npm - @prosopo/provider - Versions diffs - 3.1.3 → 3.2.1 - Mend

@prosopo/provider 3.1.3 → 3.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (227) hide show

package/dist/api/captcha.js CHANGED Viewed

@@ -1,378 +1,541 @@
 import { handleErrors } from "@prosopo/api-express-router";
 import { ProsopoApiError } from "@prosopo/common";
 import { parseCaptchaAssets } from "@prosopo/datasets";
-import { ApiParams, CaptchaRequestBody, CaptchaSolutionBody, CaptchaType, ClientApiPaths, GetFrictionlessCaptchaChallengeRequestBody, GetPowCaptchaChallengeRequestBody, SubmitPowCaptchaSolutionBody, } from "@prosopo/types";
-import { flatten, getIPAddress } from "@prosopo/util";
+import { ClientApiPaths, CaptchaRequestBody, CaptchaType, ApiParams, CaptchaSolutionBody, GetPowCaptchaChallengeRequestBody, SubmitPowCaptchaSolutionBody, GetFrictionlessCaptchaChallengeRequestBody } from "@prosopo/types";
+import { getIPAddress, flatten } from "@prosopo/util";
 import express from "express";
 import { FrictionlessManager } from "../tasks/frictionless/frictionlessTasks.js";
 import { Tasks } from "../tasks/tasks.js";
 import { getRequestUserScope } from "./blacklistRequestInspector.js";
-import { validateAddr, validateSiteKey } from "./validateAddress.js";
+import { validateSiteKey, validateAddr } from "./validateAddress.js";
 const DEFAULT_FRICTIONLESS_THRESHOLD = 0.5;
-export function prosopoRouter(env) {
-    const router = express.Router();
-    const userAccessRulesStorage = env.getDb().getUserAccessRulesStorage();
-    router.post(ClientApiPaths.GetImageCaptchaChallenge, async (req, res, next) => {
-        const tasks = new Tasks(env, req.logger);
-        let parsed;
-        if (!req.ip) {
-            return next(new ProsopoApiError("API.BAD_REQUEST", {
-                context: { code: 400, error: "IP address not found" },
-                i18n: req.i18n,
-                logger: req.logger,
-            }));
-        }
-        const ipAddress = getIPAddress(req.ip || "");
-        try {
-            parsed = CaptchaRequestBody.parse(req.body);
-        }
-        catch (err) {
-            return next(new ProsopoApiError("CAPTCHA.PARSE_ERROR", {
-                context: { code: 400, error: err },
-                i18n: req.i18n,
-                logger: req.logger,
-            }));
-        }
-        const { datasetId, user, dapp, sessionId } = parsed;
-        validateSiteKey(dapp);
-        validateAddr(user);
-        try {
-            const clientRecord = await tasks.db.getClientRecord(dapp);
-            if (!clientRecord) {
-                return next(new ProsopoApiError("API.SITE_KEY_NOT_REGISTERED", {
-                    context: { code: 400, siteKey: dapp },
-                    i18n: req.i18n,
-                    logger: req.logger,
-                }));
-            }
-            const { valid, reason, frictionlessTokenId } = await tasks.imgCaptchaManager.isValidRequest(clientRecord, CaptchaType.image, sessionId);
-            if (!valid) {
-                return next(new ProsopoApiError(reason || "API.BAD_REQUEST", {
-                    context: {
-                        code: 400,
-                        siteKey: dapp,
-                        user,
-                    },
-                    i18n: req.i18n,
-                    logger: req.logger,
-                }));
-            }
-            const userScope = getRequestUserScope(flatten(req.headers), req.ja4, req.ip, user);
-            const userAccessPolicy = (await tasks.imgCaptchaManager.getPrioritisedAccessPolicies(userAccessRulesStorage, dapp, userScope))[0];
-            const captchaConfig = {
-                solved: {
-                    count: userAccessPolicy?.solvedImagesCount ||
-                        env.config.captchas.solved.count,
-                },
-                unsolved: {
-                    count: userAccessPolicy?.unsolvedImagesCount ||
-                        env.config.captchas.unsolved.count,
-                },
-            };
-            const taskData = await tasks.imgCaptchaManager.getRandomCaptchasAndRequestHash(datasetId, user, ipAddress, captchaConfig, clientRecord.settings.imageThreshold ?? 0.8, frictionlessTokenId);
-            const captchaResponse = {
