@adminforth/login-captcha 1.0.1

package/.woodpecker/buildRelease.sh

@@ -0,0 +1,13 @@
+
+#!/bin/bash
+
+# write npm run output both to console and to build.log
+npm run build 2>&1 | tee build.log
+build_status=${PIPESTATUS[0]}
+
+# if exist status from the npm run build is not 0
+# then exit with the status code from the npm run build
+if [ $build_status -ne 0 ]; then
+  echo "Build failed. Exiting with status code $build_status"
+  exit $build_status
+fi

package/.woodpecker/buildSlackNotify.sh

@@ -0,0 +1,44 @@
+#!/bin/sh
+
+set -x
+
+COMMIT_SHORT_SHA=$(echo $CI_COMMIT_SHA | cut -c1-8)
+
+
+if [ "$CI_PREV_PIPELINE_STATUS" = "success" ]; then
+  MESSAGE="Did a build without issues on \`$CI_REPO_NAME/$CI_COMMIT_BRANCH\`. Commit: _${CI_COMMIT_MESSAGE}_ (<$CI_COMMIT_URL|$COMMIT_SHORT_SHA>)"
+
+  curl  -s -X POST -H "Content-Type: application/json" -d '{
+    "username": "'"$CI_COMMIT_AUTHOR"'",
+    "icon_url": "'"$CI_COMMIT_AUTHOR_AVATAR"'",
+    "attachments": [
+      {
+          "mrkdwn_in": ["text", "pretext"],
+          "color": "#36a64f",
+          "text": "'"$MESSAGE"'"
+      }
+    ]
+  }' "$DEVELOPERS_SLACK_WEBHOOK"
+  exit 0
+fi
+export BUILD_LOG=$(cat ./build.log)
+
+BUILD_LOG=$(echo $BUILD_LOG | sed 's/"/\\"/g')
+
+MESSAGE="Broke \`$CI_REPO_NAME/$CI_COMMIT_BRANCH\` with commit _${CI_COMMIT_MESSAGE}_ (<$CI_COMMIT_URL|$COMMIT_SHORT_SHA>)"
+CODE_BLOCK="\`\`\`$BUILD_LOG\n\`\`\`"
+
+echo "Sending slack message to developers $MESSAGE"
+# Send the message
+curl -sS -X POST -H "Content-Type: application/json" -d '{
+  "username": "'"$CI_COMMIT_AUTHOR"'",
+  "icon_url": "'"$CI_COMMIT_AUTHOR_AVATAR"'",
+  "attachments": [
+    {
+        "mrkdwn_in": ["text", "pretext"],
+        "color": "#8A1C12",
+        "text": "'"$CODE_BLOCK"'",
+        "pretext": "'"$MESSAGE"'"
+    }
+  ]
+}' "$DEVELOPERS_SLACK_WEBHOOK" 2>&1

package/.woodpecker/release.yml

@@ -0,0 +1,40 @@
+clone:
+  git:
+    image: woodpeckerci/plugin-git
+    settings:
+      partial: false
+      depth: 5
+
+steps:
+  init-secrets:
+    when:
+      - event: push
+    image: infisical/cli
+    environment:
+      INFISICAL_TOKEN:
+        from_secret: VAULT_TOKEN
+    commands:
+      - infisical export --domain https://vault.devforth.io/api --format=dotenv-export --env="prod" > /woodpecker/deploy.vault.env
+
+  release:
+    image: node:20
+    when:
+      - event: push
+    commands:
+      - apt update && apt install -y rsync
+      - export $(cat /woodpecker/deploy.vault.env | xargs)
+      - npm clean-install
+      - /bin/bash ./.woodpecker/buildRelease.sh
+      - npm audit signatures
+      - npx semantic-release
+
+  slack-on-failure:
+    when:
+      - event: push
+        status: [failure, success]
+      - event: push
+    image: curlimages/curl
+    commands:
+      - export $(cat /woodpecker/deploy.vault.env | xargs)
+      - /bin/sh ./.woodpecker/buildSlackNotify.sh
+

