lots of stuff id even k
This commit is contained in:
parent
8edfb4d84d
commit
961a6e0064
Binary file not shown.
63
app.py
63
app.py
@ -19,9 +19,6 @@ message = b'This is a secret message.'
|
||||
ciphertext = cipher.encrypt(message)
|
||||
|
||||
# Decrypt the ciphertext
|
||||
|
||||
|
||||
|
||||
app = Flask(__name__, static_url_path='', static_folder='static',)
|
||||
|
||||
|
||||
@ -34,11 +31,13 @@ def captcha_handler():
|
||||
# TODO: set JWT to expire very soon.
|
||||
payload = jwt.decode(token, JWT_SECRET_KEY, algorithms=['HS256'])
|
||||
b64_and_encrypted_correct_answer = payload['encrypted_correct_answer']
|
||||
n = payload['n']
|
||||
encrypted_correct_answer_bytes = base64.b64decode(b64_and_encrypted_correct_answer)
|
||||
correct_answer = cipher.decrypt(encrypted_correct_answer_bytes).decode('utf-8').split('|||')[0]
|
||||
## Redirect to the original page the user wanted - with a token letting that they can validate from us that says that the user passed a specific captcha attempt (we will sign the attempt with a code we give them with the captcha, like an id, so they know it was that specific attempt)
|
||||
return f'''
|
||||
The correct answer was {correct_answer}
|
||||
You flipped it {captcha_attempt}
|
||||
You flipped it {int(captcha_attempt) % n}
|
||||
'''
|
||||
|
||||
except jwt.ExpiredSignatureError:
|
||||
@ -54,7 +53,8 @@ def captcha_handler():
|
||||
## If not: Redirect them to the GET version of this same URL, with warning enabled to tell them they failed
|
||||
if request.method == "GET":
|
||||
image_path = captcha.random_image()
|
||||
answer, options = captcha.captchafy(image_path)
|
||||
n = 6
|
||||
answer, options = captcha.captchafy(image_path, n)
|
||||
print('the correct answer is: ', answer)
|
||||
# remember to store the salt since we'll need it when we compare the hashes
|
||||
salt = uuid.uuid4()
|
||||
@ -64,7 +64,8 @@ def captcha_handler():
|
||||
ciphertext = base64.b64encode(encrypted_bytes).decode('utf-8')
|
||||
token = jwt.encode({
|
||||
'encrypted_correct_answer': ciphertext,
|
||||
'salt': str(salt)
|
||||
'salt': str(salt),
|
||||
'n': n
|
||||
}, JWT_SECRET_KEY, algorithm='HS256')
|
||||
|
||||
# Set the Authorization header cookie with the JWT
|
||||
@ -79,52 +80,6 @@ def captcha_handler():
|
||||
# We will use UUID's as the salts.
|
||||
#
|
||||
# Anyway, we pass the data to our Jinja template and render it.
|
||||
# Flask should take care of unsupported methods for us.
|
||||
|
||||
|
||||
|
||||
## Handle cookie
|
||||
|
||||
## Get random image
|
||||
## Generate
|
||||
return captcha.generate_captcha_html(os.listdir('static/images/'))
|
||||
|
||||
@app.route("/captcha_old", methods=['GET', 'POST'])
|
||||
def login():
|
||||
# This means they just submitted a CAPTCHA
|
||||
# We need to see if they got it right
|
||||
incorrect_captcha = False
|
||||
if request.method == 'POST':
|
||||
captcha_guess = len(list(request.form))
|
||||
print(request.form.get('captcha'))
|
||||
# What if they POST with the cookie below absent? Uh oh...
|
||||
captcha_cookie = request.cookies.get('freecaptcha_cookie')
|
||||
|
||||
real_answer = captcha_solutions.get(captcha_cookie, None)
|
||||
if real_answer is not None:
|
||||
if captcha_guess == int(real_answer):
|
||||
captcha_solved.append(captcha_cookie)
|
||||
return redirect("/", code=302)
|
||||
else:
|
||||
incorrect_captcha = True
|
||||
|
||||
|
||||
# Select an image
|
||||
image_path = captcha.random_image()
|
||||
|
||||
# Generate list of rotated versions of image
|
||||
# and save which one is correct
|
||||
# change answer to be the number of turns needed?
|
||||
answer, options = captcha.captchafy(image_path)
|
||||
print(answer)
|
||||
|
||||
# Provide the CAPTCHA options to the web page using the CAPTCHA
|
||||
resp = make_response(render_template("index.html", captcha_options=options, incorrect_captcha=incorrect_captcha))
|
||||
resp = make_response(captcha.generate_captcha_html(list(options)))
|
||||
# Track this user with a cookie and store the correct answer
|
||||
# by linking the cookie with the answer, we can check their answer later
|
||||
freecaptcha_cookie = str(uuid.uuid4())
|
||||
resp.set_cookie('freecaptcha_cookie', freecaptcha_cookie)
|
||||
captcha_solutions[freecaptcha_cookie] = answer
|
||||
|
||||
return resp
|
||||
return "Unsupported HTTP method."
|
||||
# Flask should take care of unsupported methods for us.
|
||||
|
Loading…
Reference in New Issue
Block a user