Compare commits
5 Commits
e18d26f6f9
...
master
| Author | SHA1 | Date | |
|---|---|---|---|
| 7ab9d70d47 | |||
| 044f4094f0 | |||
| ceb8642365 | |||
| 9c2fe1c856 | |||
| 86898fa117 |
@@ -1,7 +1,12 @@
|
||||
FROM node:22-bullseye
|
||||
ARG APP_PORT
|
||||
ENV APP_PORT $APP_PORT
|
||||
COPY . .
|
||||
WORKDIR /app
|
||||
COPY migrations migrations
|
||||
COPY public public
|
||||
COPY views views
|
||||
COPY src src
|
||||
COPY entrypoint.sh migrate.sh package.json package-lock.json .
|
||||
RUN npm i
|
||||
EXPOSE $APP_PORT
|
||||
ENTRYPOINT ["bash", "./entrypoint.sh"]
|
||||
|
||||
5
TODO
5
TODO
@@ -1,5 +0,0 @@
|
||||
[ ] Fully implement and test proxies
|
||||
[ ] Add a counter of tries for a captcha
|
||||
[ ] Make new setting "max tries per captcha"
|
||||
[ ] Unclaim proxy and delete captcha on max tries reached
|
||||
[ ] Add retry to fronted when captcha is entered incorrectly
|
||||
@@ -5,18 +5,18 @@ services:
|
||||
ports:
|
||||
- ${APP_PORT}:${APP_PORT}
|
||||
depends_on:
|
||||
- database
|
||||
database:
|
||||
condition: service_healthy
|
||||
restart: on-failure
|
||||
volumes:
|
||||
- ./data/uploads:${DATA_DIR}
|
||||
- ./.env:/app/.env:ro
|
||||
database:
|
||||
hostname: database
|
||||
image: 'postgres:15'
|
||||
volumes:
|
||||
- ./data/db:/var/lib/postgresql/data
|
||||
env_file: .env
|
||||
ports:
|
||||
- 5432:5432
|
||||
environment:
|
||||
POSTGRES_USER: ${DBUSER}
|
||||
POSTGRES_PASSWORD: ${DBPASS}
|
||||
|
||||
32
patch
32
patch
@@ -1,32 +0,0 @@
|
||||
diff --git a/Dockerfile b/Dockerfile
|
||||
index 963556b..5938c34 100644
|
||||
--- a/Dockerfile
|
||||
+++ b/Dockerfile
|
||||
@@ -3,6 +3,5 @@ ARG APP_PORT
|
||||
ENV APP_PORT $APP_PORT
|
||||
COPY . .
|
||||
RUN npm i
|
||||
-
|
||||
EXPOSE $APP_PORT
|
||||
-ENTRYPOINT ["node", "./src/index.js"]
|
||||
\ No newline at end of file
|
||||
+ENTRYPOINT ["bash", "./entrypoint.sh"]
|
||||
diff --git a/docker-compose.yml b/docker-compose.yml
|
||||
index 7a90a6a..66af735 100644
|
||||
--- a/docker-compose.yml
|
||||
+++ b/docker-compose.yml
|
||||
@@ -10,6 +10,7 @@ services:
|
||||
volumes:
|
||||
- ./data/uploads:${DATA_DIR}
|
||||
database:
|
||||
+ hostname: database
|
||||
image: 'postgres:15'
|
||||
volumes:
|
||||
- ./data/db:/var/lib/postgresql/data
|
||||
@@ -21,4 +22,4 @@ services:
|
||||
POSTGRES_PASSWORD: ${DBPASS}
|
||||
POSTGRES_DB: ${DBNAME}
|
||||
healthcheck:
|
||||
- test: ["CMD", "pg_isready", "-U", "${DBUSER}"]
|
||||
\ No newline at end of file
|
||||
+ test: ["CMD", "pg_isready", "-U", "${DBUSER}"]
|
||||
@@ -23,20 +23,20 @@ const check_solution = async (solution) => {
|
||||
const get_cookie = (name) => {
|
||||
const cookies = document.cookie.split(';');
|
||||
for (let i = 0; i < cookies.length; i++) {
|
||||
const cookie = cookies[i].trim();
|
||||
if (cookie.startsWith(name + '=')) {
|
||||
const value = cookie.substring(name.length + 1);
|
||||
}
|
||||
const cookie = cookies[i].trim();
|
||||
if (cookie.startsWith(name + '=')) {
|
||||
const value = cookie.substring(name.length + 1);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
const blobToBase64 = (blob) => {
|
||||
return new Promise((resolve, _) => {
|
||||
const reader = new FileReader();
|
||||
reader.onloadend = () => resolve(reader.result);
|
||||
reader.readAsDataURL(blob);
|
||||
const reader = new FileReader();
|
||||
reader.onloadend = () => resolve(reader.result);
|
||||
reader.readAsDataURL(blob);
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
const show_stats = async () => {
|
||||
const response = await fetch("/api/user/stats", {
|
||||
@@ -54,6 +54,19 @@ const show_stats = async () => {
|
||||
statsText.innerHTML += `You have solved ${stats.my_count} captcha(s)`
|
||||
}
|
||||
|
||||
const validate_solution = (settings, solution) => {
|
||||
if (solution.length != settings.captcha_length) return false;
|
||||
for (let i = 0; i < solution.length; i++) {
|
||||
let char = solution[i];
|
||||
if (!char.match(settings.captcha_regex)) {
|
||||
console.log("Illegal symbol: " + char);
|
||||
