more flexible

Dockerfile

@@ -1,8 +1,12 @@
 FROM node:22-bullseye
 ARG APP_PORT
 ENV APP_PORT $APP_PORT
-COPY . .
+WORKDIR /app
+COPY migrations migrations
+COPY public public
+COPY views views
+COPY src src
+COPY entrypoint.sh migrate.sh package.json package-lock.json .
 RUN npm i
-
 EXPOSE $APP_PORT
-ENTRYPOINT ["node", "./src/index.js"]
+ENTRYPOINT ["bash", "./entrypoint.sh"]

README.md

@@ -1,2 +1 @@
 # captcha_agregator
-

TODO

@@ -1,5 +0,0 @@
-[ ] Fully implement and test proxies 
-[ ] Add a counter of tries for a captcha
-[ ] Make new setting "max tries per captcha"
-[ ] Unclaim proxy and delete captcha on max tries reached
-[ ] Add retry to fronted when captcha is entered incorrectly

docker-compose.yml

@@ -5,18 +5,18 @@ services:
     ports:
       - ${APP_PORT}:${APP_PORT}
     depends_on:
-      - database
+      database:
+        condition: service_healthy
     restart: on-failure
     volumes:
-      - ./data/temp:/temp
+      - ./data/uploads:${DATA_DIR}
-      - ./data/uploads:/uploads
+      - ./.env:/app/.env:ro
   database:
+    hostname: database
     image: 'postgres:15'
     volumes:
       - ./data/db:/var/lib/postgresql/data
     env_file: .env
-    ports:
-      - 5432:5432
     environment:
       POSTGRES_USER: ${DBUSER}
       POSTGRES_PASSWORD: ${DBPASS}

entrypoint.sh

@@ -0,0 +1,4 @@
+#!/usr/bin/env bash
+
+npm run migrate up
+node src/index.js

new_captcha_user.sh

@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+
+curl -X POST https://captcha.foxarmy.org/api/user/register -H 'Content-Type: application/json' -H "Authorization: Bearer $1" --data-raw "{\"username\":\"$2\", \"password\":\"$3\"}"

public/css/index.css

@@ -20,3 +20,13 @@ body {
     margin-top: 1%;
     margin-bottom: 1%;
 }
+
+.topSolvers {
+    margin-left: auto;
+    margin-right: 5%;
+    max-width: max-content;
+    float:right;
+    display: inline;
+    margin-top:1%;
+    padding-top: 0%;
+}

public/js/index.js

@@ -26,7 +26,6 @@ const get_cookie = (name) => {
         const cookie = cookies[i].trim();
         if (cookie.startsWith(name + '=')) {
             const value = cookie.substring(name.length + 1);
-        console.log(value);
         }
     }
 }
@@ -37,31 +36,66 @@ const blobToBase64 = (blob) => {
         reader.onloadend = () => resolve(reader.result);
         reader.readAsDataURL(blob);
     });
+}
+
+const show_stats = async () => {
+    const response = await fetch("/api/user/stats", {
+        method: "GET",
+        headers: {
+            'Content-Type': 'application/json'
         }
+    });
+    const stats = (await response.json()).stats;
+    const statsText = document.getElementById("topSolversText");
+    statsText.innerHTML += '<br/>'
+    stats.top_five.forEach(stat => {
+        statsText.innerHTML += `<b>${stat.username}: ${stat.count}</b><br/>`;
+    });
+    statsText.innerHTML += `You have solved ${stats.my_count} captcha(s)`
+}
+
+const validate_solution = (settings, solution) => {
+    if (solution.length != settings.captcha_length) return false;
+    for (let i = 0; i < solution.length; i++) {
+        let char = solution[i];
+        if (!char.match(settings.captcha_regex)) {
+            console.log("Illegal symbol: " + char);
+            alert(`Illegal symbol ${char} at position ${i + 1}`);
+            return false
+        }
+    }
+    return true;
+}
 
 window.onload = async () => {
-    console.log("koka: " + get_cookie("JWT"));
+    const inputField = document.getElementById("captcha");
-    console.log("all: " + document.cookie);
+    inputField.focus();
+    // intentionally do not wait for it 
+    show_stats();
     if (!document.cookie.includes('JWT')) {
         document.location.href = "/login";
     }
-
+    const settings = await (await fetch("/api/settings")).json();
-    const response = await fetch("https://check.ofd.ru/api/captcha/common/img");
+    const captcha_source_url = settings.captcha_source_url;
+    const response = await fetch(captcha_source_url);
     captcha = await response.blob();
 
     const url = URL.createObjectURL(captcha);
     document.getElementById("captcha_image").src = url;
-    console.log(captcha.type)
     const form = document.getElementById("captchaForm");
-    const inputField = document.getElementById("captcha");
+
     form.addEventListener('submit', async (e) => {
         e.preventDefault();
+        if (!validate_solution(settings, inputField.value)) {
+            alert("You must specify valid solution!")
+            return;
+        }
         // if (!await check_solution(inputField.value)) {
         //     alert("Капча решена неверно")
         //     returnl
         // }
 
