feat: use the hackatime message queue

Author: taciturnaxolotl

config/config.go

@@ -106,14 +106,14 @@ type appConfig struct {
 }
 
 type securityConfig struct {
-	AllowSignup      bool   `yaml:"allow_signup" default:"true" env:"WAKAPI_ALLOW_SIGNUP"`
-	SignupCaptcha    bool   `yaml:"signup_captcha" default:"false" env:"WAKAPI_SIGNUP_CAPTCHA"`
-	AirtableAPIKey   string `yaml:"airtable_api_key" env:"WAKAPI_AIRTABLE_API_KEY"`
-	InviteCodes      bool   `yaml:"invite_codes" default:"true" env:"WAKAPI_INVITE_CODES"`
-	ExposeMetrics    bool   `yaml:"expose_metrics" default:"false" env:"WAKAPI_EXPOSE_METRICS"`
-	EnableProxy      bool   `yaml:"enable_proxy" default:"false" env:"WAKAPI_ENABLE_PROXY"` // only intended for production instance at wakapi.dev
-	DisableFrontpage bool   `yaml:"disable_frontpage" default:"false" env:"WAKAPI_DISABLE_FRONTPAGE"`
-	AdminToken       string `yaml:"admin_token" default:"blahaji_rulz_da_world" env:"WAKAPI_ADMIN_TOKEN"`
+	AllowSignup                 bool   `yaml:"allow_signup" default:"true" env:"WAKAPI_ALLOW_SIGNUP"`
+	SignupCaptcha               bool   `yaml:"signup_captcha" default:"false" env:"WAKAPI_SIGNUP_CAPTCHA"`
+	HackatimeMessageQueueAPIKey string `yaml:"hackatime_message_queue_api_key" env:"WAKAPI_HACKATIME_MESSAGE_QUEUE_API_KEY"`
+	InviteCodes                 bool   `yaml:"invite_codes" default:"true" env:"WAKAPI_INVITE_CODES"`
+	ExposeMetrics               bool   `yaml:"expose_metrics" default:"false" env:"WAKAPI_EXPOSE_METRICS"`
+	EnableProxy                 bool   `yaml:"enable_proxy" default:"false" env:"WAKAPI_ENABLE_PROXY"` // only intended for production instance at wakapi.dev
+	DisableFrontpage            bool   `yaml:"disable_frontpage" default:"false" env:"WAKAPI_DISABLE_FRONTPAGE"`
+	AdminToken                  string `yaml:"admin_token" default:"blahaji_rulz_da_world" env:"WAKAPI_ADMIN_TOKEN"`
 	// this is actually a pepper (https://en.wikipedia.org/wiki/Pepper_(cryptography))
 	PasswordSalt               string                     `yaml:"password_salt" default:"" env:"WAKAPI_PASSWORD_SALT"`
 	InsecureCookies            bool                       `yaml:"insecure_cookies" default:"false" env:"WAKAPI_INSECURE_COOKIES"`

routes/login.go

@@ -436,10 +436,10 @@ func (h *LoginHandler) PostResetPassword(w http.ResponseWriter, r *http.Request)
 
 			go func(user *models.User) {
 				link := fmt.Sprintf("%s/set-password?token=%s", h.config.Server.GetPublicUrl(), user.ResetToken)
-				if h.config.Security.AirtableAPIKey != "" && resetRequest.Slack && strings.HasPrefix(user.ID, "U") {
-					msgtext := fmt.Sprintf("Arr `%s`! Looks liek ye requested a password reset from hackatime for the email `%s`! If ye didn't request this then sombardy is trying to hack thee account and you should steer clear of below button :tw_crossed_swords:", func() string {
+				if h.config.Security.HackatimeMessageQueueAPIKey != "" && resetRequest.Slack && strings.HasPrefix(user.ID, "U") {
+					msgtext := fmt.Sprintf("Hi there `%s`! :hyper-dino-wave:\n\nI received a password reset request for the email `%s`. If you didn't request this, please ignore this message!", func() string {
 						if user.Name == "" {
-							return "matey"
+							return "spelunker"
 						} else {
 							return user.Name
 						}
@@ -454,21 +454,16 @@ func (h *LoginHandler) PostResetPassword(w http.ResponseWriter, r *http.Request)
 							}
 						},
 						{
-							"type": "actions",
+							"type": "context",
 							"elements": [
 								{
-									"type": "button",
-									"text": {
-										"type": "plain_text",
-										"text": "Reset Password"
-									},
-									"style": "primary",
-									"url": "` + link + `"
+									"type": "mrkdwn",
+									"text": "reset link: \u0060` + link + `\u0060"
 								}
 							]
 						}
 					]`
-					if err := utils.SendSlackMessage(h.config.Security.AirtableAPIKey, user.ID, msg, blocks); err != nil {
+					if err := utils.SendSlackMessage(h.config.Security.HackatimeMessageQueueAPIKey, user.ID, msg, blocks); err != nil {
 						conf.Log().Request(r).Error("failed to send slack message", "error", err)
 					} else {
 						slog.Info("sent slack message", "userID", user.ID)

utils/slack.go

@@ -8,36 +8,26 @@ import (
 	"net/http"
 )
 
-func SendSlackMessage(airtableAPIKey string, userID string, message string, blocksJSON string) error {
-	record := map[string]interface{}{
-		"fields": map[string]interface{}{
-			"requester_identifier": "Hackatime Reset Password",
-			"target_slack_id":      userID,
-			"message_text":         message,
-			"message_blocks":       blocksJSON,
-			"unfurl_links":         true,
-			"unfurl_media":         true,
-			"send_success":         false,
-		},
-	}
-
-	payload := map[string]interface{}{
-		"records": []interface{}{record},
+func SendSlackMessage(hackatimeMessageQueueAPIKey string, userID string, message string, blocksJSON string) error {
+	payload := map[string]any{
+		"channel": userID,
+		"text":    message,
+		"blocks":  blocksJSON,
 	}
 
 	jsonPayload, err := json.Marshal(payload)
 	if err != nil {
 		return fmt.Errorf("error marshaling payload: %v", err)
 	}
 
-	req, err := http.NewRequest("POST", "https://middleman.hackclub.com/airtable/v0/appTeNFYcUiYfGcR6/arrpheus_message_requests", bytes.NewBuffer(jsonPayload))
+	req, err := http.NewRequest("POST", "//hackatime-bot.kierank.hackclub.app/slack/message", bytes.NewBuffer(jsonPayload))
 	if err != nil {
 		return fmt.Errorf("error creating request: %v", err)
 	}
 
 	req.Header.Set("Content-Type", "application/json")
 	req.Header.Set("Accept", "application/json")
-	req.Header.Set("Authorization", "Bearer "+airtableAPIKey)
+	req.Header.Set("Authorization", "Bearer "+hackatimeMessageQueueAPIKey)
 	req.Header.Set("User-Agent", "waka.hackclub.com (reset password)")
 
 	client := &http.Client{}
@@ -65,7 +55,7 @@ func SendSlackMessage(airtableAPIKey string, userID string, message string, bloc
 	}
 
 	if result.Error.Type != "" {
-		return fmt.Errorf("Airtable error: %s - %s", result.Error.Type, result.Error.Message)
+		return fmt.Errorf("Hackatime message queue error: %s - %s", result.Error.Type, result.Error.Message)
 	}
 
 	return nil