-                [ApiParams.status]: "ok",
-                [ApiParams.captchas]: taskData.captchas.map((captcha) => ({
-                    ...captcha,
-                    target: req.t(`TARGET.${captcha.target}`),
-                    items: captcha.items.map((item) => parseCaptchaAssets(item, env.assetsResolver)),
-                })),
-                [ApiParams.requestHash]: taskData.requestHash,
-                [ApiParams.timestamp]: taskData.timestamp.toString(),
-                [ApiParams.signature]: {
-                    [ApiParams.provider]: {
-                        [ApiParams.requestHash]: taskData.signedRequestHash,
-                    },
-                },
-            };
-            return res.json(captchaResponse);
+function prosopoRouter(env) {
+  const router = express.Router();
+  const userAccessRulesStorage = env.getDb().getUserAccessRulesStorage();
+  router.post(
+    ClientApiPaths.GetImageCaptchaChallenge,
+    async (req, res, next) => {
+      const tasks = new Tasks(env, req.logger);
+      let parsed;
+      if (!req.ip) {
+        return next(
+          new ProsopoApiError("API.BAD_REQUEST", {
+            context: { code: 400, error: "IP address not found" },
+            i18n: req.i18n,
+            logger: req.logger
+          })
+        );
+      }
+      const ipAddress = getIPAddress(req.ip || "");
+      try {
+        parsed = CaptchaRequestBody.parse(req.body);
+      } catch (err) {
+        return next(
+          new ProsopoApiError("CAPTCHA.PARSE_ERROR", {
+            context: { code: 400, error: err },
+            i18n: req.i18n,
+            logger: req.logger
+          })
+        );
+      }
+      const { datasetId, user, dapp, sessionId } = parsed;
+      validateSiteKey(dapp);
+      validateAddr(user);
+      try {
+        const clientRecord = await tasks.db.getClientRecord(dapp);
+        if (!clientRecord) {
+          return next(
+            new ProsopoApiError("API.SITE_KEY_NOT_REGISTERED", {
+              context: { code: 400, siteKey: dapp },
+              i18n: req.i18n,
+              logger: req.logger
+            })
+          );
         }
-        catch (err) {
-            req.logger.error(() => ({
-                err,
-                data: req.params,
-                msg: "Error in PoW captcha solution submission",
-            }));
-            return next(new ProsopoApiError("API.BAD_REQUEST", {
-                context: {
-                    error: err,
-                    code: 500,
-                    params: req.params,
-                    context: err,
-                },
-                i18n: req.i18n,
-                logger: req.logger,
-            }));
+        const userScope = getRequestUserScope(
+          flatten(req.headers),
+          req.ja4,
+          req.ip,
+          user
+        );
+        const userAccessPolicy = (await tasks.imgCaptchaManager.getPrioritisedAccessPolicies(
+          userAccessRulesStorage,
+          dapp,
+          userScope
+        ))[0];
+        const { valid, reason, frictionlessTokenId } = await tasks.imgCaptchaManager.isValidRequest(
+          clientRecord,
+          CaptchaType.image,
+          sessionId,
+          userAccessPolicy
+        );
+        if (!valid) {
+          return next(
+            new ProsopoApiError(reason || "API.BAD_REQUEST", {
+              context: {
+                code: 400,
+                siteKey: dapp,
+                user
+              },
+              i18n: req.i18n,
+              logger: req.logger
+            })
+          );
         }
-    });
-    router.post(ClientApiPaths.SubmitImageCaptchaSolution, async (req, res, next) => {
-        const tasks = new Tasks(env, req.logger);
-        let parsed;
-        try {
-            parsed = CaptchaSolutionBody.parse(req.body);
-        }
-        catch (err) {
-            return next(new ProsopoApiError("CAPTCHA.PARSE_ERROR", {
-                context: { code: 400, error: err, body: req.body },
-                i18n: req.i18n,
-                logger: req.logger,
-            }));
-        }
-        const { user, dapp } = parsed;
-        validateSiteKey(dapp);
-        validateAddr(user);
-        try {
