Direct Message
Closed this issue · 3 comments
mreider commented
See design here:
https://drive.google.com/drive/folders/1GxXf1vp0gx9WpcllMd3AFQ9vW2irU5HZ
But for now just limited to ONE person. No multiple person messages.
mreider commented
@falconandy I updated this a bit
mreider commented
@falconandy is there a way to encrypt these messages somehow - seems confusing to know where the encryption key might be located. One option is to encrypt based on the user's password somehow, since this is hashed in the db I assume?
falconandy commented
- Get "post message" token:
POST https://USER-HUB/rpc.TokenService/PostMessage
Content-Type: application/json
{
"friend_id": "USER-ID"
}
- The response contains "message_key" (AES, 256bit, hex-encoded) to encrypt messages between the current user and USER
- Message encryption/decryption should be done on frontend (AES, base-64 encoding)
- To post an encrypted direct message:
POST http://MESSAGE-HUB/rpc.MessageService/Post
Authorization: Bearer AUTH-TOKEN
Content-Type: application/json
{
"token": "POST-MESSAGE-TOKEN",
"text": "BASE-64 ENOCDED ENCRYPTED MESSAGE"
}
- To get encrypted direct messages:
POST http://localhost:12002/rpc.MessageService/Messages
Authorization: Bearer AUTH-TOKEN
Content-Type: application/json
{
"token": "GET-MESSAGES-TOKEN",
"count": COUNT,
"friend_id": "USER-ID"
}