mirror of
https://github.com/mCaptcha/mCaptcha.git
synced 2026-02-11 18:15:39 +00:00
Deploying to gh-pages from @ c92a35a01f 🚀
This commit is contained in:
realaravinth
@@ -355,6 +355,9 @@
|
||||
<span id="350">350</span>
|
||||
<span id="351">351</span>
|
||||
<span id="352">352</span>
|
||||
<span id="353">353</span>
|
||||
<span id="354">354</span>
|
||||
<span id="355">355</span>
|
||||
</pre><pre class="rust"><code><span class="comment">/*
|
||||
* Copyright (C) 2022 Aravinth Manivannan <realaravinth@batsense.net>
|
||||
*
|
||||
@@ -491,6 +494,9 @@
|
||||
<span class="doccomment">/// get a user's secret</span>
|
||||
<span class="kw">async</span> <span class="kw">fn</span> <span class="ident">get_secret</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">username</span>: <span class="kw-2">&</span><span class="ident">str</span>) -> <span class="ident">DBResult</span><span class="op"><</span><span class="ident">Secret</span><span class="op">></span>;
|
||||
|
||||
<span class="doccomment">/// get a user's secret from a captcha key</span>
|
||||
<span class="kw">async</span> <span class="kw">fn</span> <span class="ident">get_secret_from_captcha</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">key</span>: <span class="kw-2">&</span><span class="ident">str</span>) -> <span class="ident">DBResult</span><span class="op"><</span><span class="ident">Secret</span><span class="op">></span>;
|
||||
|
||||
<span class="doccomment">/// update a user's secret</span>
|
||||
<span class="kw">async</span> <span class="kw">fn</span> <span class="ident">update_secret</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">username</span>: <span class="kw-2">&</span><span class="ident">str</span>, <span class="ident">secret</span>: <span class="kw-2">&</span><span class="ident">str</span>) -> <span class="ident">DBResult</span><span class="op"><</span>()<span class="op">></span>;
|
||||
|
||||
|
||||
@@ -287,6 +287,10 @@
|
||||
<span id="282">282</span>
|
||||
<span id="283">283</span>
|
||||
<span id="284">284</span>
|
||||
<span id="285">285</span>
|
||||
<span id="286">286</span>
|
||||
<span id="287">287</span>
|
||||
<span id="288">288</span>
|
||||
</pre><pre class="rust"><code><span class="comment">/*
|
||||
* Copyright (C) 2022 Aravinth Manivannan <realaravinth@batsense.net>
|
||||
*
|
||||
@@ -465,6 +469,10 @@
|
||||
<span class="macro">assert!</span>(<span class="ident">db</span>.<span class="ident">captcha_exists</span>(<span class="prelude-val">None</span>, <span class="ident">c</span>.<span class="ident">key</span>).<span class="kw">await</span>.<span class="ident">unwrap</span>());
|
||||
<span class="macro">assert!</span>(<span class="ident">db</span>.<span class="ident">captcha_exists</span>(<span class="prelude-val">Some</span>(<span class="ident">p</span>.<span class="ident">username</span>), <span class="ident">c</span>.<span class="ident">key</span>).<span class="kw">await</span>.<span class="ident">unwrap</span>());
|
||||
|
||||
<span class="comment">// get secret from captcha key</span>
|
||||
<span class="kw">let</span> <span class="ident">secret_from_captcha</span> <span class="op">=</span> <span class="ident">db</span>.<span class="ident">get_secret_from_captcha</span>(<span class="kw-2">&</span><span class="ident">c</span>.<span class="ident">key</span>).<span class="kw">await</span>.<span class="ident">unwrap</span>();
|
||||
<span class="macro">assert_eq!</span>(<span class="ident">secret_from_captcha</span>.<span class="ident">secret</span>, <span class="ident">p</span>.<span class="ident">secret</span>, <span class="string">"user secret matches"</span>);
|
||||
|
||||
<span class="comment">// get captcha configuration</span>
|
||||
