Revert "feat: CAPTCHA session ID"

This reverts commit 12c7473e
2025-06-17 04:31:22 +08:00 · 2025-02-25 13:07:47 -05:00
parent 2081abf335
commit eaec9574b2
6 changed files with 4 additions and 61 deletions
--- a/config_example/error_page/CAPTCHA.html
+++ b/config_example/error_page/CAPTCHA.html
@ -66,11 +66,6 @@
                      + "您未能通过人机验证，请刷新页面后重试。");
              window.location.reload();
              break;
-            case "timeout":
-              alert("Verification timeout, please refresh the page and try again.\n"
-                      + "验证超时，请刷新页面后重试。");
-              window.location.reload();
-              break;
            default:
              alert("Unexpected error occurred, please refresh the page and try again.\n"
                      + "发生了意料之外的错误，请刷新页面后重试。");
--- a/config_example/rules/CAPTCHA.yml
+++ b/config_example/rules/CAPTCHA.yml
@ -1,4 +1,3 @@
 secret_key: "0378b0f84c4310279918d71a5647ba5d"
 captcha_validate_time: 600
-captcha_challenge_timeout: 120
 hcaptcha_secret: ""
--- a/internal/check/Captcha.go
+++ b/internal/check/Captcha.go
@ -31,7 +31,7 @@ func Captcha(reqData dataType.UserRequest, ruleSet *config.RuleSet, decision *ac
 	}

 	if !verifyClearanceCookie(reqData, *ruleSet) {
-		decision.SetResponse(action.Done, []byte("CAPTCHA"), genSessionID(reqData, *ruleSet))
+		decision.SetCode(action.Done, []byte("CAPTCHA"))
 		return
 	}

@ -51,11 +51,6 @@ func CheckCaptcha(r *http.Request, reqData dataType.UserRequest, ruleSet *config
 		return
 	}

-	if !verifySessionCookie(reqData, *ruleSet) {
-		decision.SetResponse(action.Done, []byte("200"), []byte("timeout"))
-		return
-	}
-
 	data := url.Values{}
 	data.Set("secret", ruleSet.CAPTCHARule.HCaptchaSecret)
 	data.Set("response", hCaptchaResponse)
@ -98,42 +93,6 @@ func CheckCaptcha(r *http.Request, reqData dataType.UserRequest, ruleSet *config

 }

-func genSessionID(reqData dataType.UserRequest, ruleSet config.RuleSet) []byte {
-	timeNow := time.Now().Unix()
-	mac := hmac.New(sha512.New, []byte(ruleSet.CAPTCHARule.SecretKey))
-	mac.Write([]byte(fmt.Sprintf("%d%s%sCAPTCHA-SESSION-ID", timeNow, reqData.Host, reqData.UserAgent)))
-	return []byte(fmt.Sprintf("%s:%s", fmt.Sprintf("%d", time.Now().Unix()), fmt.Sprintf("%x", mac.Sum(nil))))
-}
-
-func verifySessionCookie(reqData dataType.UserRequest, ruleSet config.RuleSet) bool {
-	if reqData.ToriiSessionID == "" {
-		return false
-	}
-	parts := strings.Split(reqData.ToriiSessionID, ":")
-	if len(parts) != 2 {
-		return false
-	}
-	timestamp := parts[0]
-	expectedHash := parts[1]
-
-	timeNow := time.Now().Unix()
-	parsedTimestamp, err := strconv.ParseInt(timestamp, 10, 64)
-	if err != nil {
-		log.Printf("Error parsing timestamp: %v", err)
-		return false
-	}
-
-	if timeNow-parsedTimestamp > ruleSet.CAPTCHARule.CaptchaChallengeTimeout {
-		return false
-	}
-
-	mac := hmac.New(sha512.New, []byte(ruleSet.CAPTCHARule.SecretKey))
-	mac.Write([]byte(fmt.Sprintf("%d%s%sCAPTCHA-SESSION-ID", parsedTimestamp, reqData.Host, reqData.UserAgent)))
-	computedHash := fmt.Sprintf("%x", mac.Sum(nil))
-
-	return hmac.Equal([]byte(computedHash), []byte(expectedHash))
-}
-
 func GenClearance(reqData dataType.UserRequest, ruleSet config.RuleSet) []byte {
 	timeNow := time.Now().Unix()
 	mac := hmac.New(sha512.New, []byte(ruleSet.CAPTCHARule.SecretKey))
--- a/internal/dataType/type.go
+++ b/internal/dataType/type.go
@ -11,8 +11,7 @@ type UserRequest struct {
 }

 type CaptchaRule struct {
-	SecretKey               string `yaml:"secret_key"`
-	CaptchaValidateTime     int64  `yaml:"captcha_validate_time"`
-	CaptchaChallengeTimeout int64  `yaml:"captcha_challenge_timeout"`
-	HCaptchaSecret          string `yaml:"hcaptcha_secret"`
+	SecretKey           string `yaml:"secret_key"`
+	CaptchaValidateTime int64  `yaml:"captcha_validate_time"`
+	HCaptchaSecret      string `yaml:"hcaptcha_secret"`
 }
--- a/internal/server/checker.go
+++ b/internal/server/checker.go
@ -70,7 +70,6 @@ func CheckMain(w http.ResponseWriter, userRequestData dataType.UserRequest, rule
 			http.Error(w, "500 - Internal Server Error", http.StatusInternalServerError)
 			return
 		}
-		w.Header().Set("Set-Cookie", "__torii_session_id="+string(decision.ResponseData)+"; Path=/; Max-Age=86400; Priority=High; HttpOnly;")
 		w.Header().Set("Content-Type", "text/html; charset=utf-8")
 		w.WriteHeader(http.StatusServiceUnavailable)
 		if err = tpl.Execute(w, nil); err != nil {
--- a/internal/server/torii.go
+++ b/internal/server/torii.go
@ -36,14 +36,6 @@ func CheckTorii(w http.ResponseWriter, r *http.Request, reqData dataType.UserReq
 				log.Printf("Error writing response: %v", err)
 				return
 			}
-		} else if bytes.Compare(decision.ResponseData, []byte("timeout")) == 0 {
-			w.WriteHeader(http.StatusOK)
-			_, err := w.Write([]byte("timeout"))
-			if err != nil {
-				log.Printf("Error writing response: %v", err)
-				return
-			}
-			return
 		} else {
 			//should not be here
 			w.WriteHeader(http.StatusInternalServerError)