altcha-lib 1.4.1 → 2.0.0-beta.1

package/dist/cjs/v2/frameworks/fastify.js

@@ -0,0 +1,88 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.randomInt = exports.deriveHmacKeySecret = exports.CappedMap = void 0;
+exports.create = create;
+const pow_js_1 = require("../pow.js");
+const helpers_js_1 = require("../helpers.js");
+Object.defineProperty(exports, "randomInt", { enumerable: true, get: function () { return helpers_js_1.randomInt; } });
+const shared_js_1 = require("./shared.js");
+Object.defineProperty(exports, "deriveHmacKeySecret", { enumerable: true, get: function () { return shared_js_1.deriveHmacKeySecret; } });
+const capped_map_js_1 = require("../capped-map.js");
+Object.defineProperty(exports, "CappedMap", { enumerable: true, get: function () { return capped_map_js_1.CappedMap; } });
+function create(options) {
+    const { createChallengeParameters, deriveKey, hmacSignatureSecret, hmacKeySignatureSecret, setCookie, store, } = options;
+    const deleteCookie = (reply, name, path = '/') => {
+        reply.header('Set-Cookie', `${name}=; Path=${path ?? '/'}; Max-Age=0`);
+    };
+    const parseCookies = (request) => {
+        if ('cookies' in request) {
+            return request.cookies;
+        }
+        const header = request.headers.cookie;
+        if (!header) {
+            return {};
+        }
+        return Object.fromEntries(header.split(';').map((pair) => {
+            const [key, ...rest] = pair.trim().split('=');
+            return [key, decodeURIComponent(rest.join('='))];
+        }));
+    };
+    const getPayloadFromRequest = async (request, cookieName) => {
+        if (cookieName) {
+            return parseCookies(request)[cookieName];
+        }
+        return request.body?.altcha;
+    };
+    const challengeHandler = async (request, reply) => {
+        const challenge = await (0, pow_js_1.createChallenge)({
+            deriveKey,
+            hmacSignatureSecret,
+            hmacKeySignatureSecret,
+            ...createChallengeParameters(),
+        });
+        return reply.send({
+            configuration: setCookie
+                ? {
+                    setCookie,
+                }
+                : undefined,
+            ...challenge,
+        });
+    };
+    const verifyHandler = async (request, reply) => {
+        const payload = await getPayloadFromRequest(request);
+        const result = await (0, shared_js_1.verify)(payload, deriveKey, hmacSignatureSecret, hmacKeySignatureSecret, store);
+        return reply.send(result);
+    };
+    const middleware = (options = {}) => {
+        const { throwOnFailure = true } = options;
+        return async (request, reply) => {
+            const payload = await getPayloadFromRequest(request, setCookie?.name);
+            const { error, payload: resultPayload, verification, } = await (0, shared_js_1.verify)(payload, deriveKey, hmacSignatureSecret, hmacKeySignatureSecret, store);
+            request.altcha = {
+                error,
+                payload: resultPayload,
+                verification,
+            };
+            if (setCookie) {
+                deleteCookie(reply, setCookie.name, setCookie.path);
+            }
+            if (error && throwOnFailure) {
+                return reply.code(403).send({ error });
+            }
+        };
+    };
+    return {
+        challengeHandler,
+        verifyHandler,
+        getPayloadFromRequest,
+        middleware,
+        verify: shared_js_1.verify,
+    };
+}
+exports.default = {
+    CappedMap: capped_map_js_1.CappedMap,
+    create,
+    deriveHmacKeySecret: shared_js_1.deriveHmacKeySecret,
+    randomInt: helpers_js_1.randomInt,
+};

