for now just limited to ONE person. No multiple person messages.

Answer 1 · 2020-11-25T15:49:42.000Z

@falconandy I updated this a bit

Answer 2 · 2020-12-07T10:59:39.000Z

@falconandy is there a way to encrypt these messages somehow - seems confusing to know where the encryption key might be located. One option is to encrypt based on the user's password somehow, since this is hashed in the db I assume?

Answer 3 · 2021-01-27T15:25:47.000Z

Get "post message" token:

POST https://USER-HUB/rpc.TokenService/PostMessage
Content-Type: application/json

{
  "friend_id": "USER-ID"
}

The response contains "message_key" (AES, 256bit, hex-encoded) to encrypt messages between the current user and USER
Message encryption/decryption should be done on frontend (AES, base-64 encoding)
To post an encrypted direct message:

POST http://MESSAGE-HUB/rpc.MessageService/Post
Authorization: Bearer AUTH-TOKEN
Content-Type: application/json

{
  "token":  "POST-MESSAGE-TOKEN",
  "text": "BASE-64 ENOCDED ENCRYPTED MESSAGE"
}

To get encrypted direct messages:

POST http://localhost:12002/rpc.MessageService/Messages
Authorization: Bearer AUTH-TOKEN
Content-Type: application/json

{
  "token":  "GET-MESSAGES-TOKEN",
  "count": COUNT,
  "friend_id": "USER-ID"
}