feat: captcha expiry (wip)

fourcube · fourcube · commit 9889d2c79d2a · 2019-10-04T10:31:11.000+02:00
diff --git a/lib/captcha.test.ts b/lib/captcha.test.ts
@@ -2,22 +2,28 @@ import { create, verify } from "./captcha";
 import { LambdaCaptchaConfigManager } from "./config";
 
 describe("create", () => {
+  const config = LambdaCaptchaConfigManager.default("deadbeef");
+  const captcha = create(config);
+  
   it("returns a LambdaCaptcha instance", () => {
-    const config = LambdaCaptchaConfigManager.default("deadbeef");
-    const captcha = create(config);
     expect(captcha.expr).toBeDefined();
     expect(captcha.encryptedExpr).toBeDefined();
     expect(captcha.captchaSvg).toBeDefined();
   });
+  
+  it('returns a LambdaCaptcha instance with a timestamp in the validUntil field', () => {
+    // TODO: Test that timestamp is > now
+    expect(false).toBeTruthy()
+  })
 });
 
 describe("verify", () => {
   const encryptedCaptchaExpression =
-    "aeb5915bd712922cb2953ba81c0b05cb:21ce379b5284ff4c3e67350ec5d2ee50fdfa64e8b024bb5d647b071fc8b16e279e765e0947785ee1429df263e3a5c81c259aafb87d2d419d6004eea57e357433";
+    "40edfed034f6b9d77c111509e3268644:fb0d5633049452a7f19fe89369a561f9cac391d0d4fe88d281b9dfff3f9893099947b31ae66a24dd024c951e26a9f9a905d09a39766f1f0b76f81de51de506cc08d433662f96467b8cec9ddfc9e0082ec53f8536ce259de53e2265158e401daf";
   const secret = "deadbeef";
 
   it("returns true on success", () => {
-    const result = verify(encryptedCaptchaExpression, 16, secret);
+    const result = verify(encryptedCaptchaExpression, 6, secret);
 
     expect(result).toBeTruthy();
   });
diff --git a/lib/captcha.ts b/lib/captcha.ts
@@ -7,9 +7,9 @@ import { encrypt, decrypt, keyToBuffer } from './crypto'
 
 export type ILambdaCaptcha = {
   /**
-   * An unencrypted string representation of the captcha
+   * An unencrypted representation of the captcha
    */
-  expr: string
+  expr: any
   /**
    * An unencrypted string representation of the captcha
    */
@@ -18,6 +18,11 @@ export type ILambdaCaptcha = {
    * Captcha SVG
    */
   captchaSvg: string
+  
+  /**
+   * Unix timestamp when the captcha expires (UTC)
+   */
+  validUntil: number
 }
 
 export function create(config: ILambdaCaptchaConfig): ILambdaCaptcha {
@@ -31,27 +36,39 @@ export function create(config: ILambdaCaptchaConfig): ILambdaCaptcha {
       throw new Error(`unknown captcha mode ${config.mode}`)
   }
 
-  const expressionJson = expression.toJSON()
+  // TODO: Generate timestamp
+  
+  const validUntil = 0
+  const validationInfo = JSON.stringify({ expression: expression.toObject(), validUntil })
   
   return {
-    expr: expressionJson,
-    encryptedExpr: encrypt(expressionJson, config.cryptoKey),
-    captchaSvg: renderExpression(expression, config)
+    expr: expression,
+    encryptedExpr: encrypt(validationInfo, config.cryptoKey),
+    captchaSvg: renderExpression(expression, config),
+    validUntil
   }
 }
 
 export function verify(
-  encryptedExpression: string,
+  validationInfo: string,
   solution: any,
   key: string
 ) {
   try {
-    const expressionJson = decrypt(encryptedExpression, keyToBuffer(key))
-    const o = JSON.parse(expressionJson)
+    const json = decrypt(validationInfo, keyToBuffer(key))
+    const { expression: o, validUntil } = JSON.parse(json)
     
+        
     switch (o.type) {
       case 'math':
         const expression = LambdaCaptchaMathExpression.fromJSON(o)
+        
+        const currentTimestamp = Math.floor(Date.now() / 1000)
+        if (validUntil < currentTimestamp) {
+          console.log('got', validUntil, 'which is <', currentTimestamp)
+          return false
+        }
+        
         return expression.solve() == solution
       default:
         throw new Error(`unknown captcha type ${o.type}`)
diff --git a/lib/expressions/math-expression.test.ts b/lib/expressions/math-expression.test.ts
@@ -40,7 +40,7 @@ describe("LambdaCaptchaMathExpression", () => {
   describe("fromJSON", () => {
     it("converts JSON back to a math expression", () => {
       const expression = new LambdaCaptchaMathExpression([5, 8, 11], ["+", "-"]);
-      const rebuilt = LambdaCaptchaMathExpression.fromJSON(JSON.parse(expression.toJSON()))
+      const rebuilt = LambdaCaptchaMathExpression.fromJSON(JSON.parse(JSON.stringify(expression.toObject())))
       
       expect(rebuilt).toBeInstanceOf(LambdaCaptchaMathExpression)
       expect(rebuilt.operators).toStrictEqual(expression.operators)
diff --git a/lib/expressions/math-expression.ts b/lib/expressions/math-expression.ts
@@ -75,11 +75,11 @@ export class LambdaCaptchaMathExpression implements ILambdaCaptchaExpression {
     return elements.join("");
   }
   
-  public toJSON() {
-    return JSON.stringify({
+  public toObject() {
+    return {
       type: 'math',
       operands: this.operands,
       operators: this.operators
-    })
+    }
   }
 }
diff --git a/lib/expressions/types.ts b/lib/expressions/types.ts
@@ -2,5 +2,5 @@ import { LambdaCaptchaMathExpression } from "./math-expression";
 
 export interface ILambdaCaptchaExpression {
   solve(): number | string
-  toJSON(): string
+  toObject(): any
 }

Original file line number	Diff line number	Diff line change
`@@ -75,11 +75,11 @@ export class LambdaCaptchaMathExpression implements ILambdaCaptchaExpression {`
`75`	`75`	`return elements.join("");`
`76`	`76`	`}`
`77`	`77`
`78`		`- public toJSON() {`
`79`		`- return JSON.stringify({`
	`78`	`+ public toObject() {`
	`79`	`+ return {`
`80`	`80`	`type: 'math',`
`81`	`81`	`operands: this.operands,`
`82`	`82`	`operators: this.operators`
`83`		`- })`
	`83`	`+ }`
`84`	`84`	`}`
`85`	`85`	`}`
Original file line number	Diff line number	Diff line change
`@@ -2,5 +2,5 @@ import { LambdaCaptchaMathExpression } from "./math-expression";`
`2`	`2`
`3`	`3`	`export interface ILambdaCaptchaExpression {`
`4`	`4`	`solve(): number \| string`
`5`		`- toJSON(): string`
	`5`	`+ toObject(): any`
`6`	`6`	`}`