package/dist/cjs/v2/frameworks/h3.d.ts

@@ -0,0 +1,37 @@
+import { randomInt } from '../helpers.js';
+import { CappedMap } from '../capped-map.js';
+import { deriveHmacKeySecret, verify } from './shared.js';
+import type { AltchaMiddlewareOptions, AltchaOptions, AltchaResult } from './types.js';
+import type { H3Event } from 'h3';
+export { CappedMap, deriveHmacKeySecret, randomInt };
+export type { AltchaOptions, AltchaResult };
+declare module 'h3' {
+    interface H3EventContext {
+        altcha?: AltchaResult;
+    }
+}
+export declare function create(options: AltchaOptions): {
+    challengeHandler: import("h3").EventHandlerWithFetch<import("h3").EventHandlerRequest, Promise<{
+        codeChallenge?: import("../types.js").CodeChallenge;
+        parameters: import("../types.js").ChallengeParameters;
+        signature?: string;
+        configuration: {
+            setCookie: import("./types.js").RequireField<import("../types.js").SetCookieOptions, "name">;
+        } | undefined;
+    }>>;
+    verifyHandler: import("h3").EventHandlerWithFetch<import("h3").EventHandlerRequest, Promise<{
+        error: string | null;
+        payload: import("../types.js").Payload | import("../types.js").ServerSignaturePayload | null;
+        verification: import("../types.js").VerifySolutionResult | null;
+    }>>;
+    getPayloadFromEvent: (event: H3Event, cookieName?: string) => Promise<string | undefined>;
+    middleware: (options?: AltchaMiddlewareOptions) => import("h3").EventHandlerWithFetch<import("h3").EventHandlerRequest, Promise<void>>;
+    verify: typeof verify;
+};
+declare const _default: {
+    CappedMap: typeof CappedMap;
+    create: typeof create;
+    deriveHmacKeySecret: typeof deriveHmacKeySecret;
+    randomInt: typeof randomInt;
+};
+export default _default;

package/dist/cjs/v2/frameworks/h3.js

@@ -0,0 +1,89 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.randomInt = exports.deriveHmacKeySecret = exports.CappedMap = void 0;
+exports.create = create;
+const h3_1 = require("h3");
+const pow_js_1 = require("../pow.js");
+const helpers_js_1 = require("../helpers.js");
+Object.defineProperty(exports, "randomInt", { enumerable: true, get: function () { return helpers_js_1.randomInt; } });
+const capped_map_js_1 = require("../capped-map.js");
+Object.defineProperty(exports, "CappedMap", { enumerable: true, get: function () { return capped_map_js_1.CappedMap; } });
+const shared_js_1 = require("./shared.js");
+Object.defineProperty(exports, "deriveHmacKeySecret", { enumerable: true, get: function () { return shared_js_1.deriveHmacKeySecret; } });
+function create(options) {
+    const { createChallengeParameters, deriveKey, fieldName = 'altcha', hmacSignatureSecret, hmacKeySignatureSecret, setCookie, store, } = options;
+    const challengeHandler = (0, h3_1.defineEventHandler)(async () => {
+        return {
+            configuration: setCookie
+                ? {
+                    setCookie,
+                }
+                : undefined,
+            ...(await (0, pow_js_1.createChallenge)({
+                deriveKey,
+                hmacSignatureSecret,
+                hmacKeySignatureSecret,
+                ...createChallengeParameters(),
+            })),
+        };
+    });
+    const verifyHandler = (0, h3_1.defineEventHandler)(async (event) => {
+        return await (0, shared_js_1.verify)(await getPayloadFromEvent(event), deriveKey, hmacSignatureSecret, hmacKeySignatureSecret, store);
+    });
+    const getPayloadFromEvent = async (event, cookieName) => {
+        let payload = undefined;
+        if (cookieName) {
+            payload = (0, h3_1.getCookie)(event, cookieName);
+        }
+        else {
+            const contentType = event.req.headers.get('content-type') ?? '';
+            let body = null;
+            if (contentType.includes('application/json')) {
+                body = await (0, h3_1.readBody)(event);
+            }
+            else if (contentType.includes('multipart/form-data')) {
+                const formData = await event.req.formData();
+                const value = formData.get(fieldName);
+                if (typeof value === 'string') {
+                    payload = value;
+                }
+                return payload;
+            }
+            else if (contentType.includes('application/x-www-form-urlencoded')) {
+                body = await (0, h3_1.readBody)(event);
+            }
+            payload = body?.[fieldName];
+        }
+        return payload;
+    };
+    const middleware = (options = {}) => {
+        const { throwOnFailure = true } = options;
+        return (0, h3_1.defineEventHandler)(async (event) => {
+            const { error, payload, verification } = await (0, shared_js_1.verify)(await getPayloadFromEvent(event, setCookie?.name), deriveKey, hmacSignatureSecret, hmacKeySignatureSecret, store);
+            event.context.altcha = {
+                error,
+                payload,
+                verification,
+            };
+            if (setCookie) {
+                (0, h3_1.deleteCookie)(event, setCookie.name);
+            }
+            if (error && throwOnFailure) {
+                throw new h3_1.HTTPError({ message: error, status: 403 });
+            }
+        });
+    };
+    return {
+        challengeHandler,
+        verifyHandler,
+        getPayloadFromEvent,
+        middleware,
+        verify: shared_js_1.verify,
+    };
+}
+exports.default = {
+    CappedMap: capped_map_js_1.CappedMap,
+    create,
+    deriveHmacKeySecret: shared_js_1.deriveHmacKeySecret,
+    randomInt: helpers_js_1.randomInt,
+};

