diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/invidious/users.cr | 7 | ||||
| -rw-r--r-- | src/invidious/views/login.ecr | 3 |
2 files changed, 8 insertions, 2 deletions
diff --git a/src/invidious/users.cr b/src/invidious/users.cr index 28879d23..7caefb7c 100644 --- a/src/invidious/users.cr +++ b/src/invidious/users.cr @@ -262,6 +262,10 @@ def validate_response(challenge, token, user_id, operation, key, db) end def generate_captcha(key, db) + second = Random::Secure.rand(12) + second_angle = second * 30 + second = second * 5 + minute = Random::Secure.rand(12) minute_angle = minute * 30 minute = minute * 5 @@ -290,6 +294,7 @@ def generate_captcha(key, db) <text x="50" y="15" text-anchor="middle" fill="black" font-family="Arial" font-size="10px">12</text> <circle cx="50" cy="50" r="3" fill="black"></circle> + <line id="second" transform="rotate(#{second_angle}, 50, 50)" x1="50" y1="50" x2="50" y2="12" fill="black" stroke="black" stroke-width="1"></line> <line id="minute" transform="rotate(#{minute_angle}, 50, 50)" x1="50" y1="50" x2="50" y2="16" fill="black" stroke="black" stroke-width="2"></line> <line id="hour" transform="rotate(#{hour_angle}, 50, 50)" x1="50" y1="50" x2="50" y2="24" fill="black" stroke="black" stroke-width="2"></line> </svg> @@ -303,7 +308,7 @@ def generate_captcha(key, db) image = "data:image/png;base64,#{image}" end - answer = "#{hour}:#{minute.to_s.rjust(2, '0')}" + answer = "#{hour}:#{minute.to_s.rjust(2, '0')}:#{second.to_s.rjust(2, '0')}" answer = OpenSSL::HMAC.hexdigest(:sha256, key, answer) challenge, token = create_response(answer, "sign_in", key, db) diff --git a/src/invidious/views/login.ecr b/src/invidious/views/login.ecr index 69f04ed2..f9c5029c 100644 --- a/src/invidious/views/login.ecr +++ b/src/invidious/views/login.ecr @@ -28,7 +28,8 @@ <img style="width:100%" src='<%= captcha.not_nil![:image] %>'/> <input type="hidden" name="token" value="<%= captcha.not_nil![:token] %>"> <input type="hidden" name="challenge" value="<%= captcha.not_nil![:challenge] %>"> - <input required type="text" name="answer" type="text" placeholder="h:mm"> + <label for="answer">Time (h:mm:ss):</label> + <input required type="text" name="answer" type="text" placeholder="h:mm:ss"> <label> <a href="/login?referer=<%= URI.escape(referer) %>&type=invidious&captcha=text">Text CAPTCHA</a> |