Cavemanon/haproxy-protection
8
Fork 0
mirror of https://gitgud.io/fatchan/haproxy-protection.git synced 2025-05-09 02:05:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Close #18 make answers and redirect calls shared between tabs with localstorage to not solve and submit answer multiple times when opening multiple tabs/bookmarks, etc

Browse Source
This commit is contained in:
Thomas Lynch
2023-02-11 16:08:44 +11:00
parent 08a966c121
commit a303689641
2 changed files with 43 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docker-compose.yml
View File

@ -37,7 +37,7 @@ services:
- CHALLENGE_INCLUDES_IP=1 - CHALLENGE_INCLUDES_IP=1
- POW_TIME=2 - POW_TIME=2
- POW_KB=512 - POW_KB=512
- POW_DIFFICULTY=25 - POW_DIFFICULTY=24
- TOR_CONTROL_PORT_PASSWORD=changeme - TOR_CONTROL_PORT_PASSWORD=changeme
nginx: nginx:

66
src/js/challenge.js
View File

@ -52,18 +52,47 @@ function postResponse(powResponse, captchaResponse) {
} else if (s >= 500) { } else if (s >= 500) {
return insertError('server responded with error.'); return insertError('server responded with error.');
} }
window.localStorage.setItem('basedflare-redirect', Math.random());
finishRedirect(); finishRedirect();
}).catch(() => { }).catch(() => {
insertError('failed to send challenge response.'); insertError('failed to send challenge response.');
}); });
} }
const powFinished = new Promise((resolve, reject) => { const powFinished = new Promise(resolve => {
const start = Date.now();
const workers = [];
let finished = false;
const stopPow = () => {
finished = true;
const hasCaptcha = document.getElementById('captcha');
updateElem('.powstatus', `Found proof-of-work solution.${!hasCaptcha?' Submitting...':''}`);
workers.forEach(w => w.terminate());
};
const submitPow = (answer) => {
window.localStorage.setItem('basedflare-pow-response', answer);
stopPow();
resolve({ answer });
};
window.addEventListener('DOMContentLoaded', async () => { window.addEventListener('DOMContentLoaded', async () => {
const { time, kb, pow, diff } = document.querySelector('[data-pow]').dataset;
window.addEventListener('storage', event => {
if (event.key === 'basedflare-pow-response' && !finished) {
console.log('Got answer', event.newValue, 'from storage event');
stopPow();
resolve({ answer: event.newValue, localStorage: true });
} else if (event.key === 'basedflare-redirect') {
console.log('Redirecting, solved in another tab');
finishRedirect();
}
});
if (!wasmSupported) { if (!wasmSupported) {
return insertError('browser does not support WebAssembly.'); return insertError('browser does not support WebAssembly.');
} }
const { time, kb, pow, diff } = document.querySelector('[data-pow]').dataset;
const argonOpts = { const argonOpts = {
time: time, time: time,
mem: kb, mem: kb,
@ -74,16 +103,13 @@ const powFinished = new Promise((resolve, reject) => {
console.log('Got pow', pow, 'with difficulty', diff); console.log('Got pow', pow, 'with difficulty', diff);
const eHashes = Math.pow(16, Math.floor(diff/8)) * ((diff%8)*2); const eHashes = Math.pow(16, Math.floor(diff/8)) * ((diff%8)*2);
const diffString = '0'.repeat(Math.floor(diff/8)); const diffString = '0'.repeat(Math.floor(diff/8));
const combined = pow; const [userkey, challenge] = pow.split("#");
const [userkey, challenge] = combined.split("#");
const start = Date.now();
if (window.Worker) { if (window.Worker) {
const cpuThreads = window.navigator.hardwareConcurrency; const cpuThreads = window.navigator.hardwareConcurrency;
const isTor = location.hostname.endsWith('.onion'); const isTor = location.hostname.endsWith('.onion');
/* Try to use all threads on tor, because tor limits threads for anti fingerprinting but this /* Try to use all threads on tor, because tor limits threads for anti fingerprinting but this