-            const clientRecord = await tasks.db.getClientRecord(parsed.dapp);
-            if (!clientRecord) {
-                return next(new ProsopoApiError("API.SITE_KEY_NOT_REGISTERED", {
-                    context: { code: 400, siteKey: dapp },
-                    i18n: req.i18n,
-                    logger: req.logger,
-                }));
+        const captchaConfig = {
+          solved: {
+            count: userAccessPolicy?.solvedImagesCount || env.config.captchas.solved.count
+          },
+          unsolved: {
+            count: userAccessPolicy?.unsolvedImagesCount || env.config.captchas.unsolved.count
+          }
+        };
+        const taskData = await tasks.imgCaptchaManager.getRandomCaptchasAndRequestHash(
+          datasetId,
+          user,
+          ipAddress,
+          captchaConfig,
+          clientRecord.settings.imageThreshold ?? 0.8,
+          frictionlessTokenId
+        );
+        const captchaResponse = {
+          [ApiParams.status]: "ok",
+          [ApiParams.captchas]: taskData.captchas.map((captcha) => ({
+            ...captcha,
+            target: req.t(`TARGET.${captcha.target}`),
+            items: captcha.items.map(
+              (item) => parseCaptchaAssets(item, env.assetsResolver)
+            )
+          })),
+          [ApiParams.requestHash]: taskData.requestHash,
+          [ApiParams.timestamp]: taskData.timestamp.toString(),
+          [ApiParams.signature]: {
+            [ApiParams.provider]: {
+              [ApiParams.requestHash]: taskData.signedRequestHash
             }
-            const result = await tasks.imgCaptchaManager.dappUserSolution(user, dapp, parsed[ApiParams.requestHash], parsed[ApiParams.captchas], parsed[ApiParams.signature].user.timestamp, Number.parseInt(parsed[ApiParams.timestamp]), parsed[ApiParams.signature].provider.requestHash, getIPAddress(req.ip || "").bigInt(), flatten(req.headers), req.ja4);
-            const returnValue = {
-                status: req.i18n.t(result.verified ? "API.CAPTCHA_PASSED" : "API.CAPTCHA_FAILED"),
-                ...result,
-            };
-            return res.json(returnValue);
+          }
+        };
+        return res.json(captchaResponse);
+      } catch (err) {
+        req.logger.error(() => ({
+          err,
+          data: req.params,
+          msg: "Error in PoW captcha solution submission"
+        }));
+        return next(
+          new ProsopoApiError("API.BAD_REQUEST", {
+            context: {
+              error: err,
+              code: 500,
+              params: req.params,
+              context: err
+            },
+            i18n: req.i18n,
+            logger: req.logger
+          })
+        );
+      }
+    }
+  );
+  router.post(
+    ClientApiPaths.SubmitImageCaptchaSolution,
+    async (req, res, next) => {
+      const tasks = new Tasks(env, req.logger);
+      let parsed;
+      try {
+        parsed = CaptchaSolutionBody.parse(req.body);
+      } catch (err) {
+        return next(
+          new ProsopoApiError("CAPTCHA.PARSE_ERROR", {
+            context: { code: 400, error: err, body: req.body },
+            i18n: req.i18n,
+            logger: req.logger
+          })
+        );
+      }
+      const { user, dapp } = parsed;
+      validateSiteKey(dapp);
+      validateAddr(user);
+      try {
+        const clientRecord = await tasks.db.getClientRecord(parsed.dapp);
+        if (!clientRecord) {
+          return next(
+            new ProsopoApiError("API.SITE_KEY_NOT_REGISTERED", {
+              context: { code: 400, siteKey: dapp },
+              i18n: req.i18n,
+              logger: req.logger
+            })
+          );
         }
-        catch (err) {
-            req.logger.error(() => ({
-                err,
-                body: req.body,
-                msg: "Error in PoW captcha solution submission",
-            }));
-            return next(new ProsopoApiError("API.BAD_REQUEST", {
-                context: {
-                    code: 500,
-                    siteKey: req.body.dapp,
-                    error: err,
-                },
-                i18n: req.i18n,
-                logger: req.logger,
-            }));
+        const result = await tasks.imgCaptchaManager.dappUserSolution(
+          user,