package/dist/cjs/v2/frameworks/hono.d.ts

@@ -0,0 +1,99 @@
+import { randomInt } from '../helpers.js';
+import { CappedMap } from '../capped-map.js';
+import { deriveHmacKeySecret, verify } from './shared.js';
+import type { AltchaMiddlewareOptions, AltchaOptions, AltchaResult } from './types.js';
+import type { Context, Env, MiddlewareHandler } from 'hono';
+export { CappedMap, deriveHmacKeySecret, randomInt };
+export type { AltchaOptions, AltchaResult };
+declare module 'hono' {
+    interface ContextVariableMap {
+        altcha?: AltchaResult;
+    }
+}
+export declare function create(options: AltchaOptions): {
+    challengeHandler: <E extends Env, P extends string>(c: Context<E, P>) => Promise<Response & import("hono").TypedResponse<{
+        codeChallenge?: {
+            image: string;
+            audio?: string | undefined;
+            length?: number | undefined;
+        } | undefined;
+        parameters: {
+            algorithm: string;
+            nonce: string;
+            salt: string;
+            cost: number;
+            keyLength: number;
+            keyPrefix: string;
+            keySignature?: string | undefined;
+            memoryCost?: number | undefined;
+            parallelism?: number | undefined;
+            expiresAt?: number | undefined;
+            data?: {
+                [x: string]: string | number | boolean | null;
+            } | undefined;
+        };
+        signature?: string | undefined;
+        configuration: {
+            setCookie: {
+                domain?: string | undefined;
+                maxAge?: number | undefined;
+                path?: string | undefined;
+                sameSite?: string | undefined;
+                secure?: boolean | undefined;
+                name: string;
+            };
+        } | undefined;
+    }, import("hono/utils/http-status.js").ContentfulStatusCode, "json">>;
+    verifyHandler: <E extends Env, P extends string>(c: Context<E, P>) => Promise<Response & import("hono").TypedResponse<{
+        error: string | null;
+        payload: {
+            challenge: {
+                signature?: string | undefined;
+                parameters: {
+                    algorithm: string;
+                    nonce: string;
+                    salt: string;
+                    cost: number;
+                    keyLength: number;
+                    keyPrefix: string;
+                    keySignature?: string | undefined;
+                    memoryCost?: number | undefined;
+                    parallelism?: number | undefined;
+                    expiresAt?: number | undefined;
+                    data?: {
+                        [x: string]: string | number | boolean | null;
+                    } | undefined;
+                };
+            };
+            solution: {
+                counter: number;
+                derivedKey: string;
+                time?: number | undefined;
+            };
+        } | {
+            algorithm: string;
+            apiKey?: string | undefined;
+            id?: string | undefined;
+            signature: string;
+            verificationData: string;
+            verified: boolean;
+        } | null;
+        verification: {
+            expired: boolean;
+            invalidSignature: boolean | null;
+            invalidSolution: boolean | null;
+            time: number;
+            verified: boolean;
+        } | null;
+    }, import("hono/utils/http-status.js").ContentfulStatusCode, "json">>;
+    getPayloadFromContext: (c: Context, cookieName?: string) => Promise<string | undefined>;
+    middleware: <E extends Env, P extends string>(options?: AltchaMiddlewareOptions) => MiddlewareHandler<E, P>;
+    verify: typeof verify;
+};
+declare const _default: {
+    CappedMap: typeof CappedMap;
+    create: typeof create;
+    deriveHmacKeySecret: typeof deriveHmacKeySecret;
+    randomInt: typeof randomInt;
+};
+export default _default;