<span class="kw">let</span> <span class="ident">captcha</span> <span class="op">=</span> <span class="ident">db</span>.<span class="ident">get_captcha_config</span>(<span class="ident">p</span>.<span class="ident">username</span>, <span class="ident">c</span>.<span class="ident">key</span>).<span class="kw">await</span>.<span class="ident">unwrap</span>();
|
||||
<span class="macro">assert_eq!</span>(<span class="ident">captcha</span>.<span class="ident">key</span>, <span class="ident">c</span>.<span class="ident">key</span>);
|
||||
|
||||
@@ -958,6 +958,22 @@
|
||||
<span id="953">953</span>
|
||||
<span id="954">954</span>
|
||||
<span id="955">955</span>
|
||||
<span id="956">956</span>
|
||||
<span id="957">957</span>
|
||||
<span id="958">958</span>
|
||||
<span id="959">959</span>
|
||||
<span id="960">960</span>
|
||||
<span id="961">961</span>
|
||||
<span id="962">962</span>
|
||||
<span id="963">963</span>
|
||||
<span id="964">964</span>
|
||||
<span id="965">965</span>
|
||||
<span id="966">966</span>
|
||||
<span id="967">967</span>
|
||||
<span id="968">968</span>
|
||||
<span id="969">969</span>
|
||||
<span id="970">970</span>
|
||||
<span id="971">971</span>
|
||||
</pre><pre class="rust"><code><span class="comment">/*
|
||||
* Copyright (C) 2022 Aravinth Manivannan <realaravinth@batsense.net>
|
||||
*
|
||||
@@ -1259,6 +1275,22 @@
|
||||
<span class="prelude-val">Ok</span>(<span class="ident">secret</span>)
|
||||
}
|
||||
|
||||
<span class="doccomment">/// get a user's secret from a captcha key</span>
|
||||
<span class="kw">async</span> <span class="kw">fn</span> <span class="ident">get_secret_from_captcha</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">key</span>: <span class="kw-2">&</span><span class="ident">str</span>) -> <span class="ident">DBResult</span><span class="op"><</span><span class="ident">Secret</span><span class="op">></span> {
|
||||
<span class="kw">let</span> <span class="ident">secret</span> <span class="op">=</span> <span class="macro">sqlx::query_as!</span>(
|
||||
<span class="ident">Secret</span>,
|
||||
<span class="string">r#"SELECT secret FROM mcaptcha_users WHERE ID = (
|
||||
SELECT user_id FROM mcaptcha_config WHERE key = $1
|
||||
)"#</span>,
|
||||
<span class="ident">key</span>,
|
||||
)
|
||||
.<span class="ident">fetch_one</span>(<span class="kw-2">&</span><span class="self">self</span>.<span class="ident">pool</span>)
|
||||
.<span class="kw">await</span>
|
||||
.<span class="ident">map_err</span>(<span class="op">|</span><span class="ident">e</span><span class="op">|</span> <span class="ident">map_row_not_found_err</span>(<span class="ident">e</span>, <span class="ident">DBError::AccountNotFound</span>))<span class="question-mark">?</span>;
|
||||
|
||||
<span class="prelude-val">Ok</span>(<span class="ident">secret</span>)
|
||||
}
|
||||
|
||||
<span class="doccomment">/// update a user's secret</span>
|
||||
<span class="kw">async</span> <span class="kw">fn</span> <span class="ident">update_secret</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">username</span>: <span class="kw-2">&</span><span class="ident">str</span>, <span class="ident">secret</span>: <span class="kw-2">&</span><span class="ident">str</span>) -> <span class="ident">DBResult</span><span class="op"><</span>()<span class="op">></span> {
|
||||
<span class="macro">sqlx::query!</span>(
|
||||
|
||||
@@ -160,6 +160,47 @@
|
||||
<span id="155">155</span>
|
||||
<span id="156">156</span>
|
||||
<span id="157">157</span>
|
||||
<span id="158">158</span>
|
||||
<span id="159">159</span>
|
||||
<span id="160">160</span>
|
||||
<span id="161">161</span>
|
||||
<span id="162">162</span>
|
||||
<span id="163">163</span>
|
||||
<span id="164">164</span>
|
||||
<span id="165">165</span>