+          dapp,
+          parsed[ApiParams.requestHash],
+          parsed[ApiParams.captchas],
+          parsed[ApiParams.signature].user.timestamp,
+          Number.parseInt(parsed[ApiParams.timestamp]),
+          parsed[ApiParams.signature].provider.requestHash,
+          getIPAddress(req.ip || "").bigInt(),
+          flatten(req.headers),
+          req.ja4
+        );
+        const returnValue = {
+          status: req.i18n.t(
+            result.verified ? "API.CAPTCHA_PASSED" : "API.CAPTCHA_FAILED"
+          ),
+          ...result
+        };
+        return res.json(returnValue);
+      } catch (err) {
+        req.logger.error(() => ({
+          err,
+          body: req.body,
+          msg: "Error in PoW captcha solution submission"
+        }));
+        return next(
+          new ProsopoApiError("API.BAD_REQUEST", {
+            context: {
+              code: 500,
+              siteKey: req.body.dapp,
+              error: err
+            },
+            i18n: req.i18n,
+            logger: req.logger
+          })
+        );
+      }
+    }
+  );
+  router.post(ClientApiPaths.GetPowCaptchaChallenge, async (req, res, next) => {
+    let parsed;
+    const tasks = new Tasks(env);
+    tasks.setLogger(req.logger);
+    try {
+      parsed = GetPowCaptchaChallengeRequestBody.parse(req.body);
+    } catch (err) {
+      return next(
+        new ProsopoApiError("CAPTCHA.PARSE_ERROR", {
+          context: { code: 400, error: err },
+          i18n: req.i18n,
+          logger: req.logger
+        })
+      );
+    }
+    const { user, dapp, sessionId } = parsed;
+    validateSiteKey(dapp);
+    validateAddr(user);
+    try {
+      const clientSettings = await tasks.db.getClientRecord(dapp);
+      if (!clientSettings) {
+        return next(
+          new ProsopoApiError("API.SITE_KEY_NOT_REGISTERED", {
+            context: { code: 400, siteKey: dapp },
+            i18n: req.i18n,
+            logger: req.logger
+          })
+        );
+      }
+      const userScope = getRequestUserScope(
+        flatten(req.headers),
+        req.ja4,
+        req.ip,
+        user
+      );
+      const userAccessPolicy = (await tasks.powCaptchaManager.getPrioritisedAccessPolicies(
+        userAccessRulesStorage,
+        dapp,
+        userScope
+      ))[0];
+      const { valid, reason, frictionlessTokenId } = await tasks.powCaptchaManager.isValidRequest(
+        clientSettings,
+        CaptchaType.pow,
+        sessionId,
+        userAccessPolicy
+      );
+      if (!valid) {
+        return next(
+          new ProsopoApiError(reason || "API.BAD_REQUEST", {
+            context: {
+              code: 400,
+              siteKey: dapp,
+              user
+            },
+            i18n: req.i18n,
+            logger: req.logger
+          })
+        );
+      }
+      const origin = req.headers.origin;
+      if (!origin) {
+        return next(
+          new ProsopoApiError("API.BAD_REQUEST", {
+            context: {
+              error: "Origin header not found",
+              code: 400,
+              siteKey: dapp,
+              user
+            },
+            i18n: req.i18n,
+            logger: req.logger
+          })
+        );
+      }
+      const challenge = await tasks.powCaptchaManager.getPowCaptchaChallenge(
+        user,
+        dapp,
+        origin,
+        userAccessPolicy?.powDifficulty || clientSettings?.settings?.powDifficulty
+      );
+      await tasks.db.storePowCaptchaRecord(
+        challenge.challenge,
+        {
+          requestedAtTimestamp: challenge.requestedAtTimestamp,
+          userAccount: user,
+          dappAccount: dapp
+        },
+        challenge.difficulty,
+        challenge.providerSignature,
+        getIPAddress(req.ip || "").bigInt(),
+        flatten(req.headers),
+        req.ja4,
+        frictionlessTokenId
+      );
+      const getPowCaptchaResponse = {
+        [ApiParams.status]: "ok",
+        [ApiParams.challenge]: challenge.challenge,
+        [ApiParams.difficulty]: challenge.difficulty,
+        [ApiParams.timestamp]: challenge.requestedAtTimestamp.toString(),
+        [ApiParams.signature]: {
+          [ApiParams.provider]: {
+            [ApiParams.challenge]: challenge.providerSignature
