Cavemanon/haproxy-protection
8
Fork 0
mirror of https://gitgud.io/fatchan/haproxy-protection.git synced 2025-05-09 02:05:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

combine POW and captcha into one

Browse Source
This commit is contained in:
Thomas Lynch
2021-11-24 05:17:06 +11:00
parent 5c7e796440
commit 9f26e53798
10 changed files with 3088 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2962
src/libs/sha.lua Normal file
View File

File diff suppressed because it is too large Load Diff

25
src/libs/utils.lua
View File

@ -1,18 +1,27 @@
local _M = {}
local sha = require("sha")
local secret_bucket_duration = 43200 -- 60 * 60 * 12 -- 12 hours
function _M.generate_secret(context, salt, is_applet)
function _M.generate_secret(context, salt, is_applet, iterations)
local start_sec = core.now()['sec']
local bucket = start_sec - (start_sec % secret_bucket_duration)
local ip = context.sf:src()
local user_agent
if is_applet == true then
user_agent = context.headers['user-agent'] or {}
user_agent = user_agent[0]
local ip = context.sf:src()
local user_agent = ""
--TODO: fix bug here making this not be same value
-- if is_applet == true then
-- user_agent = context.headers['user-agent'] or {}
-- user_agent = user_agent[0]
-- else
-- user_agent = context.sf:req_hdr('user-agent')
-- end
if iterations == nil then
--hcaptcha secret is just this
return context.sc:xxh32(salt .. bucket .. ip .. user_agent)
else
user_agent = context.sf:req_hdr('user-agent')
--POW secret adds the iteration number by the user
return sha.sha1(salt .. bucket .. ip .. user_agent .. iterations)
end
return context.sc:xxh64(salt .. bucket .. ip .. user_agent)
end
return _M