|
||||
<span id="166">166</span>
|
||||
<span id="167">167</span>
|
||||
<span id="168">168</span>
|
||||
<span id="169">169</span>
|
||||
<span id="170">170</span>
|
||||
<span id="171">171</span>
|
||||
<span id="172">172</span>
|
||||
<span id="173">173</span>
|
||||
<span id="174">174</span>
|
||||
<span id="175">175</span>
|
||||
<span id="176">176</span>
|
||||
<span id="177">177</span>
|
||||
<span id="178">178</span>
|
||||
<span id="179">179</span>
|
||||
<span id="180">180</span>
|
||||
<span id="181">181</span>
|
||||
<span id="182">182</span>
|
||||
<span id="183">183</span>
|
||||
<span id="184">184</span>
|
||||
<span id="185">185</span>
|
||||
<span id="186">186</span>
|
||||
<span id="187">187</span>
|
||||
<span id="188">188</span>
|
||||
<span id="189">189</span>
|
||||
<span id="190">190</span>
|
||||
<span id="191">191</span>
|
||||
<span id="192">192</span>
|
||||
<span id="193">193</span>
|
||||
<span id="194">194</span>
|
||||
<span id="195">195</span>
|
||||
<span id="196">196</span>
|
||||
<span id="197">197</span>
|
||||
<span id="198">198</span>
|
||||
</pre><pre class="rust"><code><span class="comment">/*
|
||||
* Copyright (C) 2022 Aravinth Manivannan <realaravinth@batsense.net>
|
||||
*
|
||||
@@ -191,23 +232,41 @@
|
||||
<span class="kw">pub</span> <span class="ident">valid</span>: <span class="ident">bool</span>,
|
||||
}
|
||||
|
||||
<span class="attribute">#[<span class="ident">derive</span>(<span class="ident">Clone</span>, <span class="ident">Debug</span>, <span class="ident">Deserialize</span>, <span class="ident">Serialize</span>)]</span>
|
||||
<span class="kw">pub</span> <span class="kw">struct</span> <span class="ident">VerifyCaptchaResultPayload</span> {
|
||||
<span class="kw">pub</span> <span class="ident">secret</span>: <span class="ident">String</span>,
|
||||
<span class="kw">pub</span> <span class="ident">key</span>: <span class="ident">String</span>,
|
||||
<span class="kw">pub</span> <span class="ident">token</span>: <span class="ident">String</span>,
|
||||
}
|
||||
|
||||
<span class="kw">impl</span> <span class="ident">From</span><span class="op"><</span><span class="ident">VerifyCaptchaResultPayload</span><span class="op">></span> <span class="kw">for</span> <span class="ident">VerifyCaptchaResult</span> {
|
||||
<span class="kw">fn</span> <span class="ident">from</span>(<span class="ident">m</span>: <span class="ident">VerifyCaptchaResultPayload</span>) -> <span class="self">Self</span> {
|
||||
<span class="ident">VerifyCaptchaResult</span> {
|
||||
<span class="ident">token</span>: <span class="ident">m</span>.<span class="ident">token</span>,
|
||||
<span class="ident">key</span>: <span class="ident">m</span>.<span class="ident">key</span>,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
<span class="comment">// API keys are mcaptcha actor names</span>
|
||||
|
||||
<span class="doccomment">/// route hander that validates a PoW solution token</span>
|
||||
<span class="attribute">#[<span class="ident">my_codegen::post</span>(<span class="ident">path</span> <span class="op">=</span> <span class="string">"V1_API_ROUTES.pow.validate_captcha_token()"</span>)]</span>
|
||||
<span class="kw">pub</span> <span class="kw">async</span> <span class="kw">fn</span> <span class="ident">validate_captcha_token</span>(
|
||||
<span class="ident">payload</span>: <span class="ident">web::Json</span><span class="op"><</span><span class="ident">VerifyCaptchaResult</span><span class="op">></span>,
|
||||
<span class="ident">payload</span>: <span class="ident">web::Json</span><span class="op"><</span><span class="ident">VerifyCaptchaResultPayload</span><span class="op">></span>,
|
||||
<span class="ident">data</span>: <span class="ident">AppData</span>,