+          }
         }
-    });
-    router.post(ClientApiPaths.GetPowCaptchaChallenge, async (req, res, next) => {
-        let parsed;
-        const tasks = new Tasks(env);
-        tasks.setLogger(req.logger);
-        try {
-            parsed = GetPowCaptchaChallengeRequestBody.parse(req.body);
+      };
+      return res.json(getPowCaptchaResponse);
+    } catch (err) {
+      req.logger.error(() => ({
+        err,
+        body: req.body,
+        msg: "Error in PoW captcha solution submission"
+      }));
+      return next(
+        new ProsopoApiError("API.BAD_REQUEST", {
+          context: {
+            code: 500,
+            siteKey: req.body.dapp,
+            user: req.body.user,
+            error: err
+          },
+          i18n: req.i18n,
+          logger: req.logger
+        })
+      );
+    }
+  });
+  router.post(
+    ClientApiPaths.SubmitPowCaptchaSolution,
+    async (req, res, next) => {
+      let parsed;
+      const tasks = new Tasks(env, req.logger);
+      try {
+        parsed = SubmitPowCaptchaSolutionBody.parse(req.body);
+      } catch (err) {
+        return next(
+          new ProsopoApiError("CAPTCHA.PARSE_ERROR", {
+            context: { code: 400, error: err, body: req.body },
+            i18n: req.i18n,
+            logger: req.logger
+          })
+        );
+      }
+      const {
+        challenge,
+        difficulty,
+        signature,
+        nonce,
+        verifiedTimeout,
+        dapp,
+        user
+      } = parsed;
+      validateSiteKey(dapp);
+      validateAddr(user);
+      try {
+        const clientRecord = await tasks.db.getClientRecord(dapp);
+        if (!clientRecord) {
+          return next(
+            new ProsopoApiError("API.SITE_KEY_NOT_REGISTERED", {
+              context: { code: 400, siteKey: dapp },
+              i18n: req.i18n,
+              logger: req.logger
+            })
+          );
         }
-        catch (err) {
-            return next(new ProsopoApiError("CAPTCHA.PARSE_ERROR", {
-                context: { code: 400, error: err },
-                i18n: req.i18n,
-                logger: req.logger,
-            }));
-        }
-        const { user, dapp, sessionId } = parsed;
-        validateSiteKey(dapp);
-        validateAddr(user);
-        try {
-            const clientSettings = await tasks.db.getClientRecord(dapp);
-            if (!clientSettings) {
-                return next(new ProsopoApiError("API.SITE_KEY_NOT_REGISTERED", {
-                    context: { code: 400, siteKey: dapp },
-                    i18n: req.i18n,
-                    logger: req.logger,
-                }));
-            }
-            const { valid, reason, frictionlessTokenId } = await tasks.powCaptchaManager.isValidRequest(clientSettings, CaptchaType.pow, sessionId);
-            if (!valid) {
-                return next(new ProsopoApiError(reason || "API.BAD_REQUEST", {
-                    context: {
-                        code: 400,
-                        siteKey: dapp,
-                        user,
-                    },
-                    i18n: req.i18n,
-                    logger: req.logger,
-                }));
-            }
-            const origin = req.headers.origin;
-            if (!origin) {
-                return next(new ProsopoApiError("API.BAD_REQUEST", {
-                    context: {
-                        error: "Origin header not found",
-                        code: 400,
-                        siteKey: dapp,
-                        user,
-                    },
-                    i18n: req.i18n,
-                    logger: req.logger,
-                }));
-            }
-            const userScope = getRequestUserScope(flatten(req.headers), req.ja4, req.ip, user);
-            const userAccessPolicy = (await tasks.powCaptchaManager.getPrioritisedAccessPolicies(userAccessRulesStorage, dapp, userScope))[0];
-            const challenge = await tasks.powCaptchaManager.getPowCaptchaChallenge(user, dapp, origin, userAccessPolicy?.powDifficulty ||
-                clientSettings?.settings?.powDifficulty);
-            await tasks.db.storePowCaptchaRecord(challenge.challenge, {
-                requestedAtTimestamp: challenge.requestedAtTimestamp,
