Home Explore Help
Sign In
ghorsington
/
noctbot
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 9f62c99e0e
Branches Tags
noctbot
/
web
/
src
/
routes
/
rules
/
verify.ts

verify.ts 3.3 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104 
  1. import { Request as ExpressRequest, Response as ExpressResponse } from "express";
    2. 

  2. import { Option, tryDo } from "@shared/common/async_utils";
    3. 

  3. import { rpcClient } from "src/utils/rpc";
    4. 

  4. import got from "got";
    5. 

  5. import { logger } from "src/utils/logging";
    6. 

  6. import { ENV } from "src/utils/environment";
    7. 

  7. 

  8. export interface VerifyInfo {
    9. 

  9.     captchaSitekey: string;
    10. 

  10.     userVerified: boolean;
    11. 

  11. }
    12. 

  12. 

  13. export interface VerifyRequest {
    14. 

  14.     captchaResponse: string;
    15. 

  15. }
    16. 

  16. 

  17. interface HCaptchaResponse {
    18. 

  18.     success: boolean;
    19. 

  19.     "error-codes"?: string[];
    20. 

  20. }
    21. 

  21. 

  22. const VERIFY_URL = "https://hcaptcha.com/siteverify";
    23. 

  23. 

  24. type GetResult = Promise<ExpressResponse<VerifyInfo>>;
    25. 

  25. export const get = async (req: ExpressRequest, res: ExpressResponse): GetResult => {
    26. 

  26.     if (!req.session?.userId) {
    27. 

  27.         return res.json({
    28. 

  28.             captchaSitekey: ENV.HCAPTCHA_SITEKEY,
    29. 

  29.             userVerified: true,
    30. 

  30.         });
    31. 

  31.     }
    32. 

  32.     const verifiedResult = await tryDo(rpcClient.userVerified({ userId: req.session.userId }));
    33. 

  33.     let verified = true;
    34. 

  34.     if (!verifiedResult.ok) {
    35. 

  35.         logger.error("Failed to check verified state: %s", verifiedResult.error);
    36. 

  36.     } else {
    37. 

  37.         verified = verifiedResult.result.verified;
    38. 

  38.         logger.verbose("User %s (%s) verified: %s", req.session.username, req.session.userId, verified);
    39. 

  39.     }
    40. 

  40.     return res.json({
    41. 

  41.         captchaSitekey: ENV.HCAPTCHA_SITEKEY,
    42. 

  42.         userVerified: verified,
    43. 

  43.     });
    44. 

  44. };
    45. 

  45. 

  46. type PostResult = Promise<ExpressResponse<Option<unknown, { error: string }>>>;
    47. 

  47. export const post = async (req: ExpressRequest, res: ExpressResponse): PostResult => {
    48. 

  48.     const hasToken = (body: unknown):
    49. 

  49.         body is VerifyRequest => body instanceof Object
    50. 

  50.                                     && (body as VerifyRequest).captchaResponse !== undefined;
    51. 

  51.     if (!hasToken(req.body)) {
    52. 

  52.         return res.json({
    53. 

  53.             ok: false,
    54. 

  54.             error: "No user token provided, please try again",
    55. 

  55.         });
    56. 

  56.     }
    57. 

  57. 

  58.     if (!req.session?.userId) {
    59. 

  59.         return res.json({
    60. 

  60.             ok: false,
    61. 

  61.             error: "Not logged in, please log in",
    62. 

  62.         });
    63. 

  63.     }
    64. 

  64. 

  65.     const response = await tryDo(got<HCaptchaResponse>(VERIFY_URL, {
    66. 

  66.         method: "post",
    67. 

  67.         responseType: "json",
    68. 

  68.         form: {
    69. 

  69.             secret: ENV.HCAPTCHA_SECRET,
    70. 

  70.             response: req.body.captchaResponse,
    71. 

  71.         },
    72. 

  72.     }));
    73. 

  73. 

  74.     if (!response.ok) {
    75. 

  75.         logger.error("Failed to hCaptcha user %s: %s", req.session.userId, response.error);
    76. 

  76.         return res.json({
    77. 

  77.             ok: false,
    78. 

  78.             error: "Failed to verify hCaptcha response. Please try again.",
    79. 

  79.         });
    80. 

  80.     }
    81. 

  81. 

  82.     const captchaResponse = response.result.body;
    83. 

  83. 

  84.     if (!captchaResponse.success) {
    85. 

  85.         const errors = captchaResponse["error-codes"] ?? [];
    86. 

  86.         logger.error("Failed hCaptcha verify on user %s. Got errors: %s", req.session.userId, errors.join(";"));
    87. 

  87.         return res.json({
    88. 

  88.             ok: false,
    89. 

  89.             error: "Failed to verify hCaptcha response. Please try again.",
    90. 

  90.         });
    91. 

  91.     }
    92. 

  92. 

  93.     const verifyResponse = await rpcClient.verifyUser({ userId: req.session.userId });
    94. 

  94.     if (!verifyResponse.ok) {
    95. 

  95.         logger.error("Failed to verify user %s (%s)", req.session.userId, req.session.username);
    96. 

  96.         return res.json({
    97. 

  97.             ok: false,
    98. 

  98.             error: "Failed to verify your account. Please try again or contact server owners.",
    99. 

  99.         });
    100. 

  100.     }
    101. 

  101.     return res.json({
    102. 

  102.         ok: true,
    103. 

  103.     });
    104. 

  104. };
    105.