package/dist/cjs/v2/frameworks/hono.js

@@ -0,0 +1,86 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.randomInt = exports.deriveHmacKeySecret = exports.CappedMap = void 0;
+exports.create = create;
+const cookie_1 = require("hono/cookie");
+const http_exception_1 = require("hono/http-exception");
+const pow_js_1 = require("../pow.js");
+const helpers_js_1 = require("../helpers.js");
+Object.defineProperty(exports, "randomInt", { enumerable: true, get: function () { return helpers_js_1.randomInt; } });
+const capped_map_js_1 = require("../capped-map.js");
+Object.defineProperty(exports, "CappedMap", { enumerable: true, get: function () { return capped_map_js_1.CappedMap; } });
+const shared_js_1 = require("./shared.js");
+Object.defineProperty(exports, "deriveHmacKeySecret", { enumerable: true, get: function () { return shared_js_1.deriveHmacKeySecret; } });
+function create(options) {
+    const { createChallengeParameters, deriveKey, fieldName = 'altcha', hmacSignatureSecret, hmacKeySignatureSecret, setCookie, store, } = options;
+    const challengeHandler = async (c) => {
+        return c.json({
+            configuration: setCookie
+                ? {
+                    setCookie,
+                }
+                : undefined,
+            ...(await (0, pow_js_1.createChallenge)({
+                deriveKey,
+                hmacSignatureSecret,
+                hmacKeySignatureSecret,
+                ...createChallengeParameters(),
+            })),
+        });
+    };
+    const verifyHandler = async (c) => {
+        return c.json(await (0, shared_js_1.verify)(await getPayloadFromContext(c), deriveKey, hmacSignatureSecret, hmacKeySignatureSecret, store));
+    };
+    const getPayloadFromContext = async (c, cookieName) => {
+        let payload = undefined;
+        if (cookieName) {
+            payload = (0, cookie_1.getCookie)(c, cookieName);
+        }
+        else {
+            const contentType = c.req.header('content-type') ?? '';
+            let body = null;
+            if (contentType.includes('application/json')) {
+                body = await c.req.json();
+            }
+            else if (contentType.includes('multipart/form-data') ||
+                contentType.includes('application/x-www-form-urlencoded')) {
+                body = await c.req.parseBody();
+            }
+            payload = body?.[fieldName];
+        }
+        return payload;
+    };
+    const middleware = (options = {}) => {
+        const { throwOnFailure = true } = options;
+        return async (c, next) => {
+            const { error, payload, verification } = await (0, shared_js_1.verify)(await getPayloadFromContext(c, setCookie?.name), deriveKey, hmacSignatureSecret, hmacKeySignatureSecret, store);
+            c.set('altcha', {
+                error,
+                payload,
+                verification,
+            });
+            if (setCookie) {
+                (0, cookie_1.deleteCookie)(c, setCookie.name);
+            }
+            if (error && throwOnFailure) {
+                throw new http_exception_1.HTTPException(403, {
+                    message: error,
+                });
+            }
+            return next();
+        };
+    };
+    return {
+        challengeHandler,
+        verifyHandler,
+        getPayloadFromContext,
+        middleware,
+        verify: shared_js_1.verify,
+    };
+}
+exports.default = {
+    CappedMap: capped_map_js_1.CappedMap,
+    create,
+    deriveHmacKeySecret: shared_js_1.deriveHmacKeySecret,
+    randomInt: helpers_js_1.randomInt,
+};

