diff --git a/captcha/_misc/README.md b/captcha/_misc/README.md new file mode 100644 index 0000000..4c53bbb --- /dev/null +++ b/captcha/_misc/README.md @@ -0,0 +1,88 @@ +README +------ + +The meeting links are slightly hidden to avoid abuse from web scraping bots, +which is why we use the hCAPTCHA to add a small deterrent. + +If just changing the meeting info/links, skip down to `Updating Meeting +Info` section. + + +Background +---------- +The github pages are statically generated. Therefore, we can not use a +server-side reCAPTCHA method (e.g., Open MPI uses a server-side PHP +reCAPTCHA). We use hCAPTCHA and an entirely client-side method that is +compatible with static gh-pages. + +Note, since the data is pasted in the client side, we base64 encode the +information to obfuscate the information and reduce direct browsing of +meeting info. See notes for updating things and encoding the meeting info. + +General Flow +------------ + + 1. User visits `/captcha` URL, and completes the challenge prompt. + + 2. On success, redirected to "success" page (e.g., `success.html`) with + the meeting information. + - Note: We generate a simple token on captcha page (`index.html`) that + is checked by the `success.html` page to try and avoid simple browsing + of the full URL. This is a weak protection to help obfuscate the + meeting info data. + - Note: We base64 encode the meeting content and embed the data into the + success page where it is displayed. This is a weak protection to help + obfuscate the meeting info data. + + 3. On failure, redirected to captcha challenge prompt. + + +Initial Setup +------------- + +One-time setup for the basic `/captcha` directory in repository. + + 1. (One-time setup) Create hCaptcha free account and generate `sitekey` + - Note: Currently using setup under naughtont AT ornl.gov account. + - Note: Using 'Always Challenge' and 'Easy' or 'Moderate' settings. + - https://dashboard.hcaptcha.com/sites?page=1&archived=active + + 2. Edit `index.html`, update `data-sitekey` with `sitekey` from Step 1. + + 3. Commit changes to repo and the gh-pages will be updated automatically. + + 4. Now ready to update meeting info (see below). + + +Update Meeting Info +------------------- + +Assumes initial setup (above) complete and just changing meeting data. + + 1. Manually format the "meeting info" with any desired HTML formatting. + + 2. Encode (base64) the meeting data (e.g., `meetings.dat => meetings.dat.enc`) + - NOTE: You can decode the meeting data to double check encode/decode + using the same script (see: `encode.py -h`) + + ``` + ./_misc/encode.py meetings.dat > meetings.dat.enc + ``` + + 3. Edit `success.html`, update `encodedData` with contents of encoded data + string (e.g., copy/paste `meetings.dat.enc`). + + 4. As needed, update any titles/headings in HTML (e.g., 2025 Meetings). + + 5. Commit changes to repo and the gh-pages will be updated automatically. + + +Misc +---- + + - The `_misc/` dir has leading underscore so Jekyll ignores it + when posting content to the statically generated gh-pages + - Encode script at `_misc/encode.py` + - Example HTML formatted meeting data at `_misc/example.dat` + - hCaptcha: [https://dashboard.hcaptcha.com](https://dashboard.hcaptcha.com) + diff --git a/captcha/_misc/encode.py b/captcha/_misc/encode.py new file mode 100755 index 0000000..170fb94 --- /dev/null +++ b/captcha/_misc/encode.py @@ -0,0 +1,62 @@ +#!/usr/bin/env python3 +# Script to base64 encode the contents of a file. +# The script can also decode the encoded data if needed. +# +# NOTE: The base64 encoded data is typically the contents of +# the meeting links so that the file committed to the repository +# and posted online is obfuscated to avoid online browsing. +# +import base64 +import sys +import argparse + +decode=0 +filename="" +script_name = "encode.py" + +def read_file(file_path): + content = "" + try: + with open(file_path, 'r') as file: + content = file.read() + except Exception as e: + print(f"Error: Unexpected error occurred: {e}", file=sys.stderr) + + return(content) + +def main(): + p = argparse.ArgumentParser(description="Encode/decode datafile") + + p.add_argument( + "filename", + metavar="FILE", + type=str, + help="Path to input file to read." + ) + p.add_argument( + "-d", "--decode", + action="store_true", + help="Decode data" + ) + + args = p.parse_args() + + if len(sys.argv) < 2: + print(f"Usage: {script_name} FILE", file=sys.stderr) + return(1) + + data = read_file(args.filename) + + if args.decode: + decoded_data = base64.b64decode(data).decode("utf-8") + print(decoded_data) + else: + encoded_data = base64.b64encode(data.encode("utf-8")).decode("utf-8") + print(encoded_data) + + return(0) + +if __name__ == "__main__": + retval = 0 + retval = main() + sys.exit(retval) diff --git a/captcha/_misc/example.dat b/captcha/_misc/example.dat new file mode 100644 index 0000000..afb970f --- /dev/null +++ b/captcha/_misc/example.dat @@ -0,0 +1,136 @@ +
+ Complete the CAPTCHA then submit the form to get the meeting links. +
+ + +