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Devforth.io
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/build.log

@@ -0,0 +1,11 @@
+
+> @adminforth/login-captcha@1.0.55 build
+> tsc && rsync -av --exclude 'node_modules' custom dist/
+
+sending incremental file list
+custom/
+custom/CaptchaWidget.vue
+custom/tsconfig.json
+
+sent 1,753 bytes  received 58 bytes  3,622.00 bytes/sec
+total size is 1,536  speedup is 0.85

package/custom/CaptchaWidget.vue

@@ -0,0 +1,57 @@
+<template>
+
+    <div :id="props.meta.containerId"></div>
+
+</template>
+
+<script setup lang="ts">
+import { onMounted, ref } from 'vue';
+import { callAdminForthApi } from '@/utils';
+
+interface Props {
+  meta: {
+    renderWidgetFunctionName: string;
+    containerId: string;
+    adapterName: string;
+    siteKey: string;
+    pluginInstanceId: string;
+  };
+}
+
+const props = defineProps<Props>();
+
+const token = ref(null);
+const emit = defineEmits(
+  ["update:allowLoginClick"]
+)
+
+onMounted(() => {
+  const fnName = props.meta.renderWidgetFunctionName;
+  
+  const renderFn = (window as any)[fnName];
+  if (typeof renderFn === 'function') {
+    renderFn(props.meta.containerId, props.meta.siteKey, (receivedToken: string) => {
+      emit("update:allowLoginClick", true);
+      token.value = receivedToken;
+      setJWT(receivedToken);
+    });
+  } else {
+    console.warn(`Function ${fnName} not found on window`);
+  }
+});
+
+async function setJWT(token: string) {
+  try {
+    const res = await callAdminForthApi({
+      path: `/plugin/${props.meta.pluginInstanceId}/setToken`,
+      method: 'POST',
+      body: {
+        token,
+      },
+    });
+  } catch (error) {
+    console.error('Failed to validate token:', error);
+  }
+}
+
+</script>

package/custom/tsconfig.json

@@ -0,0 +1,16 @@
+{
+  "compilerOptions": {
+    "baseUrl": ".", // This should point to your project root
+    "paths": {
+      "@/*": [
+        "../node_modules/adminforth/dist/spa/src/*"
+      ],
+      "*": [
+        "../node_modules/adminforth/dist/spa/node_modules/*"
+      ],
+      "@@/*": [
+        "."
+      ]
+    }
+  }
+}

package/dist/custom/CaptchaWidget.vue

@@ -0,0 +1,57 @@
+<template>
+
+    <div :id="props.meta.containerId"></div>
+
+</template>
+
+<script setup lang="ts">
+import { onMounted, ref } from 'vue';
+import { callAdminForthApi } from '@/utils';
+
+interface Props {
+  meta: {
+    renderWidgetFunctionName: string;
+    containerId: string;
+    adapterName: string;
+    siteKey: string;
+    pluginInstanceId: string;
+  };
+}
+
+const props = defineProps<Props>();
+
+const token = ref(null);
+const emit = defineEmits(
+  ["update:allowLoginClick"]
+)
+
+onMounted(() => {
+  const fnName = props.meta.renderWidgetFunctionName;
+  
+  const renderFn = (window as any)[fnName];
+  if (typeof renderFn === 'function') {
+    renderFn(props.meta.containerId, props.meta.siteKey, (receivedToken: string) => {
+      emit("update:allowLoginClick", true);
+      token.value = receivedToken;
+      setJWT(receivedToken);
+    });
+  } else {
+    console.warn(`Function ${fnName} not found on window`);
+  }
+});
+
+async function setJWT(token: string) {
+  try {
+    const res = await callAdminForthApi({
+      path: `/plugin/${props.meta.pluginInstanceId}/setToken`,
+      method: 'POST',
+      body: {
+        token,
+      },
+    });
+  } catch (error) {
+    console.error('Failed to validate token:', error);
+  }
+}
+
+</script>

