Migrate to PyNaCl

vue-apps-py/README.MD

@@ -31,7 +31,7 @@ def autocomplete_handler(query_model: AutoModel) -> SuggestionsModel:
 api = ClientAPI(client_id='vue-app-0', client_secret='abccf12389efab222')
 
 # Prepare Security
-key_holder = SecurityHelper(public_key='abbcbbbcaksjdhf/skdjhfnnsn/sjdkfjj21234=')
+key_holder = SecurityHelper(public_key='VoMMy/A7u6GnSajiZbwz0fpIPESA+oQ+b8Qi5LUMiN8=')
 
 # Define intents
 intents: List[Intent] = [InlineQuery(autocomplete_handler)]

vue-apps-py/src/vue_apps_py/server.py

@@ -28,7 +28,7 @@ def VueApp(client_api: ClientAPI,
         body_to_verify = await request.body()
         timestamp = request.headers['X-Signature-Timestamp'].encode('utf-8')
         signature = request.headers['X-Signature-Ed25519'].encode('utf-8')
-        if not security_helper.is_valid(timestamp + body_to_verify, signature):
+        if not security_helper.is_valid(timestamped_body=timestamp + body_to_verify, signature=signature):
             raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail='Verification of signature failed')
 
     @app.post(path='/ping', response_model=PongModel)

vue-apps-py/src/vue_apps_py/server_utils/security.py

@@ -1,15 +1,16 @@
-from ed25519.keys import VerifyingKey
+from nacl.encoding import Base64Encoder
+from nacl.signing import VerifyKey
 
 
 class SecurityHelper:
-    public_key: VerifyingKey
+    public_key: VerifyKey
 
     def __init__(self, public_key: str):
-        self.public_key = VerifyingKey(public_key.encode(), encoding='base64')
+        self.public_key = VerifyKey(public_key.encode(), encoder=Base64Encoder)
 
-    def is_valid(self, http: bytes, signature: bytes) -> bool:
+    def is_valid(self, timestamped_body: bytes, signature: bytes) -> bool:
         try:
-            self.public_key.verify(signature, http, encoding='base64')
+            self.public_key.verify(timestamped_body, signature, encoder=Base64Encoder)
             return True
         except AssertionError:
             return False