alert(`Illegal symbol ${char} at position ${i + 1}`);
|
||||
return false
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
window.onload = async () => {
|
||||
const inputField = document.getElementById("captcha");
|
||||
inputField.focus();
|
||||
@@ -62,22 +75,27 @@ window.onload = async () => {
|
||||
if (!document.cookie.includes('JWT')) {
|
||||
document.location.href = "/login";
|
||||
}
|
||||
|
||||
const response = await fetch("https://check.ofd.ru/api/captcha/common/img");
|
||||
const settings = await (await fetch("/api/settings")).json();
|
||||
const captcha_source_url = settings.captcha_source_url;
|
||||
const response = await fetch(captcha_source_url);
|
||||
captcha = await response.blob();
|
||||
|
||||
const url = URL.createObjectURL(captcha);
|
||||
document.getElementById("captcha_image").src = url;
|
||||
const form = document.getElementById("captchaForm");
|
||||
|
||||
|
||||
form.addEventListener('submit', async (e) => {
|
||||
e.preventDefault();
|
||||
if (!validate_solution(settings, inputField.value)) {
|
||||
alert("You must specify valid solution!")
|
||||
return;
|
||||
}
|
||||
// if (!await check_solution(inputField.value)) {
|
||||
// alert("Капча решена неверно")
|
||||
// returnl
|
||||
// }
|
||||
|
||||
const response = await fetch(`/api/captcha/submit`, {method: "POST", headers: {'Content-Type': 'application/json'}, body: JSON.stringify({ "image": await blobToBase64(captcha), "solution": inputField.value})});
|
||||
const response = await fetch(`/api/captcha/submit`, { method: "POST", headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ "image": await blobToBase64(captcha), "solution": inputField.value }) });
|
||||
if (response.status == 200) {
|
||||
inputField.value = "";
|
||||
window.location.reload();
|
||||
|
||||
@@ -10,4 +10,7 @@ APP_PORT=3000
|
||||
CAPTCHA_SOURCE_URL=https://example.com
|
||||
DATA_DIR=/opt/captcha_aggregator
|
||||
ADMIN_TOKEN=GENERATE_A_STRONG_TOKEN_HERE
|
||||
SECRET=GENERATE_A_STRONG_SECRET_HERE
|
||||
SECRET=GENERATE_A_STRONG_SECRET_HERE
|
||||
#Allowed symbols. Must be a regex
|
||||
ALPHABET="[123456789ABCDEFGHIJKLMNPQRSTUVWXZY]"
|
||||
CAPTCHA_LENGTH=6
|
||||
@@ -2,7 +2,7 @@ import dotenv from 'dotenv';
|
||||
|
||||
dotenv.config({ path: ".env" });
|
||||
|
||||
const getBoolean = value => { return value === 'true'? true : false }
|
||||
const getBoolean = value => { return value === 'true' ? true : false }
|
||||
|
||||
const config = {
|
||||
dbuser: process.env.DBUSER,
|
||||
@@ -16,7 +16,9 @@ const config = {
|
||||
captcha_source_url: process.env.CAPTCHA_SOURCE_URL,
|
||||
data_dir: process.env.DATA_DIR,
|
||||
admin_token: process.env.ADMIN_TOKEN,
|
||||
secret: process.env.SECRET
|
||||
secret: process.env.SECRET,
|
||||
alphabet: process.env.ALPHABET,
|
||||
captcha_length: Number.parseInt(process.env.CAPTCHA_LENGTH)
|
||||
}
|
||||
|
||||
export default config;
|
||||
@@ -1,18 +1,49 @@
|
||||
import CaptchaService from "../services/captcha.js";
|
||||
import jwt from 'jsonwebtoken';
|
||||
import config from '../config.js';
|
||||
|
||||
class CaptchaController {
|
||||
async submit(req, res) {
|
||||
const {image, solution} = req.body;
|
||||
if (!image) return res.status(400).send({"message":"You must send image blob"});
|
||||
if (!solution || solution.length != 6) return res.status(400).send({"message":"You must send a valid solution"});
|
||||
const { image, solution } = req.body;
|
||||
if (!image) return res.status(400).send({ "message": "You must send image blob" });
|
||||
|
||||
if (!solution || solution.length != config.captcha_length) return res.status(400).send({ "message": "You must send a valid solution" });
|
||||
for (let i = 0; i < solution.length; i++) {
|
||||
let char = solution[i];
|
||||
if (!char.match(config.alphabet)) {
|
||||
console.log("Illegal symbol: " + char);
|
||||
return res.status(400).send({ "message": `Illegal symbol ${char} at position ${i + 1}` });
|
||||
}
|
||||
}
|
||||
try {
|
||||
await CaptchaService.new(image, solution, jwt.decode(req.token).id);
|
||||