-                userAccount: user,
-                dappAccount: dapp,
-            }, challenge.difficulty, challenge.providerSignature, getIPAddress(req.ip || "").bigInt(), flatten(req.headers), req.ja4, frictionlessTokenId);
-            const getPowCaptchaResponse = {
-                [ApiParams.status]: "ok",
-                [ApiParams.challenge]: challenge.challenge,
-                [ApiParams.difficulty]: challenge.difficulty,
-                [ApiParams.timestamp]: challenge.requestedAtTimestamp.toString(),
-                [ApiParams.signature]: {
-                    [ApiParams.provider]: {
-                        [ApiParams.challenge]: challenge.providerSignature,
-                    },
-                },
-            };
-            return res.json(getPowCaptchaResponse);
-        }
-        catch (err) {
-            req.logger.error(() => ({
-                err,
-                body: req.body,
-                msg: "Error in PoW captcha solution submission",
-            }));
-            return next(new ProsopoApiError("API.BAD_REQUEST", {
-                context: {
-                    code: 500,
-                    siteKey: req.body.dapp,
-                    user: req.body.user,
-                    error: err,
-                },
-                i18n: req.i18n,
-                logger: req.logger,
-            }));
-        }
-    });
-    router.post(ClientApiPaths.SubmitPowCaptchaSolution, async (req, res, next) => {
-        let parsed;
+        const verified = await tasks.powCaptchaManager.verifyPowCaptchaSolution(
+          challenge,
+          difficulty,
+          signature.provider.challenge,
+          nonce,
+          verifiedTimeout,
+          signature.user.timestamp,
+          getIPAddress(req.ip || ""),
+          flatten(req.headers)
+        );
+        const response = { status: "ok", verified };
+        return res.json(response);
+      } catch (err) {
+        req.logger.error(() => ({
+          err,
+          body: req.body,
+          msg: "Error in PoW captcha solution submission"
+        }));
+        return next(
+          new ProsopoApiError("API.BAD_REQUEST", {
+            context: {
+              code: 500,
+              siteKey: req.body.dapp,
+              error: err
+            },
+            i18n: req.i18n,
+            logger: req.logger
+          })
+        );
+      }
+    }
+  );
+  router.post(
+    ClientApiPaths.GetFrictionlessCaptchaChallenge,
+    async (req, res, next) => {
+      try {
         const tasks = new Tasks(env, req.logger);
-        try {
-            parsed = SubmitPowCaptchaSolutionBody.parse(req.body);
+        const { token, dapp, user } = GetFrictionlessCaptchaChallengeRequestBody.parse(req.body);
+        const existingToken = await tasks.db.getFrictionlessTokenRecordByToken(token);
+        if (existingToken) {
+          req.logger.info(() => ({
+            token: existingToken,
+            msg: "Token has already been used"
+          }));
+          return res.json(
+            await tasks.frictionlessManager.sendImageCaptcha(
+              existingToken._id
+            )
+          );
         }
-        catch (err) {
-            return next(new ProsopoApiError("CAPTCHA.PARSE_ERROR", {
-                context: { code: 400, error: err, body: req.body },
-                i18n: req.i18n,
-                logger: req.logger,
-            }));
+        const lScore = tasks.frictionlessManager.checkLangRules(
+          req.headers["accept-language"] || ""
+        );
+        const { baseBotScore, timestamp } = await tasks.frictionlessManager.decryptPayload(token);
+        const botScore = baseBotScore + lScore;
+        const clientRecord = await tasks.db.getClientRecord(dapp);
+        if (!clientRecord) {
+          return next(
+            new ProsopoApiError("API.SITE_KEY_NOT_REGISTERED", {
+              context: { code: 400, siteKey: dapp },
+              i18n: req.i18n,
+              logger: req.logger
+            })
+          );
         }
-        const { challenge, difficulty, signature, nonce, verifiedTimeout, dapp, user, } = parsed;
-        validateSiteKey(dapp);
-        validateAddr(user);
-        try {
