Skip to content

Fix some typos, fix siteverify payload and error handling in flask app. #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
fsologureng wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Fix some typos, fix siteverify payload and error handling in flask app. #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
538a8f8
Add secret to siteverify payload.
fsologureng Oct 26, 2022
a6c4bc4
Fix some typos and improve error handling in flask app.
fsologureng Oct 29, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion Dockerfile-proctected → Dockerfile-protected
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ RUN git clone https://github.com/mCaptcha/pow_py
RUN cd pow_py && PATH=$PATH:/home/builder/.cargo/bin/ ../venv/bin/maturin build

FROM python:3.10-slim-buster
LABEL org.opencontainers.image.source https://github.com/mcaptcha/dos/unprotected
LABEL org.opencontainers.image.source https://github.com/mcaptcha/dos/protected
RUN set -ex; \
apt-get update; \
DEBIAN_FRONTEND=noninteractive \
Expand Down
2 changes: 1 addition & 1 deletion Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,4 +35,4 @@ lint: ## Run linter
# $(call test_pow_sha_256_py)

serve:
@source ./venv/bin/activate && FLASK_APP=server/src/app FLASK_ENV=development flask run
. ./venv/bin/activate && FLASK_APP=server/src/app FLASK_ENV=development flask run
4 changes: 2 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ password hashing and storing in DB**
[locust](https://locust.io) that launches an attack on the unprotected
endpoint

- [protected](./unprotected): DoS Client written using
[locust](https://locust.io) that launches an attack on the rotected
- [protected](./protected): DoS Client written using
[locust](https://locust.io) that launches an attack on the protected
endpoint. It generates proof of work and solves the captcha on every
request.
2 changes: 1 addition & 1 deletion protected/locustfile.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
username = "realaravinth"


class Unprotected(FastHttpUser):
class Protected(FastHttpUser):
wait_time = between(5, 15)
sitekey = os.getenv("MCAPTCHA_CAPTCHA_SITEKEY")
host = os.getenv("MCAPTCHA_CAPTCHA_HOST")
Expand Down
9 changes: 6 additions & 3 deletions server/src/app.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,8 +58,8 @@ def init_db():
bcrypt = Bcrypt(app)
init_db()

# mcaptcha_sitekey = os.getenv("MCAPTCHA_SITEKEY")
mcaptcha_sitekey = "oupjLmu2Fs34JwlNKB1LsRAI1lfLx4So"
mcaptcha_secret = os.getenv("MCAPTCHA_SECRET")
mcaptcha_sitekey = os.getenv("MCAPTCHA_SITEKEY")


@app.route("/", methods=["POST", "GET"])
Expand Down Expand Up @@ -103,12 +103,15 @@ def protected():
payload = {
"token": mcaptcha_token,
"key": mcaptcha_sitekey,
"secret": mcaptcha_secret,
}
resp = requests.post(
"http://localhost:7000/api/v1/pow/siteverify", json=payload
)
resp = resp.json()
if resp["valid"] == False:
if resp["error"]:
return resp["error"], 500
elif resp["valid"] == False:
return "invalid captcha", 400
else:
register(username, password)
Expand Down