Added 'altcha' captcha system for account and channel creation.

2024-12-26 06:09:49 -05:00 · 2024-12-26 06:09:49 -05:00 · e0f53df176
commit e0f53df176
parent 60801f0dc2
20 changed files with 326 additions and 55 deletions
--- a/src/controllers/api/account/registerController.js
+++ b/src/controllers/api/account/registerController.js
@ -14,20 +14,34 @@ GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see <https://www.gnu.org/licenses/>.*/

+//Config
+const config = require('../../../../config.json');
+
 //NPM Imports
 const {validationResult, matchedData} = require('express-validator');

 //local imports
 const {userModel} = require('../../../schemas/userSchema');
 const userBanModel = require('../../../schemas/userBanSchema');
+const altchaUtils = require('../../../utils/altchaUtils');
 const {exceptionHandler, errorHandler} = require('../../../utils/loggerUtils');

 module.exports.post = async function(req, res){
    try{
+        //Check for validation errors
        const validResult = validationResult(req);

+        //If there are none
        if(validResult.isEmpty()){
+            //Get sanatized/validated data
            const user = matchedData(req);
+            //Verify Altcha Payload
+            const verified = await altchaUtils.verify(req.body.verification);
+
+            //If altcha verification failed
+            if(!verified){
+                return errorHandler(res, 'Altcha verification failed, Please refresh the page!', 'unauthorized');
+            }

            //Would prefer to stick this in userModel.statics.register() but we end up with circular dependencies >:(
            const nukedBans = await userBanModel.checkProcessedBans(user.user);
@ -42,9 +56,9 @@ module.exports.post = async function(req, res){
            return res.sendStatus(200);
        }else{
            res.status(400);
-            res.send({errors: validResult.array()})
+            return res.send({errors: validResult.array()});
        }
    }catch(err){
-        exceptionHandler(res, err);
+        return exceptionHandler(res, err);
    }
 }
--- a/src/controllers/api/channel/registerController.js
+++ b/src/controllers/api/channel/registerController.js
@ -20,6 +20,7 @@ const {validationResult, matchedData} = require('express-validator');
 //local imports
 const {exceptionHandler, errorHandler} = require('../../../utils/loggerUtils');
 const {userModel} = require('../../../schemas/userSchema');
+const altchaUtils = require('../../../utils/altchaUtils');
 const channelModel = require('../../../schemas/channel/channelSchema');

 //api account functions
@ -32,6 +33,15 @@ module.exports.post = async function(req, res){
        if(validResult.isEmpty()){
            //Set channel object from sanatized/validated data, and get user document from session data
            const channel = matchedData(req);
+            //Verify Altcha Payload
+            const verified = await altchaUtils.verify(req.body.verification);
+
+            //If altcha verification failed
+            if(!verified){
+                return errorHandler(res, 'Altcha verification failed, Please refresh the page!', 'unauthorized');
+            }
+
+            //Find current user
            const userDB = await userModel.findOne({user: req.session.user.user});

            //register new channel with requesting user as owner
--- a/src/controllers/newChannelController.js
+++ b/src/controllers/newChannelController.js
@ -14,10 +14,17 @@ GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see <https://www.gnu.org/licenses/>.*/

+//Local Imports
+const altchaUtils = require('../utils/altchaUtils');
+
 //Config
 const config = require('../../config.json');

 //root index functions
 module.exports.get = async function(req, res){
-    res.render('newChannel', {instance: config.instanceName, user: req.session.user});
+    //Generate captcha
+    const challenge = await altchaUtils.genCaptcha();
+
+    //render the page
+    return res.render('newChannel', {instance: config.instanceName, user: req.session.user, challenge});
 }
--- a/src/controllers/registerController.js
+++ b/src/controllers/registerController.js
@ -17,7 +17,14 @@ along with this program.  If not, see <https://www.gnu.org/licenses/>.*/
 //Config
 const config = require('../../config.json');

+//Local Imports
+const altchaUtils = require('../utils/altchaUtils');
+
 //register page functions
-module.exports.get = function(req, res){
-    res.render('register', {instance: config.instanceName, user: req.session.user});
+module.exports.get = async function(req, res){
+     //Generate captcha
+    const challenge = await altchaUtils.genCaptcha();
+
+    //Render page
+    return res.render('register', {instance: config.instanceName, user: req.session.user, challenge});
 }