-            const clientRecord = await tasks.db.getClientRecord(dapp);
-            if (!clientRecord) {
-                return next(new ProsopoApiError("API.SITE_KEY_NOT_REGISTERED", {
-                    context: { code: 400, siteKey: dapp },
-                    i18n: req.i18n,
-                    logger: req.logger,
-                }));
-            }
-            const verified = await tasks.powCaptchaManager.verifyPowCaptchaSolution(challenge, difficulty, signature.provider.challenge, nonce, verifiedTimeout, signature.user.timestamp, getIPAddress(req.ip || ""), flatten(req.headers));
-            const response = { status: "ok", verified };
-            return res.json(response);
+        const { valid, reason } = await tasks.frictionlessManager.isValidRequest(
+          clientRecord,
+          CaptchaType.frictionless
+        );
+        if (!valid) {
+          return next(
+            new ProsopoApiError(reason || "API.BAD_REQUEST", {
+              context: {
+                code: 400,
+                siteKey: dapp,
+                user
+              },
+              i18n: req.i18n,
+              logger: req.logger
+            })
+          );
         }
-        catch (err) {
-            req.logger.error(() => ({
-                err,
-                body: req.body,
-                msg: "Error in PoW captcha solution submission",
-            }));
-            return next(new ProsopoApiError("API.BAD_REQUEST", {
-                context: {
-                    code: 500,
-                    siteKey: req.body.dapp,
-                    error: err,
-                },
-                i18n: req.i18n,
-                logger: req.logger,
-            }));
+        const botThreshold = clientRecord.settings?.frictionlessThreshold || DEFAULT_FRICTIONLESS_THRESHOLD;
+        const tokenId = await tasks.db.storeFrictionlessTokenRecord({
+          token,
+          score: botScore,
+          threshold: botThreshold,
+          scoreComponents: {
+            baseScore: baseBotScore,
+            ...lScore && { lScore }
+          }
+        });
+        const userScope = getRequestUserScope(
+          flatten(req.headers),
+          req.ja4,
+          req.ip,
+          user
+        );
+        const userAccessPolicy = (await tasks.frictionlessManager.getPrioritisedAccessPolicies(
+          userAccessRulesStorage,
+          dapp,
+          userScope
+        ))[0];
+        if (userAccessPolicy) {
+          await tasks.frictionlessManager.scoreIncreaseAccessPolicy(
+            userAccessPolicy,
+            baseBotScore,
+            botScore,
+            tokenId
+          );
+          if (userAccessPolicy.captchaType === CaptchaType.image) {
+            return res.json(
+              await tasks.frictionlessManager.sendImageCaptcha(tokenId)
+            );
+          }
+          if (userAccessPolicy.captchaType === CaptchaType.pow) {
+            return res.json(
+              await tasks.frictionlessManager.sendPowCaptcha(tokenId)
+            );
+          }
         }
-    });
-    router.post(ClientApiPaths.GetFrictionlessCaptchaChallenge, async (req, res, next) => {
-        try {
-            const tasks = new Tasks(env, req.logger);
-            const { token, dapp, user } = GetFrictionlessCaptchaChallengeRequestBody.parse(req.body);
-            const existingToken = await tasks.db.getFrictionlessTokenRecordByToken(token);
-            if (existingToken) {
-                req.logger.info(() => ({
-                    token: existingToken,
-                    msg: "Token has already been used",
-                }));
-                return res.json(await tasks.frictionlessManager.sendImageCaptcha(existingToken._id));
-            }
-            const lScore = tasks.frictionlessManager.checkLangRules(req.headers["accept-language"] || "");
-            const { baseBotScore, timestamp } = await tasks.frictionlessManager.decryptPayload(token);
-            const botScore = baseBotScore + lScore;
-            const clientRecord = await tasks.db.getClientRecord(dapp);
-            if (!clientRecord) {
-                return next(new ProsopoApiError("API.SITE_KEY_NOT_REGISTERED", {
-                    context: { code: 400, siteKey: dapp },
