rainbownapkin/canopy
1
0
Fork 0
Code Issues 5 Pull requests Projects Releases Packages Wiki Activity Actions

Added 'altcha' captcha system for account and channel creation.

Browse source
This commit is contained in:
rainbow napkin 2024-12-26 06:09:49 -05:00
parent 60801f0dc2
commit e0f53df176
20 changed files with 326 additions and 55 deletions
Download patch file Download diff file Expand all files Collapse all files

61
src/utils/altchaUtils.js Normal file
View file

@ -0,0 +1,61 @@
/*Canopy - The next generation of stoner streaming software
Copyright (C) 2024 Rainbownapkin and the TTN Community
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.*/
//Config
const config = require('../../config.json');
//NPM imports
const { createChallenge, verifySolution } = require('altcha-lib');
//Create empty array to hold cache of spent payloades to protect against replay attacks
const spent = [];
//Captcha lifetime in minutes
const lifetime = 2;
module.exports.genCaptcha = async function(){
//Set altcha expiration date
const expiration = new Date();
//Add four minutes
expiration.setMinutes(expiration.getMinutes() + lifetime);
//Generate Altcha Challenge
return await createChallenge({
hmacKey: config.altchaSecret,
maxNumber: 200000,
expires: expiration
});
}
module.exports.verify = async function(payload){
//If we already checked this payload
if(spent.indexOf(payload) != -1){
//Fuck off and die
return false;
}
//Get length before pushing payload to get index of next item
const payloadIndex = spent.length;
//Add payload to cache of spent payloades
spent.push(payload);
//Set timeout to splice out the used payload after its expired so we're not filling RAM with expired payloads that aren't going to resolve true anyways
setTimeout(() => {spent.splice(payloadIndex,1);}, lifetime * 60 * 1000);
//Return verification results
return await verifySolution(payload, config.altchaSecret);
}