add captcha

2024-11-25 14:12:44 -05:00 · 2024-11-25 14:12:44 -05:00 · edbadbcf2e
commit edbadbcf2e
parent 3dea44dacf
12 changed files with 115 additions and 7 deletions
--- a/client/captcha.js
+++ b/client/captcha.js
@ -0,0 +1,52 @@
 /* https://raw.githubusercontent.com/napa3um/node-captcha/refs/heads/master/captcha.js */
 import Route from "../route.js";
 import initDb from "../db.js";
 import Canvas from "canvas";
 import crypto from "node:crypto";
 let db = await initDb();
 // TODO: rewrite
 let main = new Route([], async function (req, res, input) {
    const canvas = new Canvas.Canvas(250, 100)
    const ctx = canvas.getContext('2d')
    ctx.antialias = 'gray'
    ctx.fillStyle = 'black'
    ctx.fillRect(0, 0, 250, 100)
    ctx.fillStyle = 'red'
    ctx.lineWidth = 3
    ctx.strokeStyle = 'red'
    ctx.font = `40px sans`
    // draw two curve lines:
    for (var i = 0; i < 2; i++) {
        ctx.moveTo(Math.floor(0.08 * 250), Math.random() * 100)
        ctx.bezierCurveTo(Math.floor(0.32 * 250), Math.random() * 100, Math.floor(1.07 * 100), Math.random() * 100, Math.floor(0.92 * 250), Math.random() * 100)
        ctx.stroke()
    }
    // draw text:
    const text = ('' + crypto.randomBytes(4).readUIntBE(0, 4)).substring(2, 10)
    text.split('').forEach((char, i) => {
        ctx.setTransform(Math.random() * 0.5 + 1, Math.random() * 0.4, Math.random() * 0.4, Math.random() * 0.5 + 1, Math.floor(0.375 * 50) * i + Math.floor(0.25 * 10), Math.floor(1.25 * 40))
        ctx.fillText(char, 0, 0)
    })
    let ck = crypto.randomUUID();
    res.cookie('captcha', ck);
    await db.run('INSERT INTO captcha (key, solution) VALUES (?,?)', [
        ck,
        text
    ])
    // send image:
    res.type('jpg')
    res.header('Cache-Control', 'no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0')
    res.header('Expires', 'Sun, 19 May 1984 02:00:00 GMT')
    canvas.jpegStream().pipe(res)
 });
 export default main;
--- a/db.js
+++ b/db.js
@ -20,6 +20,7 @@ async function initDb() {
    await db.run('CREATE TABLE IF NOT EXISTS follow (username TEXT, target TEXT);');
    await db.run(`CREATE TABLE IF NOT EXISTS user (username TEXT, bio TEXT);`);
    await db.run(`CREATE TABLE IF NOT EXISTS captcha (key TEXT, solution TEXT);`);
    return db;
 }
--- a/form/captcha.js
+++ b/form/captcha.js
@ -0,0 +1,26 @@
 import Route from "../route.js";
 import initDb from "../db.js";
 let db = await initDb();
 let main = new Route([], async function (req, res, input) {
    let body = { ...req.cookies, ...req.body };
    let { captcha, challenger } = body;
    let match = await db.all('SELECT * FROM captcha WHERE key  = ? AND solution = ?', [
        captcha,
        challenger
    ]);
    await db.all('DELETE FROM captcha WHERE key  = ? AND solution = ?', [
        captcha,
        challenger
    ]);
    return {
        captchaMatch: (match.length > 0)
    };
 });
 export default main;
--- a/form/comment.js
+++ b/form/comment.js
@ -2,11 +2,16 @@ import Route from "../route.js";
 import initDb from "../db.js";
 import { randomUUID } from 'node:crypto';
 import auth from "../form/auth.js";
 import captcha from "./captcha.js";
 let db = await initDb();
 // TODO: rewrite
-let main = new Route([auth], async function (req, res, input) {
+let main = new Route([auth,captcha], async function (req, res, input) {
    let { captchaMatch} = input;
    if (!captchaMatch) return { 'success': false, 'message': 'Captcha is incorrect' };
    let { username } = input;
    let id = randomUUID();
--- a/form/login.js
+++ b/form/login.js
@ -3,12 +3,16 @@ import Route from "../route.js";
 import initDb from "../db.js";
 import { compare } from "bcrypt";
