combine POW and captcha into one

This commit is contained in:
Thomas Lynch
2021-11-24 05:17:06 +11:00
parent 5c7e796440
commit 9f26e53798
10 changed files with 3088 additions and 29 deletions

2962
src/libs/sha.lua Normal file

File diff suppressed because it is too large Load Diff

View File

@ -1,18 +1,27 @@
local _M = {}
local sha = require("sha")
local secret_bucket_duration = 43200 -- 60 * 60 * 12 -- 12 hours
function _M.generate_secret(context, salt, is_applet)
function _M.generate_secret(context, salt, is_applet, iterations)
local start_sec = core.now()['sec']
local bucket = start_sec - (start_sec % secret_bucket_duration)
local ip = context.sf:src()
local user_agent
if is_applet == true then
user_agent = context.headers['user-agent'] or {}
user_agent = user_agent[0]
local ip = context.sf:src()
local user_agent = ""
--TODO: fix bug here making this not be same value
-- if is_applet == true then
-- user_agent = context.headers['user-agent'] or {}
-- user_agent = user_agent[0]
-- else
-- user_agent = context.sf:req_hdr('user-agent')
-- end
if iterations == nil then
--hcaptcha secret is just this
return context.sc:xxh32(salt .. bucket .. ip .. user_agent)
else
user_agent = context.sf:req_hdr('user-agent')
--POW secret adds the iteration number by the user
return sha.sha1(salt .. bucket .. ip .. user_agent .. iterations)
end
return context.sc:xxh64(salt .. bucket .. ip .. user_agent)
end
return _M