Revert "feat: re-added captcha checks (#3249)" (#3288)
authorDessalines <dessalines@users.noreply.github.com>
Fri, 23 Jun 2023 11:02:05 +0000 (07:02 -0400)
committerFelix Ableitner <me@nutomic.com>
Mon, 26 Jun 2023 08:45:22 +0000 (10:45 +0200)
This reverts commit 8a086c82405bc8e2c8cb2fbbcceb10418f231d1b.

16 files changed:
Cargo.lock
crates/api/Cargo.toml
crates/api/src/lib.rs
crates/api/src/local_user/get_captcha.rs [deleted file]
crates/api/src/local_user/mod.rs
crates/api_crud/Cargo.toml
crates/api_crud/src/user/create.rs
crates/db_schema/src/diesel_ltree.patch
crates/db_schema/src/impls/captcha_answer.rs [deleted file]
crates/db_schema/src/impls/mod.rs
crates/db_schema/src/schema.rs
crates/db_schema/src/source/captcha_answer.rs [deleted file]
crates/db_schema/src/source/mod.rs
migrations/2023-06-21-153242_add_captcha/down.sql [deleted file]
migrations/2023-06-21-153242_add_captcha/up.sql [deleted file]
src/api_routes_http.rs

index 08437ecf7463fe3576c753d4fd39f45fd55db88c..cee02f7985d31a2807e05d10543317e215251f8f 100644 (file)
@@ -2526,7 +2526,6 @@ dependencies = [
  "base64 0.13.1",
  "bcrypt",
  "captcha",
- "chrono",
  "lemmy_api_common",
  "lemmy_db_schema",
  "lemmy_db_views",
@@ -2577,7 +2576,6 @@ dependencies = [
  "actix-web",
  "async-trait",
  "bcrypt",
- "chrono",
  "lemmy_api_common",
  "lemmy_db_schema",
  "lemmy_db_views",
index ca792809bed869ec39a4bbc28e960bfb4245e9c7..2488f2c2c93caf69f195387a1d66787a8cb1086f 100644 (file)
@@ -29,7 +29,6 @@ async-trait = { workspace = true }
 captcha = { workspace = true }
 anyhow = { workspace = true }
 tracing = { workspace = true }
-chrono = { workspace = true }
 
 [dev-dependencies]
 serial_test = { workspace = true }
index 615a8a3144fdea49e8d7bca4388a79c8c05acd23..9ff1677d0ed4950e5e28f81473b10661a9b892eb 100644 (file)
@@ -1,5 +1,4 @@
 use actix_web::web::Data;
-use captcha::Captcha;
 use lemmy_api_common::{context::LemmyContext, utils::local_site_to_slur_regex};
 use lemmy_db_schema::source::local_site::LocalSite;
 use lemmy_utils::{error::LemmyError, utils::slurs::check_slurs};
@@ -21,21 +20,6 @@ pub trait Perform {
   async fn perform(&self, context: &Data<LemmyContext>) -> Result<Self::Response, LemmyError>;
 }
 
-/// Converts the captcha to a base64 encoded wav audio file
-pub(crate) fn captcha_as_wav_base64(captcha: &Captcha) -> String {
-  let letters = captcha.as_wav();
-
-  let mut concat_letters: Vec<u8> = Vec::new();
-
-  for letter in letters {
-    let bytes = letter.unwrap_or_default();
-    concat_letters.extend(bytes);
-  }
-
-  // Convert to base64
-  base64::encode(concat_letters)
-}
-
 /// Check size of report and remove whitespace
 pub(crate) fn check_report_reason(reason: &str, local_site: &LocalSite) -> Result<(), LemmyError> {
   let slur_regex = &local_site_to_slur_regex(local_site);
diff --git a/crates/api/src/local_user/get_captcha.rs b/crates/api/src/local_user/get_captcha.rs
deleted file mode 100644 (file)
index 6dbc348..0000000
+++ /dev/null
@@ -1,53 +0,0 @@
-use crate::{captcha_as_wav_base64, Perform};
-use actix_web::web::Data;
-use captcha::{gen, Difficulty};
-use chrono::Duration;
-use lemmy_api_common::{
-  context::LemmyContext,
-  person::{CaptchaResponse, GetCaptcha, GetCaptchaResponse},
-};
-use lemmy_db_schema::{
-  source::{captcha_answer::CaptchaAnswer, local_site::LocalSite},
-  utils::naive_now,
-};
-use lemmy_utils::error::LemmyError;
-
-#[async_trait::async_trait(?Send)]
-impl Perform for GetCaptcha {
-  type Response = GetCaptchaResponse;
-
-  #[tracing::instrument(skip(context))]
-  async fn perform(&self, context: &Data<LemmyContext>) -> Result<Self::Response, LemmyError> {
-    let local_site = LocalSite::read(context.pool()).await?;
-
-    if !local_site.captcha_enabled {
-      return Ok(GetCaptchaResponse { ok: None });
-    }
-
-    let captcha = gen(match local_site.captcha_difficulty.as_str() {
-      "easy" => Difficulty::Easy,
-      "hard" => Difficulty::Hard,
-      _ => Difficulty::Medium,
-    });
-
-    let answer = captcha.chars_as_string();
-
-    let png = captcha.as_base64().expect("failed to generate captcha");
-
-    let uuid = uuid::Uuid::new_v4().to_string();
-
-    let wav = captcha_as_wav_base64(&captcha);
-
-    let captcha: CaptchaAnswer = CaptchaAnswer {
-      answer,
-      uuid: uuid.clone(),
-      expires: naive_now() + Duration::minutes(10), // expires in 10 minutes
-    };
-    // Stores the captcha item in the db
-    CaptchaAnswer::insert(context.pool(), &captcha).await?;
-
-    Ok(GetCaptchaResponse {
-      ok: Some(CaptchaResponse { png, wav, uuid }),
-    })
-  }
-}
index 3a92beda57e21d7f5cfb928da9d47e684b0fd6f0..9244f825dd64941ffd0908a79bdd194064a55ffd 100644 (file)
@@ -3,7 +3,6 @@ mod ban_person;
 mod block;
 mod change_password;
 mod change_password_after_reset;
-mod get_captcha;
 mod list_banned;
 mod login;
 mod notifications;
index 21320a3c359a8850b9fa1ac1db226b0991b557b3..1fb1e5a664d2085379f47d9556a3d27148ae2b2d 100644 (file)
@@ -22,4 +22,3 @@ tracing = { workspace = true }
 url = { workspace = true }
 async-trait = { workspace = true }
 webmention = "0.4.0"
-chrono = { worspace = true }
index 871a05d6f39b4a08acad0a0acd26c214e9b2e9a4..f5a26f75634eee2b8f2270c92da1a929738b056b 100644 (file)
@@ -1,7 +1,6 @@
 use crate::PerformCrud;
 use activitypub_federation::http_signatures::generate_actor_keypair;
 use actix_web::web::Data;
-use chrono::NaiveDateTime;
 use lemmy_api_common::{
   context::LemmyContext,
   person::{LoginResponse, Register},
@@ -20,7 +19,6 @@ use lemmy_api_common::{
 use lemmy_db_schema::{
   aggregates::structs::PersonAggregates,
   source::{
-    captcha_answer::CaptchaAnswer,
     local_user::{LocalUser, LocalUserInsertForm},
     person::{Person, PersonInsertForm},
     registration_application::{RegistrationApplication, RegistrationApplicationInsertForm},
@@ -73,22 +71,6 @@ impl PerformCrud for Register {
       return Err(LemmyError::from_message("passwords_dont_match"));
     }
 
-    if local_site.site_setup && local_site.captcha_enabled {
-      let check = CaptchaAnswer::check_captcha(
-        context.pool(),
-        CaptchaAnswer {
-          uuid: data.captcha_uuid.clone().unwrap_or_default(),
-          answer: data.captcha_answer.clone().unwrap_or_default(),
-          // not used when checking
-          expires: NaiveDateTime::MIN,
-        },
-      )
-      .await?;
-      if !check {
-        return Err(LemmyError::from_message("captcha_incorrect"));
-      }
-    }
-
     let slur_regex = local_site_to_slur_regex(&local_site);
     check_slurs(&data.username, &slur_regex)?;
     check_slurs_opt(&data.answer, &slur_regex)?;
index 2607eb68ba4ad6060dbde9bdf3cee595428ce179..d7d49f03e93f9f3b73c3dd9563e2847456ef0d5b 100644 (file)
@@ -1,17 +1,28 @@
---- schema.rs  2023-06-21 22:25:50.252384233 +0100
-+++ "schema copy.rs"   2023-06-21 22:26:50.452378651 +0100
-@@ -6,10 +6,6 @@
-     pub struct ListingTypeEnum;
+diff --git a/crates/db_schema/src/schema.rs b/crates/db_schema/src/schema.rs
+index 255c6422..f2ccf5e2 100644
+--- a/crates/db_schema/src/schema.rs
++++ b/crates/db_schema/src/schema.rs
+@@ -2,16 +2,12 @@
  
+ pub mod sql_types {
      #[derive(diesel::sql_types::SqlType)]
+     #[diesel(postgres_type(name = "listing_type_enum"))]
+     pub struct ListingTypeEnum;
+-    #[derive(diesel::sql_types::SqlType)]
 -    #[diesel(postgres_type(name = "ltree"))]
 -    pub struct Ltree;
 -
--    #[derive(diesel::sql_types::SqlType)]
+     #[derive(diesel::sql_types::SqlType)]
      #[diesel(postgres_type(name = "registration_mode_enum"))]
      pub struct RegistrationModeEnum;
  
-@@ -78,7 +74,7 @@
+     #[derive(diesel::sql_types::SqlType)]
+     #[diesel(postgres_type(name = "sort_type_enum"))]
+@@ -67,13 +63,13 @@ diesel::table! {
+         when_ -> Timestamp,
+     }
+ }
  
  diesel::table! {
      use diesel::sql_types::*;
@@ -20,3 +31,6 @@
  
      comment (id) {
          id -> Int4,
+         creator_id -> Int4,
+         post_id -> Int4,
+         content -> Text,
diff --git a/crates/db_schema/src/impls/captcha_answer.rs b/crates/db_schema/src/impls/captcha_answer.rs
deleted file mode 100644 (file)
index afd1818..0000000
+++ /dev/null
@@ -1,164 +0,0 @@
-use crate::{
-  schema::captcha_answer,
-  source::captcha_answer::CaptchaAnswer,
-  utils::{functions::lower, get_conn, naive_now, DbPool},
-};
-use diesel::{
-  delete,
-  dsl::exists,
-  insert_into,
-  result::Error,
-  select,
-  ExpressionMethods,
-  QueryDsl,
-};
-use diesel_async::RunQueryDsl;
-
-impl CaptchaAnswer {
-  pub async fn insert(pool: &DbPool, captcha: &CaptchaAnswer) -> Result<Self, Error> {
-    let conn = &mut get_conn(pool).await?;
-
-    insert_into(captcha_answer::table)
-      .values(captcha)
-      .get_result::<Self>(conn)
-      .await
-  }
-
-  pub async fn check_captcha(pool: &DbPool, to_check: CaptchaAnswer) -> Result<bool, Error> {
-    let conn = &mut get_conn(pool).await?;
-
-    // delete any expired captchas
-    delete(captcha_answer::table.filter(captcha_answer::expires.lt(&naive_now())))
-      .execute(conn)
-      .await?;
-
-    // fetch requested captcha
-    let captcha_exists = select(exists(
-      captcha_answer::dsl::captcha_answer
-        .filter((captcha_answer::dsl::uuid).eq(to_check.uuid.clone()))
-        .filter(lower(captcha_answer::dsl::answer).eq(to_check.answer.to_lowercase().clone())),
-    ))
-    .get_result::<bool>(conn)
-    .await?;
-
-    // delete checked captcha
-    delete(captcha_answer::table.filter(captcha_answer::uuid.eq(to_check.uuid.clone())))
-      .execute(conn)
-      .await?;
-
-    Ok(captcha_exists)
-  }
-}
-
-#[cfg(test)]
-mod tests {
-  use crate::{
-    source::captcha_answer::CaptchaAnswer,
-    utils::{build_db_pool_for_tests, naive_now},
-  };
-  use chrono::Duration;
-  use serial_test::serial;
-
-  #[tokio::test]
-  #[serial]
-  async fn test_captcha_happy_path() {
-    let pool = &build_db_pool_for_tests().await;
-
-    let captcha_a_id = "a".to_string();
-
-    let _ = CaptchaAnswer::insert(
-      pool,
-      &CaptchaAnswer {
-        uuid: captcha_a_id.clone(),
-        answer: "XYZ".to_string(),
-        expires: naive_now() + Duration::minutes(10),
-      },
-    )
-    .await;
-
-    let result = CaptchaAnswer::check_captcha(
-      pool,
-      CaptchaAnswer {
-        uuid: captcha_a_id.clone(),
-        answer: "xyz".to_string(),
-        expires: chrono::NaiveDateTime::MIN,
-      },
-    )
-    .await;
-
-    assert!(result.is_ok());
-    assert!(result.unwrap());
-  }
-
-  #[tokio::test]
-  #[serial]
-  async fn test_captcha_repeat_answer_fails() {
-    let pool = &build_db_pool_for_tests().await;
-
-    let captcha_a_id = "a".to_string();
-
-    let _ = CaptchaAnswer::insert(
-      pool,
-      &CaptchaAnswer {
-        uuid: captcha_a_id.clone(),
-        answer: "XYZ".to_string(),
-        expires: naive_now() + Duration::minutes(10),
-      },
-    )
-    .await;
-
-    let result = CaptchaAnswer::check_captcha(
-      pool,
-      CaptchaAnswer {
-        uuid: captcha_a_id.clone(),
-        answer: "xyz".to_string(),
-        expires: chrono::NaiveDateTime::MIN,
-      },
-    )
-    .await;
-
-    let result_repeat = CaptchaAnswer::check_captcha(
-      pool,
-      CaptchaAnswer {
-        uuid: captcha_a_id.clone(),
-        answer: "xyz".to_string(),
-        expires: chrono::NaiveDateTime::MIN,
-      },
-    )
-    .await;
-
-    assert!(result_repeat.is_ok());
-    assert!(!result_repeat.unwrap());
-  }
-
-  #[tokio::test]
-  #[serial]
-  async fn test_captcha_expired_fails() {
-    let pool = &build_db_pool_for_tests().await;
-
-    let expired_id = "already_expired".to_string();
-
-    let _ = CaptchaAnswer::insert(
-      pool,
-      &CaptchaAnswer {
-        uuid: expired_id.clone(),
-        answer: "xyz".to_string(),
-        expires: naive_now() - Duration::seconds(1),
-      },
-    )
-    .await;
-
-    let expired_result = CaptchaAnswer::check_captcha(
-      pool,
-      CaptchaAnswer {
-        uuid: expired_id.clone(),
-        answer: "xyz".to_string(),
-        expires: chrono::NaiveDateTime::MIN,
-      },
-    )
-    .await;
-
-    assert!(expired_result.is_ok());
-    assert!(!expired_result.unwrap());
-  }
-}
index f13004d015deeffa5ace03a96ab9c003f9d5f582..915d1c8e2c99c9774a20620b29460f344ba7c3da 100644 (file)
@@ -1,6 +1,5 @@
 pub mod activity;
 pub mod actor_language;
-pub mod captcha_answer;
 pub mod comment;
 pub mod comment_reply;
 pub mod comment_report;
index f244ae664077b182775194a2297a34e3ff9e8414..ac4ddc47a4277b968b703c13f649fbe9541668c2 100644 (file)
@@ -64,14 +64,6 @@ diesel::table! {
     }
 }
 
-diesel::table! {
-    captcha_answer (uuid) {
-        uuid -> Text,
-        answer -> Text,
-        expires -> Timestamp,
-    }
-}
-
 diesel::table! {
     use diesel::sql_types::{Bool, Int4, Nullable, Text, Timestamp, Varchar};
     use diesel_ltree::sql_types::Ltree;
@@ -924,7 +916,6 @@ diesel::allow_tables_to_appear_in_same_query!(
     admin_purge_community,
     admin_purge_person,
     admin_purge_post,
-    captcha_answer,
     comment,
     comment_aggregates,
     comment_like,
diff --git a/crates/db_schema/src/source/captcha_answer.rs b/crates/db_schema/src/source/captcha_answer.rs
deleted file mode 100644 (file)
index 113b7c9..0000000
+++ /dev/null
@@ -1,14 +0,0 @@
-#[cfg(feature = "full")]
-use crate::schema::captcha_answer;
-use serde::{Deserialize, Serialize};
-use serde_with::skip_serializing_none;
-
-#[skip_serializing_none]
-#[derive(Clone, PartialEq, Eq, Debug, Serialize, Deserialize)]
-#[cfg_attr(feature = "full", derive(Queryable, Insertable, AsChangeset))]
-#[cfg_attr(feature = "full", diesel(table_name = captcha_answer))]
-pub struct CaptchaAnswer {
-  pub uuid: String,
-  pub answer: String,
-  pub expires: chrono::NaiveDateTime,
-}
index 926e23e73d314160f99ee87820fc309bf4fec600..9aab4b90b35753023f5142c22b74e2687521c5bf 100644 (file)
@@ -1,7 +1,6 @@
 #[cfg(feature = "full")]
 pub mod activity;
 pub mod actor_language;
-pub mod captcha_answer;
 pub mod comment;
 pub mod comment_reply;
 pub mod comment_report;
diff --git a/migrations/2023-06-21-153242_add_captcha/down.sql b/migrations/2023-06-21-153242_add_captcha/down.sql
deleted file mode 100644 (file)
index 4e5b830..0000000
+++ /dev/null
@@ -1 +0,0 @@
-drop table captcha_answer;
\ No newline at end of file
diff --git a/migrations/2023-06-21-153242_add_captcha/up.sql b/migrations/2023-06-21-153242_add_captcha/up.sql
deleted file mode 100644 (file)
index 71467be..0000000
+++ /dev/null
@@ -1,5 +0,0 @@
-create table captcha_answer (
-    uuid text not null primary key,
-    answer text not null,
-    expires timestamp not null
-);
index 375630a9243fc529c7227740e600746d3e7c2d39..a2abfa690f9b9d9b990a276528f11a175142b76e 100644 (file)
@@ -38,7 +38,6 @@ use lemmy_api_common::{
     ChangePassword,
     DeleteAccount,
     GetBannedPersons,
-    GetCaptcha,
     GetPersonDetails,
     GetPersonMentions,
     GetReplies,
@@ -273,12 +272,6 @@ pub fn config(cfg: &mut web::ServiceConfig, rate_limit: &RateLimitCell) {
           .wrap(rate_limit.register())
           .route(web::post().to(route_post_crud::<Register>)),
       )
-      .service(
-        // Handle captcha separately
-        web::resource("/user/get_captcha")
-          .wrap(rate_limit.post())
-          .route(web::get().to(route_get::<GetCaptcha>)),
-      )
       // User actions
       .service(
         web::scope("/user")