commit 99beb150996ef17bfeb650361ee0ba2934bcc9d7
parent f1327ef59d75088498ae1960ef072a52291de25c
Author: n0tr1v <n0tr1v@protonmail.com>
Date: Wed, 9 Nov 2022 20:03:26 -0800
Ensure that all captcha across the website makes HB life miserable.
Diffstat:
3 files changed, 29 insertions(+), 27 deletions(-)
diff --git a/pkg/web/handlers/handlers.go b/pkg/web/handlers/handlers.go
@@ -281,7 +281,7 @@ func loginHandler(c echo.Context) error {
if captchaInput == "" {
return c.Render(http.StatusOK, "login", data)
} else if config.Development.IsFalse() || (config.Development.IsTrue() && captchaInput != "000000") {
- if err := captcha.VerifyString(captchaID, captchaInput); err != nil {
+ if err := hutils.CaptchaVerifyString(c, captchaID, captchaInput); err != nil {
data.Error = "Invalid captcha"
return c.Render(http.StatusOK, "login", data)
}
@@ -345,7 +345,7 @@ func loginHandler(c echo.Context) error {
data.CaptchaRequired = true
captchaID := c.Request().PostFormValue("captcha_id")
captchaInput := c.Request().PostFormValue("captcha")
- if err := captcha.VerifyString(captchaID, captchaInput); err != nil {
+ if err := hutils.CaptchaVerifyString(c, captchaID, captchaInput); err != nil {
data.ErrCaptcha = err.Error()
return c.Render(http.StatusOK, "login", data)
}
@@ -867,17 +867,11 @@ func signupHandler(c echo.Context) error {
captchaInputImg := c.Request().PostFormValue("captcha_img")
if !signupInfo.hasSolvedCaptcha {
if config.Development.IsFalse() || captchaInput != "" {
- if err := captcha.VerifyString(captchaID, captchaInput); err != nil {
+ if err := hutils.CaptchaVerifyString(c, captchaID, captchaInput); err != nil {
data.ErrCaptcha = err.Error()
config.SignupFailed.Inc()
return c.Render(http.StatusOK, "signup", data)
}
-
- // HB has 50% chance of having the captcha fails for no reason
- if hasHBCookie && utils.DiceRoll(50) {
- data.ErrCaptcha = captcha.ErrInvalidCaptcha.Error()
- return c.Render(http.StatusOK, "signup", data)
- }
}
}
data.Captcha = captchaInput
@@ -1191,7 +1185,7 @@ func LinksDownloadHandler(c echo.Context) error {
}
captchaID := c.Request().PostFormValue("captcha_id")
captchaInput := c.Request().PostFormValue("captcha")
- if err := captcha.VerifyString(captchaID, captchaInput); err != nil {
+ if err := hutils.CaptchaVerifyString(c, captchaID, captchaInput); err != nil {
data.ErrCaptcha = err.Error()
return c.Render(http.StatusOK, "captcha-required", data)
}
@@ -2240,7 +2234,7 @@ func chatHandler(c echo.Context, redRoom bool) error {
data.GuestUsername = c.Request().PostFormValue("guest_username")
captchaID := c.Request().PostFormValue("captcha_id")
captchaInput := c.Request().PostFormValue("captcha")
- if err := captcha.VerifyString(captchaID, captchaInput); err != nil {
+ if err := hutils.CaptchaVerifyString(c, captchaID, captchaInput); err != nil {
data.ErrCaptcha = err.Error()
return c.Render(http.StatusOK, "chat-password", data)
}
@@ -2332,7 +2326,7 @@ func ChatCreateRoomHandler(c echo.Context) error {
captchaID := c.Request().PostFormValue("captcha_id")
captchaInput := c.Request().PostFormValue("captcha")
if config.Development.IsFalse() {
- if err := captcha.VerifyString(captchaID, captchaInput); err != nil {
+ if err := hutils.CaptchaVerifyString(c, captchaID, captchaInput); err != nil {
data.ErrCaptcha = err.Error()
return c.Render(http.StatusOK, "chat-create-room", data)
}
@@ -3681,16 +3675,8 @@ func CaptchaRequiredHandler(c echo.Context) error {
captchaID := c.Request().PostFormValue("captcha_id")
captchaInput := c.Request().PostFormValue("captcha")
- if err := captcha.VerifyString(captchaID, captchaInput); err != nil {
- data.ErrCaptcha = fmt.Sprintf("Invalid answer")
- config.CaptchaRequiredFailed.Inc()
- return c.Render(http.StatusOK, "captcha-required", data)
