rankrunners-cms 0.0.27 → 0.0.29

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/package.json +1 -1
  2. package/src/captcha/types.ts +1 -1
  3. package/src/captcha/use-cap.ts +1 -1
  4. package/src/tanstack/captcha.ts +73 -0
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "rankrunners-cms",
3
3
  "type": "module",
4
- "version": "0.0.27",
4
+ "version": "0.0.29",
5
5
  "peerDependencies": {
6
6
  "@puckeditor/core": "^0.21.1",
7
7
  "@tanstack/react-router": "^1.166.6",
package/src/captcha/types.ts CHANGED
@@ -44,7 +44,7 @@ export type UseCaptcha = {
44
44
  captchaError: string | null;
45
45
  captchaProgress: number | null;
46
46
  resetCaptcha: () => void;
47
- consumeCaptchaToken: () => CapToken | null;
47
+ consumeCaptchaToken: () => string | null;
48
48
  };
49
49
 
50
50
  export type CapWorkerMessage = {
package/src/captcha/use-cap.ts CHANGED
@@ -236,7 +236,7 @@ export function useCaptcha(props: CapHookProps = {}): UseCaptcha {
236
236
  const solvingCaptcha = solving || waitingForRetry;
237
237
 
238
238
  const consumeCaptchaToken = useCallback(() => {
239
- const currentToken = token;
239
+ const currentToken = token?.token ?? null;
240
240
  reset();
241
241
  return currentToken;
242
242
  }, [token, reset]);
package/src/tanstack/captcha.ts ADDED
@@ -0,0 +1,73 @@
1
+ import { verifyToken as verifyTokenClient } from "../api/client/captcha";
2
+
3
+ export const getIpAddress = (request: Request): string => {
4
+ const forwardedFor = request.headers.get("x-forwarded-for");
5
+
6
+ if (forwardedFor) {
7
+ // x-forwarded-for can contain multiple IPs, take the first one
8
+ const splitForwardedFor = forwardedFor.split(",")[0]?.trim();
9
+
10
+ if (splitForwardedFor && splitForwardedFor.length > 0) {
11
+ return splitForwardedFor;
12
+ }
13
+ }
14
+
15
+ // Common fallback headers set by some proxies/CDNs
16
+ const realIp = request.headers.get("x-real-ip")?.trim();
17
+ if (realIp && realIp.length > 0) {
18
+ return realIp;
19
+ }
20
+
21
+ const cfConnectingIp = request.headers.get("cf-connecting-ip")?.trim();
22
+ if (cfConnectingIp && cfConnectingIp.length > 0) {
23
+ return cfConnectingIp;
24
+ }
25
+
26
+ return "";
27
+ };
28
+
29
+ const getRequestHostname = (request: Request): string => {
30
+ const referer =
31
+ request.headers.get("referer") || request.headers.get("referrer");
32
+ if (referer) {
33
+ try {
34
+ return new URL(referer).hostname;
35
+ } catch {
36
+ // fall through
37
+ }
38
+ }
39
+ const origin = request.headers.get("origin");
40
+ if (origin) {
41
+ try {
42
+ return new URL(origin).hostname;
43
+ } catch {
44
+ // fall through
45
+ }
46
+ }
47
+ const host = request.headers.get("host");
48
+ if (host) {
49
+ // Remove port if present
50
+ const [hostname] = host.split(":");
51
+ if (hostname && hostname.length > 0) {
52
+ return hostname;
53
+ }
54
+ }
55
+ return "";
56
+ };
57
+
58
+ export const verifyToken = async (request: Request, token: string) => {
59
+ const ip = getIpAddress(request);
60
+ const hostname = getRequestHostname(request);
61
+
62
+ if (ip.length === 0) {
63
+ console.error("Unable to determine IP address for captcha verification");
64
+ return false;
65
+ }
66
+
67
+ if (hostname.length === 0) {
68
+ console.error("Unable to determine hostname for captcha verification");
69
+ return false;
70
+ }
71
+
72
+ return verifyTokenClient({ token, ip, hostname });
73
+ };