npm - @prosopo/server - Versions diffs - 2.5.3 → 2.6.1 - Mend

@prosopo/server 2.5.3 → 2.6.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/CHANGELOG.md ADDED Viewed

@@ -0,0 +1,26 @@
+# @prosopo/server
+## 2.6.1
+### Patch Changes
+- Updated dependencies [52feffc]
+  - @prosopo/types@2.6.1
+  - @prosopo/api@2.6.1
+  - @prosopo/keyring@2.6.1
+  - @prosopo/load-balancer@2.6.1
+## 2.6.0
+### Minor Changes
+- a0bfc8a: bump all pkg versions since independent versioning applied
+### Patch Changes
+- Updated dependencies [a0bfc8a]
+  - @prosopo/api@2.6.0
+  - @prosopo/common@2.6.0
+  - @prosopo/keyring@2.6.0
+  - @prosopo/load-balancer@2.6.0
+  - @prosopo/types@2.6.0

package/dist/cjs/config.cjs ADDED Viewed

@@ -0,0 +1,25 @@
+"use strict";
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const types = require("@prosopo/types");
+const getServerConfig = () => types.ProsopoServerConfigSchema.parse({
+  defaultEnvironment: process.env.PROSOPO_DEFAULT_ENVIRONMENT,
+  // environmental variables
+  serverUrl: getServerUrl(),
+  dappName: process.env.PROSOPO_DAPP_NAME || "client-example-server",
+  account: {
+    password: "",
+    address: process.env.PROSOPO_SITE_KEY || "",
+    secret: process.env.PROSOPO_SITE_PRIVATE_KEY || ""
+  }
+});
+const getServerUrl = () => {
+  if (process.env.PROSOPO_SERVER_URL) {
+    if (process.env.PROSOPO_SERVER_URL.match(/:\d+/)) {
+      return process.env.PROSOPO_SERVER_URL;
+    }
+    return `${process.env.PROSOPO_SERVER_URL}:${process.env.PROSOPO_SERVER_PORT || 9228}`;
+  }
+  return "http://localhost:9228";
+};
+exports.getServerConfig = getServerConfig;
+exports.getServerUrl = getServerUrl;

package/dist/cjs/index.cjs ADDED Viewed

@@ -0,0 +1,13 @@
+"use strict";
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const server = require("./server.cjs");
+const config = require("./config.cjs");
+const keyring = require("@prosopo/keyring");
+const PublicProsopoServer = async (config2) => {
+  const pair = await keyring.getPairAsync(void 0, config2.account.address);
+  return new server.ProsopoServer(config2, pair);
+};
+exports.ProsopoServer = server.ProsopoServer;
+exports.getServerConfig = config.getServerConfig;
+exports.getServerUrl = config.getServerUrl;
+exports.PublicProsopoServer = PublicProsopoServer;