} catch (e) {
|
||||
console.log(`Error upon submitting: ${e}`);
|
||||
return res.status(500).send({"message": "Unknown server error. Please, contact the developer."});
|
||||
return res.status(500).send({ "message": "Unknown server error. Please, contact the developer." });
|
||||
}
|
||||
return res.status(200).send({ "message": "Success" });
|
||||
}
|
||||
|
||||
async get(req, res) {
|
||||
try {
|
||||
const { id } = req.params;
|
||||
const captcha = await CaptchaService.get(id);
|
||||
if (captcha == undefined) return res.status(404).send({ "message": "no such captcha found" });
|
||||
return res.status(200).send({ "message": "success", "captcha": captcha })
|
||||
} catch (e) {
|
||||
console.log(`Error upon requesting one captcha: ${e}`)
|
||||
if (e.code == 'ENOENT') return res.status(404).send({ "message": "The ID exists in the DB but I can't find an actual image. Please, contact the developer." })
|
||||
return res.status(500).send({ "message": "Unknown server error. Please, contact the developer." })
|
||||
}
|
||||
}
|
||||
|
||||
async get_all(req, res) {
|
||||
try {
|
||||
return res.status(200).send({ "message": "success", "captchas": await CaptchaService.get_all() });
|
||||
} catch (e) {
|
||||
console.log(`Error upon requesting all captchas: ${e}`)
|
||||
return res.status(500).send({ "message": "Unknown server error. Please, contact the developer." })
|
||||
}
|
||||
return res.status(200).send({"message": "Success"});
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
10
src/index.js
10
src/index.js
@@ -15,6 +15,16 @@ app.use(express.urlencoded({ extended: false }));
|
||||
app.use(express.json());
|
||||
app.use(cookieParser());
|
||||
|
||||
app.get('/api/settings', (req, res) => {
|
||||
return res.status(200).send(
|
||||
{
|
||||
"captcha_source_url": config.captcha_source_url,
|
||||
"captcha_regex": config.captcha_regex,
|
||||
"captcha_length": config.captcha_length
|
||||
}
|
||||
)
|
||||
})
|
||||
|
||||
app.set('view engine', 'pug');
|
||||
|
||||
app.use('/api', CaptchaRouter);
|
||||
|
||||
@@ -6,5 +6,7 @@ import auth from '../middlewares/auth.js';
|
||||
const CaptchaRouter = new Router();
|
||||
|
||||
CaptchaRouter.post('/captcha/submit', auth.verify_user_jwt, CaptchaController.submit);
|
||||
CaptchaRouter.get('/captcha/all', CaptchaController.get_all);
|
||||
CaptchaRouter.get('/captcha/:id', CaptchaController.get);
|
||||
|
||||
export default CaptchaRouter;
|
||||
@@ -2,6 +2,7 @@ import db from '../db.js';
|
||||
import fs from 'fs/promises';
|
||||
import config from '../config.js';
|
||||
import { createHash } from 'crypto';
|
||||
import captcha from '../controllers/captcha.js';
|
||||
|
||||
function base64ToArrayBuffer(base64) {
|
||||
var binaryString = atob(base64);
|
||||
@@ -14,13 +15,27 @@ function base64ToArrayBuffer(base64) {
|
||||
|
||||
class CaptchaService {
|
||||
async new(image, solution, submitter) {
|
||||
const b64 = image.replace(/^data:image\/jpeg;base64,/, "");
|
||||
const b64 = image.replace(/^.*,/, "");
|
||||
const arrayBuffer = base64ToArrayBuffer(b64);
|
||||
const buffer = Buffer.from(arrayBuffer);
|
||||
const hash = createHash('md5').update(buffer).digest('hex');
|
||||
await fs.writeFile(`${config.data_dir}/${hash}.jpeg`, b64, 'base64');
|
||||
await db.query("INSERT INTO captchas (hash, solution, submitter) VALUES ($1, $2, $3)", [hash, solution, submitter]);
|
||||
}
|
||||
|
||||
async get(id) {
|
||||
const captcha = (await db.query("SELECT hash, solution FROM captchas WHERE id = $1", [id])).rows[0];
|
||||
if (captcha == undefined) return undefined;
|
||||
|
||||
const path = `${config.data_dir}/${captcha.hash}.jpeg`;
|
||||
|
||||
const image = Buffer.from(await fs.readFile(path)).toString('base64');
|
||||
return { "image": image, "solution": captcha.solution, "hash": captcha.hash };
|
||||
}
|
||||
|
||||
async get_all() {
|
||||
return (await db.query("SELECT id, hash FROM captchas")).rows
|
||||
}
|
||||
}
|
||||
|
||||
export default new CaptchaService();
|
||||
Reference in New Issue
Block a user