 import { randomBytes } from 'node:crypto';
 import captcha from "./captcha.js";
 let db = await initDb();
 // TODO: rewrite
-let main = new Route([], async function (req, res, input) {
+let main = new Route([captcha], async function (req, res, input) {
    let { user, pass } = req.body;
    let { captchaMatch} = input;
    if (!captchaMatch) return { 'success': false, 'message': 'Captcha is incorrect' };
    if (!pass || !user) return { 'success': false, 'message': 'Some fields are missing' };
--- a/form/register.js
+++ b/form/register.js
@ -2,6 +2,7 @@
 import Route from "../route.js";
 import initDb from "../db.js";
 import { hash } from "bcrypt";
 import captcha from "./captcha.js";
 const minChar = 1;
 const maxChar = 32;
@ -13,8 +14,11 @@ function isValid(user) {
 }
 // TODO: rewrite
-let main = new Route([], async function (req, res, input) {
+let main = new Route([captcha], async function (req, res, input) {
    let { user, pass, pass2 } = req.body;
    let { captchaMatch} = input;
    if (!captchaMatch) return { 'success': false, 'message': 'Captcha is incorrect' };
    if (pass != pass2) return { 'success': false, 'message': 'Passwords do not match' };
--- a/form/settings.js
+++ b/form/settings.js
@ -3,13 +3,17 @@ import initDb from "../db.js";
 import auth from "../form/auth.js";
 import {exec} from 'node:child_process';
 import { promisify } from "node:util";
 import captcha from "./captcha.js";
 const execP = promisify(exec);
 let db = await initDb();
 // TODO: rewrite
-let main = new Route([auth], async function (req, res, input) {
+let main = new Route([auth,captcha], async function (req, res, input) {
    let { captchaMatch} = input;
    if (!captchaMatch) return { 'success': false, 'message': 'Captcha is incorrect' };
    let { path } = req.file;
    let { username } = input;
--- a/form/upload.js
+++ b/form/upload.js
@ -4,13 +4,17 @@ import { randomUUID } from 'node:crypto';
 import {exec} from 'node:child_process';
 import { promisify } from "node:util";
 import auth from "../form/auth.js";
 import captcha from "./captcha.js";
 const execP = promisify(exec);
 let db = await initDb();
 // TODO: rewrite
-let main = new Route([auth], async function (req, res, input) {
+let main = new Route([auth,captcha], async function (req, res, input) {
    let { captchaMatch} = input;
    if (!captchaMatch) return { 'success': false, 'message': 'Captcha is incorrect' };
    let { username } = input;
    let id = randomUUID();
--- a/package.json
+++ b/package.json
@ -9,6 +9,7 @@
  "type": "module",
  "dependencies": {
    "bcrypt": "^5.1.1",
    "canvas": "^2.11.2",
    "cookie-parser": "^1.4.6",
    "ejs": "^3.1.10",
    "express": "^4.19.2",
--- a/routes.js
+++ b/routes.js
@ -7,6 +7,7 @@ import user from "./client/user.js";
 import settings from "./client/settings.js";
 import e404 from "./client/e404.js";
 import tou from "./client/tou.js";
 import captcha from './client/captcha.js';
 import loginB from "./form/login.js";
 import registerB from "./form/register.js";
@ -33,7 +34,8 @@ routes.client = {
    user,
    settings,
    e404,
-    tou
+    tou,
    captcha
 }
 routes.get = {
--- a/static/main.css
+++ b/static/main.css
@ -270,5 +270,6 @@ img {
 }
 pre {
-    white-space: pre-wrap
+    white-space: pre-wrap;
    font-family: var(--font) !important;
 }
--- a/views/form_bare.ejs
+++ b/views/form_bare.ejs
@ -3,6 +3,10 @@
        <%= title %>
    </h1>
    <div class='form-message'></div>
    <span class='form-key'>
        <img src='/client/captcha'>
    </span>
    <input class='form-input' type='text' name='challenger' value='Type the captcha'>
    <% for (let elem of data) { %>
        <span class='form-key'>
            <%= elem.label %>