package/dist/custom/tsconfig.json

@@ -0,0 +1,16 @@
+{
+  "compilerOptions": {
+    "baseUrl": ".", // This should point to your project root
+    "paths": {
+      "@/*": [
+        "../node_modules/adminforth/dist/spa/src/*"
+      ],
+      "*": [
+        "../node_modules/adminforth/dist/spa/node_modules/*"
+      ],
+      "@@/*": [
+        "."
+      ]
+    }
+  }
+}

package/dist/index.js

@@ -0,0 +1,105 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import { AdminForthPlugin } from "adminforth";
+export default class CaptchaPlugin extends AdminForthPlugin {
+    constructor(options) {
+        super(options, import.meta.url);
+        this.options = options;
+    }
+    modifyResourceConfig(adminforth, resourceConfig) {
+        const _super = Object.create(null, {
+            modifyResourceConfig: { get: () => super.modifyResourceConfig }
+        });
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a;
+            _super.modifyResourceConfig.call(this, adminforth, resourceConfig);
+            if (!((_a = adminforth.config.customization) === null || _a === void 0 ? void 0 : _a.loginPageInjections)) {
+                adminforth.config.customization = Object.assign(Object.assign({}, adminforth.config.customization), { loginPageInjections: { underInputs: [], panelHeader: [] } });
+            }
+            ;
+            const adapter = this.options.captchaAdapter;
+            const adapterName = adapter.constructor.name;
+            adminforth.config.customization.loginPageInjections.underInputs.push({
+                file: this.componentPath('CaptchaWidget.vue'),
+                meta: {
+                    containerId: this.options.captchaAdapter.getWidgetId(),
+                    adapterName: adapterName,
+                    renderWidgetFunctionName: this.options.captchaAdapter.getRenderWidgetFunctionName(),
+                    siteKey: this.options.captchaAdapter.getSiteKey(),
+                    pluginInstanceId: this.pluginInstanceId
+                }
+            });
+            adminforth.config.customization.customHeadItems.push({
+                tagName: 'script',
+                attributes: { src: this.options.captchaAdapter.getScriptSrc(), async: 'true', defer: 'true' }
+            }, {
+                tagName: 'script',
+                attributes: { type: 'text/javascript' },
+                innerCode: this.options.captchaAdapter.getRenderWidgetCode()
+            });
+            const beforeLoginConfirmation = this.adminforth.config.auth.beforeLoginConfirmation;
+            const beforeLoginConfirmationArray = Array.isArray(beforeLoginConfirmation) ? beforeLoginConfirmation : [beforeLoginConfirmation];
+            beforeLoginConfirmationArray.push((_a) => __awaiter(this, [_a], void 0, function* ({ extra }) {
+                var _b;
+                if (!extra || !extra.cookies) {
+                    return {
+                        body: {
+                            allowedLogin: false,
+                            redirectTo: '/login',
+                        },
+                        ok: true
+                    };
+                }
+                const cookies = extra.cookies;
+                const token = (_b = cookies.find((cookie) => cookie.key === `adminforth_${adapterName}_temporaryJWT`)) === null || _b === void 0 ? void 0 : _b.value;
+                if (!token) {
+                    return {
+                        body: {
+                            allowedLogin: false,
+                            redirectTo: '/login',
+                        },
+                        ok: true
+                    };
+                }
+                const ip = this.adminforth.auth.getClientIp(extra.headers);
+                const validationResult = yield this.options.captchaAdapter.validate(token, ip);
+                console.log('Validation result:', validationResult);
+                if (!validationResult || !validationResult.success) {
+                    return {
+                        body: {
+                            allowedLogin: false,
+                            redirectTo: '/login',
+                        },
+                        ok: true
+                    };
+                }
+            }));
+        });
+    }
+    instanceUniqueRepresentation(pluginOptions) {
+        const adapter = this.options.captchaAdapter;
+        const adapterName = adapter.constructor.name;
+        return `CaptchaPlugin-${adapterName}-${this.options.captchaAdapter.getSiteKey()}`;
+    }
+    setupEndpoints(server) {
+        server.endpoint({
+            method: 'POST',
+            path: `/plugin/${this.pluginInstanceId}/setToken`,
+            noAuth: true,
+            handler: (_a) => __awaiter(this, [_a], void 0, function* ({ body, response }) {
+                const { token } = body;
+                const adapter = this.options.captchaAdapter;
+                const adapterName = adapter.constructor.name;
+                response.setHeader('Set-Cookie', `adminforth_${adapterName}_temporaryJWT=${token}; Path=${this.adminforth.config.baseUrl || '/'}; HttpOnly; SameSite=Strict; max-age=300; `);
+                return { ok: true };
+            })
+        });
+    }
+}

