HyperNet/Passport
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

👔 Captcha usage in check in & register

Browse Source 
🐛 Fix counting streak bugs etc
This commit is contained in:
LittleSheep 2025-03-22 20:00:05 +08:00
parent 34c2d0d5e7
commit f9aa4e3c10
5 changed files with 50 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
go.mod
View File

@ -3,7 +3,7 @@ module git.solsynth.dev/hypernet/passport
go 1.23.2 go 1.23.2
require ( require (
git.solsynth.dev/hypernet/nexus v0.0.0-20250301065153-8ac88413e0e1 git.solsynth.dev/hypernet/nexus v0.0.0-20250322115040-e670724c4c18
git.solsynth.dev/hypernet/paperclip v0.0.0-20250310151112-1d866f317f47 git.solsynth.dev/hypernet/paperclip v0.0.0-20250310151112-1d866f317f47
git.solsynth.dev/hypernet/pusher v0.0.0-20250216145944-5fb769823a88 git.solsynth.dev/hypernet/pusher v0.0.0-20250216145944-5fb769823a88
git.solsynth.dev/hypernet/wallet v0.0.0-20250129150034-87b94cdb5488 git.solsynth.dev/hypernet/wallet v0.0.0-20250129150034-87b94cdb5488

2
go.sum
View File

@ -35,6 +35,8 @@ filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4= filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
git.solsynth.dev/hypernet/nexus v0.0.0-20250301065153-8ac88413e0e1 h1:Jf5yQr8Yln2YkDQ9CwJhVYNstR2vNKPViGnR2YAZLsE= git.solsynth.dev/hypernet/nexus v0.0.0-20250301065153-8ac88413e0e1 h1:Jf5yQr8Yln2YkDQ9CwJhVYNstR2vNKPViGnR2YAZLsE=
git.solsynth.dev/hypernet/nexus v0.0.0-20250301065153-8ac88413e0e1/go.mod h1:AXafZRL/2DISS37ZNngY0DreFAuBoeKu8mEDmCie8kw= git.solsynth.dev/hypernet/nexus v0.0.0-20250301065153-8ac88413e0e1/go.mod h1:AXafZRL/2DISS37ZNngY0DreFAuBoeKu8mEDmCie8kw=
git.solsynth.dev/hypernet/nexus v0.0.0-20250322115040-e670724c4c18 h1:XyP+txtTXKThCUVKlFGqz5YGCH1V7q1i/uxkg8XNprY=
git.solsynth.dev/hypernet/nexus v0.0.0-20250322115040-e670724c4c18/go.mod h1:hif4EyzOzDAfq/4qasMOQvAa/LVmG5ibRheLKYO4Vwg=
git.solsynth.dev/hypernet/paperclip v0.0.0-20250310151112-1d866f317f47 h1:fvu+bNKPTNtQocssnKbEZ66MqR0iBfAxY3HwlqnmYyE= git.solsynth.dev/hypernet/paperclip v0.0.0-20250310151112-1d866f317f47 h1:fvu+bNKPTNtQocssnKbEZ66MqR0iBfAxY3HwlqnmYyE=
git.solsynth.dev/hypernet/paperclip v0.0.0-20250310151112-1d866f317f47/go.mod h1:jvxq2qftz2v72x+24+cTFJdQKr9eHQTdk3KVR7cx36s= git.solsynth.dev/hypernet/paperclip v0.0.0-20250310151112-1d866f317f47/go.mod h1:jvxq2qftz2v72x+24+cTFJdQKr9eHQTdk3KVR7cx36s=
git.solsynth.dev/hypernet/pusher v0.0.0-20250216145944-5fb769823a88 h1:2HEENe9KUrdaJeNBzx9lsuXQGyzWqCgnLTKQnr8xFr8= git.solsynth.dev/hypernet/pusher v0.0.0-20250216145944-5fb769823a88 h1:2HEENe9KUrdaJeNBzx9lsuXQGyzWqCgnLTKQnr8xFr8=

31
pkg/internal/services/check_in.go
View File

@ -31,16 +31,27 @@ func CheckCanCheckIn(user models.Account) error {
func GetCheckInStreak(user models.Account) (int64, error) { func GetCheckInStreak(user models.Account) (int64, error) {
var streaks int64 var streaks int64
if err := database.C.Raw(`WITH dates AS ( if err := database.C.Raw(`WITH dates AS (
SELECT DISTINCT created_at::DATE AS created_date SELECT DISTINCT created_at::DATE AS created_date
FROM check_in_records FROM check_in_records
WHERE created_at::DATE <= CURRENT_DATE AND account_id = ? WHERE created_at::DATE <= CURRENT_DATE
), AND account_id = ?
streak AS ( ),
SELECT created_date, streak AS (
created_date - INTERVAL '1 day' * ROW_NUMBER() OVER (ORDER BY created_date) AS grp SELECT created_date,
FROM dates created_date - INTERVAL '1 day' * (ROW_NUMBER() OVER (ORDER BY created_date)) AS grp
) FROM dates
SELECT COUNT(*) FROM streak WHERE grp = (SELECT MIN(grp) FROM streak);`, user.ID).Scan(&streaks).Error; err != nil { ),
grouped_streaks AS (
SELECT grp, COUNT(*) AS streak_length, MAX(created_date) AS last_date
FROM streak
GROUP BY grp
),
last_streak AS (
SELECT streak_length
FROM grouped_streaks
WHERE last_date = (SELECT MAX(created_date) FROM dates)
)
SELECT COALESCE(streak_length, 0) FROM last_streak;`, user.ID).Scan(&streaks).Error; err != nil {
return streaks, err return streaks, err
} }
return streaks, nil return streaks, nil

