lots of stuff id even k
This commit is contained in:
parent
8edfb4d84d
commit
961a6e0064
Binary file not shown.
63
app.py
63
app.py
@ -19,9 +19,6 @@ message = b'This is a secret message.'
|
|||||||
ciphertext = cipher.encrypt(message)
|
ciphertext = cipher.encrypt(message)
|
||||||
|
|
||||||
# Decrypt the ciphertext
|
# Decrypt the ciphertext
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
app = Flask(__name__, static_url_path='', static_folder='static',)
|
app = Flask(__name__, static_url_path='', static_folder='static',)
|
||||||
|
|
||||||
|
|
||||||
@ -34,11 +31,13 @@ def captcha_handler():
|
|||||||
# TODO: set JWT to expire very soon.
|
# TODO: set JWT to expire very soon.
|
||||||
payload = jwt.decode(token, JWT_SECRET_KEY, algorithms=['HS256'])
|
payload = jwt.decode(token, JWT_SECRET_KEY, algorithms=['HS256'])
|
||||||
b64_and_encrypted_correct_answer = payload['encrypted_correct_answer']
|
b64_and_encrypted_correct_answer = payload['encrypted_correct_answer']
|
||||||
|
n = payload['n']
|
||||||
encrypted_correct_answer_bytes = base64.b64decode(b64_and_encrypted_correct_answer)
|
encrypted_correct_answer_bytes = base64.b64decode(b64_and_encrypted_correct_answer)
|
||||||
correct_answer = cipher.decrypt(encrypted_correct_answer_bytes).decode('utf-8').split('|||')[0]
|
correct_answer = cipher.decrypt(encrypted_correct_answer_bytes).decode('utf-8').split('|||')[0]
|
||||||
|
## Redirect to the original page the user wanted - with a token letting that they can validate from us that says that the user passed a specific captcha attempt (we will sign the attempt with a code we give them with the captcha, like an id, so they know it was that specific attempt)
|
||||||
return f'''
|
return f'''
|
||||||
The correct answer was {correct_answer}
|
The correct answer was {correct_answer}
|
||||||
You flipped it {captcha_attempt}
|
You flipped it {int(captcha_attempt) % n}
|
||||||
'''
|
'''
|
||||||
|
|
||||||
except jwt.ExpiredSignatureError:
|
except jwt.ExpiredSignatureError:
|
||||||
@ -54,7 +53,8 @@ def captcha_handler():
|
|||||||
## If not: Redirect them to the GET version of this same URL, with warning enabled to tell them they failed
|
## If not: Redirect them to the GET version of this same URL, with warning enabled to tell them they failed
|
||||||
if request.method == "GET":
|
if request.method == "GET":
|
||||||
image_path = captcha.random_image()
|
image_path = captcha.random_image()
|
||||||
answer, options = captcha.captchafy(image_path)
|
n = 6
|
||||||
|
answer, options = captcha.captchafy(image_path, n)
|
||||||
print('the correct answer is: ', answer)
|
print('the correct answer is: ', answer)
|
||||||
# remember to store the salt since we'll need it when we compare the hashes
|
# remember to store the salt since we'll need it when we compare the hashes
|
||||||
salt = uuid.uuid4()
|
salt = uuid.uuid4()
|
||||||
@ -64,7 +64,8 @@ def captcha_handler():
|
|||||||
ciphertext = base64.b64encode(encrypted_bytes).decode('utf-8')
|
ciphertext = base64.b64encode(encrypted_bytes).decode('utf-8')
|
||||||
token = jwt.encode({
|
token = jwt.encode({
|
||||||
'encrypted_correct_answer': ciphertext,
|
'encrypted_correct_answer': ciphertext,
|
||||||
'salt': str(salt)
|
'salt': str(salt),
|
||||||
|
'n': n
|
||||||
}, JWT_SECRET_KEY, algorithm='HS256')
|
}, JWT_SECRET_KEY, algorithm='HS256')
|
||||||
|
|
||||||
# Set the Authorization header cookie with the JWT
|
# Set the Authorization header cookie with the JWT
|
||||||
@ -79,52 +80,6 @@ def captcha_handler():
|
|||||||
# We will use UUID's as the salts.
|
# We will use UUID's as the salts.
|
||||||
#
|
#
|
||||||
# Anyway, we pass the data to our Jinja template and render it.
|
# Anyway, we pass the data to our Jinja template and render it.
|
||||||
# Flask should take care of unsupported methods for us.
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## Handle cookie
|
|
||||||
|
|
||||||
## Get random image
|
|
||||||
## Generate
|
|
||||||
return captcha.generate_captcha_html(os.listdir('static/images/'))
|
|
||||||
|
|
||||||
@app.route("/captcha_old", methods=['GET', 'POST'])
|
|
||||||
def login():
|
|
||||||
# This means they just submitted a CAPTCHA
|
|
||||||
# We need to see if they got it right
|
|
||||||
incorrect_captcha = False
|
|
||||||
if request.method == 'POST':
|
|
||||||
captcha_guess = len(list(request.form))
|
|
||||||
print(request.form.get('captcha'))
|
|
||||||
# What if they POST with the cookie below absent? Uh oh...
|
|
||||||
captcha_cookie = request.cookies.get('freecaptcha_cookie')
|
|
||||||
|
|
||||||
real_answer = captcha_solutions.get(captcha_cookie, None)
|
|
||||||
if real_answer is not None:
|
|
||||||
if captcha_guess == int(real_answer):
|
|
||||||
captcha_solved.append(captcha_cookie)
|
|
||||||
return redirect("/", code=302)
|
|
||||||
else:
|
else:
|
||||||
incorrect_captcha = True
|
return "Unsupported HTTP method."
|
||||||
|
# Flask should take care of unsupported methods for us.
|
||||||
|
|
||||||
# Select an image
|
|
||||||
image_path = captcha.random_image()
|
|
||||||
|
|
||||||
# Generate list of rotated versions of image
|
|
||||||
# and save which one is correct
|
|
||||||
# change answer to be the number of turns needed?
|
|
||||||
answer, options = captcha.captchafy(image_path)
|
|
||||||
print(answer)
|
|
||||||
|
|
||||||
# Provide the CAPTCHA options to the web page using the CAPTCHA
|
|
||||||
resp = make_response(render_template("index.html", captcha_options=options, incorrect_captcha=incorrect_captcha))
|
|
||||||
resp = make_response(captcha.generate_captcha_html(list(options)))
|
|
||||||
# Track this user with a cookie and store the correct answer
|
|
||||||
# by linking the cookie with the answer, we can check their answer later
|
|
||||||
freecaptcha_cookie = str(uuid.uuid4())
|
|
||||||
resp.set_cookie('freecaptcha_cookie', freecaptcha_cookie)
|
|
||||||
captcha_solutions[freecaptcha_cookie] = answer
|
|
||||||
|
|
||||||
return resp
|
|
||||||
|
Loading…
Reference in New Issue
Block a user