package/dist/cjs/v2/frameworks/nestjs.d.ts

@@ -0,0 +1,79 @@
+import { NestMiddleware, DynamicModule, InjectionToken, OptionalFactoryDependency, ForwardReference, Type } from '@nestjs/common';
+import { randomInt } from '../helpers.js';
+import { deriveHmacKeySecret } from './shared.js';
+import { CappedMap } from '../capped-map.js';
+import type { Request, Response, NextFunction } from 'express';
+import type { SetCookieOptions } from '../types.js';
+import type { AltchaMiddlewareOptions, AltchaOptions, AltchaResult, RequireField } from './types.js';
+export { CappedMap, deriveHmacKeySecret, randomInt };
+export type { AltchaOptions, AltchaResult };
+declare global {
+    namespace Express {
+        interface Request {
+            altcha?: AltchaResult;
+        }
+    }
+}
+export declare const Altcha: (...dataOrPipes: unknown[]) => ParameterDecorator;
+export declare function createAltchaMiddleware(options?: AltchaMiddlewareOptions): {
+    new (altchaService: AltchaService): {
+        readonly altchaService: AltchaService;
+        use(req: Request, res: Response, next: NextFunction): Promise<void>;
+    };
+};
+export declare class AltchaService {
+    private readonly hmacSignatureSecret;
+    private readonly hmacKeySignatureSecret?;
+    private readonly createChallengeParameters;
+    private readonly deriveKey;
+    private readonly fieldName;
+    private readonly setCookieOptions?;
+    private readonly store?;
+    constructor(options: AltchaOptions);
+    get setCookie(): RequireField<SetCookieOptions, 'name'> | undefined;
+    getChallenge(): Promise<{
+        codeChallenge?: import("../types.js").CodeChallenge;
+        parameters: import("../types.js").ChallengeParameters;
+        signature?: string;
+        configuration: {
+            setCookie: RequireField<SetCookieOptions, "name">;
+        } | undefined;
+    }>;
+    getPayloadFromRequest(req: Request, cookieName?: string): string | undefined;
+    verify(payload: string | undefined): Promise<{
+        error: string | null;
+        payload: import("../types.js").Payload | import("../types.js").ServerSignaturePayload | null;
+        verification: import("../types.js").VerifySolutionResult | null;
+    }>;
+}
+export declare class AltchaController {
+    private readonly altchaService;
+    constructor(altchaService: AltchaService);
+    getChallenge(): Promise<{
+        codeChallenge?: import("../types.js").CodeChallenge;
+        parameters: import("../types.js").ChallengeParameters;
+        signature?: string;
+        configuration: {
+            setCookie: RequireField<SetCookieOptions, "name">;
+        } | undefined;
+    }>;
+    verifySolution(req: Request): Promise<{
+        error: string | null;
+        payload: import("../types.js").Payload | import("../types.js").ServerSignaturePayload | null;
+        verification: import("../types.js").VerifySolutionResult | null;
+    }>;
+}
+export declare class AltchaMiddleware implements NestMiddleware {
+    private readonly altchaService;
+    constructor(altchaService: AltchaService);
+    use(req: Request, res: Response, next: NextFunction): Promise<void>;
+}
+export declare class AltchaModule {
+    static register(options: AltchaOptions): DynamicModule;
+    static registerAsync(asyncOptions: {
+        useFactory: (...args: unknown[]) => Promise<AltchaOptions> | AltchaOptions;
+        inject?: (InjectionToken | OptionalFactoryDependency)[];
+        imports?: (DynamicModule | Type<unknown> | ForwardReference<unknown> | Promise<DynamicModule>)[];
+    }): DynamicModule;
+}
+export default AltchaModule;

