cahha iptal
This commit is contained in:
@@ -8,12 +8,14 @@ export interface CaptchaData {
|
||||
const CAPTCHA_SECRET = process.env.CAPTCHA_SECRET || 'default-secret-change-me'
|
||||
|
||||
export function generateCaptcha(width = 200, height = 80): { text: string, data: string } {
|
||||
console.log('[Captcha] Generating new captcha...')
|
||||
// 1. Generate random text (5 chars)
|
||||
const chars = 'ABCDEFGHJKLMNPQRSTUVWXYZ23456789' // Removed confusing chars like I, 1, 0, O
|
||||
let text = ''
|
||||
for (let i = 0; i < 5; i++) {
|
||||
text += chars.charAt(Math.floor(Math.random() * chars.length))
|
||||
}
|
||||
console.log('[Captcha] Generated text:', text)
|
||||
|
||||
// 2. Create SVG
|
||||
const bg = '#f3f4f6'
|
||||
@@ -69,23 +71,39 @@ export function signCaptcha(text: string): string {
|
||||
}
|
||||
|
||||
export function verifyCaptcha(input: string, hash: string): boolean {
|
||||
if (!input || !hash) return false
|
||||
if (!input || !hash) {
|
||||
console.log('[Captcha] Missing input or hash')
|
||||
return false
|
||||
}
|
||||
|
||||
const parts = hash.split('|')
|
||||
if (parts.length !== 3) return false
|
||||
if (parts.length !== 3) {
|
||||
console.log('[Captcha] Invalid hash format')
|
||||
return false
|
||||
}
|
||||
|
||||
const [originalText, expiresStr, signature] = parts
|
||||
const expires = parseInt(expiresStr, 10)
|
||||
|
||||
// Check expiration
|
||||
if (Date.now() > expires) return false
|
||||
if (Date.now() > expires) {
|
||||
console.log('[Captcha] Expired. Now:', Date.now(), 'Expires:', expires)
|
||||
return false
|
||||
}
|
||||
|
||||
// Check signature integrity
|
||||
const expectedData = `${originalText}|${expiresStr}`
|
||||
const expectedSignature = createHmac('sha256', CAPTCHA_SECRET).update(expectedData).digest('hex')
|
||||
|
||||
if (signature !== expectedSignature) return false
|
||||
if (signature !== expectedSignature) {
|
||||
console.log('[Captcha] Signature mismatch')
|
||||
return false
|
||||
}
|
||||
|
||||
// Check content match
|
||||
return input.toUpperCase() === originalText
|
||||
const isValid = input.toUpperCase() === originalText
|
||||
if (!isValid) {
|
||||
console.log('[Captcha] Text mismatch. Expected:', originalText, 'Got:', input.toUpperCase())
|
||||
}
|
||||
return isValid
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user