feat: hcaptcha
This commit is contained in:
Tony Yang
+61
-39
@@ -1,58 +1,80 @@
|
||||
import { SignJWT } from 'jose';
|
||||
import { createSuccessResponse, createErrorResponse } from "../utils";
|
||||
import hCaptchaPlugin from "@cloudflare/pages-plugin-hcaptcha";
|
||||
|
||||
export async function onRequestPost(context) {
|
||||
try {
|
||||
const { request, env } = context;
|
||||
export const onRequestPost = [
|
||||
async (context) => {
|
||||
return hCaptchaPlugin({
|
||||
secret: context.env.hcaptcha_secret_key,
|
||||
sitekey: context.env.hcaptcha_site_key,
|
||||
onError: (context) => {
|
||||
console.error("hCaptcha error:", context.error);
|
||||
return createErrorResponse("hCaptcha verification failed", 403);
|
||||
}
|
||||
})(context);
|
||||
},
|
||||
async (context) => {
|
||||
try {
|
||||
const { request, env } = context;
|
||||
let payload;
|
||||
|
||||
const { username, password } = await request.json();
|
||||
try {
|
||||
const formData = await request.formData();
|
||||
payload = JSON.parse(formData.get('payload'));
|
||||
} catch (e) {
|
||||
console.error("Payload parsing error:", e);
|
||||
return createErrorResponse("Invalid payload", 400);
|
||||
}
|
||||
|
||||
if (!username || !password) {
|
||||
return createErrorResponse("Missing username or password", 400);
|
||||
}
|
||||
const { username, password } = payload;
|
||||
|
||||
if (username.length < 3) {
|
||||
return createErrorResponse("Username must be at least 3 characters", 400);
|
||||
}
|
||||
if (!username || !password) {
|
||||
return createErrorResponse("Missing username or password", 400);
|
||||
}
|
||||
|
||||
if (password.length < 8) {
|
||||
return createErrorResponse("Password must be at least 8 characters", 400);
|
||||
}
|
||||
if (username.length < 3) {
|
||||
return createErrorResponse("Username must be at least 3 characters", 400);
|
||||
}
|
||||
|
||||
if (!/^[a-zA-Z0-9]+$/.test(username)) {
|
||||
return createErrorResponse("Username must be alphanumeric", 400);
|
||||
}
|
||||
if (password.length < 8) {
|
||||
return createErrorResponse("Password must be at least 8 characters", 400);
|
||||
}
|
||||
|
||||
// Get the stored password from D1
|
||||
const { results } = await env.DB.prepare("SELECT password FROM users WHERE username = ?").bind(username).all();
|
||||
if (!/^[a-zA-Z0-9]+$/.test(username)) {
|
||||
return createErrorResponse("Username must be alphanumeric", 400);
|
||||
}
|
||||
|
||||
if (!results || results.length === 0) {
|
||||
return new Response(JSON.stringify({"error": "Invalid username or password"}), { status: 403, headers: { 'Content-Type': 'application/json' } });
|
||||
}
|
||||
// Get the stored password from D1
|
||||
const { results } = await env.DB.prepare("SELECT password FROM users WHERE username = ?").bind(username).all();
|
||||
|
||||
const storedPassword = results[0].password;
|
||||
if (!results || results.length === 0) {
|
||||
return new Response(JSON.stringify({"error": "Invalid username or password"}), { status: 403, headers: { 'Content-Type': 'application/json' } });
|
||||
}
|
||||
|
||||
// Compare the password to the stored password
|
||||
if (password !== storedPassword) {
|
||||
return new Response(JSON.stringify({"error": "Invalid username or password"}), { status: 403, headers: { 'Content-Type': 'application/json' } });
|
||||
}
|
||||
const storedPassword = results[0].password;
|
||||
|
||||
// Get the user ID
|
||||
const { results: userResults } = await env.DB.prepare("SELECT * FROM users WHERE username = ?").bind(username).all();
|
||||
const jwtPayload = (({ id, username }) => ({ id, username }))(userResults[0]);
|
||||
// Compare the password to the stored password
|
||||
if (password !== storedPassword) {
|
||||
return new Response(JSON.stringify({"error": "Invalid username or password"}), { status: 403, headers: { 'Content-Type': 'application/json' } });
|
||||
}
|
||||
|
||||
// Generate a JWT token
|
||||
const jwt = await new SignJWT(jwtPayload)
|
||||
.setProtectedHeader({ alg: 'HS256' })
|
||||
.setIssuedAt()
|
||||
.setIssuer('urn:example:issuer')
|
||||
.setAudience('urn:example:audience')
|
||||
.setExpirationTime('2h')
|
||||
.sign(new TextEncoder().encode(env.JWT_SECRET));
|
||||
// Get the user ID
|
||||
const { results: userResults } = await env.DB.prepare("SELECT * FROM users WHERE username = ?").bind(username).all();
|
||||
const jwtPayload = (({ id, username }) => ({ id, username }))(userResults[0]);
|
||||
|
||||
return createSuccessResponse({ jwt });
|
||||
// Generate a JWT token
|
||||
const jwt = await new SignJWT(jwtPayload)
|
||||
.setProtectedHeader({ alg: 'HS256' })
|
||||
.setIssuedAt()
|
||||
.setIssuer('urn:example:issuer')
|
||||
.setAudience('urn:example:audience')
|
||||
.setExpirationTime('2h')
|
||||
.sign(new TextEncoder().encode(env.JWT_SECRET));
|
||||
|
||||
return createSuccessResponse({ jwt });
|
||||
} catch (error) {
|
||||
console.error("Login error:", error);
|
||||
return createErrorResponse("Login failed", 500);
|
||||
}
|
||||
}
|
||||
},
|
||||
];
|
||||
|
||||
Reference in New Issue
Block a user