forked from jmug/stoatchat
Add hCaptcha support.
This commit is contained in:
2
Cargo.lock
generated
2
Cargo.lock
generated
@@ -1907,7 +1907,7 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "revolt"
|
name = "revolt"
|
||||||
version = "0.2.8"
|
version = "0.2.9"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"bcrypt",
|
"bcrypt",
|
||||||
"bitfield",
|
"bitfield",
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
[package]
|
[package]
|
||||||
name = "revolt"
|
name = "revolt"
|
||||||
version = "0.2.8"
|
version = "0.2.9"
|
||||||
authors = ["Paul Makles <paulmakles@gmail.com>"]
|
authors = ["Paul Makles <paulmakles@gmail.com>"]
|
||||||
edition = "2018"
|
edition = "2018"
|
||||||
|
|
||||||
|
|||||||
@@ -2,6 +2,7 @@ use super::Response;
|
|||||||
use crate::database;
|
use crate::database;
|
||||||
use crate::email;
|
use crate::email;
|
||||||
use crate::util::gen_token;
|
use crate::util::gen_token;
|
||||||
|
use crate::util::captcha;
|
||||||
|
|
||||||
use bcrypt::{hash, verify};
|
use bcrypt::{hash, verify};
|
||||||
use chrono::prelude::*;
|
use chrono::prelude::*;
|
||||||
@@ -17,6 +18,7 @@ pub struct Create {
|
|||||||
username: String,
|
username: String,
|
||||||
password: String,
|
password: String,
|
||||||
email: String,
|
email: String,
|
||||||
|
captcha: Option<String>,
|
||||||
}
|
}
|
||||||
|
|
||||||
/// create a new Revolt account
|
/// create a new Revolt account
|
||||||
@@ -28,6 +30,12 @@ pub struct Create {
|
|||||||
/// (3) add user and send email verification
|
/// (3) add user and send email verification
|
||||||
#[post("/create", data = "<info>")]
|
#[post("/create", data = "<info>")]
|
||||||
pub fn create(info: Json<Create>) -> Response {
|
pub fn create(info: Json<Create>) -> Response {
|
||||||
|
if let Err(error) = captcha::verify(&info.captcha) {
|
||||||
|
return Response::BadRequest(
|
||||||
|
json!({ "error": error })
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
let col = database::get_collection("users");
|
let col = database::get_collection("users");
|
||||||
|
|
||||||
if info.username.len() < 2 || info.username.len() > 32 {
|
if info.username.len() < 2 || info.username.len() > 32 {
|
||||||
@@ -150,6 +158,7 @@ pub fn verify_email(code: String) -> Response {
|
|||||||
#[derive(Serialize, Deserialize)]
|
#[derive(Serialize, Deserialize)]
|
||||||
pub struct Resend {
|
pub struct Resend {
|
||||||
email: String,
|
email: String,
|
||||||
|
captcha: Option<String>,
|
||||||
}
|
}
|
||||||
|
|
||||||
/// resend a verification email
|
/// resend a verification email
|
||||||
@@ -158,6 +167,12 @@ pub struct Resend {
|
|||||||
/// (3) resend the email
|
/// (3) resend the email
|
||||||
#[post("/resend", data = "<info>")]
|
#[post("/resend", data = "<info>")]
|
||||||
pub fn resend_email(info: Json<Resend>) -> Response {
|
pub fn resend_email(info: Json<Resend>) -> Response {
|
||||||
|
if let Err(error) = captcha::verify(&info.captcha) {
|
||||||
|
return Response::BadRequest(
|
||||||
|
json!({ "error": error })
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
let col = database::get_collection("users");
|
let col = database::get_collection("users");
|
||||||
|
|
||||||
if let Some(u) = col
|
if let Some(u) = col
|
||||||
@@ -218,6 +233,7 @@ pub fn resend_email(info: Json<Resend>) -> Response {
|
|||||||
pub struct Login {
|
pub struct Login {
|
||||||
email: String,
|
email: String,
|
||||||
password: String,
|
password: String,
|
||||||
|
captcha: Option<String>,
|
||||||
}
|
}
|
||||||
|
|
||||||
/// login to a Revolt account
|
/// login to a Revolt account
|
||||||
@@ -226,6 +242,12 @@ pub struct Login {
|
|||||||
/// (3) return access token
|
/// (3) return access token
|
||||||
#[post("/login", data = "<info>")]
|
#[post("/login", data = "<info>")]
|
||||||
pub fn login(info: Json<Login>) -> Response {
|
pub fn login(info: Json<Login>) -> Response {