-                    i18n: req.i18n,
-                    logger: req.logger,
-                }));
-            }
-            const { valid, reason } = await tasks.frictionlessManager.isValidRequest(clientRecord, CaptchaType.frictionless);
-            if (!valid) {
-                return next(new ProsopoApiError(reason || "API.BAD_REQUEST", {
-                    context: {
-                        code: 400,
-                        siteKey: dapp,
-                        user,
-                    },
-                    i18n: req.i18n,
-                    logger: req.logger,
-                }));
-            }
-            const botThreshold = clientRecord.settings?.frictionlessThreshold ||
-                DEFAULT_FRICTIONLESS_THRESHOLD;
-            const tokenId = await tasks.db.storeFrictionlessTokenRecord({
-                token,
-                score: botScore,
-                threshold: botThreshold,
-                scoreComponents: {
-                    baseScore: baseBotScore,
-                    ...(lScore && { lScore }),
-                },
-            });
-            if (FrictionlessManager.timestampTooOld(timestamp)) {
-                await tasks.frictionlessManager.scoreIncreaseTimestamp(timestamp, baseBotScore, botScore, tokenId);
-                return res.json(await tasks.frictionlessManager.sendImageCaptcha(tokenId));
-            }
-            const userScope = getRequestUserScope(flatten(req.headers), req.ja4, req.ip, user);
-            const userAccessPolicy = (await tasks.frictionlessManager.getPrioritisedAccessPolicies(userAccessRulesStorage, dapp, userScope))[0];
-            if (userAccessPolicy?.captchaType === CaptchaType.image) {
-                await tasks.frictionlessManager.scoreIncreaseAccessPolicy(userAccessPolicy, baseBotScore, botScore, tokenId);
-                return res.json(await tasks.frictionlessManager.sendImageCaptcha(tokenId));
-            }
-            if (Number(botScore) > botThreshold) {
-                req.logger.info(() => ({
-                    message: "Bot score is greater than threshold",
-                    data: {
-                        botScore,
-                        botThreshold,
-                        tokenId,
-                    },
-                }));
-                return res.json(await tasks.frictionlessManager.sendImageCaptcha(tokenId));
-            }
-            return res.json(await tasks.frictionlessManager.sendPowCaptcha(tokenId));
+        if (FrictionlessManager.timestampTooOld(timestamp)) {
+          await tasks.frictionlessManager.scoreIncreaseTimestamp(
+            timestamp,
+            baseBotScore,
+            botScore,
+            tokenId
+          );
+          return res.json(
+            await tasks.frictionlessManager.sendImageCaptcha(tokenId)
+          );
         }
-        catch (err) {
-            req.logger.error(() => ({
-                err,
-                msg: "Error in frictionless captcha challenge",
-            }));
-            return next(new ProsopoApiError("API.BAD_REQUEST", {
-                context: { code: 400, error: err },
-                i18n: req.i18n,
-                logger: req.logger,
-            }));
+        if (Number(botScore) > botThreshold) {
+          req.logger.info(() => ({
+            message: "Bot score is greater than threshold",
+            data: {
+              botScore,
+              botThreshold,
+              tokenId
+            }
+          }));
+          return res.json(
+            await tasks.frictionlessManager.sendImageCaptcha(tokenId)
+          );
         }
-    });
-    router.use(handleErrors);
-    return router;
+        return res.json(
+          await tasks.frictionlessManager.sendPowCaptcha(tokenId)
+        );
+      } catch (err) {
+        req.logger.error(() => ({
+          err,
+          msg: "Error in frictionless captcha challenge"
+        }));
+        return next(
+          new ProsopoApiError("API.BAD_REQUEST", {
+            context: { code: 400, error: err },
+            i18n: req.i18n,
+            logger: req.logger
+          })
+        );
+      }
+    }
+  );
+  router.use(handleErrors);
+  return router;
 }
-//# sourceMappingURL=captcha.js.map
+export {
+  prosopoRouter
+};