vendure-plugin-capjs 0.0.1 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +148 -1
  2. package/package.json +11 -4
package/README.md CHANGED
@@ -1 +1,148 @@
1
- # Capjs plugin
1
+ # Capjs Plugin
2
+
3
+ A [Vendure](https://www.vendure.io/) plugin that integrates [Cap.js](https://capjs.js.org/) for privacy-focused, lightweight CAPTCHA protection. This plugin provides REST endpoints for challenge creation and redemption, along with a guard decorator for protecting GraphQL mutations.
4
+
5
+ ## Features
6
+
7
+ - **Privacy-focused CAPTCHA**: Uses Cap.js proof-of-work challenges instead of tracking-based solutions
8
+ - **GraphQL protection**: Easily protect any GraphQL mutation with a decorator
9
+ - **REST endpoints**: `/cap/challenge` and `/cap/redeem` endpoints for frontend integration
10
+
11
+ ## Installation
12
+
13
+ ```bash
14
+ npm install vendure-plugin-capjs @cap.js/server
15
+ ```
16
+
17
+ ## Configuration
18
+
19
+ Add the plugin to your Vendure config:
20
+
21
+ ```typescript
22
+ import { VendureConfig } from '@vendure/core';
23
+ import { CapjsPlugin } from 'vendure-plugin-capjs';
24
+
25
+ export const config: VendureConfig = {
26
+ // ... other config
27
+ plugins: [
28
+ CapjsPlugin.init({}),
29
+ // ... other plugins
30
+ ],
31
+ };
32
+ ```
33
+
34
+ ## Usage
35
+
36
+ ### REST Endpoints
37
+
38
+ The plugin exposes two REST endpoints:
39
+
40
+ #### Create Challenge
41
+
42
+ ```
43
+ POST /cap/challenge
44
+ ```
45
+
46
+ Returns a new CAPTCHA challenge that the client must solve.
47
+
48
+ #### Redeem Challenge
49
+
50
+ ```
51
+ POST /cap/redeem
52
+ Content-Type: application/json
53
+
54
+ {
55
+ "token": "<challenge-token>",
56
+ "solutions": [<solution-numbers>]
57
+ }
58
+ ```
59
+
60
+ Validates the solved challenge and returns a token for subsequent API calls.
61
+
62
+ ### Protecting GraphQL Mutations
63
+
64
+ Use the `@CapjsValidate()` decorator to protect any GraphQL mutation:
65
+
66
+ ```typescript
67
+ import { Mutation, Resolver } from '@nestjs/graphql';
68
+ import { CapjsValidate } from 'vendure-plugin-capjs';
69
+
70
+ @Resolver()
71
+ export class MyResolver {
72
+ @Mutation()
73
+ @CapjsValidate()
74
+ async submitForm() {
75
+ // This mutation is protected by CAPTCHA
76
+ // Will throw if x-captcha-token header is missing or invalid
77
+ }
78
+ }
79
+ ```
80
+
81
+ ### Frontend Integration
82
+
83
+ The client must:
84
+
85
+ 1. Request a challenge from `POST /cap/challenge`
86
+ 2. Solve the proof-of-work challenge using the [@cap.js/widget](https://www.npmjs.com/package/@cap.js/widget) or [@cap.js/vanilla](https://www.npmjs.com/package/@cap.js/vanilla)
87
+ 3. Submit solutions to `POST /cap/redeem` to get a validation token
88
+ 4. Include the token in the `x-captcha-token` header for protected GraphQL mutations
89
+
90
+ Example with the Cap.js widget:
91
+
92
+ ```html
93
+ <!-- Load the Cap.js widget script -->
94
+ <script src="https://cdn.jsdelivr.net/npm/@cap.js/widget"></script>
95
+
96
+ <!-- Add the widget to your form -->
97
+ <cap-widget id="cap" data-cap-api-endpoint="/cap"></cap-widget>
98
+
99
+ <script>
100
+ const widget = document.querySelector('#cap');
101
+
102
+ widget.addEventListener('solve', function (e) {
103
+ const token = e.detail.token;
104
+ // Include token in your GraphQL request headers
105
+ // headers: { 'x-captcha-token': token }
106
+ });
107
+ </script>
108
+ ```
109
+
110
+ For invisible mode (no visible widget):
111
+
112
+ ```javascript
113
+ import Cap from '@cap.js/widget';
114
+
115
+ const cap = new Cap({
116
+ apiEndpoint: '/cap/',
117
+ });
118
+
119
+ const token = await cap.solve();
120
+ // Use token in x-captcha-token header
121
+ ```
122
+
123
+ ## API Reference
124
+
125
+ ### CapjsPlugin
126
+
127
+ ```typescript
128
+ CapjsPlugin.init(options: PluginInitOptions)
129
+ ```
130
+
131
+ Initializes the plugin with the given options.
132
+
133
+ ### CapjsValidate Decorator
134
+
135
+ ```typescript
136
+ @CapjsValidate()
137
+ ```
138
+
139
+ Decorator that applies the `CapjsGuard` to a resolver method. Validates the `x-captcha-token` header and throws a `UserInputError` if validation fails.
140
+
141
+ ### Error Codes
142
+
143
+ - `MISSING_CAPTCHA`: The `x-captcha-token` header was not provided
144
+ - `INVALID_CAPTCHA`: The provided token failed validation
145
+
146
+ ## License
147
+
148
+ MIT
package/package.json CHANGED
@@ -1,7 +1,9 @@
1
1
  {
2
2
  "name": "vendure-plugin-capjs",
3
- "version": "0.0.1",
4
- "license": "GPL-3.0-or-later",
3
+ "version": "1.0.0",
4
+ "description": "A Vendure plugin that integrates Cap.js for privacy-focused, lightweight CAPTCHA protection. Provides challenge/redeem endpoints and a guard decorator for protecting GraphQL mutations.",
5
+ "license": "MIT",
6
+ "private": false,
5
7
  "main": "lib/index.js",
6
8
  "types": "lib/index.d.ts",
7
9
  "files": [
@@ -16,7 +18,6 @@
16
18
  "lint": "eslint .",
17
19
  "test": "vitest --run"
18
20
  },
19
- "private": false,
20
21
  "peerDependencies": {
21
22
  "@cap.js/server": "^4.0.5",
22
23
  "@google-cloud/pubsub": ">=4.0.0",
@@ -33,5 +34,11 @@
33
34
  "rimraf": "^5.0.5",
34
35
  "supertest": "^7.2.2",
35
36
  "typescript": "5.8.2"
36
- }
37
+ },
38
+ "keywords": [
39
+ "vendure",
40
+ "vendure-plugin",
41
+ "capjs",
42
+ "captcha"
43
+ ]
37
44
  }