more flexible

Dockerfile

@@ -1,7 +1,12 @@
 FROM node:22-bullseye
 ARG APP_PORT
 ENV APP_PORT $APP_PORT
-COPY . .
+WORKDIR /app
+COPY migrations migrations
+COPY public public
+COPY views views
+COPY src src
+COPY entrypoint.sh migrate.sh package.json package-lock.json .
 RUN npm i
 EXPOSE $APP_PORT
 ENTRYPOINT ["bash", "./entrypoint.sh"]

README.md

@@ -1,2 +1 @@
 # captcha_agregator
-

TODO

@@ -1,5 +0,0 @@
-[ ] Fully implement and test proxies 
-[ ] Add a counter of tries for a captcha
-[ ] Make new setting "max tries per captcha"
-[ ] Unclaim proxy and delete captcha on max tries reached
-[ ] Add retry to fronted when captcha is entered incorrectly

docker-compose.yml

@@ -5,18 +5,18 @@ services:
     ports:
       - ${APP_PORT}:${APP_PORT}
     depends_on:
-      - database
+      database:
+        condition: service_healthy
     restart: on-failure
     volumes:
       - ./data/uploads:${DATA_DIR}
+      - ./.env:/app/.env:ro
   database:
     hostname: database
     image: 'postgres:15'
     volumes:
       - ./data/db:/var/lib/postgresql/data
     env_file: .env
-    ports:
-      - 5432:5432
     environment:
       POSTGRES_USER: ${DBUSER}
       POSTGRES_PASSWORD: ${DBPASS}

patch

@@ -1,32 +0,0 @@
-diff --git a/Dockerfile b/Dockerfile
-index 963556b..5938c34 100644
---- a/Dockerfile
-+++ b/Dockerfile
-@@ -3,6 +3,5 @@ ARG APP_PORT
- ENV APP_PORT $APP_PORT
- COPY . .
- RUN npm i
--
- EXPOSE $APP_PORT
--ENTRYPOINT ["node", "./src/index.js"]
-\ No newline at end of file
-+ENTRYPOINT ["bash", "./entrypoint.sh"]
-diff --git a/docker-compose.yml b/docker-compose.yml
-index 7a90a6a..66af735 100644
---- a/docker-compose.yml
-+++ b/docker-compose.yml
-@@ -10,6 +10,7 @@ services:
-     volumes:
-       - ./data/uploads:${DATA_DIR}
-   database:
-+    hostname: database
-     image: 'postgres:15'
-     volumes:
-       - ./data/db:/var/lib/postgresql/data
-@@ -21,4 +22,4 @@ services:
-       POSTGRES_PASSWORD: ${DBPASS}
-       POSTGRES_DB: ${DBNAME}
-     healthcheck:
--      test: ["CMD", "pg_isready", "-U", "${DBUSER}"]
-\ No newline at end of file
-+      test: ["CMD", "pg_isready", "-U", "${DBUSER}"]

public/js/index.js

@@ -54,6 +54,19 @@ const show_stats = async () => {
     statsText.innerHTML += `You have solved ${stats.my_count} captcha(s)`
 }
 
+const validate_solution = (settings, solution) => {
+    if (solution.length != settings.captcha_length) return false;
+    for (let i = 0; i < solution.length; i++) {
+        let char = solution[i];
+        if (!char.match(settings.captcha_regex)) {
+            console.log("Illegal symbol: " + char);
+            alert(`Illegal symbol ${char} at position ${i + 1}`);
+            return false
+        }
+    }
+    return true;
+}
+
 window.onload = async () => {
     const inputField = document.getElementById("captcha");
     inputField.focus();
@@ -62,8 +75,9 @@ window.onload = async () => {
     if (!document.cookie.includes('JWT')) {
         document.location.href = "/login";
     }
-
+    const settings = await (await fetch("/api/settings")).json();
-    const response = await fetch("https://check.ofd.ru/api/captcha/common/img");
+    const captcha_source_url = settings.captcha_source_url;
+    const response = await fetch(captcha_source_url);
     captcha = await response.blob();
 
     const url = URL.createObjectURL(captcha);
@@ -72,6 +86,10 @@ window.onload = async () => {
 
     form.addEventListener('submit', async (e) => {
         e.preventDefault();
+        if (!validate_solution(settings, inputField.value)) {
+            alert("You must specify valid solution!")
+            return;
+        }
         // if (!await check_solution(inputField.value)) {
         //     alert("Капча решена неверно")
         //     returnl

sample.env

@@ -11,3 +11,6 @@ CAPTCHA_SOURCE_URL=https://example.com
 DATA_DIR=/opt/captcha_aggregator
 ADMIN_TOKEN=GENERATE_A_STRONG_TOKEN_HERE
 SECRET=GENERATE_A_STRONG_SECRET_HERE
+#Allowed symbols. Must be a regex
+ALPHABET="[123456789ABCDEFGHIJKLMNPQRSTUVWXZY]"
+CAPTCHA_LENGTH=6