|
||||
) -> <span class="ident">ServiceResult</span><span class="op"><</span><span class="kw">impl</span> <span class="ident">Responder</span><span class="op">></span> {
|
||||
<span class="kw">let</span> <span class="ident">secret</span> <span class="op">=</span> <span class="ident">data</span>.<span class="ident">db</span>.<span class="ident">get_secret_from_captcha</span>(<span class="kw-2">&</span><span class="ident">payload</span>.<span class="ident">key</span>).<span class="kw">await</span><span class="question-mark">?</span>;
|
||||
<span class="kw">if</span> <span class="ident">secret</span>.<span class="ident">secret</span> <span class="op">!</span><span class="op">=</span> <span class="ident">payload</span>.<span class="ident">secret</span> {
|
||||
<span class="kw">return</span> <span class="prelude-val">Err</span>(<span class="ident">ServiceError::WrongPassword</span>);
|
||||
}
|
||||
<span class="kw">let</span> <span class="ident">payload</span>: <span class="ident">VerifyCaptchaResult</span> <span class="op">=</span> <span class="ident">payload</span>.<span class="ident">into_inner</span>().<span class="ident">into</span>();
|
||||
<span class="kw">let</span> <span class="ident">key</span> <span class="op">=</span> <span class="ident">payload</span>.<span class="ident">key</span>.<span class="ident">clone</span>();
|
||||
<span class="kw">let</span> <span class="ident">res</span> <span class="op">=</span> <span class="ident">data</span>
|
||||
.<span class="ident">captcha</span>
|
||||
.<span class="ident">validate_verification_tokens</span>(<span class="ident">payload</span>.<span class="ident">into_inner</span>())
|
||||
.<span class="kw">await</span><span class="question-mark">?</span>;
|
||||
<span class="kw">let</span> <span class="ident">payload</span> <span class="op">=</span> <span class="ident">CaptchaValidateResp</span> { <span class="ident">valid</span>: <span class="ident">res</span> };
|
||||
<span class="kw">let</span> <span class="ident">res</span> <span class="op">=</span> <span class="ident">data</span>.<span class="ident">captcha</span>.<span class="ident">validate_verification_tokens</span>(<span class="ident">payload</span>).<span class="kw">await</span><span class="question-mark">?</span>;
|
||||
<span class="kw">let</span> <span class="ident">resp</span> <span class="op">=</span> <span class="ident">CaptchaValidateResp</span> { <span class="ident">valid</span>: <span class="ident">res</span> };
|
||||
<span class="ident">data</span>.<span class="ident">stats</span>.<span class="ident">record_confirm</span>(<span class="kw-2">&</span><span class="ident">data</span>, <span class="kw-2">&</span><span class="ident">key</span>).<span class="kw">await</span><span class="question-mark">?</span>;
|
||||
<span class="comment">//println!("{:?}", &payload);</span>
|
||||
<span class="prelude-val">Ok</span>(<span class="ident">HttpResponse::Ok</span>().<span class="ident">json</span>(<span class="ident">payload</span>))
|
||||
<span class="prelude-val">Ok</span>(<span class="ident">HttpResponse::Ok</span>().<span class="ident">json</span>(<span class="ident">resp</span>))
|
||||
}
|
||||
|
||||
<span class="attribute">#[<span class="ident">cfg</span>(<span class="ident">test</span>)]</span>
|
||||
@@ -238,8 +297,21 @@
|
||||
<span class="ident">delete_user</span>(<span class="ident">data</span>, <span class="ident">NAME</span>).<span class="kw">await</span>;
|
||||
|
||||
<span class="ident">register_and_signin</span>(<span class="ident">data</span>, <span class="ident">NAME</span>, <span class="ident">EMAIL</span>, <span class="ident">PASSWORD</span>).<span class="kw">await</span>;
|
||||
