cerealxp/FreeCAPTCHA
1
0
Fork 0
Code Issues 12 Pull Requests Releases Wiki Activity

lots of stuff id even k

Browse Source
This commit is contained in:
Papaito 2023-06-30 16:40:02 -06:00
parent 8edfb4d84d
commit 961a6e0064
3 changed files with 9 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
__pycache__/app.cpython-39.pyc
View File

Binary file not shown.

63
app.py
View File

@ -19,9 +19,6 @@ message = b'This is a secret message.'
ciphertext = cipher.encrypt(message)
# Decrypt the ciphertext
app = Flask(__name__, static_url_path='', static_folder='static',)
@ -34,11 +31,13 @@ def captcha_handler():
# TODO: set JWT to expire very soon.
payload = jwt.decode(token, JWT_SECRET_KEY, algorithms=['HS256'])
b64_and_encrypted_correct_answer = payload['encrypted_correct_answer']
n = payload['n']
encrypted_correct_answer_bytes = base64.b64decode(b64_and_encrypted_correct_answer)
correct_answer = cipher.decrypt(encrypted_correct_answer_bytes).decode('utf-8').split('|||')[0]
## Redirect to the original page the user wanted - with a token letting that they can validate from us that says that the user passed a specific captcha attempt (we will sign the attempt with a code we give them with the captcha, like an id, so they know it was that specific attempt)
return f'''
The correct answer was {correct_answer}
You flipped it {captcha_attempt}
You flipped it {int(captcha_attempt) % n}
'''
except jwt.ExpiredSignatureError:
@ -54,7 +53,8 @@ def captcha_handler():
## If not: Redirect them to the GET version of this same URL, with warning enabled to tell them they failed
if request.method == "GET":
image_path = captcha.random_image()
answer, options = captcha.captchafy(image_path)
n = 6
answer, options = captcha.captchafy(image_path, n)
print('the correct answer is: ', answer)
# remember to store the salt since we'll need it when we compare the hashes
salt = uuid.uuid4()
@ -64,7 +64,8 @@ def captcha_handler():
ciphertext = base64.b64encode(encrypted_bytes).decode('utf-8')
token = jwt.encode({
'encrypted_correct_answer': ciphertext,
'salt': str(salt)
'salt': str(salt),
'n': n
}, JWT_SECRET_KEY, algorithm='HS256')
# Set the Authorization header cookie with the JWT
@ -79,52 +80,6 @@ def captcha_handler():
# We will use UUID's as the salts.
#
# Anyway, we pass the data to our Jinja template and render it.
else:
return "Unsupported HTTP method."
# Flask should take care of unsupported methods for us.
## Handle cookie
## Get random image
## Generate
return captcha.generate_captcha_html(os.listdir('static/images/'))
@app.route("/captcha_old", methods=['GET', 'POST'])
def login():
# This means they just submitted a CAPTCHA
# We need to see if they got it right
incorrect_captcha = False
if request.method == 'POST':
captcha_guess = len(list(request.form))
print(request.form.get('captcha'))
# What if they POST with the cookie below absent? Uh oh...
captcha_cookie = request.cookies.get('freecaptcha_cookie')
real_answer = captcha_solutions.get(captcha_cookie, None)
if real_answer is not None:
if captcha_guess == int(real_answer):
captcha_solved.append(captcha_cookie)
return redirect("/", code=302)
else:
incorrect_captcha = True
# Select an image
image_path = captcha.random_image()
# Generate list of rotated versions of image
# and save which one is correct
# change answer to be the number of turns needed?
answer, options = captcha.captchafy(image_path)
print(answer)
# Provide the CAPTCHA options to the web page using the CAPTCHA
resp = make_response(render_template("index.html", captcha_options=options, incorrect_captcha=incorrect_captcha))
resp = make_response(captcha.generate_captcha_html(list(options)))
# Track this user with a cookie and store the correct answer
# by linking the cookie with the answer, we can check their answer later
freecaptcha_cookie = str(uuid.uuid4())
resp.set_cookie('freecaptcha_cookie', freecaptcha_cookie)
captcha_solutions[freecaptcha_cookie] = answer
return resp

BIN
curl Executable file
View File

Binary file not shown.