fix: use hashed national id instead of national id

2026-01-10 05:07:55 -05:00 · 2023-12-07 10:09:00 +08:00
parent dc4ac9fbe7
commit b9a4e277f9
15 changed files with 40 additions and 45 deletions
--- a/apps/server/src/national/national.service.ts
+++ b/apps/server/src/national/national.service.ts
@@ -16,7 +16,10 @@ export class NationalService {
  ) {}

  generateJwtPayload(user: UserDocument): LoginResponse {
-    const payload = { username: user.nationalId, sub: user._id.toHexString() };
+    const payload = {
+      username: user.hashedNationalId,
+      sub: user._id.toHexString(),
+    };
    return {
      id: user._id.toHexString(),
      token: this.jwtService.sign(payload),
--- a/apps/server/src/user/user.schema.ts
+++ b/apps/server/src/user/user.schema.ts
@@ -7,7 +7,7 @@ export type UserDocument = HydratedDocument<User>;
@Schema()
 export class User {
  @Prop({ required: true })
-  nationalId: string;
+  hashedNationalId: string;

  @Prop({ type: SchemaTypes.ObjectId, ref: 'Identity' })
  currentIdentity: Identity;
--- a/apps/server/src/user/user.service.ts
+++ b/apps/server/src/user/user.service.ts
@@ -1,3 +1,4 @@
+import { createHash } from 'crypto';
 import { Injectable, NotFoundException } from '@nestjs/common';
 import { User, UserDocument } from './user.schema';
 import { InjectModel } from '@nestjs/mongoose';
@@ -59,9 +60,11 @@ export class UsersService {
  }

  async findOrCreate(nationalId: string): Promise<UserDocument> {
+    const hashFunc = createHash('sha256');
+    const hashedNationalId = hashFunc.update(nationalId).digest('hex');
    return this.userModel.findOneAndUpdate(
-      { nationalId },
-      { nationalId },
+      { hashedNationalId },
+      { hashedNationalId },
      { upsert: true, new: true, setDefaultsOnInsert: true }
    );
  }
@@ -98,8 +101,8 @@ export class UsersService {
    return this.updateIdentity(userId, 'semaphoreCommitment', value);
  }

-  findOne(nationalId: string): Promise<User | null> {
-    return this.userModel.findOne({ nationalId });
+  findOne(hashedNationalId: string): Promise<User | null> {
+    return this.userModel.findOne({ hashedNationalId });
  }

  async revokeIdentity(userId: string): Promise<boolean> {
--- a/apps/wallet/src/pages/CredentialSelection.tsx
+++ b/apps/wallet/src/pages/CredentialSelection.tsx
@@ -22,12 +22,12 @@ export function CredentialSelection() {

  const credentials = useCredentials(
    CredentialMode.Select,
-    user?.nationalId,
+    user?.hashedNationalId,
    user?.ethereumAccount
  );

  const handleAction = async (
-    credentialKey: CredentialType, 
+    credentialKey: CredentialType,
    actionId: ActionId
  ) => {
    let vc: VerifiableCredential | null = null;
@@ -45,7 +45,7 @@ export function CredentialSelection() {
        sendCredential(MessageAction.SELECT_CREDENTIAL, vc);
      }
    }
-  }
+  };

  // if (isConnected)
  return (
--- a/apps/wallet/src/pages/CredentialView.tsx
+++ b/apps/wallet/src/pages/CredentialView.tsx
@@ -18,10 +18,10 @@ export function CredentialView() {
    getSemaphoreGroup,
    generateSemaphoreIdentity,
  } = useTwDid();
-  
+
  const credentials = useCredentials(
    CredentialMode.List,
-    user?.nationalId,
+    user?.hashedNationalId,
    user?.ethereumAccount
  );

--- a/apps/wallet/src/pages/Welcome.tsx
+++ b/apps/wallet/src/pages/Welcome.tsx
@@ -15,25 +15,27 @@ export function Welcome() {
  const gotoView = async () => {
    navigate({ to: '/view-credential' });
    return;
-  }
+  };

  const gotoSelect = async () => {
    navigate({ to: '/select-credential' });
    return;
-  }
-  
+  };
+
  /* TODO: the credentials should be loaded from ls */
  /* TODO: let user be undefined if no credential stored */
-  const user = credentials ? {
-    nationalId: credentials[CredentialType.ETHEREUM].fields[0].value,
-    walletAddr: credentials[CredentialType.ETHEREUM].fields[1].value,
-  } : undefined;
+  const user = credentials
+    ? {
+        hashedNationalId: credentials[CredentialType.ETHEREUM].fields[0].value,
+        walletAddr: credentials[CredentialType.ETHEREUM].fields[1].value,
+      }
+    : undefined;

  return (
    <>
      <WalletHomeScreen
        user={user}
-        mode='view' // TODO: change to 'select' if requested
+        mode="view" // TODO: change to 'select' if requested
        gotoRegister={gotoRegister}
        gotoView={gotoView}
        gotoSelect={gotoSelect}
--- a/apps/web/src/pages/CredentialSelection.tsx
+++ b/apps/web/src/pages/CredentialSelection.tsx
@@ -22,7 +22,7 @@ export function CredentialSelection() {
  const { isConnected } = useAccount();
  const credentials = useCredentials(
    CredentialMode.Select,
-    user?.nationalId,
+    user?.hashedNationalId,
    user?.ethereumAccount
  );

--- a/apps/web/src/pages/CredentialView.tsx
+++ b/apps/web/src/pages/CredentialView.tsx
@@ -21,7 +21,7 @@ export function CredentialView() {
  } = useTwDid();
  const credentials = useCredentials(
    CredentialMode.List,
-    user?.nationalId,
+    user?.hashedNationalId,
    user?.ethereumAccount
  );