- }
- // HB has 50% chance of having the captcha fails for no reason
- hbCookie, hbCookieErr := c.Cookie(hutils.HBCookieName)
- hasHBCookie := hbCookieErr == nil && hbCookie.Value != ""
- if hasHBCookie && utils.DiceRoll(50) {
- data.ErrCaptcha = fmt.Sprintf("Invalid answer")
+ if err := hutils.CaptchaVerifyString(c, captchaID, captchaInput); err != nil {
+ data.ErrCaptcha = err.Error()
config.CaptchaRequiredFailed.Inc()
return c.Render(http.StatusOK, "captcha-required", data)
}
@@ -3719,7 +3705,7 @@ func CaptchaHandler(c echo.Context) error {
captchaInput := c.Request().PostFormValue("captcha")
ts := utils.DoParseInt64(c.Request().PostFormValue("ts"))
delta := time.Now().UnixMilli() - ts
- if err := captcha.VerifyString(captchaID, captchaInput); err != nil {
+ if err := hutils.CaptchaVerifyString(c, captchaID, captchaInput); err != nil {
data.Seed = utils.DoParseInt64(c.Request().PostFormValue("seed"))
setCaptcha(data.Seed)
data.Error = fmt.Sprintf("%s; took: %.2fs", err.Error(), float64(delta)/1000)
@@ -3856,7 +3842,7 @@ func UploadsDownloadHandler(c echo.Context) error {
}
captchaID := c.Request().PostFormValue("captcha_id")
captchaInput := c.Request().PostFormValue("captcha")
- if err := captcha.VerifyString(captchaID, captchaInput); err != nil {
+ if err := hutils.CaptchaVerifyString(c, captchaID, captchaInput); err != nil {
data.ErrCaptcha = err.Error()
return c.Render(http.StatusOK, "captcha-required", data)
}
@@ -3973,7 +3959,7 @@ func ByteRoadChallengeHandler(c echo.Context) error {
if formName == "captcha" {
captchaID := c.Request().PostFormValue("captcha_id")
captchaInput := c.Request().PostFormValue("captcha")
- if err := captcha.VerifyString(captchaID, captchaInput); err != nil {
+ if err := hutils.CaptchaVerifyString(c, captchaID, captchaInput); err != nil {
data.ErrCaptcha = err.Error()
return c.Render(http.StatusOK, "vip.byte-road-challenge", data)
}
@@ -4071,7 +4057,7 @@ func BHCHandler(c echo.Context) error {
captchaID := c.Request().PostFormValue("captcha_id")
captchaInput := c.Request().PostFormValue("captcha")
- if err := captcha.VerifyString(captchaID, captchaInput); err != nil {
+ if err := hutils.CaptchaVerifyString(c, captchaID, captchaInput); err != nil {
data.Error = fmt.Sprintf("Invalid answer")
config.BHCCaptchaFailed.Inc()
return c.Render(http.StatusOK, "bhc", data)
diff --git a/pkg/web/handlers/utils/utils.go b/pkg/web/handlers/utils/utils.go
@@ -1,6 +1,8 @@
package utils
import (
+ "dkforest/pkg/captcha"
+ "errors"
"net/http"
"strconv"
"time"
@@ -130,3 +132,17 @@ func CreateAprilFoolCookie(c echo.Context, v int) {
Expires: time.Now().Add(time.Duration(maxAge) * time.Second),
})
}
+
+// CaptchaVerifyString ensure that all captcha across the website makes HB life miserable.
+func CaptchaVerifyString(c echo.Context, id, digits string) error {
+ if err := captcha.VerifyString(id, digits); err != nil {
+ return errors.New("invalid answer")
+ }
+ // HB has 50% chance of having the captcha fails for no reason
+ hbCookie, hbCookieErr := c.Cookie(HBCookieName)
+ hasHBCookie := hbCookieErr == nil && hbCookie.Value != ""
+ if hasHBCookie && utils.DiceRoll(50) {
+ return errors.New("invalid answer")
+ }
+ return nil
+}
diff --git a/pkg/web/middlewares/middlewares.go b/pkg/web/middlewares/middlewares.go
@@ -60,7 +60,7 @@ func CaptchaMiddleware() echo.MiddlewareFunc {
if c.Request().Method == http.MethodPost {
captchaID := c.Request().PostFormValue("captcha_id")
captchaInput := c.Request().PostFormValue("captcha")
- if err := captcha.VerifyString(captchaID, captchaInput); err != nil {
+ if err := hutils.CaptchaVerifyString(c, captchaID, captchaInput); err != nil {
data.ErrCaptcha = err.Error()
return c.Render(http.StatusOK, "captcha-required", data)
}
