Add optional more aggressive salting (fixes #95)

2021-01-23 23:13:44 -05:00
parent 6e48a3eac7
commit db9c807289
3 changed files with 15 additions and 2 deletions
--- a/shynet/analytics/tasks.py
+++ b/shynet/analytics/tasks.py
@@ -1,5 +1,4 @@
 import ipaddress
-import json
 import logging
 from hashlib import sha256

@@ -9,6 +8,7 @@ from celery import shared_task
 from django.conf import settings
 from django.core.cache import cache
 from django.db.models import Q
+from django.utils import timezone

 from core.models import Service

@@ -78,6 +78,9 @@ def ingress_request(
        association_id_hash = sha256()
        association_id_hash.update(str(ip).encode("utf-8"))
        association_id_hash.update(str(user_agent).encode("utf-8"))
+        if settings.AGGRESSIVE_HASH_SALTING:
+            association_id_hash.update(str(service.pk).encode("utf-8"))
+            association_id_hash.update(str(timezone.now().date().isoformat()).encode("utf-8"))
        session_cache_path = (
            f"session_association_{service.pk}_{association_id_hash.hexdigest()}"
        )
--- a/shynet/shynet/settings.py
+++ b/shynet/shynet/settings.py
@@ -324,3 +324,6 @@ SHOW_THIRD_PARTY_ICONS = os.getenv("SHOW_THIRD_PARTY_ICONS", "True") == "True"

 # Should Shynet never collect any IP?
 BLOCK_ALL_IPS = os.getenv("BLOCK_ALL_IPS", "False") == "True"
+
+# Include date and service ID in salt?
+AGGRESSIVE_HASH_SALTING = os.getenv("AGGRESSIVE_HASH_SALTING", "False") == True