User IP Hashes are now salted with 24 bits from a cryptographically secure random generation function formatted into base 64 for extra privacy/security.

2025-11-03 19:07:38 -05:00 · 2025-11-03 19:07:38 -05:00 · ade2a4210d
commit ade2a4210d
parent 75301ec7d9
4 changed files with 32 additions and 14 deletions
--- a/src/schemas/user/userBanSchema.js
+++ b/src/schemas/user/userBanSchema.js
@ -73,8 +73,6 @@ const userBanSchema = new mongoose.Schema({
 * @returns {Mongoose.Document} Found ban Document if one exists.
 */
 userBanSchema.statics.checkBanByIP = async function(ip){
-    //Get hash of ip
-    const ipHash = hashUtil.hashIP(ip);
    //Get all bans
    const banDB = await this.find({});
    //Create null variable to hold any found ban
@ -106,7 +104,7 @@ userBanSchema.statics.checkBanByIP = async function(ip){
            const curHash = ban.ips.hashed[ipIndex];

            //Check the current hash against the given hash
-            if(ipHash == curHash){
+            if(hashUtil.compareIPHash(ip, curHash)){
                //If it matches we found the ban
                foundBan = ban;

--- a/src/schemas/user/userSchema.js
+++ b/src/schemas/user/userSchema.js
@ -757,8 +757,6 @@ userSchema.methods.tattooIPRecord = async function(ip){
            lastLog: new Date()
        };

-        //We should really start using for loops and stop acting like its 2008
-        //Though to be quite honest this bit would be particularly brutal without them
        //For every user in the userlist
        for(let curUser of users){
            //Ensure we're not checking the user against itself
@ -766,7 +764,7 @@ userSchema.methods.tattooIPRecord = async function(ip){
                //For every IP record in the current user
                for(let curRecord of curUser.recentIPs){
                    //If it matches the current ipHash
-                    if(curRecord.ipHash == ipHash){
+                    if(hashUtil.compareIPHash(ip, curRecord.ipHash)){
                        //Check if we've already marked the user as an alt
                        const foundAlt = this.alts.indexOf(curUser._id);

@ -803,7 +801,7 @@ userSchema.methods.tattooIPRecord = async function(ip){
    //Look for matching ip record
    function checkHash(ipRecord){
        //return matching records
-        return ipRecord.ipHash == ipHash;
+        return hashUtil.compareIPHash(ip, ipRecord.ipHash);
    }
 }