anatolykopyl/registration
1
0
Fork 0
mirror of https://github.com/anatolykopyl/registration.git synced 2026-03-26 04:45:25 +00:00
Code Issues Projects Releases Wiki Activity

Added reCaptcha

Browse Source
This commit is contained in:
Anatoly Kopyl
2021-03-23 17:31:34 +03:00
parent bb1e02b41a
commit c75520014f
6 changed files with 748 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@@ -1,2 +1,3 @@
node_modules/ node_modules/
.env .env
.DS_Store

680
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

1
package.json
View File

@@ -23,6 +23,7 @@
"express": "^4.17.1", "express": "^4.17.1",
"express-session": "^1.17.1", "express-session": "^1.17.1",
"mongodb": "^3.6.5", "mongodb": "^3.6.5",
"request": "^2.88.2",
"uuid4": "^2.0.2" "uuid4": "^2.0.2"
}, },
"devDependencies": { "devDependencies": {

13
public/auth.html
View File

@@ -12,6 +12,7 @@
<form action="http://localhost:3000/register" method="POST"> <form action="http://localhost:3000/register" method="POST">
<span class="input_row">Username: <input name="login" type="text"></span> <span class="input_row">Username: <input name="login" type="text"></span>
<span class="input_row">Password: <input name="pass" type="password"></span> <span class="input_row">Password: <input name="pass" type="password"></span>
<input type="hidden" class="g-recaptcha-response" name="g-recaptcha-response">
<input type="submit" value="Register"> <input type="submit" value="Register">
</form> </form>
@@ -19,7 +20,19 @@
<form action="http://localhost:3000/login" method="POST"> <form action="http://localhost:3000/login" method="POST">
<span class="input_row">Username: <input name="login" type="text"></span> <span class="input_row">Username: <input name="login" type="text"></span>
<span class="input_row">Password: <input name="pass" type="password"></span> <span class="input_row">Password: <input name="pass" type="password"></span>
<input type="hidden" class="g-recaptcha-response" name="g-recaptcha-response">
<input type="submit" value="Login"> <input type="submit" value="Login">
</form> </form>
<script src="https://www.google.com/recaptcha/api.js?render=6LcTXIsaAAAAAGWE4913KuaqU1tTT9uyqmvPADcn"></script>
<script>
grecaptcha.ready(function () {
grecaptcha.execute('6LcTXIsaAAAAAGWE4913KuaqU1tTT9uyqmvPADcn', { action: 'demo' })
.then(function (token) {
document.getElementsByClassName('g-recaptcha-response')[0].value = token;
document.getElementsByClassName('g-recaptcha-response')[1].value = token;
});
});
</script>
</body> </body>
</html> </html>

63
server.js
View File

@@ -6,7 +6,9 @@ const MongoStore = require('connect-mongo')
const bcrypt = require('bcrypt') const bcrypt = require('bcrypt')
require('dotenv').config() require('dotenv').config()
app.use(express.static("public")) const {verifyCaptcha} = require('./verify-captcha')
app.use(express.static(__dirname + '/public'))
app.use(express.json()) app.use(express.json())
app.use(express.urlencoded({ extended: true })) app.use(express.urlencoded({ extended: true }))
@@ -28,8 +30,9 @@ client.connect()
app.get('/', (req, res) => { app.get('/', (req, res) => {
if (req.session.loggedIn) { if (req.session.loggedIn) {
res.sendFile(__dirname+'/public/personal.html') res.sendFile(__dirname+'/public/personal.html')
} else } else {
res.sendFile(__dirname+'/public/auth.html') res.sendFile(__dirname+'/public/auth.html')
}
}) })
app.get('/get-users', async (_, res) => { app.get('/get-users', async (_, res) => {
@@ -43,35 +46,39 @@ app.get('/get-users', async (_, res) => {
}) })
app.post('/register', async (req, res) => { app.post('/register', async (req, res) => {
const hashedPass = await bcrypt.hash(req.body.pass, 10) verifyCaptcha(req, res, async () => {
try { const hashedPass = await bcrypt.hash(req.body.pass, 10)
await client.db('reg_example').collection('users').insertOne({ try {
login: req.body.login, await client.db('reg_example').collection('users').insertOne({
pass: hashedPass login: req.body.login,
}) pass: hashedPass
req.session.loggedIn = true })
res.status(201).redirect('/') req.session.loggedIn = true
} catch (e) { res.status(201).redirect('/')
console.log("Error: " + e) } catch (e) {
res.status(500).send() console.log("Error: " + e)
} res.status(500).send()
}
})
}) })
app.post('/login', async (req, res) => { app.post('/login', async (req, res) => {
try { verifyCaptcha(req, res, async () => {
const user = await client.db('reg_example').collection('users').findOne({ try {
login: req.body.login const user = await client.db('reg_example').collection('users').findOne({
}) login: req.body.login
if (user && bcrypt.compareSync(req.body.pass, user.pass)) { })
req.session.loggedIn = true if (user && bcrypt.compareSync(req.body.pass, user.pass)) {
res.status(200).redirect('/') req.session.loggedIn = true
} else { res.status(200).redirect('/')
res.status(401).send("Invalid login credentials") } else {
res.status(401).send("Invalid login credentials")
}
} catch (e) {
console.log("Error: " + e)
res.status(500).send()
} }
} catch (e) { })
console.log("Error: " + e)
res.status(500).send()
}
}) })
app.get('/logout', (req, res) => { app.get('/logout', (req, res) => {
@@ -81,4 +88,4 @@ app.get('/logout', (req, res) => {
res.redirect('/') res.redirect('/')
}) })
app.listen(3000) app.listen(process.env.PORT)

21
verify-captcha.js Normal file
View File

@@ -0,0 +1,21 @@
const request = require('request')
module.exports = {
verifyCaptcha: function (req, res, cb) {
if (!req.body['g-recaptcha-response']) {
return res.status(401).send("Invalid captcha")
}
const verificationURL = "https://www.google.com/recaptcha/api/siteverify?secret=" + process.env.SECRET_KEY + "&response=" + req.body['g-recaptcha-response'] + "&remoteip=" + req.socket.remoteAddress
request(verificationURL, async function(_, _, body) {
body = JSON.parse(body)
if (body.success !== undefined && !body.success) {
return res.status(401).send("Invalid captcha")
}
cb()
})
}
}