-        const response = await fetch(`/api/captcha/submit`, {method: "POST", headers: {'Content-Type': 'application/json'}, body: JSON.stringify({ "image": await blobToBase64(captcha), "solution": inputField.value})});
+        const response = await fetch(`/api/captcha/submit`, { method: "POST", headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ "image": await blobToBase64(captcha), "solution": inputField.value }) });
         if (response.status == 200) {
             inputField.value = "";
             window.location.reload();

sample.env

@@ -11,3 +11,6 @@ CAPTCHA_SOURCE_URL=https://example.com
 DATA_DIR=/opt/captcha_aggregator
 ADMIN_TOKEN=GENERATE_A_STRONG_TOKEN_HERE
 SECRET=GENERATE_A_STRONG_SECRET_HERE
+#Allowed symbols. Must be a regex
+ALPHABET="[123456789ABCDEFGHIJKLMNPQRSTUVWXZY]"
+CAPTCHA_LENGTH=6

src/config.js

@@ -2,7 +2,7 @@ import dotenv from 'dotenv';
 
 dotenv.config({ path: ".env" });
 
-const getBoolean = value => { return value === 'true'? true : false }
+const getBoolean = value => { return value === 'true' ? true : false }
 
 const config = {
     dbuser: process.env.DBUSER,
@@ -16,7 +16,9 @@ const config = {
     captcha_source_url: process.env.CAPTCHA_SOURCE_URL,
     data_dir: process.env.DATA_DIR,
     admin_token: process.env.ADMIN_TOKEN,
-    secret: process.env.SECRET
+    secret: process.env.SECRET,
+    alphabet: process.env.ALPHABET,
+    captcha_length: Number.parseInt(process.env.CAPTCHA_LENGTH)
 }
 
 export default config;

src/controllers/captcha.js

@@ -1,18 +1,49 @@
 import CaptchaService from "../services/captcha.js";
 import jwt from 'jsonwebtoken';
+import config from '../config.js';
 
 class CaptchaController {
     async submit(req, res) {
-        const {image, solution} = req.body;
+        const { image, solution } = req.body;
-        if (!image) return res.status(400).send({"message":"You must send image blob"});
+        if (!image) return res.status(400).send({ "message": "You must send image blob" });
-        if (!solution || solution.length != 6) return res.status(400).send({"message":"You must send a valid solution"});
+
+        if (!solution || solution.length != config.captcha_length) return res.status(400).send({ "message": "You must send a valid solution" });
+        for (let i = 0; i < solution.length; i++) {
+            let char = solution[i];
+            if (!char.match(config.alphabet)) {
+                console.log("Illegal symbol: " + char);
+                return res.status(400).send({ "message": `Illegal symbol ${char} at position ${i + 1}` });
+            }
+        }
         try {
             await CaptchaService.new(image, solution, jwt.decode(req.token).id);
         } catch (e) {
             console.log(`Error upon submitting: ${e}`);
-            return res.status(500).send({"message": "Unknown server error. Please, contact the developer."});
+            return res.status(500).send({ "message": "Unknown server error. Please, contact the developer." });
+        }
+        return res.status(200).send({ "message": "Success" });
+    }
+
+    async get(req, res) {
+        try {
+            const { id } = req.params;
+            const captcha = await CaptchaService.get(id);
+            if (captcha == undefined) return res.status(404).send({ "message": "no such captcha found" });
+            return res.status(200).send({ "message": "success", "captcha": captcha })
+        } catch (e) {
+            console.log(`Error upon requesting one captcha: ${e}`)
+            if (e.code == 'ENOENT') return res.status(404).send({ "message": "The ID exists in the DB but I can't find an actual image. Please, contact the developer." })
+            return res.status(500).send({ "message": "Unknown server error. Please, contact the developer." })
+        }
+    }
+
+    async get_all(req, res) {
+        try {
+            return res.status(200).send({ "message": "success", "captchas": await CaptchaService.get_all() });
+        } catch (e) {
+            console.log(`Error upon requesting all captchas: ${e}`)
+            return res.status(500).send({ "message": "Unknown server error. Please, contact the developer." })
         }
-        return res.status(200).send({"message": "Success"});
     }
 }
 

src/controllers/user.js

@@ -32,7 +32,17 @@ class UserController {
             console.log(e)
             return res.status(500).send({"message": "Unknown server error"});
         }   
+    }
 