22
pkg/internal/web/api/accounts_api.go
View File

@ -9,6 +9,7 @@ import (
"git.solsynth.dev/hypernet/nexus/pkg/nex/sec" "git.solsynth.dev/hypernet/nexus/pkg/nex/sec"
"gorm.io/gorm" "gorm.io/gorm"
"git.solsynth.dev/hypernet/passport/pkg/internal/gap"
"git.solsynth.dev/hypernet/passport/pkg/internal/web/exts" "git.solsynth.dev/hypernet/passport/pkg/internal/web/exts"
"git.solsynth.dev/hypernet/passport/pkg/authkit/models" "git.solsynth.dev/hypernet/passport/pkg/authkit/models"
@ -136,7 +137,7 @@ func updateUserinfo(c *fiber.Ctx) error {
} else { } else {
data.Nick = strings.TrimSpace(data.Nick) data.Nick = strings.TrimSpace(data.Nick)
} }
if !services.ValidateAccountName(data.Nick, 4, 24) { if !services.ValidateAccountName(data.Nick, 1, 24) {
return fiber.NewError(fiber.StatusBadRequest, "invalid account nick, length requires 4 to 24") return fiber.NewError(fiber.StatusBadRequest, "invalid account nick, length requires 4 to 24")
} }
@ -205,12 +206,13 @@ func updateAccountLanguage(c *fiber.Ctx) error {
func doRegister(c *fiber.Ctx) error { func doRegister(c *fiber.Ctx) error {
var data struct { var data struct {
Name string `json:"name" validate:"required,lowercase,alphanum,min=4,max=16"` Name string `json:"name" validate:"required,lowercase,alphanum,min=4,max=16"`
Nick string `json:"nick" validate:"required"` Nick string `json:"nick" validate:"required"`
Email string `json:"email" validate:"required,email"` Email string `json:"email" validate:"required,email"`
Password string `json:"password" validate:"required,min=4,max=32"` Password string `json:"password" validate:"required,min=4,max=32"`
Language string `json:"language" validate:"required,bcp47_language_tag"` Language string `json:"language" validate:"required,bcp47_language_tag"`
MagicToken string `json:"magic_token"` CaptchaToken string `json:"captcha_token" validate:"required"`
MagicToken string `json:"magic_token"`
} }
if err := exts.BindAndValidate(c, &data); err != nil { if err := exts.BindAndValidate(c, &data); err != nil {
@ -223,7 +225,7 @@ func doRegister(c *fiber.Ctx) error {
if _, err := strconv.Atoi(data.Name); err == nil { if _, err := strconv.Atoi(data.Name); err == nil {
return fiber.NewError(fiber.StatusBadRequest, "invalid account name, cannot be pure number") return fiber.NewError(fiber.StatusBadRequest, "invalid account name, cannot be pure number")
} }
if !services.ValidateAccountName(data.Nick, 4, 24) { if !services.ValidateAccountName(data.Nick, 1, 24) {
return fiber.NewError(fiber.StatusBadRequest, "invalid account nick, length requires 4 to 24") return fiber.NewError(fiber.StatusBadRequest, "invalid account nick, length requires 4 to 24")
} }
if viper.GetBool("use_registration_magic_token") && len(data.MagicToken) <= 0 { if viper.GetBool("use_registration_magic_token") && len(data.MagicToken) <= 0 {
@ -236,6 +238,10 @@ func doRegister(c *fiber.Ctx) error {
} }
} }
if !gap.Nx.ValidateCaptcha(data.CaptchaToken, c.IP()) {
return fiber.NewError(fiber.StatusBadRequest, "captcha check failed")
}
if user, err := services.CreateAccount( if user, err := services.CreateAccount(
data.Name, data.Name,
data.Nick, data.Nick,

12
pkg/internal/web/api/check_in_api.go
View File

@ -3,6 +3,7 @@ package api
import ( import (
"git.solsynth.dev/hypernet/passport/pkg/authkit/models" "git.solsynth.dev/hypernet/passport/pkg/authkit/models"
"git.solsynth.dev/hypernet/passport/pkg/internal/database" "git.solsynth.dev/hypernet/passport/pkg/internal/database"
"git.solsynth.dev/hypernet/passport/pkg/internal/gap"
"git.solsynth.dev/hypernet/passport/pkg/internal/services" "git.solsynth.dev/hypernet/passport/pkg/internal/services"
"git.solsynth.dev/hypernet/passport/pkg/internal/web/exts" "git.solsynth.dev/hypernet/passport/pkg/internal/web/exts"
"github.com/gofiber/fiber/v2" "github.com/gofiber/fiber/v2"
@ -95,6 +96,17 @@ func doCheckIn(c *fiber.Ctx) error {
} }
user := c.Locals("user").(models.Account) user := c.Locals("user").(models.Account)
var data struct {
CaptchaToken string `json:"captcha_token" validate:"required"`
}
if err := exts.BindAndValidate(c, &data); err != nil {
return err
}
if !gap.Nx.ValidateCaptcha(data.CaptchaToken, c.IP()) {
return fiber.NewError(fiber.StatusBadRequest, "captcha check failed")
}
if record, err := services.CheckIn(user); err != nil { if record, err := services.CheckIn(user); err != nil {
return fiber.NewError(fiber.StatusBadRequest, err.Error()) return fiber.NewError(fiber.StatusBadRequest, err.Error())
} else { } else {