|
||||||
|
if let Err(error) = captcha::verify(&info.captcha) {
|
||||||
|
return Response::BadRequest(
|
||||||
|
json!({ "error": error })
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
let col = database::get_collection("users");
|
let col = database::get_collection("users");
|
||||||
|
|
||||||
if let Some(u) = col
|
if let Some(u) = col
|
||||||
|
|||||||
@@ -2,7 +2,7 @@ use super::channel::ChannelType;
|
|||||||
use super::Response;
|
use super::Response;
|
||||||
use crate::database::guild::{fetch_member as get_member, get_invite, Guild, MemberKey};
|
use crate::database::guild::{fetch_member as get_member, get_invite, Guild, MemberKey};
|
||||||
use crate::database::{
|
use crate::database::{
|
||||||
self, channel::fetch_channel, guild::fetch_guilds, guild::serialise_guilds_with_channels, channel::Channel, Permission, PermissionCalculator, user::User
|
self, channel::fetch_channel, guild::serialise_guilds_with_channels, channel::Channel, Permission, PermissionCalculator, user::User
|
||||||
};
|
};
|
||||||
use crate::notifications::{
|
use crate::notifications::{
|
||||||
self,
|
self,
|
||||||
|
|||||||
@@ -1,16 +1,20 @@
|
|||||||
use super::Response;
|
use super::Response;
|
||||||
|
|
||||||
use mongodb::bson::doc;
|
use mongodb::bson::doc;
|
||||||
|
use std::env;
|
||||||
|
|
||||||
/// root
|
/// root
|
||||||
#[get("/")]
|
#[get("/")]
|
||||||
pub fn root() -> Response {
|
pub fn root() -> Response {
|
||||||
Response::Success(json!({
|
Response::Success(json!({
|
||||||
"revolt": "0.2.8",
|
"revolt": "0.2.9",
|
||||||
"version": {
|
"version": {
|
||||||
"major": 0,
|
"major": 0,
|
||||||
"minor": 2,
|
"minor": 2,
|
||||||
"patch": 8
|
"patch": 9
|
||||||
|
},
|
||||||
|
"features": {
|
||||||
|
"captcha": env::var("HCAPTCHA_KEY").is_ok()
|
||||||
}
|
}
|
||||||
}))
|
}))
|
||||||
}
|
}
|
||||||
|
|||||||
42
src/util/captcha.rs
Normal file
42
src/util/captcha.rs
Normal file
@@ -0,0 +1,42 @@
|
|||||||
|
use serde::{Serialize, Deserialize};
|
||||||
|
use reqwest::blocking::Client;
|
||||||
|
use std::collections::HashMap;
|
||||||
|
use std::env;
|
||||||
|
|
||||||
|
#[derive(Serialize, Deserialize)]
|
||||||
|
struct CaptchaResponse {
|
||||||
|
success: bool
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn verify(user_token: &Option<String>) -> Result<(), String> {
|
||||||
|
if let Ok(key) = env::var("HCAPTCHA_KEY") {
|
||||||
|
if let Some(token) = user_token {
|
||||||
|
let mut map = HashMap::new();
|
||||||
|
map.insert("secret", key);
|
||||||
|
map.insert("response", token.to_string());
|
||||||
|
|
||||||
|
let client = Client::new();
|
||||||
|
if let Ok(response) = client
|
||||||
|
.post("https://hcaptcha.com/siteverify")
|
||||||
|
.json(&map)
|
||||||
|
.send()
|
||||||
|
{
|
||||||
|
let result: CaptchaResponse = response
|
||||||
|
.json()
|
||||||
|
.map_err(|_| "Failed to deserialise captcha result.".to_string())?;
|
||||||
|
|
||||||
|
if result.success {
|
||||||
|
Ok(())
|
||||||
|
} else {
|
||||||
|
Err("Unsuccessful captcha verification".to_string())
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
Err("Failed to verify with hCaptcha".to_string())
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
Err("Missing hCaptcha token!".to_string())
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -2,6 +2,8 @@ use hashbrown::HashSet;
|
|||||||
use rand::{distributions::Alphanumeric, Rng};
|
use rand::{distributions::Alphanumeric, Rng};
|
||||||
use std::iter::FromIterator;
|
use std::iter::FromIterator;
|
||||||
|
|
||||||
|
pub mod captcha;
|
||||||
|
|
||||||
pub fn vec_to_set<T: Clone + Eq + std::hash::Hash>(data: &[T]) -> HashSet<T> {
|
pub fn vec_to_set<T: Clone + Eq + std::hash::Hash>(data: &[T]) -> HashSet<T> {
|
||||||
HashSet::from_iter(data.iter().cloned())
|
HashSet::from_iter(data.iter().cloned())
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user