--- a/apps/web/src/pages/Login.tsx
+++ b/apps/web/src/pages/Login.tsx
@@ -15,7 +15,7 @@ export function Login() {

  return (
    <LoginScreen
-      nationID={user?.nationalId || ''}
+      nationID=""
      walletAddr="0x***********"
      spTicketPayload={loginInfo?.qrcode?.spTicketPayload || ''}
      handleFidoLogin={handleLogin}
--- a/apps/web/src/pages/Register.tsx
+++ b/apps/web/src/pages/Register.tsx
@@ -75,7 +75,7 @@ export function Register() {
  return (
    <RegisterScreen
      currentStepId={currentStep}
-      nationalId={user?.nationalId || ''}
+      nationalId=""
      ethereumAccount={ethereumAccount}
      spTicketPayload={loginInfo?.qrcode?.spTicketPayload || ''}
      onAction={onAction}
--- a/apps/web/src/pages/Welcome.tsx
+++ b/apps/web/src/pages/Welcome.tsx
@@ -4,7 +4,7 @@ import { useNavigate } from '@tanstack/react-router';
 import { registerRoute } from '../router';

 export function Welcome() {
-  const { user, requestLogin } = useTwDid();
+  const { requestLogin } = useTwDid();
  const navigate = useNavigate();

  const handleLogin = async (nationalId: string) => {
@@ -19,7 +19,7 @@ export function Welcome() {

  return (
    <WelcomeScreen
-      nationalId={user?.nationalId || ''} // use user nationalId if logined before
+      nationalId="" // use user nationalId if logined before
      handleRegister={handleLogin}
    />
  );
--- a/libs/react-library/src/lib/components/layout/ConnectionsCard/ConnectionCard.tsx
+++ b/libs/react-library/src/lib/components/layout/ConnectionsCard/ConnectionCard.tsx
@@ -5,13 +5,11 @@ import { EthLogo } from '../../common/icons/ethLogo';
 import { SuccessIcon } from '../../common/icons/success';
 import { ErrorIcon } from '../../common/icons/error';
 import { ShortenAddr } from '../../common/shortenAddr';
-import { maskString } from '../../../utils/utils';

 export const ConnectionCard = ({
  fidoState,
  walletState,
  bindState,
-  nationID,
  walletAddr,
 }: {
  fidoState?: number;
@@ -35,12 +33,6 @@ export const ConnectionCard = ({
        <FidoLogo />
        {fidoState !== undefined && fidoState === 2 && <SuccessIcon />}
        {fidoState !== undefined && fidoState === 3 && <ErrorIcon />}
-        {nationID && (
-          <div className={styles.info}>
-            <div className={styles.label}>{t('nationalId')}</div>
-            <div className={styles.value}>{maskString(nationID)}</div>
-          </div>
-        )}
      </div>

      {bindState !== undefined && bindState === 1 && <SuccessIcon />}
--- a/libs/react-library/src/lib/components/layout/action-screen/WalletHomeScreen.tsx
+++ b/libs/react-library/src/lib/components/layout/action-screen/WalletHomeScreen.tsx
@@ -11,13 +11,13 @@ import { ConnectionCardSimple } from '../ConnectionsCardSimple/ConnectionCardSim

 export const WalletHomeScreen = ({
  user,
-  mode, 
+  mode,
  gotoRegister,
  gotoView,
  gotoSelect,
 }: {
  user?: {
-    nationalId: string;
+    hashedNationalId: string;
    walletAddr: string;
  };
  mode: 'view' | 'select';
@@ -84,7 +84,7 @@ export const WalletHomeScreen = ({
            <h1 className={styles.textLarge}> {currentState.title} </h1>
            {user && (
              <ConnectionCardSimple
-                nationID={user.nationalId}
+                nationID={user.hashedNationalId}
                walletAddr={user.walletAddr}
              />
            )}
--- a/libs/react-library/src/lib/contexts/TwDidContext.tsx
+++ b/libs/react-library/src/lib/contexts/TwDidContext.tsx
@@ -70,7 +70,7 @@ class UpdateSemaphoreCommitmentError extends Error {
 }

 interface User {
-  nationalId: string;
+  hashedNationalId: string;
  ethereumAccount: string;
  semaphoreCommitment: string;
  id: string;
@@ -144,10 +144,10 @@ export const TwDidProvider: React.FC<TwDidProviderProps> = ({ children }) => {
    });
    const user = await res.json();
    if (res.status === 200) {
-      const { nationalId, currentIdentity } = user;
+      const { hashedNationalId, currentIdentity } = user;
      const { ethereumAccount, semaphoreCommitment } = currentIdentity || {};
      setUser({
-        nationalId,
+        hashedNationalId,
        ethereumAccount,
        semaphoreCommitment,
        id,
--- a/libs/react-library/src/lib/hooks/useCredential.tsx
+++ b/libs/react-library/src/lib/hooks/useCredential.tsx
@@ -19,7 +19,7 @@ export enum CredentialMode {

 export function useCredentials(
  mode: CredentialMode,
-  nationalId = '',
+  hashedNationalId = '',
  ethereumAccount = ''
 ): CredentialMap {
  const { t } = useTranslation();
@@ -31,11 +31,6 @@ export function useCredentials(
    [CredentialType.ETHEREUM]: {
      type: CredentialType.ETHEREUM,
      fields: [
-        {
-          key: CredentialFieldKey.NATION_ID,
-          label: t('nationalId'),
-          value: nationalId,
-        },
        {
          key: CredentialFieldKey.ETHEREUM_ADDRESS,
          label: t('account'),