<span class="kw">let</span> (<span class="kw">_</span>, <span class="ident">_signin_resp</span>, <span class="ident">token_key</span>) <span class="op">=</span> <span class="ident">add_levels_util</span>(<span class="ident">data</span>, <span class="ident">NAME</span>, <span class="ident">PASSWORD</span>).<span class="kw">await</span>;
|
||||
<span class="kw">let</span> (<span class="kw">_</span>, <span class="ident">signin_resp</span>, <span class="ident">token_key</span>) <span class="op">=</span> <span class="ident">add_levels_util</span>(<span class="ident">data</span>, <span class="ident">NAME</span>, <span class="ident">PASSWORD</span>).<span class="kw">await</span>;
|
||||
<span class="kw">let</span> <span class="ident">app</span> <span class="op">=</span> <span class="macro">get_app!</span>(<span class="ident">data</span>).<span class="kw">await</span>;
|
||||
<span class="kw">let</span> <span class="ident">cookies</span> <span class="op">=</span> <span class="macro">get_cookie!</span>(<span class="ident">signin_resp</span>);
|
||||
|
||||
<span class="kw">let</span> <span class="ident">secret</span> <span class="op">=</span> <span class="ident">test::call_service</span>(
|
||||
<span class="kw-2">&</span><span class="ident">app</span>,
|
||||
<span class="ident">test::TestRequest::get</span>()
|
||||
.<span class="ident">cookie</span>(<span class="ident">cookies</span>.<span class="ident">clone</span>())
|
||||
.<span class="ident">uri</span>(<span class="ident">V1_API_ROUTES</span>.<span class="ident">account</span>.<span class="ident">get_secret</span>)
|
||||
.<span class="ident">to_request</span>(),
|
||||
)
|
||||
.<span class="kw">await</span>;
|
||||
<span class="macro">assert_eq!</span>(<span class="ident">secret</span>.<span class="ident">status</span>(), <span class="ident">StatusCode::OK</span>);
|
||||
<span class="kw">let</span> <span class="ident">secret</span>: <span class="ident">db_core::Secret</span> <span class="op">=</span> <span class="ident">test::read_body_json</span>(<span class="ident">secret</span>).<span class="kw">await</span>;
|
||||
<span class="kw">let</span> <span class="ident">secret</span> <span class="op">=</span> <span class="ident">secret</span>.<span class="ident">secret</span>;
|
||||
|
||||
<span class="kw">let</span> <span class="ident">get_config_payload</span> <span class="op">=</span> <span class="ident">GetConfigPayload</span> {
|
||||
<span class="ident">key</span>: <span class="ident">token_key</span>.<span class="ident">key</span>.<span class="ident">clone</span>(),
|
||||
@@ -278,11 +350,35 @@
|
||||
<span class="macro">assert_eq!</span>(<span class="ident">pow_verify_resp</span>.<span class="ident">status</span>(), <span class="ident">StatusCode::OK</span>);
|
||||
<span class="kw">let</span> <span class="ident">client_token</span>: <span class="ident">ValidationToken</span> <span class="op">=</span> <span class="ident">test::read_body_json</span>(<span class="ident">pow_verify_resp</span>).<span class="kw">await</span>;
|
||||
|
||||
<span class="kw">let</span> <span class="ident">validate_payload</span> <span class="op">=</span> <span class="ident">VerifyCaptchaResult</span> {
|
||||
<span class="kw">let</span> <span class="kw-2">mut</span> <span class="ident">validate_payload</span> <span class="op">=</span> <span class="ident">VerifyCaptchaResultPayload</span> {
|
||||
<span class="ident">token</span>: <span class="ident">client_token</span>.<span class="ident">token</span>.<span class="ident">clone</span>(),
|
||||
<span class="ident">key</span>: <span class="ident">token_key</span>.<span class="ident">key</span>.<span class="ident">clone</span>(),
|
||||
<span class="ident">secret</span>: <span class="ident">NAME</span>.<span class="ident">to_string</span>(),
|
||||
};
|
||||
|
||||
