From 7d1979fec63ca3509a845a73fa001aaae77a716c Mon Sep 17 00:00:00 2001
From: Rahix <rahix@rahix.de>
Date: Wed, 16 Aug 2023 16:18:55 +0200
Subject: [PATCH] api: Add a flow3r seed which can be used for app installation

The flow3r seed is a code that can be entered on the badge to install an
app.  This means it needs to be unique and stable for each app.

The idea is that we generate this by hashing the repository slug.  From
the hash, we extract 8 numbers between 0 and 4.  Collision handling is
not yet implemented.
---
 server_apps.go | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/server_apps.go b/server_apps.go
index 2c972a3..e058e32 100644
--- a/server_apps.go
+++ b/server_apps.go
@@ -6,6 +6,7 @@ import (
 	"bytes"
 	"compress/gzip"
 	"context"
+	"crypto/md5"
 	"encoding/json"
 	"fmt"
 	"io"
@@ -39,6 +40,7 @@ type appInfo struct {
 	version     int
 	commit      string
 	stars       int
+	flow3rSeed  string
 
 	commitObj *object.Commit
 	zip       []byte
@@ -358,6 +360,16 @@ func (s *server) getAppInfo(ctx context.Context, pathInRepo, repo string) (*appI
 		return nil, fmt.Errorf("targzing failed: %w", err)
 	}
 	app.targz = tbytes
+
+	// Calculate an 8 digit flow3r seed which can be used to install the
+	// app.  This is based on md5 so ambitious hack3rs can force a certain
+	// app seed :)
+	flow3rSeedMd5 := md5.Sum([]byte(repo))
+	app.flow3rSeed = "";
+	for i := 0; i < 8; i++ {
+		app.flow3rSeed += string(flow3rSeedMd5[i] % 5 + byte('0'))
+	}
+
 	return app, nil
 }
 
@@ -473,6 +485,7 @@ func (s *server) handleApps(w http.ResponseWriter, r *http.Request) {
 		Description    string `json:"description"`
 		Version        int    `json:"version"`
 		Stars          int    `json:"stars"`
+		Flow3rSeed     string `json:"flow3rSeed"`
 	}
 
 	type res struct {
@@ -499,6 +512,7 @@ func (s *server) handleApps(w http.ResponseWriter, r *http.Request) {
 			Description:    a.appInfo.description,
 			Version:        a.appInfo.version,
 			Stars:          a.appInfo.stars,
+			Flow3rSeed:     a.appInfo.flow3rSeed,
 		})
 	}
 	w.Header().Add("Access-Control-Allow-Origin", "*")
-- 
GitLab