adler/furmeet-bot
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

create PendingCaptchaUser before uploading CAPTCHA: closing abuse possibility

Browse Source
This commit is contained in:
Adler Neves 2020-07-11 04:05:55 -03:00
parent bad18f3d0d
commit 8d0ae6301b
1 changed files with 13 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
webproj/bot/views.py
View File

@ -272,6 +272,17 @@ class WebHookView(View):
secret = ''
while len(secret) < telegramGroupPreferences.captcha_digits:
secret += random.choice(telegramGroupPreferences.captcha_chars)
models.PendingCaptchaUser.objects.filter(group=telegramGroup, user=telegramMember).delete()
pcu = models.PendingCaptchaUser(
bot_token=telegram,
user=telegramMember,
group=telegramGroup,
captcha_answer=secret,
attempts_left=telegramGroupPreferences.captcha_attempts,
lifetime=telegramGroupPreferences.captcha_timeout,
captcha_message_id=0,
)
pcu.save()
imbytes = imageCaptcha.generate(secret)
captcha_message = (telegramGroupPreferences.captcha_first_message
.replace('{NAME}', telegramMember.name)
@ -289,16 +300,8 @@ class WebHookView(View):
photo=imbytes,
caption=captcha_message,
)
models.PendingCaptchaUser.objects.filter(group=telegramGroup, user=telegramMember).delete()
models.PendingCaptchaUser(
bot_token=telegram,
user=telegramMember,
group=telegramGroup,
captcha_answer=secret,
attempts_left=telegramGroupPreferences.captcha_attempts,
lifetime=telegramGroupPreferences.captcha_timeout,
captcha_message_id=sent_message.message_id,
).save()
pcu.captcha_message_id = sent_message.message_id
pcu.save()
else:
send_hello(telegramMember)
else: