MCPcopy Create free account
hub / github.com/GoEdgeLab/EdgeNode / validateGeeTestForm

Method validateGeeTestForm

internal/waf/captcha_validator.go:759–852  ·  view source on GitHub ↗
(actionConfig *CaptchaAction, policyId int64, groupId int64, setId int64, originURL string, req requests.Request, writer http.ResponseWriter, useLocalFirewall bool)

Source from the content-addressed store, hash-verified

757}
758
759func (this *CaptchaValidator) validateGeeTestForm(actionConfig *CaptchaAction, policyId int64, groupId int64, setId int64, originURL string, req requests.Request, writer http.ResponseWriter, useLocalFirewall bool) (allow bool) {
760 var geeTestConfig = actionConfig.GeeTestConfig
761 if geeTestConfig == nil || !geeTestConfig.IsOn {
762 return
763 }
764
765 defer func() {
766 if allow {
767 // 清除计数
768 CaptchaDeleteCacheKey(req)
769
770 var life = CaptchaSeconds
771 if actionConfig.Life > 0 {
772 life = types.Int(actionConfig.Life)
773 }
774
775 // 加入到白名单
776 SharedIPWhiteList.RecordIP(wafutils.ComposeIPType(setId, req), actionConfig.Scope, req.WAFServerId(), req.WAFRemoteIP(), time.Now().Unix()+int64(life), policyId, false, groupId, setId, "")
777
778 // 记录到Cookie
779 this.setCookie(writer, setId, life)
780
781 writer.WriteHeader(http.StatusOK)
782 } else {
783 // 增加计数
784 CaptchaIncreaseFails(req, actionConfig, policyId, groupId, setId, CaptchaPageCodeSubmit, useLocalFirewall)
785
786 writer.WriteHeader(http.StatusBadRequest)
787 }
788 }()
789
790 if req.WAFRaw().Body == nil || req.WAFRaw().ContentLength <= 0 || req.WAFRaw().ContentLength > 2048 {
791 return false
792 }
793
794 data, err := io.ReadAll(req.WAFRaw().Body)
795 if err != nil {
796 return false
797 }
798
799 var m = maps.Map{}
800 err = json.Unmarshal(data, &m)
801 if err != nil {
802 return false
803 }
804
805 const GeeTestAPIServer = "https://gcaptcha4.geetest.com"
806 var GeeTestAPIURL = GeeTestAPIServer + "/validate" + "?captcha_id=" + geeTestConfig.CaptchaId
807
808 var lotNumber = m.GetString("lot_number")
809
810 var hash = hmac.New(sha256.New, []byte(geeTestConfig.CaptchaKey))
811 hash.Write([]byte(lotNumber))
812 var signToken = hex.EncodeToString(hash.Sum(nil))
813
814 var query = url.Values{
815 "lot_number": []string{lotNumber},
816 "captcha_output": []string{m.GetString("captcha_output")},

Callers 1

RunMethod · 0.95

Calls 12

setCookieMethod · 0.95
CaptchaDeleteCacheKeyFunction · 0.85
CaptchaIncreaseFailsFunction · 0.85
RecordIPMethod · 0.80
UnixMethod · 0.80
WAFServerIdMethod · 0.65
WAFRemoteIPMethod · 0.65
WriteHeaderMethod · 0.65
WAFRawMethod · 0.65
WriteMethod · 0.65
CloseMethod · 0.65
SumMethod · 0.45

Tested by

no test coverage detected