Skip to content

Commit

Permalink
Removed grecaptcha helper library & updated to latest spec.
Browse files Browse the repository at this point in the history
  • Loading branch information
MKHenson committed Jul 27, 2016
1 parent 43b743d commit 0a3b83e
Show file tree
Hide file tree
Showing 6 changed files with 37 additions and 82 deletions.
2 changes: 1 addition & 1 deletion src/controllers/user-controller.ts
Original file line number Diff line number Diff line change
Expand Up @@ -396,7 +396,7 @@ export class UserController extends Controller
try
{
var token: def.IRegisterToken = req.body;
var user = await this._userManager.register(token.username, token.password, token.email, token.captcha, token.challenge, {}, req, res);
var user = await this._userManager.register(token.username, token.password, token.email, token.captcha, {}, req, res);

return okJson<def.IAuthenticationResponse>({
message: (user ? "Please activate your account with the link sent to your email address" : "User is not authenticated"),
Expand Down
1 change: 0 additions & 1 deletion src/definitions/custom/definitions.d.ts
Original file line number Diff line number Diff line change
Expand Up @@ -353,7 +353,6 @@
password: string;
email: string;
captcha?: string;
challenge?: string;
meta?: any;
privileges?: number;
}
Expand Down
52 changes: 0 additions & 52 deletions src/definitions/custom/recaptcha-async.d.ts

This file was deleted.

1 change: 0 additions & 1 deletion src/dist-files/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@
"express": "~4.12.2",
"body-parser": "~1.12.0",
"method-override": "~2.3.1",
"recaptcha-async": "~0.0.4",
"mongodb": "~2.0.21",
"validator": "~3.39.0",
"bcryptjs": "~2.2.0",
Expand Down
1 change: 0 additions & 1 deletion src/references.d.ts
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,6 @@
/// <reference path="./definitions/required/winston.d.ts" />
/// <reference path="./definitions/required/ws.d.ts" />
/// <reference path="./definitions/required/yargs.d.ts" />
/// <reference path="./definitions/custom/recaptcha-async.d.ts" />
/// <reference path="./definitions/custom/definitions.d.ts" />
/// <reference path="./definitions/custom/googleapis.d.ts" />
/// <reference path="./definitions/custom/google-auth-library.d.ts" />
62 changes: 36 additions & 26 deletions src/users.ts
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,10 @@ import * as mongodb from "mongodb";
import * as http from "http";
import * as validator from "validator";
import * as bcrypt from "bcryptjs";
import * as recaptcha from "recaptcha-async";
import * as bodyParser from "body-parser";
import * as express from "express";
import * as winston from "winston";
import * as https from "https";

import {CommsController} from "./controllers/comms-controller";
import {EventType} from "./socket-event-types";
Expand Down Expand Up @@ -207,31 +207,52 @@ export class UserManager

/**
* Checks if a Google captcha sent from a user is valid
* @param {string} captchaChallenge The captcha challenge
* @param {string} captcha The captcha value the user guessed
* @param {http.ServerRequest} request
* @returns {Promise<boolean>}
*/
private checkCaptcha( captchaChallenge : string, captcha: string, request: express.Request ): Promise<boolean>
private checkCaptcha( captcha: string, request: express.Request ): Promise<boolean>
{
var that = this;
return new Promise<boolean>(function(resolve, reject) {

// Create the captcha checker
var remoteIP: string = request.headers['x-forwarded-for'] || request.connection.remoteAddress;
// var remoteIP: string = request.headers['x-forwarded-for'] || request.connection.remoteAddress;
var privatekey: string = that._config.captchaPrivateKey;
var captchaChecker = new recaptcha.reCaptcha();
// var captchaChecker = new recaptcha.reCaptcha();

captchaChecker.on("data", function (captchaResult)
{
if (!captchaResult.is_valid)
return reject( new Error("Your captcha code seems to be wrong. Please try another."));
// captchaChecker.on("data", function (captchaResult)
// {
// if (!captchaResult.is_valid)
// return reject( new Error("Your captcha code seems to be wrong. Please try another."));

// resolve(true);
// });

// // Check for valid captcha
// captchaChecker.checkAnswer(privatekey, remoteIP, captchaChallenge, captcha);



https.get("https://www.google.com/recaptcha/api/siteverify?secret=" + privatekey + "&response=" + captcha, function(res) {
var data = "";
res.on('data', function (chunk) {
data += chunk.toString();
});
res.on('end', function() {
try {
var parsedData = JSON.parse(data);
if (!parsedData.success)
return reject( new Error("Your captcha code seems to be wrong. Please try another."));

resolve(true);
resolve(true);

} catch ( e ) {
return reject( new Error("There was an error connecting to Google Captcha: " + e.message ));
}
});
});

// Check for valid captcha
captchaChecker.checkAnswer(privatekey, remoteIP, captchaChallenge, captcha);
});
}

Expand All @@ -241,13 +262,12 @@ export class UserManager
* @param {string} pass The users secret password
* @param {string} email The users email address
* @param {string} captcha The captcha value the user guessed
* @param {string} captchaChallenge The captcha challenge
* @param {any} meta Any optional data associated with this user
* @param {http.ServerRequest} request
* @param {http.ServerResponse} response
* @returns {Promise<User>}
*/
async register(username: string = "", pass: string = "", email: string = "", captcha: string = "", captchaChallenge: string = "", meta: any = {}, request?: express.Request, response?: express.Response): Promise<User>
async register(username: string = "", pass: string = "", email: string = "", captcha: string = "", meta: any = {}, request?: express.Request, response?: express.Response): Promise<User>
{
var origin = encodeURIComponent( request.headers["origin"] || request.headers["referer"] );

Expand All @@ -263,10 +283,10 @@ export class UserManager
if (!email || email == "") throw new Error("Email cannot be null or empty");
if (!validator.isEmail(email)) throw new Error("Please use a valid email address");
if (request && (!captcha || captcha == "")) throw new Error("Captcha cannot be null or empty");
if (request && (!captchaChallenge || captchaChallenge == "")) throw new Error("Captcha challenge cannot be null or empty");
//if (request && (!captchaChallenge || captchaChallenge == "")) throw new Error("Captcha challenge cannot be null or empty");

// Check the captcha
await this.checkCaptcha( captchaChallenge, captcha, request);
await this.checkCaptcha( captcha, request );

user = await this.createUser(username, email, pass, origin, UserPrivileges.Regular, meta);
return user;
Expand Down Expand Up @@ -531,16 +551,6 @@ export class UserManager
return true;
}

/**
* Creates the script tag for the Google captcha API
* @param {string}
*/
getCaptchaHTML(): string
{
var captchaChecker = new recaptcha.reCaptcha();
return captchaChecker.getCaptchaHtml(this._config.captchaPublicKey, "", this._config.ssl);
}

/**
* Checks to see if a user is logged in
* @param {http.ServerRequest} request
Expand Down

0 comments on commit 0a3b83e

Please sign in to comment.