package/dist/cjs/v2/frameworks/nestjs.js

@@ -0,0 +1,198 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+var AltchaModule_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AltchaModule = exports.AltchaMiddleware = exports.AltchaController = exports.AltchaService = exports.Altcha = exports.randomInt = exports.deriveHmacKeySecret = exports.CappedMap = void 0;
+exports.createAltchaMiddleware = createAltchaMiddleware;
+const common_1 = require("@nestjs/common");
+const helpers_js_1 = require("../helpers.js");
+Object.defineProperty(exports, "randomInt", { enumerable: true, get: function () { return helpers_js_1.randomInt; } });
+const pow_js_1 = require("../pow.js");
+const shared_js_1 = require("./shared.js");
+Object.defineProperty(exports, "deriveHmacKeySecret", { enumerable: true, get: function () { return shared_js_1.deriveHmacKeySecret; } });
+const capped_map_js_1 = require("../capped-map.js");
+Object.defineProperty(exports, "CappedMap", { enumerable: true, get: function () { return capped_map_js_1.CappedMap; } });
+const ALTCHA_OPTIONS = Symbol('ALTCHA_OPTIONS');
+exports.Altcha = (0, common_1.createParamDecorator)((_data, ctx) => {
+    const request = ctx.switchToHttp().getRequest();
+    return request.altcha;
+});
+function createAltchaMiddleware(options = {}) {
+    const { throwOnFailure = true } = options;
+    let AltchaMiddleware = class AltchaMiddleware {
+        constructor(altchaService) {
+            this.altchaService = altchaService;
+        }
+        async use(req, res, next) {
+            const payload = this.altchaService.getPayloadFromRequest(req);
+            const { error, payload: resultPayload, verification, } = await this.altchaService.verify(payload);
+            req.altcha = {
+                error,
+                payload: resultPayload,
+                verification,
+            };
+            const setCookie = this.altchaService.setCookie;
+            if (setCookie) {
+                res.clearCookie(setCookie.name);
+            }
+            if (error && throwOnFailure) {
+                throw new common_1.HttpException(error, common_1.HttpStatus.BAD_REQUEST);
+            }
+            next();
+        }
+    };
+    AltchaMiddleware = __decorate([
+        (0, common_1.Injectable)(),
+        __metadata("design:paramtypes", [AltchaService])
+    ], AltchaMiddleware);
+    return AltchaMiddleware;
+}
+let AltchaService = class AltchaService {
+    constructor(options) {
+        this.hmacSignatureSecret = options.hmacSignatureSecret;
+        this.hmacKeySignatureSecret = options.hmacKeySignatureSecret;
+        this.createChallengeParameters = options.createChallengeParameters;
+        this.deriveKey = options.deriveKey;
+        this.fieldName = options.fieldName || 'altcha';
+        this.setCookieOptions = options.setCookie;
+        this.store = options.store;
+    }
+    get setCookie() {
+        return this.setCookieOptions;
+    }
+    async getChallenge() {
+        const challenge = await (0, pow_js_1.createChallenge)({
+            deriveKey: this.deriveKey,
+            hmacSignatureSecret: this.hmacSignatureSecret,
+            hmacKeySignatureSecret: this.hmacKeySignatureSecret,
+            ...this.createChallengeParameters(),
+        });
+        return {
+            configuration: this.setCookieOptions
+                ? { setCookie: this.setCookieOptions }
+                : undefined,
+            ...challenge,
+        };
+    }
+    getPayloadFromRequest(req, cookieName) {
+        if (cookieName) {
+            return req.cookies?.[cookieName];
+        }
+        return req.body?.[this.fieldName];
+    }
+    async verify(payload) {