package/dist/types.js

@@ -0,0 +1 @@
+export {};

package/index.ts

@@ -0,0 +1,114 @@
+import { AdminForthPlugin } from "adminforth";
+import type { AdminForthResource, AdminUser, IAdminForth, IHttpServer, IAdminForthHttpResponse } from "adminforth";
+import type { PluginOptions } from './types.js';
+
+export default class CaptchaPlugin extends AdminForthPlugin {
+  options: PluginOptions;
+
+  constructor(options: PluginOptions) {
+    super(options, import.meta.url);
+    this.options = options;
+  }
+
+  async modifyResourceConfig(adminforth: IAdminForth, resourceConfig: AdminForthResource) {
+    super.modifyResourceConfig(adminforth, resourceConfig);
+    if (!adminforth.config.customization?.loginPageInjections) {
+      adminforth.config.customization = {
+        ...adminforth.config.customization,
+        loginPageInjections: { underInputs: [], panelHeader: [] }
+      };
+    };
+
+    const adapter = this.options.captchaAdapter;
+    const adapterName = adapter.constructor.name;    
+
+    adminforth.config.customization.loginPageInjections.underInputs.push({
+      file: this.componentPath('CaptchaWidget.vue'),
+      meta: {
+        containerId: this.options.captchaAdapter.getWidgetId(),
+        adapterName: adapterName,
+        renderWidgetFunctionName: this.options.captchaAdapter.getRenderWidgetFunctionName(),
+        siteKey: this.options.captchaAdapter.getSiteKey(),
+        pluginInstanceId: this.pluginInstanceId
+      }
+    });
+
+    adminforth.config.customization.customHeadItems.push(
+      {
+        tagName: 'script',
+        attributes: { src: this.options.captchaAdapter.getScriptSrc(), async: 'true', defer: 'true' }
+      },
+      {
+        tagName: 'script',
+        attributes: { type: 'text/javascript' },
+        innerCode: this.options.captchaAdapter.getRenderWidgetCode()
+      }
+    );
+
+    const beforeLoginConfirmation = this.adminforth.config.auth.beforeLoginConfirmation;
+    const beforeLoginConfirmationArray = Array.isArray(beforeLoginConfirmation) ? beforeLoginConfirmation : [beforeLoginConfirmation];
+    beforeLoginConfirmationArray.push(
+      async({ extra }: { adminUser: AdminUser, response: IAdminForthHttpResponse, extra?: any} )=> {
+        if ( !extra || !extra.cookies ) {
+          return {
+            body:{
+              allowedLogin: false,
+              redirectTo: '/login',
+            },
+            ok: true
+          }
+        }
+        const cookies = extra.cookies;
+        const token = cookies.find(
+          (cookie) => cookie.key === `adminforth_${adapterName}_temporaryJWT`
+        )?.value;
+        if ( !token ) {
+          return {
+            body:{
+              allowedLogin: false,
+              redirectTo: '/login',
+            },
+            ok: true
+          }
+        }
+
+        const ip = this.adminforth.auth.getClientIp(extra.headers);
+        const validationResult = await this.options.captchaAdapter.validate(token, ip);
+        console.log('Validation result:', validationResult);
+
+        if (!validationResult || !validationResult.success) {
+          return {
+            body:{
+              allowedLogin: false,
+              redirectTo: '/login',
+            },
+            ok: true
+          }
+        }
+      }
+    );
+  }
+
+  instanceUniqueRepresentation(pluginOptions: any) : string {
+    const adapter = this.options.captchaAdapter;
+    const adapterName = adapter.constructor.name;  
+    return `CaptchaPlugin-${adapterName}-${this.options.captchaAdapter.getSiteKey()}`;
+  }
+
+  setupEndpoints(server: IHttpServer) {
+    server.endpoint({
+      method: 'POST',
+      path: `/plugin/${this.pluginInstanceId}/setToken`,
+      noAuth: true,
+      handler: async ({ body, response }) => {
+        const { token } = body;
+
+        const adapter = this.options.captchaAdapter;
+        const adapterName = adapter.constructor.name;    
+
+        response.setHeader('Set-Cookie', `adminforth_${adapterName}_temporaryJWT=${token}; Path=${this.adminforth.config.baseUrl || '/'}; HttpOnly; SameSite=Strict; max-age=300; `);
+        return { ok: true };
+      }
+    });
+  }
+}