makes it awfully slow because workerThreads will always be = 1 */ makes it awfully slow because workerThreads will always be = 1 */
const workerThreads = isTor ? cpuThreads : Math.max(Math.ceil(cpuThreads/2),cpuThreads-1); const workerThreads = isTor ? cpuThreads : Math.max(Math.ceil(cpuThreads/2),cpuThreads-1);
let finished = false;
const messageHandler = (e) => { const messageHandler = (e) => {
if (e.data.length === 1) { if (e.data.length === 1) {
const totalHashes = e.data[0]; //assumes all worker threads are same speed const totalHashes = e.data[0]; //assumes all worker threads are same speed
@ -94,28 +120,21 @@ const powFinished = new Promise((resolve, reject) => {
return updateElem('.powstatus', `Proof-of-work: ${hps}H/s, ~${remainingSec}s remaining`); return updateElem('.powstatus', `Proof-of-work: ${hps}H/s, ~${remainingSec}s remaining`);
} }
if (finished) { return; } if (finished) { return; }
finished = true;
const hasCaptcha = document.getElementById('captcha');
updateElem('.powstatus', `Found proof-of-work solution.${!hasCaptcha?' Submitting...':''}`);
workers.forEach(w => w.terminate());
const [workerId, answer] = e.data; const [workerId, answer] = e.data;
console.log('Worker', workerId, 'returned answer', answer, 'in', Date.now()-start+'ms'); console.log('Worker', workerId, 'returned answer', answer, 'in', Date.now()-start+'ms');
const dummyTime = 5000 - (Date.now()-start); submitPow(`${pow}#${answer}`);
window.setTimeout(() => {
resolve(`${combined}#${answer}`);
}, dummyTime);
} }
const workers = [];
for (let i = 0; i < workerThreads; i++) { for (let i = 0; i < workerThreads; i++) {
const argonWorker = new Worker('/.basedflare/js/worker.js'); const argonWorker = new Worker('/.basedflare/js/worker.js');
argonWorker.onmessage = messageHandler; argonWorker.onmessage = messageHandler;
workers.push(argonWorker); workers.push(argonWorker);
} }
for (let i = 0; i < workerThreads; i++) { for (let i = 0; i < workerThreads; i++) {
await new Promise(res => setTimeout(res, 100)); await new Promise(res => setTimeout(res, 10));
workers[i].postMessage([userkey, challenge, diff, diffString, argonOpts, i, workerThreads]); workers[i].postMessage([userkey, challenge, diff, diffString, argonOpts, i, workerThreads]);
} }
} else { } else {
//TODO: remove this section, it _will_ cause problems
console.warn('No webworker support, running in main/UI thread!'); console.warn('No webworker support, running in main/UI thread!');
let i = 0; let i = 0;
const start = Date.now(); const start = Date.now();
@ -133,25 +152,24 @@ const powFinished = new Promise((resolve, reject) => {
} }
++i; ++i;
} }
const dummyTime = 5000 - (Date.now()-start); submitPow(`${pow}#${i}`);
window.setTimeout(() => {
resolve(`${combined}#${i}`);
}, dummyTime);
} }
}); });
}).then((powResponse) => { }).then((powResponse) => {
const hasCaptchaForm = document.getElementById('captcha'); const hasCaptchaForm = document.getElementById('captcha');
if (!hasCaptchaForm) { if (!hasCaptchaForm && !powResponse.localStorage) {
postResponse(powResponse); postResponse(powResponse.answer);
} }
return powResponse; return powResponse.answer;
}).catch((e) => {
console.error(e);
}); });
function onCaptchaSubmit(captchaResponse) { function onCaptchaSubmit(captchaResponse) {
const captchaElem = document.querySelector('[data-sitekey]'); const captchaElem = document.querySelector('[data-sitekey]');
captchaElem.insertAdjacentHTML('afterend', `<div class="lds-ring"><div></div><div></div><div></div><div></div></div>`); captchaElem.insertAdjacentHTML('afterend', `<div class="lds-ring"><div></div><div></div><div></div><div></div></div>`);
captchaElem.remove(); captchaElem.remove();
powFinished.then((powResponse) => { powFinished.then(powResponse => {
postResponse(powResponse, captchaResponse); postResponse(powResponse, captchaResponse);
}); });
} }