package/dist/cjs/server.cjs ADDED Viewed

@@ -0,0 +1,114 @@
+"use strict";
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const keyring = require("@polkadot/keyring");
+const util = require("@polkadot/util");
+const api = require("@prosopo/api");
+const common = require("@prosopo/common");
+const loadBalancer = require("@prosopo/load-balancer");
+const types = require("@prosopo/types");
+const i18n = require("i18next");
+class ProsopoServer {
+  constructor(config, pair) {
+    this.config = config;
+    this.pair = pair;
+    this.defaultEnvironment = this.config.defaultEnvironment;
+    this.dappAccount = this.config.account.address;
+    this.logger = common.getLogger(
+      this.config.logLevel,
+      "@prosopo/server"
+    );
+    this.keyring = new keyring.Keyring({
+      type: "sr25519"
+    });
+  }
+  getProviderApi(providerUrl) {
+    return new api.ProviderApi(providerUrl, this.dappAccount || "");
+  }
+  /**
+   * Verify the user with the provider URL passed in. If a challenge is provided, we use the challenge to verify the
+   * user. If not, we use the user, dapp, and optionally the commitmentID, to verify the user.
+   * @param token
+   * @param timeouts
+   * @param providerUrl
+   * @param timestamp
+   * @param user
+   * @param challenge
+   */
+  async verifyProvider(token, timeouts, providerUrl, timestamp, user, challenge) {
+    this.logger.info(`Verifying with provider: ${providerUrl}`);
+    const dappUserSignature = this.pair?.sign(timestamp.toString());
+    if (!dappUserSignature) {
+      throw new common.ProsopoContractError("CAPTCHA.INVALID_TIMESTAMP", {
+        context: { error: "Timestamp not found" }
+      });
+    }
+    const signatureHex = util.u8aToHex(dappUserSignature);
+    const providerApi = this.getProviderApi(providerUrl);
+    if (challenge) {
+      const powTimeout = this.config.timeouts.pow.cachedTimeout;
+      const recent2 = timestamp ? Date.now() - timestamp < powTimeout : false;
+      if (!recent2) {
+        this.logger.error("PoW captcha is not recent");
+        return {
+          verified: false,
+          status: i18n.t("API.USER_NOT_VERIFIED_TIME_EXPIRED")
+        };
+      }
+      return await providerApi.submitPowCaptchaVerify(
+        token,
+        signatureHex,
+        timeouts.pow.cachedTimeout,
+        user
+      );
+    }
+    const imageTimeout = this.config.timeouts.image.cachedTimeout;
+    const recent = timestamp ? Date.now() - timestamp < imageTimeout : false;
+    if (!recent) {
+      this.logger.error("Image captcha is not recent");
+      return {
+        verified: false,
+        status: i18n.t("API.USER_NOT_VERIFIED_TIME_EXPIRED")
+      };
+    }
+    return await providerApi.verifyDappUser(
+      token,
+      signatureHex,
+      user,
+      timeouts.image.cachedTimeout
+    );
+  }
+  /**
+   *
+   * @returns
+   * @param token
+   */
+  async isVerified(token) {
+    try {
+      const payload = types.decodeProcaptchaOutput(token);
+      const { providerUrl, challenge, timestamp, user } = types.ProcaptchaOutputSchema.parse(payload);
+      const providers = await loadBalancer.loadBalancer(this.config.defaultEnvironment);
+      const provider = providers.find((p) => p.url === providerUrl);
+      if (!provider) {
+        this.logger.error("Provider not found");
+        return {
+          verified: false,
+          status: i18n.t("API.USER_NOT_VERIFIED")
+        };
+      }
+      return await this.verifyProvider(
+        token,
+        this.config.timeouts,
+        provider.url,
+        Number(timestamp),
+        user,
+        challenge
+      );
+    } catch (err) {
+      this.logger.error({ err, token });
+      throw new common.ProsopoApiError("API.BAD_REQUEST", {
+        context: { code: 500, token }
+      });
+    }
+  }
+}
+exports.ProsopoServer = ProsopoServer;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "@prosopo/server",
-	"version": "2.5.3",
+	"version": "2.6.1",
 	"description": "NodeJS package for server side communication with the prosopo captcha client",
 	"main": "./dist/index.js",
 	"type": "module",
@@ -22,7 +22,8 @@
 	},
 	"repository": {
 		"type": "git",
-		"url": "git+https://github.com/prosopo/captcha.git"
+		"url": "git+https://github.com/prosopo/captcha.git",
+		"directory": "packages/server"
 	},
 	"author": "PROSOPO LIMITED",
 	"license": "Apache-2.0",
@@ -34,22 +35,23 @@
 	"dependencies": {
 		"@polkadot/keyring": "12.6.2",
 		"@polkadot/util": "12.6.2",
-		"@prosopo/api": "2.5.3",
-		"@prosopo/common": "2.5.3",
-		"@prosopo/keyring": "2.5.3",
-		"@prosopo/types": "2.5.3",
+		"@prosopo/api": "2.6.1",
+		"@prosopo/common": "2.6.0",
+		"@prosopo/keyring": "2.6.1",
+		"@prosopo/load-balancer": "2.6.1",
+		"@prosopo/types": "2.6.1",
 		"express": "4.21.2"
 	},
 	"devDependencies": {
-		"@prosopo/config": "2.5.3",
-		"@vitest/coverage-v8": "2.1.1",
+		"@prosopo/config": "2.6.0",
+		"@vitest/coverage-v8": "3.0.9",
 		"concurrently": "9.0.1",
 		"del-cli": "6.0.0",
 		"npm-run-all": "2.1.0",
 		"tslib": "2.7.0",
 		"tsx": "4.19.1",
 		"typescript": "5.6.2",
-		"vite": "5.4.6",
-		"vitest": "2.1.1"
+		"vite": "6.2.3",
+		"vitest": "3.0.9"
 	}
 }