package/package.json

@@ -0,0 +1,50 @@
+{
+  "name": "@adminforth/login-captcha",
+  "version": "1.0.1",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "type": "module",
+  "publishConfig": {
+    "access": "public"
+  },
+  "scripts": {
+    "build": "tsc && rsync -av --exclude 'node_modules' custom dist/"
+  },
+  "keywords": [],
+  "author": "",
+  "license": "ISC",
+  "description": "",
+  "devDependencies": {
+    "@types/node": "latest",
+    "semantic-release": "^24.2.1",
+    "semantic-release-slack-bot": "^4.0.2",
+    "typescript": "^5.7.3"
+  },
+  "dependencies": {
+    "adminforth": "^2.4.0-next.184"
+  },
+  "release": {
+    "plugins": [
+      "@semantic-release/commit-analyzer",
+      "@semantic-release/release-notes-generator",
+      "@semantic-release/npm",
+      "@semantic-release/github",
+      [
+        "semantic-release-slack-bot",
+        {
+          "notifyOnSuccess": true,
+          "notifyOnFail": true,
+          "slackIcon": ":package:",
+          "markdownReleaseNotes": true
+        }
+      ]
+    ]
+  },
+  "branches": [
+    "main",
+    {
+      "name": "next",
+      "prerelease": true
+    }
+  ]
+}

package/tsconfig.json

@@ -0,0 +1,13 @@
+{
+    "compilerOptions": {
+      "target": "es2016",                                  /* Set the JavaScript language version for emitted JavaScript and include*/ 
+      "module": "node16",                                /* Specify what module code is generated. */
+      "outDir": "./dist",                                   /* Specify an output folder for all emitted files. */
+      "esModuleInterop": true,                             /* Emit additional JavaScript to ease support for importing CommonJS modules.  */
+      "forceConsistentCasingInFileNames": true,            /* Ensure that casing is correct in imports. */
+      "strict": false,                                     /* Enable all strict type-checking options. */
+      "skipLibCheck": true,                                 /* Skip type checking all .d.ts files. */
+    },
+    "exclude": ["node_modules", "dist", "custom"],           /* Exclude files from compilation. */
+  }
+  

package/types.ts

@@ -0,0 +1,5 @@
+import type { CaptchaAdapter } from "adminforth";
+
+export interface PluginOptions {
+    captchaAdapter: CaptchaAdapter;
+}