alexabudaev/mistral-chat-app
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Remove hardcoded API key, add encrypted storage with AES-256

Browse source
This commit is contained in:
Алексей Будаев 2026-04-05 18:02:58 +08:00
parent e98cd8b8e7
commit a5fe4bc29e
3 changed files with 43 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

6
app/build.gradle
View file

@ -40,8 +40,14 @@ dependencies {
implementation 'androidx.recyclerview:recyclerview:1.3.2' implementation 'androidx.recyclerview:recyclerview:1.3.2'
implementation 'androidx.lifecycle:lifecycle-viewmodel-ktx:2.7.0' implementation 'androidx.lifecycle:lifecycle-viewmodel-ktx:2.7.0'
implementation 'androidx.lifecycle:lifecycle-livedata-ktx:2.7.0' implementation 'androidx.lifecycle:lifecycle-livedata-ktx:2.7.0'
implementation 'androidx.security:security-crypto:1.1.0-alpha06'
implementation 'com.squareup.okhttp3:okhttp:4.12.0' implementation 'com.squareup.okhttp3:okhttp:4.12.0'
implementation 'com.google.code.gson:gson:2.10.1' implementation 'com.google.code.gson:gson:2.10.1'
implementation 'org.jetbrains.kotlinx:kotlinx-coroutines-android:1.7.3' implementation 'org.jetbrains.kotlinx:kotlinx-coroutines-android:1.7.3'
implementation 'io.noties.markwon:core:4.6.2'
implementation 'io.noties.markwon:ext-strikethrough:4.6.2'
implementation 'io.noties.markwon:ext-tables:4.6.2'
implementation 'io.noties.markwon:ext-tasklist:4.6.2'
} }

