fatchan
/
jschan
mirror of https://gitgud.io/fatchan/jschan.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

throw error properly when captcha error occurs + more random trip salt

Browse Source
merge-requests/208/head
fatchan 5 years ago
parent 72391e0558
commit 77954769ff
4 changed files with 9 additions and 7 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      gulp/res/css/style.css
  2. 2
      helpers/captchagenerate.js
  3. 7
      helpers/tripcode.js
  4. 4
      models/forms/make-post.js

3
gulp/res/css/style.css
Unescape View File

@ -265,8 +265,7 @@ blockquote {
text-align: center;
margin: 2px;
margin-top: 0px;
max-width: 128px;
word-break: break-all;
/*max-width: 128px;*/
}
.post-file-src {

2
helpers/captchagenerate.js
Unescape View File

@ -32,7 +32,7 @@ module.exports = (text, captchaId) => {
.quality(30)
.write(`./uploads/captcha/${captchaId}.jpg`, (err) => {
if (err) {
return reject();
return reject(err);
}
return resolve();
});

7
helpers/tripcode.js
Unescape View File

@ -1,7 +1,9 @@
'use strict';
const Tripcodes = require(__dirname+'/../db/trips.js')
, crypto = require('crypto');
, util = require('util')
, crypto = require('crypto')
, randomBytes = util.promisify(crypto.randomBytes);
module.exports = async (password) => {
@ -12,7 +14,8 @@ module.exports = async (password) => {
}
//fix, not sure how secure
const fullTripCodeHash = crypto.createHash('sha256').update(password + Math.random()).digest('base64');
const salt = (await randomBytes(128)).toString('hex');
const fullTripCodeHash = crypto.createHash('sha256').update(password + salt).digest('base64');
const trip = fullTripCodeHash.substring(fullTripCodeHash.length-10);
await Tripcodes.insertOne(password, trip);
return trip;

4
models/forms/make-post.js
Unescape View File

@ -48,6 +48,8 @@ module.exports = async (req, res, next, numFiles) => {
'redirect': redirect
});
}
salt = thread.salt;
redirect += `/thread/${req.body.thread}`
if (thread.locked && !hasPerms) {
return res.status(400).render('message', {
'title': 'Bad request',
@ -62,8 +64,6 @@ module.exports = async (req, res, next, numFiles) => {
'redirect': redirect
});
}
salt = thread.salt;
redirect += `/thread/${req.body.thread}`
}
let files = [];
// if we got a file

Write Preview
Loading…
Cancel
Save