+        return (0, shared_js_1.verify)(payload, this.deriveKey, this.hmacSignatureSecret, this.hmacKeySignatureSecret, this.store);
+    }
+};
+exports.AltchaService = AltchaService;
+exports.AltchaService = AltchaService = __decorate([
+    (0, common_1.Injectable)(),
+    __param(0, (0, common_1.Inject)(ALTCHA_OPTIONS)),
+    __metadata("design:paramtypes", [Object])
+], AltchaService);
+let AltchaController = class AltchaController {
+    constructor(altchaService) {
+        this.altchaService = altchaService;
+    }
+    async getChallenge() {
+        return this.altchaService.getChallenge();
+    }
+    async verifySolution(req) {
+        const payload = this.altchaService.getPayloadFromRequest(req);
+        return this.altchaService.verify(payload);
+    }
+};
+exports.AltchaController = AltchaController;
+__decorate([
+    (0, common_1.Get)('challenge'),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", []),
+    __metadata("design:returntype", Promise)
+], AltchaController.prototype, "getChallenge", null);
+__decorate([
+    (0, common_1.Post)('verify'),
+    __param(0, (0, common_1.Req)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [Object]),
+    __metadata("design:returntype", Promise)
+], AltchaController.prototype, "verifySolution", null);
+exports.AltchaController = AltchaController = __decorate([
+    (0, common_1.Controller)('altcha'),
+    __metadata("design:paramtypes", [AltchaService])
+], AltchaController);
+let AltchaMiddleware = class AltchaMiddleware {
+    constructor(altchaService) {
+        this.altchaService = altchaService;
+    }
+    async use(req, res, next) {
+        const payload = this.altchaService.getPayloadFromRequest(req, this.altchaService.setCookie?.name);
+        const { error, payload: resultPayload, verification, } = await this.altchaService.verify(payload);
+        req.altcha = {
+            error,
+            payload: resultPayload,
+            verification,
+        };
+        const setCookie = this.altchaService.setCookie;
+        if (setCookie) {
+            res.clearCookie(setCookie.name);
+        }
+        if (error) {
+            throw new common_1.HttpException(error, common_1.HttpStatus.BAD_REQUEST);
+        }
+        next();
+    }
+};
+exports.AltchaMiddleware = AltchaMiddleware;
+exports.AltchaMiddleware = AltchaMiddleware = __decorate([
+    (0, common_1.Injectable)(),
+    __metadata("design:paramtypes", [AltchaService])
+], AltchaMiddleware);
+let AltchaModule = AltchaModule_1 = class AltchaModule {
+    static register(options) {
+        return {
+            module: AltchaModule_1,
+            controllers: [AltchaController],
+            providers: [
+                {
+                    provide: ALTCHA_OPTIONS,
+                    useValue: options,
+                },
+                AltchaService,
+            ],
+            exports: [AltchaService, AltchaMiddleware],
+        };
+    }
+    static registerAsync(asyncOptions) {
+        return {
+            module: AltchaModule_1,
+            imports: asyncOptions.imports ?? [],
+            controllers: [AltchaController],
+            providers: [
+                {
+                    provide: ALTCHA_OPTIONS,
+                    useFactory: asyncOptions.useFactory,
+                    inject: asyncOptions.inject ?? [],
+                },
+                AltchaService,
+                AltchaMiddleware,
+            ],
+            exports: [AltchaService, AltchaMiddleware],
+        };
+    }
+};
+exports.AltchaModule = AltchaModule;
+exports.AltchaModule = AltchaModule = AltchaModule_1 = __decorate([
+    (0, common_1.Module)({})
+], AltchaModule);
+exports.default = AltchaModule;