+    async stats (req, res) {
+        try {
+            const user_id = jwt.decode(req.token).id;
+            const stats = await UserService.get_stats(user_id);
+            return res.status(200).send({"message": "Success", "stats": stats});
+        } catch (e) {
+            console.log(e)
+            return res.status(500).send({"message": "Unknown server error"});
+        } 
     }
 }
 

src/index.js

@@ -15,6 +15,16 @@ app.use(express.urlencoded({ extended: false }));
 app.use(express.json());
 app.use(cookieParser());
 
+app.get('/api/settings', (req, res) => {
+    return res.status(200).send(
+        {
+            "captcha_source_url": config.captcha_source_url,
+            "captcha_regex": config.captcha_regex,
+            "captcha_length": config.captcha_length
+        }
+    )
+})
+
 app.set('view engine', 'pug');
 
 app.use('/api', CaptchaRouter);

src/routers/captcha.js

@@ -6,5 +6,7 @@ import auth from '../middlewares/auth.js';
 const CaptchaRouter = new Router();
 
 CaptchaRouter.post('/captcha/submit', auth.verify_user_jwt, CaptchaController.submit);
+CaptchaRouter.get('/captcha/all', CaptchaController.get_all);
+CaptchaRouter.get('/captcha/:id', CaptchaController.get);
 
 export default CaptchaRouter;

src/routers/user.js

@@ -7,5 +7,5 @@ const UserRouter = new Router();
 
 UserRouter.post('/user/register', auth.verify_admin_token, UserController.register);
 UserRouter.post('/user/login', UserController.login);
-
+UserRouter.get('/user/stats', auth.verify_user_jwt, UserController.stats);
 export default UserRouter;

src/services/captcha.js

@@ -2,6 +2,7 @@ import db from '../db.js';
 import fs from 'fs/promises';
 import config from '../config.js';
 import { createHash } from 'crypto';
+import captcha from '../controllers/captcha.js';
 
 function base64ToArrayBuffer(base64) {
     var binaryString = atob(base64);
@@ -14,13 +15,27 @@ function base64ToArrayBuffer(base64) {
 
 class CaptchaService {
     async new(image, solution, submitter) {
-        const b64 = image.replace(/^data:image\/jpeg;base64,/, "");
+        const b64 = image.replace(/^.*,/, "");
         const arrayBuffer = base64ToArrayBuffer(b64);
         const buffer = Buffer.from(arrayBuffer);
         const hash = createHash('md5').update(buffer).digest('hex');
         await fs.writeFile(`${config.data_dir}/${hash}.jpeg`, b64, 'base64');
         await db.query("INSERT INTO captchas (hash, solution, submitter) VALUES ($1, $2, $3)", [hash, solution, submitter]);
     }
+
+    async get(id) {
+        const captcha = (await db.query("SELECT hash, solution FROM captchas WHERE id = $1", [id])).rows[0];
+        if (captcha == undefined) return undefined;
+
+        const path = `${config.data_dir}/${captcha.hash}.jpeg`;
+
+        const image = Buffer.from(await fs.readFile(path)).toString('base64');
+        return { "image": image, "solution": captcha.solution, "hash": captcha.hash };
+    }
+
+    async get_all() {
+        return (await db.query("SELECT id, hash FROM captchas")).rows
+    }
 }
 
 export default new CaptchaService();

src/services/user.js

@@ -8,6 +8,13 @@ class UserService {
     async get_by_username(username) {
         return (await db.query("SELECT *  FROM users WHERE username = $1", [username])).rows[0];
     }
+
+    async get_stats(user_id) {
+        return {
+            my_count: (await db.query("SELECT COUNT(*) FROM captchas WHERE submitter = $1", [user_id])).rows[0].count,
+            top_five: (await db.query("select username, (select count(*) from captchas where submitter = users.id) from users JOIN captchas on submitter = users.id GROUP BY users.id ORDER BY count DESC LIMIT 5")).rows
+        };
+    }
 }
 
 export default new UserService();

stats.psql

@@ -0,0 +1 @@
+select users.id, username, (select count(*) from captchas where submitter = users.id) AS amount_solved from users JOIN captchas on submitter = users.id GROUP BY users.id ORDER BY amount_solved DESC;

views/index.pug

@@ -6,8 +6,12 @@ html
         meta(name="description" content="")
         link(href="css/index.css" rel="stylesheet")
     body
-        div(id="tsparticles")
+        div(id="main")
+            div(class="topSolvers")
+                label(id="topSolversText") Top-5 solvers:
+
             main(class="box")
+                
                 h2 Captcha Aggregator
                 
                 form(id="captchaForm")

views/login.pug

@@ -6,10 +6,9 @@ html
         meta(name="description" content="")
         link(href="css/index.css" rel="stylesheet")
     body
-        div(id="tsparticles")
+        div(id="main")
             main(class="box")
                 h2 Captcha Aggregator
-
                 form(id="loginForm")
                     div(class="inputBox")
                         label(for="username") Username