48
app/src/main/java/com/mistral/chat/ui/MainActivity.kt
View file

@ -12,6 +12,7 @@ import android.widget.ImageButton
import android.widget.ImageView import android.widget.ImageView
import android.widget.PopupMenu import android.widget.PopupMenu
import android.widget.TextView import android.widget.TextView
import android.widget.Toast
import androidx.appcompat.app.AlertDialog import androidx.appcompat.app.AlertDialog
import androidx.appcompat.app.AppCompatActivity import androidx.appcompat.app.AppCompatActivity
import androidx.appcompat.app.AppCompatDelegate import androidx.appcompat.app.AppCompatDelegate
@ -19,6 +20,8 @@ import androidx.core.view.isVisible
import androidx.lifecycle.lifecycleScope import androidx.lifecycle.lifecycleScope
import androidx.recyclerview.widget.LinearLayoutManager import androidx.recyclerview.widget.LinearLayoutManager
import androidx.recyclerview.widget.RecyclerView import androidx.recyclerview.widget.RecyclerView
import androidx.security.crypto.EncryptedSharedPreferences
import androidx.security.crypto.MasterKey
import com.google.android.material.color.DynamicColors import com.google.android.material.color.DynamicColors
import com.google.android.material.progressindicator.LinearProgressIndicator import com.google.android.material.progressindicator.LinearProgressIndicator
import com.google.android.material.textfield.TextInputEditText import com.google.android.material.textfield.TextInputEditText
@ -48,6 +51,7 @@ class MainActivity : AppCompatActivity() {
private var availableModels: List<Pair<String, String>> = emptyList() private var availableModels: List<Pair<String, String>> = emptyList()
private var selectedModelName: String = "mistral-small-latest" private var selectedModelName: String = "mistral-small-latest"
private lateinit var prefs: SharedPreferences private lateinit var prefs: SharedPreferences
private lateinit var encryptedPrefs: SharedPreferences
companion object { companion object {
private const val PREFS_NAME = "mistral_chat_prefs" private const val PREFS_NAME = "mistral_chat_prefs"
@ -57,7 +61,6 @@ class MainActivity : AppCompatActivity() {
private const val KEY_MESSAGES = "chat_messages" private const val KEY_MESSAGES = "chat_messages"
private const val KEY_PROFILE_HASH = "profile_hash" private const val KEY_PROFILE_HASH = "profile_hash"
private const val KEY_API_KEY = "api_key" private const val KEY_API_KEY = "api_key"
private const val DEFAULT_API_KEY = "YW0IjDBRLuyEBcgNjVeVUFlMI6fcZYLA"
} }
override fun onCreate(savedInstanceState: Bundle?) { override fun onCreate(savedInstanceState: Bundle?) {
@ -70,6 +73,22 @@ class MainActivity : AppCompatActivity() {
gson = Gson() gson = Gson()
prefs = getSharedPreferences(PREFS_NAME, Context.MODE_PRIVATE) prefs = getSharedPreferences(PREFS_NAME, Context.MODE_PRIVATE)
val masterKey = MasterKey.Builder(this)
.setKeyScheme(MasterKey.KeyScheme.AES256_GCM)
.build()
encryptedPrefs = EncryptedSharedPreferences.create(
this,
PREFS_NAME + "_secure",
masterKey,
EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,
EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM
)
if (!hasApiKey()) {
showApiKeyDialog()
}
client = MistralClient(getApiKey()) client = MistralClient(getApiKey())
loadMessages() loadMessages()
@ -231,22 +250,27 @@ class MainActivity : AppCompatActivity() {
} }
private fun getApiKey(): String { private fun getApiKey(): String {
return prefs.getString(KEY_API_KEY, DEFAULT_API_KEY) ?: DEFAULT_API_KEY return encryptedPrefs.getString(KEY_API_KEY, null) ?: ""
}
private fun hasApiKey(): Boolean {
return encryptedPrefs.contains(KEY_API_KEY)
} }
private fun saveApiKey(apiKey: String) { private fun saveApiKey(apiKey: String) {
prefs.edit().putString(KEY_API_KEY, apiKey).apply() encryptedPrefs.edit().putString(KEY_API_KEY, apiKey).apply()
client = MistralClient(apiKey) client = MistralClient(apiKey)
} }
private fun deleteApiKey() { private fun deleteApiKey() {
prefs.edit().remove(KEY_API_KEY).apply() encryptedPrefs.edit().remove(KEY_API_KEY).apply()
client = MistralClient(DEFAULT_API_KEY) Toast.makeText(this, getString(R.string.api_key_deleted), Toast.LENGTH_SHORT).show()
showApiKeyDialog()
} }
private fun showApiKeyDialog() { private fun showApiKeyDialog() {
val currentKey = getApiKey() val currentKey = getApiKey()
val hasCustomKey = currentKey != DEFAULT_API_KEY && prefs.contains(KEY_API_KEY) val hasCustomKey = currentKey.isNotEmpty()
val displayKey = if (hasCustomKey && currentKey.length > 8) { val displayKey = if (hasCustomKey && currentKey.length > 8) {
currentKey.take(4) + "*".repeat(currentKey.length - 8) + currentKey.takeLast(4) currentKey.take(4) + "*".repeat(currentKey.length - 8) + currentKey.takeLast(4)
} else if (hasCustomKey) { } else if (hasCustomKey) {
@ -270,25 +294,23 @@ class MainActivity : AppCompatActivity() {
val newKey = inputField.text?.toString()?.trim() val newKey = inputField.text?.toString()?.trim()
if (!newKey.isNullOrEmpty()) { if (!newKey.isNullOrEmpty()) {
saveApiKey(newKey) saveApiKey(newKey)
showToast(getString(R.string.api_key_saved)) Toast.makeText(this, getString(R.string.api_key_saved), Toast.LENGTH_SHORT).show()
} else {
Toast.makeText(this, getString(R.string.enter_api_key), Toast.LENGTH_SHORT).show()
} }
} }
.setNegativeButton(R.string.cancel, null)
.apply { .apply {
if (hasCustomKey) { if (hasCustomKey) {
setNegativeButton(R.string.cancel, null)
setNeutralButton(R.string.delete) { _, _ -> setNeutralButton(R.string.delete) { _, _ ->
deleteApiKey() deleteApiKey()
showToast(getString(R.string.api_key_deleted))
} }
} }
} }
.setCancelable(false)
.show() .show()
} }
private fun showToast(message: String) {
android.widget.Toast.makeText(this, message, android.widget.Toast.LENGTH_SHORT).show()
}
private fun sendMessage(userInput: String) { private fun sendMessage(userInput: String) {
val selectedModel = selectedModelName val selectedModel = selectedModelName

2
app/src/main/res/values/strings.xml
View file

@ -32,4 +32,6 @@
<string name="api_key_deleted">API ключ удалён</string> <string name="api_key_deleted">API ключ удалён</string>
<string name="no_api_key">API ключ не установлен</string> <string name="no_api_key">API ключ не установлен</string>
<string name="api_key_current">Текущий ключ: %s</string> <string name="api_key_current">Текущий ключ: %s</string>
<string name="enter_api_key">Введите API ключ</string>
<string name="api_key_required">Требуется API ключ Mistral</string>
</resources> </resources>