<span class="comment">// siteverify authentication failure</span>
|
||||
<span class="ident">bad_post_req_test</span>(
|
||||
<span class="ident">data</span>,
|
||||
<span class="ident">NAME</span>,
|
||||
<span class="ident">PASSWORD</span>,
|
||||
<span class="ident">VERIFY_TOKEN_URL</span>,
|
||||
<span class="kw-2">&</span><span class="ident">validate_payload</span>,
|
||||
<span class="ident">ServiceError::WrongPassword</span>,
|
||||
)
|
||||
.<span class="kw">await</span>;
|
||||
<span class="comment">// let validate_client_token = test::call_service(</span>
|
||||
<span class="comment">// &app,</span>
|
||||
<span class="comment">// post_request!(&validate_payload, VERIFY_TOKEN_URL).to_request(),</span>
|
||||
<span class="comment">// )</span>
|
||||
<span class="comment">// .await;</span>
|
||||
<span class="comment">// assert_eq!(validate_client_token.status(), StatusCode::OK);</span>
|
||||
<span class="comment">// let resp: CaptchaValidateResp =</span>
|
||||
<span class="comment">// test::read_body_json(validate_client_token).await;</span>
|
||||
<span class="comment">// assert!(resp.valid);</span>
|
||||
|
||||
<span class="comment">// verifying work</span>
|
||||
<span class="ident">validate_payload</span>.<span class="ident">secret</span> <span class="op">=</span> <span class="ident">secret</span>.<span class="ident">clone</span>();
|
||||
|
||||
<span class="kw">let</span> <span class="ident">validate_client_token</span> <span class="op">=</span> <span class="ident">test::call_service</span>(
|
||||
<span class="kw-2">&</span><span class="ident">app</span>,
|
||||
<span class="macro">post_request!</span>(<span class="kw-2">&</span><span class="ident">validate_payload</span>, <span class="ident">VERIFY_TOKEN_URL</span>).<span class="ident">to_request</span>(),
|
||||
@@ -301,20 +397,6 @@
|
||||
.<span class="kw">await</span>;
|
||||
<span class="kw">let</span> <span class="ident">resp</span>: <span class="ident">CaptchaValidateResp</span> <span class="op">=</span> <span class="ident">test::read_body_json</span>(<span class="ident">string_not_found</span>).<span class="kw">await</span>;
|
||||
<span class="macro">assert!</span>(<span class="op">!</span><span class="ident">resp</span>.<span class="ident">valid</span>);
|
||||
|
||||
<span class="kw">let</span> <span class="ident">validate_payload</span> <span class="op">=</span> <span class="ident">VerifyCaptchaResult</span> {
|
||||
<span class="ident">token</span>: <span class="ident">client_token</span>.<span class="ident">token</span>.<span class="ident">clone</span>(),
|
||||
<span class="ident">key</span>: <span class="ident">client_token</span>.<span class="ident">token</span>.<span class="ident">clone</span>(),
|
||||
};
|
||||
|
||||
<span class="comment">// key not found</span>
|
||||
<span class="kw">let</span> <span class="ident">key_not_found</span> <span class="op">=</span> <span class="ident">test::call_service</span>(
|
||||
<span class="kw-2">&</span><span class="ident">app</span>,
|
||||
<span class="macro">post_request!</span>(<span class="kw-2">&</span><span class="ident">validate_payload</span>, <span class="ident">VERIFY_TOKEN_URL</span>).<span class="ident">to_request</span>(),
|
||||
)
|
||||
.<span class="kw">await</span>;
|
||||
<span class="kw">let</span> <span class="ident">resp</span>: <span class="ident">CaptchaValidateResp</span> <span class="op">=</span> <span class="ident">test::read_body_json</span>(<span class="ident">key_not_found</span>).<span class="kw">await</span>;
|
||||
<span class="macro">assert!</span>(<span class="op">!</span><span class="ident">resp</span>.<span class="ident">valid</span>);
|
||||
}
|
||||
}
|
||||
</code></pre></div>
|
||||
|
||||
Reference in New Issue
Block a user