src/config.js

@@ -16,7 +16,9 @@ const config = {
     captcha_source_url: process.env.CAPTCHA_SOURCE_URL,
     data_dir: process.env.DATA_DIR,
     admin_token: process.env.ADMIN_TOKEN,
-    secret: process.env.SECRET
+    secret: process.env.SECRET,
+    alphabet: process.env.ALPHABET,
+    captcha_length: Number.parseInt(process.env.CAPTCHA_LENGTH)
 }
 
 export default config;

src/controllers/captcha.js

@@ -1,11 +1,20 @@
 import CaptchaService from "../services/captcha.js";
 import jwt from 'jsonwebtoken';
+import config from '../config.js';
 
 class CaptchaController {
     async submit(req, res) {
         const { image, solution } = req.body;
         if (!image) return res.status(400).send({ "message": "You must send image blob" });
-        if (!solution || solution.length != 6) return res.status(400).send({"message":"You must send a valid solution"});
+
+        if (!solution || solution.length != config.captcha_length) return res.status(400).send({ "message": "You must send a valid solution" });
+        for (let i = 0; i < solution.length; i++) {
+            let char = solution[i];
+            if (!char.match(config.alphabet)) {
+                console.log("Illegal symbol: " + char);
+                return res.status(400).send({ "message": `Illegal symbol ${char} at position ${i + 1}` });
+            }
+        }
         try {
             await CaptchaService.new(image, solution, jwt.decode(req.token).id);
         } catch (e) {
@@ -14,6 +23,28 @@ class CaptchaController {
         }
         return res.status(200).send({ "message": "Success" });
     }
+
+    async get(req, res) {
+        try {
+            const { id } = req.params;
+            const captcha = await CaptchaService.get(id);
+            if (captcha == undefined) return res.status(404).send({ "message": "no such captcha found" });
+            return res.status(200).send({ "message": "success", "captcha": captcha })
+        } catch (e) {
+            console.log(`Error upon requesting one captcha: ${e}`)
+            if (e.code == 'ENOENT') return res.status(404).send({ "message": "The ID exists in the DB but I can't find an actual image. Please, contact the developer." })
+            return res.status(500).send({ "message": "Unknown server error. Please, contact the developer." })
+        }
+    }
+
+    async get_all(req, res) {
+        try {
+            return res.status(200).send({ "message": "success", "captchas": await CaptchaService.get_all() });
+        } catch (e) {
+            console.log(`Error upon requesting all captchas: ${e}`)
+            return res.status(500).send({ "message": "Unknown server error. Please, contact the developer." })
+        }
+    }
 }
 
 export default new CaptchaController();

src/index.js

@@ -15,6 +15,16 @@ app.use(express.urlencoded({ extended: false }));
 app.use(express.json());
 app.use(cookieParser());
 
+app.get('/api/settings', (req, res) => {
+    return res.status(200).send(
+        {
+            "captcha_source_url": config.captcha_source_url,
+            "captcha_regex": config.captcha_regex,
+            "captcha_length": config.captcha_length
+        }
+    )
+})
+
 app.set('view engine', 'pug');
 
 app.use('/api', CaptchaRouter);

src/routers/captcha.js

@@ -6,5 +6,7 @@ import auth from '../middlewares/auth.js';
 const CaptchaRouter = new Router();
 
 CaptchaRouter.post('/captcha/submit', auth.verify_user_jwt, CaptchaController.submit);
+CaptchaRouter.get('/captcha/all', CaptchaController.get_all);
+CaptchaRouter.get('/captcha/:id', CaptchaController.get);
 
 export default CaptchaRouter;

src/services/captcha.js

@@ -2,6 +2,7 @@ import db from '../db.js';
 import fs from 'fs/promises';
 import config from '../config.js';
 import { createHash } from 'crypto';
+import captcha from '../controllers/captcha.js';
 
 function base64ToArrayBuffer(base64) {
     var binaryString = atob(base64);
@@ -14,13 +15,27 @@ function base64ToArrayBuffer(base64) {
 
 class CaptchaService {
     async new(image, solution, submitter) {
-        const b64 = image.replace(/^data:image\/jpeg;base64,/, "");
+        const b64 = image.replace(/^.*,/, "");
         const arrayBuffer = base64ToArrayBuffer(b64);
         const buffer = Buffer.from(arrayBuffer);
         const hash = createHash('md5').update(buffer).digest('hex');
         await fs.writeFile(`${config.data_dir}/${hash}.jpeg`, b64, 'base64');
         await db.query("INSERT INTO captchas (hash, solution, submitter) VALUES ($1, $2, $3)", [hash, solution, submitter]);
     }
+
+    async get(id) {
+        const captcha = (await db.query("SELECT hash, solution FROM captchas WHERE id = $1", [id])).rows[0];
+        if (captcha == undefined) return undefined;
+
+        const path = `${config.data_dir}/${captcha.hash}.jpeg`;
+
+        const image = Buffer.from(await fs.readFile(path)).toString('base64');
+        return { "image": image, "solution": captcha.solution, "hash": captcha.hash };
+    }
+
+    async get_all() {
+        return (await db.query("SELECT id, hash FROM captchas")).rows
+    }
 }
 
 export default new CaptchaService();